summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* wireshark: Add xxhash to DEPENDSJörg Sommer2026-03-181-1/+13
| | | | | | | | | | | | Currently, the build of wireshark fails with ERROR: wireshark-1_4.6.3-r0 do_package_qa: QA Issue: /usr/lib/libwsutil.so.17.0.0 contained in package wireshark requires libxxhash.so.0()(64bit), but no providers found in RDEPENDS:wireshark? [file-rdeps] ERROR: wireshark-1_4.6.3-r0 do_package_qa: Fatal QA errors were found, failing task. ERROR: Logfile of failure stored in: /build/tmp/work/core2-64-poky-linux/wireshark/4.6.3/temp/log.do_package_qa.302606 ERROR: Task (/build/../work/layers-3rdparty/openembedded/meta-networking/recipes-support/wireshark/wireshark_4.6.3.bb:do_package_qa) failed with exit code '1' Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dlt-daemon: upgrade 2.18.10 to 3.0.0Changqing Li2026-03-1810-260/+1088
| | | | | | | | | | | | | | | | | | | | | Changes: https://github.com/COVESA/dlt-daemon/releases Remove patches already in 3.0.0: 544.patch 567.patch 0001-CMakeLists-txt-make-DLT_WatchdogSec-can-be-set-by-user.patch 0003-allow-build-with-cmake-4.patch Add patches to fix build failures 0001-Fix-compile-failure-related-to-gzlog.patch 0001-Fix-kinds-of-build-failure.patch 0001-Fix-build-failures.patch 0001-fix-build-failure-when-systemd-is-enabled.patch 0001-Fix-build-failure-with-glibc-2.43.patch Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-redis: upgrade 5.3.1->7.3.0Jiaying Song2026-03-181-2/+2
| | | | | | | | | | Switch build system from setuptools3 to python_hatchling Changelog: https://github.com/redis/redis-py/releases Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-paramiko: upgrade 3.5.1->4.0.0Jiaying Song2026-03-181-2/+2
| | | | | | | | Changelog: https://www.paramiko.org/changelog.html Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* android-tools-conf-configfs: make USB gadget IDs configurableViswanath Kraleti2026-03-181-3/+6
| | | | | | | | | | | | | | The android-gadget-setup script currently hardcodes the USB vendor ID, product ID, and configuration string. This makes it difficult for BSP layers to customize USB gadget identity with platform specific values. Introduce variables for the vendor ID, product ID, and configuration string when populating the configfs attributes. This allows machine or distro specific overrides via `/etc/android-gadget-setup.machine`, while preserving the existing default values. Signed-off-by: Viswanath Kraleti <viswanath.kraleti@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-m2crypto: fix do_compile error using clangWang Mingyu2026-03-182-1/+51
| | | | | | | | | | | | | | | | | | | erre message: | INFO:mkpath:creating build/temp.linux-aarch64-cpython-314/src/SWIG | INFO:spawn:aarch64-yoe-linux-clang -mcpu=cortex-a57+crc --dyld-prefix=/usr -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot -O2 -g -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0=/usr/src/debug/python3-m2crypto/0.47.0 -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0=/usr/src/debug/python3-m2crypto/0.47.0 -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot= -ffile-prefix-map=/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot-native= -pipe -fPIC -I/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/recipe-sysroot/usr/include/python3.14 -I/srv/build/yoe/build/tmp/work/cortexa57-yoe-linux/python3-m2crypto/0.47.0/sources/m2crypto-0.47.0/src/SWIG -c src/SWIG/_m2crypto_wrap.c -o build/temp.linux-aarch64-cpython-314/src/SWIG/_m2crypto_wrap.o -DTHREADING -Wno-deprecated-declarations | src/SWIG/_m2crypto_wrap.c:4455:1: error: unknown type name 'PRAGMA_IGNORE_UNUSED_LABEL' | 4455 | PRAGMA_IGNORE_UNUSED_LABEL | | ^ | src/SWIG/_m2crypto_wrap.c:4456:30: error: expected ';' after top level declarator | 4456 | PRAGMA_WARN_STRICT_PROTOTYPES | | ^ | | ; | 2 errors generated. Add patch 0001-fix-swig-avoid-clang-GNUC-pragma-block-before-_lib.h.patch to avoid clang GNUC pragma block before _lib.h Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* opensaf: upgrade 5.22.01 -> 5.26.02Liu Yiding2026-03-186-452/+83
| | | | | | | | | | | | | 1.Add new patch 0001-To-fix-Werror-discarded-qualifiers-error.patch to fix build error 2.Remove following patches as merged upstream 0001-Fix-build-with-fno-common.patch 0001-include-missing-array-header.patch 0001-include-cstdint-for-uintXX_t-types.patch 0002-Fix-Werror-enum-int-mismatch-with-gcc13.patch Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fd-find: update 10.3.0 -> 10.4.2Deepesh Varatharajan2026-03-183-161/+199
| | | | | | | | Changes are here: https://github.com/sharkdp/fd/compare/v10.3.0...v10.4.2 Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libde265: upgrade 1.0.16 -> 1.0.17Ankur Tyagi2026-03-181-1/+3
| | | | | | | | | | Also fix packaging QA errors about staticlibs and dev-so Release Notes: https://github.com/strukturag/libde265/releases/tag/v1.0.17 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libheif: CVE-2026-3949Gyorgy Sarvari2026-03-182-1/+53
| | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3949 Backport the patch that is referenced by the NVD report (in the description) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unixodbc: mark CVE-2024-1013 patchedGyorgy Sarvari2026-03-181-0/+2
| | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2024-1013 The vulnerability has been patched since 2.3.13[1], however NVD tracks it without version info. Due to this, mark it patched explicitly. [1]: https://github.com/lurcher/unixODBC/commit/249bfcc511e89431b910ce2c62ae0b62bb9cc214 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python-pyjwt: upgrade 2.11.0 -> 2.12.1Gyorgy Sarvari2026-03-181-1/+3
| | | | | | | | | | | | | | | | | | | | | | | Contains fix for CVE-2026-32597. Since NVD tracks this CVE without version info, mark the CVE explicitly patched. Changes: 2.12.1: Add typing_extensions dependency for Python < 3.11 2.12.0: chore(docs): fix docs build Annotate PyJWKSet.keys for pyright fix: close HTTPError to prevent ResourceWarning on Python 3.14 chore: remove superfluous constants chore(tests): enable mypy Bump actions/download-artifact from 7 to 8 fix: do not store reference to algorithms dict on PyJWK Use PyJWK algorithm when encoding without explicit algorithm Validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. (CVE-2026-32597) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ettercap: fix typo in CVE IDGyorgy Sarvari2026-03-182-1/+1
| | | | | | | | The CVE fix is correct, but the CVE ID contains a typo. The correct ID is CVE-2026-3606. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* exiv2: mark CVE-2026-27631 patchedGyorgy Sarvari2026-03-181-0/+2
| | | | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-27631 Though NVD indicates that 0.28.8 is still vulnerable, that does not seem to be the case: the fix that is referenced by the advisory has been backported[1] to this verison. Due to this, mark this CVE as patched. [1]: https://github.com/Exiv2/exiv2/commit/21d129c842212c198dd887dbaafc5ce734e9dfad Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libsodium: mark CVE-2025-69277 patchedGyorgy Sarvari2026-03-181-0/+2
| | | | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2025-69277 The vulnerability has been fixed[1] since version 1.0.20, but NVD tracks it without version info. Mark it patched explicitly. [1]: https://github.com/jedisct1/libsodium/commit/f2da4cd8cb26599a0285a6ab0c02948e361a674a Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* gimp: update 3.0.8 -> 3.2.0Markus Volk2026-03-185-94/+58
| | | | | | | | | - remove a backport patch - rework the fix for host systems that dont provide iso-codes - update mypaint-brushes dependency to 2.x Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libwebsockets: upgrade 4.5.2 -> 4.5.7Peter Marko2026-03-181-1/+1
| | | | | | | Update to latest v4.5-stable patch level. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ntfs-3g-ntfsprogs: update UPSTREAM_CHECK_GITTAGREGEXYi Zhao2026-03-181-2/+1
| | | | | | | | | | | | | | | | | | | Update UPSTREAM_CHECK_GITTAGREGEX to check the correct latest stable verison. Before the patch: $ devtool latest-version ntfs-3g-ntfsprogs INFO: Current version: 2022.10.3 INFO: Latest version: 20070925 INFO: Latest version's commit: e859b1b1099d6fb8080f84db7f3790ab2bdc92e4 $ devtool latest-version ntfs-3g-ntfsprogs INFO: Current version: 2022.10.3 INFO: Latest version: 2022.10.3 INFO: Latest version's commit: 78414d93613532fd82f3a82aba5d4a1c32898781 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freerdp3: upgrade 3.23.0 -> 3.24.0Gyorgy Sarvari2026-03-181-1/+3
| | | | | | | | | | | | | | | | | | Contains many bugfixes and CVE fixes: https://github.com/FreeRDP/FreeRDP/releases/tag/3.24.0 Added build option to use internal rc4 and md4 ciphers: this is due to a recent change in oe-core. OpenSSL's legacy ciphers (like RC4 and MD4) are now disabled by default (with 'legacy' PACKAGECONFIG), however FreeRDP3 relies on them. To ensure that the required ciphers are available, build the recipe with this ciphers' internal implementations instead of expecting OpenSSL to support them. Ptests passed successfully. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* imagemagick: upgrade 7.1.2-16 -> 7.1.2-17Gyorgy Sarvari2026-03-181-1/+1
| | | | | | | | Contains bugfixes and a couple of CVE fixes: https://github.com/ImageMagick/ImageMagick/compare/7.1.2-16...7.1.2-17 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* glibmm-2.68: upgrade 2.80.0 to 2.86.0Changqing Li2026-03-181-3/+3
| | | | | | | | | | | | License-Update: Remove obsolete FSF address NEWS: https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.86.0/NEWS [1] https://github.com/GNOME/glibmm/commit/727b086bc5bc29fbbfb3fb90198499364cc65dac Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kronosnet: upgrade 1.31 -> 1.33Liu Yiding2026-03-181-1/+1
| | | | | | | | Changelog https://github.com/kronosnet/kronosnet/releases/tag/v1.33 Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: upgrade 7.4 -> 7.5Peter Marko2026-03-181-2/+2
| | | | | | | | | | | | | | | | | License-Update: updated to latest GPLv2 text version [1] Changelog [2] - Bug 5501: Squid may exit when ACLs decode an invalid URI - ICP: Fix HttpRequest lifetime for ICP v3 queries - ICP: Fix validation of packet sizes and URLs - Do not escape malformed URI twice when sending ICP errors - ... and some code, CI, and documentation cleanups [1] https://github.com/squid-cache/squid/commit/765c7f4e7fa45ce87134b4a38ad175db4bda06dd [2] https://github.com/squid-cache/squid/releases/tag/SQUID_7_5 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* squid: fix UPSTREAM_CHECK_REGEXPeter Marko2026-03-181-1/+1
| | | | | | | | | | Squid tags are in form SQUID_<MAJ>_<MIN>. This can also be seen in SRC_URI download link. This change will make "devtool latest-version squid" correctly show 7.5 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* opengl-es-cts: upgrade 3.2.13.0 -> 3.2.14.0Dmitry Baryshkov2026-03-182-9/+9
| | | | | | | | Upgrade OpenGL ES CTS to the last release, mostly bringing up fixes for the existing tests. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* vulkan-cts: upgrade 1.4.5.1 -> 1.4.5.2Dmitry Baryshkov2026-03-182-2/+2
| | | | | | | Upgrade Vulkan CTS, fixing several small issues in the tests. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: enable libva-x11 and drop gstreamer1.0-vaapiDmitry Baryshkov2026-03-181-1/+1
| | | | | | | | | OE-Core has dropped gstreamer1.0-vaaapi, breaking spice-gtk. Drop the dependency and, while we are at it, enable libva as a dependency, making sure VA-API is enabled. Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* redis 8: Update licenceDaniel McGregor2026-03-182-1/+164
| | | | | | | | | | Redis 8.0 and later are tri-licensed, the licence options are: * Redis Source Available License v2 * Server Side Public License v1.0 * GNU Affero GPL v3.0 Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libfido2-initial: new recipeDan McGregor2026-03-181-0/+40
| | | | | | | | | | | | | | | | | Use this recipe to break a circular dependency between libfido2 and systemd when systemd's fido PACKAGECONFIG is enabled. systemd depends on libfido2, and libfido2 depends on udev provided by systemd. However, systemd only depends on the headers provided by libfido2 and its pkgconf data. systemd uses only the datatypes provided, and opportunistically enables fido support if libfido2 is found. This recipe provides only the headers and pkgconf data. This is sufficient to allow systemd to build support for libfido2. It only works with a related change I've submitted to openembedded core. Signed-off-by: Dan McGregor <danmcgr@protonmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bpftrace: Update the runtime dependenciesPeter Kjellerstedt2026-03-181-6/+5
| | | | | | | | * bash and python3 are only needed by the ptest package. * xz appears to not be needed at all. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-tornado: upgrade 6.5.4 -> 6.5.5Ankur Tyagi2026-03-181-1/+1
| | | | | | | | | Security fixes including CVE-2026-31958 https://www.tornadoweb.org/en/stable/releases/v6.5.5.html Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* perfetto: Don't copy gn native binaryWilli Ye2026-03-181-10/+1
| | | | | | | | | | | | | | | With the current recipe I am getting ``` gn: error while loading shared libraries: libc++abi.so.1: cannot open shared object file: No such file or directory ``` on my aarch64 machine This is due to gn having a relative library runpath causing the interpreter not finding the shared libraries Instead of copying the binary just directly execute it Additionally remove the unnecessary download of the prebuilt gn binary Signed-off-by: Willi Ye <zye2@snap.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* refpolicy-targeted: Added sepolicy for adb serviceGargi Misra2026-03-182-0/+81
| | | | | | | | | | - Labeled adb binary - Moved adb shell from initrc_t to unconfined_t - meta-selinux does not provide adb domain added policy in meta-oe instead of refpolicy: SELinuxProject/refpolicy#1085 Signed-off-by: Gargi Misra <gmisra@qti.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pipewire: enable aptX Bluetooth codec supportShuai Zhang2026-03-181-2/+6
| | | | | | | | | Enable aptX/aptX-HD codec support in PipeWire's Bluetooth A2DP codec. This allows A2DP streaming with aptX-capable headsets when libfreeaptx is available. Signed-off-by: Shuai Zhang <shuai.zhang@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libfreeaptx: add aptX/aptX-HD codec libraryShuai Zhang2026-03-181-0/+33
| | | | | | | | Add a libfreeaptx recipe (LGPL-2.1+) to provide aptX/aptX-HD codec support for Bluetooth A2DP audio codec. Signed-off-by: Shuai Zhang <shuai.zhang@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-nltk: mark CVE-2026-0846 patchedGyorgy Sarvari2026-03-181-0/+1
| | | | | | | | | | Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0846 It has been fixed in version 3.9.3, however NVD tracks it without CPE/version info. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-grpcio: upgrade 1.76.0 -> 1.78.0Andrej Kozemcak2026-03-181-2/+8
| | | | | | | | | | | | | | | | | | | Change build tools from setuptools3 to python_setuptools_build_meta Add cython depends and change cython requirement from cython==3.1.1 to cython>=3.1.1. Currently we use cython version 3.2.4 Changelog: https://github.com/grpc/grpc/releases/tag/v1.78.0 Changes for python: - aio: fix race condition causing asyncio.run() to hang forever during the shutdown process. - Migrate to pyproject.toml build system from setup.py builds. - Log error details when ExecuteBatchError occurs (at DEBUG level). - Update setuptools min version to 77.0.1. Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libsodium: upgrade 1.0.20 -> 1.0.21Andrej Kozemcak2026-03-183-65/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | License-Update: copyright years refreshed Removed patch included in this release Add path to fix compilation with gcc on aarch64 Changelog: https://github.com/jedisct1/libsodium/releases/tag/1.0.21-RELEASE Changes: Version 1.0.21 - security fix for the crypto_core_ed25519_is_valid_point() function - new crypto_ipcrypt_* functions - sodium_bin2ip and sodium_ip2bin helper functions - XOF: the crypto_xof_shake* and crypto_xof_turboshake* functions Version 1.0.20-stable - XCFramework: cross-compilation is now forced on Apple Silicon to avoid Rosetta-related build issues - The Fil-C compiler is supported out of the box - The CompCert compiler is supported out of the box - MSVC 2026 (Visual Studio 2026) is now supported - Zig builds now support FreeBSD targets - Performance of AES256-GCM and AEGIS on ARM has been improved with some compilers - Android binaries have been added to the NuGet package - Windows ARM binaries have been added to the NuGet package - The Android build script has been improved. The base SDK is now 27c, and the default platform is 21, supporting 16 KB page sizes. - The library can now be compiled with Zig 0.15 and Zig 0.16 - Zig builds now generate position-independent static libraries by default on targets that support PIC - arm64e builds have been added to the XCFramework packages - XCFramework packages are now full builds instead of minimal builds - MSVC builds have been enabled for ARM64 - iOS 32-bit (armv7/armv7s) support has been removed from the XCFramework build script - Security: optblockers have been introduced in critical code paths to prevent compilers from introducing unwanted side channels via conditional jumps. This was observed on RISC-V targets with specific compilers and options. - Security: crypto_core_ed25519_is_valid_point() now properly rejects small-order points that are not in the main subgroup - ((nonnull)) attributes have been relaxed on some crypto_stream* functions to allow NULL output buffers when the output length is zero - A cross-compilation issue with old clang versions has been fixed - JavaScript: support for Cloudflare Workers has been added - JavaScript: WASM_BIGINT is forcibly disabled to retain compatibility with older runtimes - A compilation issue with old toolchains on Solaris has been fixed - crypto_aead_aes256gcm_is_available is exported to JavaScript - libsodium is now compatible with Emscripten 4.x - Security: memory fences have been added after MAC verification in AEAD to prevent speculative access to plaintext before authentication is complete - Assembly files now include .gnu.property notes for proper IBT and Shadow Stack support when building with CET instrumentation. Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* luajit: Update to latest on v2.1 branchChangqing Li2026-03-181-1/+0
| | | | | | | License-Update: copyright year updated Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* atkmm: upgrade 2.28.2 to 2.28.4Changqing Li2026-03-181-1/+1
| | | | | | | | NEWS: https://gitlab.gnome.org/GNOME/atkmm/-/blob/atkmm-2-28/NEWS Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* glibmm: upgrade 2.66.7 to 2.66.8Changqing Li2026-03-181-1/+1
| | | | | | | | NEWS: https://gitlab.gnome.org/GNOME/glibmm/-/blob/2.66.8/NEWS Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* capnproto: upgrade 1.0.2 -> 1.4.0Gyorgy Sarvari2026-03-181-2/+5
| | | | | | | | | | | | | Contains fix for CVE-2026-32239 and CVE-2026-32240 Also, mark these CVEs explicitly patched, because NVD tracks them without version info at this time. Shortlog: https://github.com/capnproto/capnproto/compare/v1.0.2...v1.4.0 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* hstr: upgrade 3.1.0 to 3.2.0Changqing Li2026-03-181-2/+2
| | | | | | | | Full Changelog: https://github.com/dvorka/hstr/compare/3.1...v3.2 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-ninja: upgrade 1.11.1.1 -> 1.13.0Jiaying Song2026-03-184-80/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://github.com/scikit-build/ninja-python-distributions/releases Upstream commit [1] switched build system from scikit-build to scikit-build-core, which changed pyproject.toml structure and rewrote __init__.py. Update patches accordingly: - no-scikit-build.patch: rewrite for new pyproject.toml structure, replace scikit-build-core with setuptools, and remove 'readme' from dynamic fields as setuptools cannot handle the fancy-pypi-readme plugin. - run-ninja-from-path.patch: drop. Old version imported skbuild modules in __init__.py which caused ImportError in OE since scikit-build is not installed. New version replaced these imports with stdlib sysconfig, so the patch is no longer needed. - CMakeLists.txt: drop. This was a stub file added to prevent scikit-build from failing when it could not find CMakeLists.txt. Since we now use setuptools which does not require it, the file can be removed. [1] https://github.com/scikit-build/ninja-python-distributions/commit/f3b4a786be Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-gpiod: update to v2.4.1Bartosz Golaszewski2026-03-181-5/+3
| | | | | | | | | | | | Bug-fix release addressing a memory leak and a couple minor issues. We now ship the license file with the dist tarball so update the recipe to take this into account. While at it: trim the LICENSE value to only include LGPL-v2.1-or-later as the other two licenses cover tests and text files. Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* librust-cxx: Add librust-cxx recipeDeepesh Varatharajan2026-03-182-0/+166
| | | | | | | | | | | | | | | Add a recipe for the cxx crate, which provides a safe and efficient bridge for interoperability between Rust and C++ code. It allows defining the FFI boundary in a shared Rust module and generates compatible bindings for both languages during the build process. The crate is implemented in Rust and supports zero-overhead FFI with common Rust and C++ standard library types. More information: https://crates.io/crates/cxx Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libnice: make crypto library configurable via PACKAGECONFIGSujeet Nayak2026-03-181-1/+4
| | | | | | | | | | Move gnutls from a hard dependency to a PACKAGECONFIG option defaulting to gnutls. This allows users to select openssl as an alternative crypto library by setting PACKAGECONFIG. Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com> Signed-off-by: Sujeet Nayak <sujeetnayak1976@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spawn-fcgi: upgrade 1.6.5 -> 1.6.6Ankur Tyagi2026-03-181-3/+3
| | | | | | | | | Changelog: * Use meson instead of autotools and cmake * Simplify/reduce configure checks and #ifdefs Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: upgrade 1.29.5 -> 1.29.6Ankur Tyagi2026-03-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | Changelog: * Feature: session affinity support; the "sticky" directive in the "upstream" block of the "http" module; the "server" directive supports the "route" and "drain" parameters. * Change: now nginx limits the size and rate of QUIC stateless reset packets. * Bugfix: receiving a QUIC packet by a wrong worker process could cause the connection to terminate. * Bugfix: "[crit] cache file ... contains invalid header" messages might appear in logs when sending a cached HTTP/2 response. * Bugfix: proxying to scgi backends might not work when using chunked transfer encoding and the "scgi_request_buffering" directive. * Bugfix: in the ngx_http_mp4_module. * Bugfix: nginx treated a comma as separator in the "Cookie" request header line when evaluating "$cookie_..." variables. * Bugfix: in IMAP command literal argument parsing. Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* webmin: upgrade 2.520 -> 2.621Ankur Tyagi2026-03-181-1/+1
| | | | | | | | | | https://github.com/webmin/webmin/releases/tag/2.600 https://github.com/webmin/webmin/releases/tag/2.610 https://github.com/webmin/webmin/releases/tag/2.620 https://github.com/webmin/webmin/releases/tag/2.621 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-21 16:02:17 +0000