<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-oe, branch dunfell</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2024-04-02T12:12:59+00:00</updated>
<entry>
<title>c-ares: Backport fix for CVE-2024-25629</title>
<updated>2024-04-02T12:12:59+00:00</updated>
<author>
<name>Ashish Sharma</name>
<email>asharma@mvista.com</email>
</author>
<published>2024-03-12T14:10:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=bf0da59a92e9b9b10ec5e9de4f21daab7499dbd8'/>
<id>urn:sha1:bf0da59a92e9b9b10ec5e9de4f21daab7499dbd8</id>
<content type='text'>
Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183]

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-25629
https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q
https://security-tracker.debian.org/tracker/CVE-2024-25629

Signed-off-by: Ashish Sharma &lt;asharma@mvista.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>postgresql: Update to 12.18</title>
<updated>2024-04-02T12:12:59+00:00</updated>
<author>
<name>Matthias Schmitz</name>
<email>matthias.schmitz@port4949.net</email>
</author>
<published>2024-03-01T07:04:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=96e447ff9134d1a99e398b2570a50af3a7c6538d'/>
<id>urn:sha1:96e447ff9134d1a99e398b2570a50af3a7c6538d</id>
<content type='text'>
Minor security and bugfix release. Fixes

CVE-2024-0985: PostgreSQL non-owner REFRESH MATERIALIZED VIEW
               CONCURRENTLY executes arbitrary SQL

Additional information is available in the release notes:
https://www.postgresql.org/docs/release/12.18/

Signed-off-by: Matthias Schmitz &lt;matthias.schmitz@port4949.net&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>libuv: fix CVE-2024-24806</title>
<updated>2024-03-03T21:38:27+00:00</updated>
<author>
<name>Hugo SIMELIERE</name>
<email>hsimeliere.opensource@witekio.com</email>
</author>
<published>2024-02-19T10:50:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=3c1bd6e007cd2bc6bee06d8784dcce71644401a9'/>
<id>urn:sha1:3c1bd6e007cd2bc6bee06d8784dcce71644401a9</id>
<content type='text'>
Upstream-Status: Backport[https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629]
Upstream-Status: Backport[https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70]&gt;

Signed-off-by: Hugo SIMELIERE &lt;hsimeliere.opensource@witekio.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>nodejs: Set CVE_PRODUCT to "node.js"</title>
<updated>2024-03-03T21:38:27+00:00</updated>
<author>
<name>virendra thakur</name>
<email>thakur.virendra1810@gmail.com</email>
</author>
<published>2024-02-09T06:07:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=de497fb40998a1b89f6b23083264bfa4c2a70504'/>
<id>urn:sha1:de497fb40998a1b89f6b23083264bfa4c2a70504</id>
<content type='text'>
Set CVE_PRODUCT to 'node.js' for nodjs recipe

Signed-off-by: virendra thakur &lt;virendrak@kpit.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>linuxptp: fix do_compile error</title>
<updated>2024-03-03T21:38:27+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2024-01-23T17:53:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=45ea2ed7593b82825e0342d5e3928f83b8e3a2ce'/>
<id>urn:sha1:45ea2ed7593b82825e0342d5e3928f83b8e3a2ce</id>
<content type='text'>
with make 4.4, linuxptp do_compile will failed with error:
In file included from clock.c:35:
missing.h:61:9: error: redeclaration of enumerator 'HWTSTAMP_TX_ONESTEP_P2P'
   61 |         HWTSTAMP_TX_ONESTEP_P2P = 3,
      |         ^~~~~~~~~~~~~~~~~~~~~~~
In file included from clock.c:21:
/buildarea2/WRLCD_Regression/Rerun/build_dir/11201532-build_scp_world_Feature_Test/qemux86-64-standard-std-OE/build/tmp-glibc/work/core2-64-wrs-linux/linuxptp/3.1.1-r0/recipe-sysroot/usr/include/linux/net_tstamp.h:128:9: note: previous definition of 'HWTSTAMP_TX_ONESTEP_P2P' with type 'enum hwtstamp_tx_types'
  128 |         HWTSTAMP_TX_ONESTEP_P2P,
      |

Following change of make 4.4 changes behavior of shell function:
* WARNING: Backward-incompatibility!
  Previously makefile variables marked as export were not exported to commands
  started by the $(shell ...) function.  Now, all exported variables are
  exported to $(shell ...).

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;

Backport of commit 05c1003c4 ("linuxptp: fix do_compile error").
This is present in dunfell/kirkstone as well. If net_tstamp.h of the
build host disagrees with net_tstamp.h of the OE kernel or I remove
the build host's net_tstamp.h do_compile fails.

Changed Upstream Status to Backport with the git sha as the commit is
now applied upstream.

Signed-off-by: Max Krummenacher &lt;max.krummenacher@toradex.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>openwsman: Change download branch from master to main.</title>
<updated>2024-03-03T21:38:27+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@fujitsu.com</email>
</author>
<published>2024-01-15T14:36:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=38acd3f483c70c9acb76a292c993117b7a8d2a0c'/>
<id>urn:sha1:38acd3f483c70c9acb76a292c993117b7a8d2a0c</id>
<content type='text'>
Signed-off-by: Wang Mingyu &lt;wangmy@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
Signed-off-by: Joao Marcos Costa &lt;joaomarcos.costa@bootlin.com&gt;

Backported from Kirkstone
(cherry-picked from commit 84425db660a30570044e334509e174e5c92173ed)

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>postgresql: Update to 12.17</title>
<updated>2024-01-16T12:31:14+00:00</updated>
<author>
<name>Robert Joslyn</name>
<email>robert.joslyn@redrectangle.org</email>
</author>
<published>2023-12-14T03:35:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=daa4619fe3fbf8c28f342c4a7163a84a330f7653'/>
<id>urn:sha1:daa4619fe3fbf8c28f342c4a7163a84a330f7653</id>
<content type='text'>
Minor security and bugfix release. Addresses the following CVEs:

CVE-2023-5868: Memory disclosure in aggregate function calls
CVE-2023-5869: Buffer overrun from integer overflow in array modification
CVE-2023-5870: Role pg_signal_backend can signal certain superuser processes

Additional information is available in the release notes:
https://www.postgresql.org/docs/release/12.17/

Signed-off-by: Robert Joslyn &lt;robert.joslyn@redrectangle.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>opensc: Fix CVE-2023-40661</title>
<updated>2024-01-16T12:31:14+00:00</updated>
<author>
<name>virendra thakur</name>
<email>virendrak@kpit.com</email>
</author>
<published>2023-12-22T06:34:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=60569e5c89bdc65b7ae08065bae02c9b38d8ec80'/>
<id>urn:sha1:60569e5c89bdc65b7ae08065bae02c9b38d8ec80</id>
<content type='text'>
Upstream-Status: Backport[https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50]

Signed-off-by: virendra thakur &lt;virendrak@kpit.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>opensc: Fix CVE-2023-40660</title>
<updated>2024-01-16T12:31:14+00:00</updated>
<author>
<name>virendra thakur</name>
<email>virendrak@kpit.com</email>
</author>
<published>2023-12-22T06:34:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=23ca2973ff58a6ee17f0f0863a57c573a604316f'/>
<id>urn:sha1:23ca2973ff58a6ee17f0f0863a57c573a604316f</id>
<content type='text'>
Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533]

Signed-off-by: virendra thakur &lt;virendrak@kpit.com&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>spirv-tools: Use main branch for all repos</title>
<updated>2023-12-17T20:36:42+00:00</updated>
<author>
<name>Frieder Schrempf</name>
<email>frieder.schrempf@kontron.de</email>
</author>
<published>2023-11-22T18:46:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a005377cdf1efd4aa6681e73bb663bb1c3ebfd4e'/>
<id>urn:sha1:a005377cdf1efd4aa6681e73bb663bb1c3ebfd4e</id>
<content type='text'>
The master branch has been removed in all of the repos used
in SRC_URI. Switch to the main branch instead.

Signed-off-by: Frieder Schrempf &lt;frieder.schrempf@kontron.de&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
