<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git, branch wrynose</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=wrynose</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=wrynose'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2026-05-29T03:59:32+00:00</updated>
<entry>
<title>README: update listed maintainer</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Anuj Mittal</name>
<email>anuj.mittal@oss.qualcomm.com</email>
</author>
<published>2026-02-25T08:28:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a43f0d532c399458cae44ce66f3799a220fbb497'/>
<id>urn:sha1:a43f0d532c399458cae44ce66f3799a220fbb497</id>
<content type='text'>
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>layer.conf: remove dead BBFILES_DYNAMIC entry for clang-layer</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Jiaying Song</name>
<email>jiaying.song.cn@windriver.com</email>
</author>
<published>2026-05-19T08:33:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=34debec4d80b3c0cbc37be60cf96d1c239562cd9'/>
<id>urn:sha1:34debec4d80b3c0cbc37be60cf96d1c239562cd9</id>
<content type='text'>
The dynamic-layers/clang-layer/ directory does not exist under meta-oe.
Remove the stale BBFILES_DYNAMIC references as they match nothing.

Signed-off-by: Jiaying Song &lt;jiaying.song.cn@windriver.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit a07b2ddc51d0538269eb156f546df39f180fb9e7)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>kmscon: fix zlib cross-compiling errors</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>adam.duskett@amarulasolutions.com</email>
</author>
<published>2026-05-21T15:31:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=7d1f4b0940fddec78536f90f8242b23c6ad309c0'/>
<id>urn:sha1:7d1f4b0940fddec78536f90f8242b23c6ad309c0</id>
<content type='text'>
zlib compression was introduced in version 9.3.3. However, when
cross-compiling kmscon for an architecture other than x86_64, the
genunifont executable tries to use the build-systems zlib instead
of the hosts zlib.

This leads to the following error during compiling:
libz.so: error adding symbols: file in wrong format

Fix this by adding a new native zlib dependency specifically for the
genunifont executable.

Signed-off-by: Adam Duskett &lt;adam.duskett@amarulasolutions.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit 72154f38fc5384729ef3a42eb7c4ca0afaf1664b)
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>nodejs: upgrade 22.22.2 -&gt; 22.22.3</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Jason Schonberg</name>
<email>schonm@gmail.com</email>
</author>
<published>2026-05-23T05:00:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=74c663dd4ed728d956cf5f0000200bfc58e80366'/>
<id>urn:sha1:74c663dd4ed728d956cf5f0000200bfc58e80366</id>
<content type='text'>
With this upgrade, nodejs updated the llhttp dependency to version 9.3.1
So some of the patches are nolonger necessary.

Changelog: https://github.com/nodejs/node/releases/tag/v22.22.3

Signed-off-by: Jason Schonberg &lt;schonm@gmail.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit ea56a5e3ae463a1b9d28298f47f27b40e519ca6d)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>imagemagick: upgrade 7.1.2-22 -&gt; 7.1.2-23</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Ankur Tyagi</name>
<email>ankur.tyagi85@gmail.com</email>
</author>
<published>2026-05-23T05:00:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a1ffc4960b616619e6da3778c9e4ee8e7e2400ca'/>
<id>urn:sha1:a1ffc4960b616619e6da3778c9e4ee8e7e2400ca</id>
<content type='text'>
Bug and security fixes
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-22...7.1.2-23

PTEST passed:

root@qemuarm64:~# ptest-runner imagemagick
START: ptest-runner
2026-05-23T03:43
BEGIN: /usr/lib/imagemagick/ptest
...
...
DURATION: 1
END: /usr/lib/imagemagick/ptest
2026-05-23T03:43
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>pipewire: update 1.6.3 -&gt; 1.6.5</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Markus Volk</name>
<email>f_l_k@t-online.de</email>
</author>
<published>2026-05-23T05:00:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0537a67fc87b9d547f6962910c468ed7453dd9ca'/>
<id>urn:sha1:0537a67fc87b9d547f6962910c468ed7453dd9ca</id>
<content type='text'>
PipeWire 1.6.5 (2026-05-13)

This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.

Highlights
  - Fix muted output in some cases.
  - Removed the pipe filter in filter-graph.
  - More fixes and improvements.

PipeWire
  - Fix an issue in pw-filter where it could end up in a loop where buffers
    are stuck on a port and the port becomes silent. (#5249)

Modules
  - Improve ROC receiver start/stop, fixes memory leaks. (#5250)
  - Remove the pipe filter from filter-graph, it's broken by design and a
    security nightmare.
  - Fix the midi buffer size in jack-tunnel.

SPA
  - Rate limit out-of-buffers errors. (#5249)
  - Partially revert the line-out mute patch, it seems to break things and leave
    audio muted when plugging-unplugging jacks.  (#5246)
  - Improve renegotiation in audioconvert when the graph rate changes and the
    resampler was disabled. (#4933).
  - Fix potential crash in alsa when logging.

Pulse-server
  - A whole bunch of extra security checks and hardening fixes.

Older versions:

PipeWire 1.6.4 (2026-04-22)

This is a bugfix release that is API and ABI compatible with the previous
1.6.x releases.

Highlights
  - Small improvements and seqfault fixes.
  - Try to not emit ports that JACK doesn't understand. Fixes glitches in
    ardour and other JACK apps.

PipeWire
  - Refuse to load plugins and crash when pw_init() was not called. (!2784)

SPA
  - Fix LADSPA plugin loading, support LADSPA_PATH ending with /
  - Fix segfault in alsa-seq when removing devices in some cases. (#5221)
  - Allow negative gain in mixer. (#5228)
  - Improve alsa-seq port names, add : between client and port. (#5229)
  - ACP: don’t override user-selected port on availability changes.

Bluetooth
  - Backport some important fixes and minor improvements.

JACK
  - Ignore non DSP ports to avoid emitting extra callbacks.

GStreamer
  - Fix crop metadata.

Tools
  - Fix WAVEX saving in pw-cat. (#5233)

Signed-off-by: Markus Volk &lt;f_l_k@t-online.de&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit babcd8741435f1d97c759f7379dbfbd3ba3982f9)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: fix CVE-2026-5172</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Abhishek Bachiphale</name>
<email>Abhishek.Bachiphale@windriver.com</email>
</author>
<published>2026-05-23T05:00:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=ed946592da368d46cad0e673d8fbcadc87510e4e'/>
<id>urn:sha1:ed946592da368d46cad0e673d8fbcadc87510e4e</id>
<content type='text'>
A buffer overflow in dnsmasq’s extract_addresses() function allows
an attacker to trigger a heap out-of-bounds read and crash by
exploiting a malformed DNS response, enabling extract_name()
to advance the pointer past the record’s end.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-5172 ]

Signed-off-by: Abhishek Bachiphale &lt;Abhishek.Bachiphale@windriver.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit 44c8962f48a67fbe0fbc8fd830d2f51ae15541a4)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: fix CVE-2026-4893</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Abhishek Bachiphale</name>
<email>Abhishek.Bachiphale@windriver.com</email>
</author>
<published>2026-05-23T05:00:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=b81fd0e23e6136c111de0b8a69db3ecdac581477'/>
<id>urn:sha1:b81fd0e23e6136c111de0b8a69db3ecdac581477</id>
<content type='text'>
An information disclosure vulnerability in dnsmasq allows remote
attackers to bypass source checks via a crafted DNS packet with
RFC 7871 client subnet information.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4893 ]

Signed-off-by: Abhishek Bachiphale &lt;Abhishek.Bachiphale@windriver.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit b4c48536242d9aa7d1eaf968152fc83edea41923)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: fix CVE-2026-4892</title>
<updated>2026-05-29T03:59:32+00:00</updated>
<author>
<name>Abhishek Bachiphale</name>
<email>Abhishek.Bachiphale@windriver.com</email>
</author>
<published>2026-05-23T05:00:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=be8d0f006a3153922e2e59b195940efb8e1e47b8'/>
<id>urn:sha1:be8d0f006a3153922e2e59b195940efb8e1e47b8</id>
<content type='text'>
A heap-based out-of-bounds write vulnerability in the DHCPv6
implementation of dnsmasq allows local attackers to execute
arbitrary code with root privileges via a crafted DHCPv6 packet.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4892 ]

Signed-off-by: Abhishek Bachiphale &lt;Abhishek.Bachiphale@windriver.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit 21c3d7eb6f94f967b5e02fc61cc027d3893764a0)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dnsmasq: fix CVE-2026-4891</title>
<updated>2026-05-29T03:59:30+00:00</updated>
<author>
<name>Abhishek Bachiphale</name>
<email>Abhishek.Bachiphale@windriver.com</email>
</author>
<published>2026-05-23T05:00:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=81572e132c1f78b8c153ded144f808f8a828e6c2'/>
<id>urn:sha1:81572e132c1f78b8c153ded144f808f8a828e6c2</id>
<content type='text'>
A heap-based out-of-bounds read vulnerability in the
DNSSEC validation of dnsmasq allows remote attackers
to cause a denial of service via a crafted DNS packet.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4891 ]

Signed-off-by: Abhishek Bachiphale &lt;Abhishek.Bachiphale@windriver.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
(cherry picked from commit a9de48a9fa55a254c0bf2eb528c81bd90e015c03)
Signed-off-by: Ankur Tyagi &lt;ankur.tyagi85@gmail.com&gt;
Signed-off-by: Anuj Mittal &lt;anuj.mittal@oss.qualcomm.com&gt;
</content>
</entry>
</feed>
