| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2024-3566 only effects Microsoft Windows.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d68c56e1ed2adc8246a18424ed5d9ede5e8254a0)
Adapted to Kirkstone.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-36137
The vulnerability affects the permission model, which was introduced[1]
in v20 - the recipe version isn't vulerable yet.
[1]: https://github.com/nodejs/node/commit/00c222593e49d817281bc88a322f41f8dca95885
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-3566
https://nvd.nist.gov/vuln/detail/CVE-2024-36138
This vulnerabilities affect Windows only.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-27983
Pick the patch that mentions this CVE ID explcitly in its commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-22017
The vulnerability is related to the io_uring usage of libuv.
Libuv first introduced io_uring support in v1.45[1].
oe-core ships a non-vulnerable version (1.44.2), and nodejs
vendors also an older version (1.43).
Mark this CVE as ignored for this recipe version.
[1]: https://github.com/libuv/libuv/commit/d2c31f429b87b476a7f1344d145dad4752a406d4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-39333
Backport the patch that mentions this CVE ID explicitly in its
commit message.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-30583
https://nvd.nist.gov/vuln/detail/CVE-2023-30584
https://nvd.nist.gov/vuln/detail/CVE-2023-30587
None of these vulnerabilities are present in the recipe version.
CVE-2023-30583: While the main feature (blob) was intruced in v16, the vulnerable
code (load blobs from file) was introduced in v20[1], and as such,
the vulnerability is not present in the recipe version.
CVE-2023-30584, CVE-2023-30587: The whole vulnerable feature (permission model) was
introduced[2] in v20.
Ignore these CVE IDs.
[1]: https://github.com/nodejs/node/commit/950cec4c2642c15e2913f35babadda56c1d8a723
[2]: https://github.com/nodejs/node/commit/00c222593e49d817281bc88a322f41f8dca95885
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Comes with fixes for CVE-2025-14177, CVE-2025-14178 and CVE-2025-14180
Changelog:
- Curl: Fix curl build and test failures with version 8.16.
- Opcache: Reset global pointers to prevent use-after-free in zend_jit_status().
- PDO: Fixed: PDO quoting result null deref. (CVE-2025-14180)
- Standard:
* Fixed: Null byte termination in dns_get_record().
* Fixed: Heap buffer overflow in array_merge(). (CVE-2025-14178)
* Fixed: Information Leak of Memory in getimagesize. (CVE-2025-14177)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The CVE_PRODUCT is set with a weak default assignment in the cve-check.bbclass,
which means that when the recipe uses +=, it overrides the original weak adefault
value instead of appending to it.
Set all applicable values in CVE_PRODUCT variable explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33465
The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1020-hash-null-CVE-2021-33456.patch/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1e2731fce05d15020fddf3dca5d8ee42ec3c04e1)
|
| |
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33464
The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1010-nasm-pp-no-env-CVE-2021-33464.patch/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 66a0b01b52e5d1cd2af4c41ae0b67541464874e6)
|
| |
|
|
|
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-29579
The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cc30757a7fd0af5f60b9a6408b3eb94c0810acda)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are multiple vendors for yasm:
$ sqlite3 ./nvdcve_2-2.db "select distinct vendor, product from products where product = 'yasm';"
tortall|yasm
yasm_project|yasm
Both products refer to the same application
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93f85e4fd2fb124cb047f6b378cf0052a1f102aa)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Take patch from Debian from
https://salsa.debian.org/lts-team/packages/uw-imap/-/commit/873b07f46ce40f43bca10ec85fe63a7a0b934294
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9f7c1e6bd101494c6cc5dad16a7fa65a13cbac70)
Adapted to Kirkstone.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
| |
Master branch was renamed to main
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
| |
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-52949
Pick the commit that mentions the CVE in its description.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability was determined in jqlang jq up to 1.6. Impacted is the
function run_jq_tests of the file jq_test.c of the component JSON Parser.
Executing manipulation can lead to reachable assertion. The attack
requires local access. The exploit has been publicly disclosed and may be
utilized. Other versions might be affected as well.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9403
Upstream-patch:
https://github.com/jqlang/jq/commit/a4d9d540103ff9a262e304329c277ec89b27e5f9
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes CVE-fix for CVE-2023-26819.
Removed CVE-2025-57052, as the issue was already resolved
in v1.7.19.
Changelog:
==========
https://github.com/DaveGamble/cJSON/blob/master/CHANGELOG.md
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
| |
Add missing runtime dependencies for the ptest package.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
scripts for some test cases.
The test cases in jemalloc require the appropriate value to be exported
to MALLOC_CONF, which is stored in shell scripts.
The privious script just ran the test cases without exporting value, causing
the tests to fail.
Include the missing shell scripts, and source them before running the test
cases now.
Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b3274b4e90fad106e2e76b48afb866d81170bd6f)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
yasm commit 9defefae was discovered to contain a NULL pointer
dereference via the yasm_section_bcs_append function at section.c.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-22653
Upstream-patch:
https://github.com/yasm/yasm/commit/121ab150b3577b666c79a79f4a511798d7ad2432
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
I noticed that xft was not getting enabled as expected because the
recipe was using pkg-config from the host.
Signed-off-by: Justin Bronder <jsbronder@cold-front.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 95c14a92544e4f0e2dc94ef6a1f26d35beb82d7e)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
With the exception of paho-mqtt-cpp, the double protocol= attributes
were added to the SRC_URIs when protocol=https was added to all SRC_URIs
fetching from github.com in commit b402a3076f (recipes: Update SRC_URI
branch and protocols).
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2e0a581bee7fc15a78f6e19ba1e596930edee414)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
By default, img2simg will only generate raw and fill chunks. This adds
support for "don't care" chunks, based on file holes. This is similar to
how bmaptool works. "don't care" chunks do not need to be written,
speeding up flashing time.
This change corresponds to upstream 9862a017fa7f88424f0670ba89af58e5051550b0
Signed-off-by: Sean Anderson <sean.anderson@seco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: AshishKumar Mishra <emailaddress.ashish@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream Repository: https://github.com/DaveGamble/cJSON.git
Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57052
Type: Security Fix
CVE: CVE-2025-57052
Score: 9.8
Patch: https://github.com/DaveGamble/cJSON/commit/74e1ff4994aa
Signed-off-by: Shubham Pushpkar <spushpka@cisco.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2025-1735, CVE-2025-6491, CVE-2025-1220, CVE-2025-1861,
CVE-2025-1219, CVE-2025-1217, CVE-2025-1734 and CVE-2025-1736.
Changelog:
https://www.php.net/ChangeLog-8.php#8.1.33
https://www.php.net/ChangeLog-8.php#8.1.32
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Can't found properly in the sysroot dir due to the absolute path in
INSTALL_CMAKE_DIR.
Fixes:
The imported target "nlohmann_json_schema_validator" references the file
"/usr/lib/libnlohmann_json_schema_validator.so.2.1.0"
but this file does not exist.
Signed-off-by: Youngseok Jeong <youngseok1.jeong@lge.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
fix CVE-2024-25176, CVE-2024-25177, CVE-2024-25178
For apply CVE-2024-25178-0003.patch more smoothly,
CVE-2024-25178-0001.patch and CVE-2024-25178-0002.patch is backported.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Adds backported patches to fix CVE-2024-23339, CVE-2024-53427, and
CVE-2025-48060.
Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Change-Id: Ibc2db956b7fd5d0388dbed1a81ddf9aa58431fb1
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Backport patch with adjustments for 3.19.6 version to fix
CVE-2025-4565.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
1. RDEPENDS on python3-protobuf instead of python-protobuf. The
latter is not available anywhere.
2. Use use python3 interpreter.
3. Fix run-ptest to avoid test failure. An extra '\n' is needed
to break out the loop.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog:
http://netlib.org/lapack/lapack-3.10.1.html
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Piotr Lewicki <piotr.l.lewicki@hitachienergy.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch to fix CVE-2025-0838
CVE-2025-0838:
There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized
constructors, reserve(), and rehash() methods of
absl::{flat,node}hash{set,map} did not impose an upper bound on their
size argument. As a result, it was possible for a caller to pass a very
large size that would cause an integer overflow when computing the size
of the container's backing store, and a subsequent out-of-bounds memory
write. Subsequent accesses to the container might also access
out-of-bounds memory. We recommend upgrading past commit
5a0e2cb5e3958dd90bb8569a2766622cb74d90c1
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-0838
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2020-36774:
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x
before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a
denial of service (application crash).
Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2020-36774]
Upstream patches:
[https://gitlab.gnome.org/GNOME/glade/-/commit/7acdd3c6f6934f47b8974ebc2190a59ea5d2ed17]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Includes fix for CVE-2024-8929, CVE-2024-11236, CVE-2024-11234 and CVE-2024-11233
Changelog:
https://www.php.net/ChangeLog-8.php#8.1.31
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
| |
|
|
|
|
|
|
| |
Backport patch with tweaks for the current version to fix
CVE-2024-7254.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2024-8925, CVE-2024-8926, CVE-2024-8927
and CVE-2024-9026
Changelog:
https://www.php.net/ChangeLog-8.php#8.1.30
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In C++ we cannot have both assignment operator and const member. Since
span::operator= is defined, span::count_ constness must be removed.
Fixes:
FAILED: CMakeFiles/flatc.dir/src/util.cpp.o
ccache flatbuffers/2.0.0/recipe-sysroot-native/usr/bin/aarch64-webos-linux/aarch64-webos-linux-g++ --sysroot=flatbuffers/2.0.0/recipe-sysroot -DFLATBUFFERS_LOCALE_INDEPENDENT=1 -Iflatbuffers/2.0.0/git/include -Iflatbuffers/2.0.0/git/grpc -mbranch-protection=standard -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type -funwind-tables --sysroot=flatbuffers/2.0.0/recipe-sysroot -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fmacro-prefix-map=flatbuffers/2.0.0/git=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/git=/usr/src/debug/flatbuffers/2.0.0 -fmacro-prefix-map=flatbuffers/2.0.0/build=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/build=/usr/src/debug/flatbuffers/2.0.0 -fdebug-prefix-map=flatbuffers/2.0.0/recipe-sysroot= -fmacro-prefix-map=flatbuffers/2.0.0/recipe-sysroot= -fdebug-prefix-map=flatbuffers/2.0.0/recipe-sysroot-native= -fvisibility-inlines-hidden -fPIC -DNDEBUG -MD -MT CMakeFiles/flatc.dir/src/util.cpp.o -MF CMakeFiles/flatc.dir/src/util.cpp.o.d -o CMakeFiles/flatc.dir/src/util.cpp.o -c flatbuffers/2.0.0/git/src/util.cpp
In file included from ../git/include/flatbuffers/util.h:23,
from ../git/src/util.cpp:44:
../git/include/flatbuffers/stl_emulation.h: In member function 'constexpr flatbuffers::span<T, Extent>& flatbuffers::span<T, Extent>::operator=(const flatbuffers::span<T, Extent>&)':
../git/include/flatbuffers/stl_emulation.h:549:12: error: assignment of read-only member 'flatbuffers::span<T, Extent>::count_'
549 | count_ = other.count_;
| ~~~~~~~^~~~~~~~~~~~~~
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fetcher failure:
Unable to find revision 86405c7e1bd4f70287204a28d242a1054daab520
in branch master
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
* Add NULL check to cJSON_SetValuestring()(CVE-2024-31755)
* Remove non-functional list handling of compiler flags
* Fix heap buffer overflow
* remove misused optimization flag -01
* Set free'd pointers to NULL whenever they are not reassigned immediately after
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(From meta-openembedded rev: 535822eff7647b6363225bb8f04d2d7d59a71204)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Location of the file that systemd uses to check whether to
start adbd or not has been updated from /var to /etc in
android-tools-adbd.service. This change changes the path
of creation of usb-debugging-enabled flag file in
android-tools recipes from /var/usb-debugging-enabled to
/etc/usb-debugging-enabled
Backport-of: 2a3d4be9994e ("android-tools: create flag flag file for adbd at a proper location")
Fixes: a29c6386d576 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Fixes: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
To ensure android-tools-adbd.service starts at boot, the path
for ConditionPathExists must be present at build time. /etc is
more suitable for build-time files than /var, which is for
runtime files. Changed ConditionPathExists from
/var/usb-debugging-enabled to /etc/usb-debugging-enabled
Backport-of: 8106cfe769aa ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
CC: Khem Raj <raj.khem@gmail.com>
CC: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Raghuvarya S <quic_raghuvar@quicinc.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
2848cc99a186 ("php-fpm: Add support for systemd") introduced a systemd
service file, where ExecStart and ExecStop uses /etc/init.d/php-fpm,
which does not exist if systemd is enabled. Consequently, the php-fpm
service fails to start even though it is correctly installed. This is
fixed by this commit in which the service file is identical to the one
from the PHP source code except for the use of BitBake variables. Also,
use ${systemd_system_unitdir} instead of ${systemd_unitdir}/system.
Signed-off-by: Emil Kronborg <emil.kronborg@protonmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Error: Transaction test error:
file /usr/bin/php-config conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
file /usr/bin/phpize conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
file /usr/include/php/main/build-defs.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
file /usr/include/php/main/php_config.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
The differences of php-config are as follows:
@@ -8,16 +8,16 @@
vernum="80207"
include_dir="/usr/include/php"
includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM -I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib"
-ldflags=" -L/usr/lib64"
+ldflags=" -L/usr/lib"
libs="-lcrypt -lc-client -lrt -lcrypt -lpam -lbz2 -lrt -lm -ldl -lxml2 -lssl -lcrypto -lsqlite3 -lz -lxml2 -lssl -lcrypto -lsqlite3 -lxml2 -lxml2 -lxml2 -lxml2 -lz -lssl -lcrypto -lcrypt "
-extension_dir='/usr/lib64/php8/extensions/no-debug-non-zts-20220829'
+extension_dir='/usr/lib/php8/extensions/no-debug-non-zts-20220829'
man_dir=`eval echo /usr/share/man`
program_prefix=""
program_suffix=""
exe_extension=""
php_cli_binary=NONE
php_cgi_binary=NONE
-configure_options=" '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=m
ysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
+configure_options=" '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=mys
qlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS
=' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
The differences of phpize are as follows:
@@ -4,7 +4,7 @@
prefix='/usr'
datarootdir='/usr/php'
exec_prefix="`eval echo /usr`"
-phpdir="`eval echo /usr/lib64/php8`/build"
+phpdir="`eval echo /usr/lib/php8`/build"
includedir="`eval echo /usr/include`/php"
builddir="`pwd`"
SED="sed"
The differences of build-defs.h are as follows:
@@ -14,7 +14,7 @@
+----------------------------------------------------------------------+
*/
-#define CONFIGURE_COMMAND " '../php-8.2.7/configure' '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-m
ysqli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mf
pmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
+#define CONFIGURE_COMMAND " '../php-8.2.7/configure' '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mys
qli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -W
l,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
#define PHP_ODBC_CFLAGS ""
#define PHP_ODBC_LFLAGS ""
#define PHP_ODBC_LIBS ""
@@ -24,12 +24,12 @@
#define PHP_PROG_SENDMAIL "/usr/sbin/sendmail"
#define PEAR_INSTALLDIR ""
#define PHP_INCLUDE_PATH ".:"
-#define PHP_EXTENSION_DIR "/usr/lib64/php8/extensions/no-debug-non-zts-20220829"
+#define PHP_EXTENSION_DIR "/usr/lib/php8/extensions/no-debug-non-zts-20220829"
#define PHP_PREFIX "/usr"
#define PHP_BINDIR "/usr/bin"
#define PHP_SBINDIR "/usr/sbin"
#define PHP_MANDIR "/usr/share/man"
-#define PHP_LIBDIR "/usr/lib64/php8"
+#define PHP_LIBDIR "/usr/lib/php8"
#define PHP_DATADIR "/usr/share"
#define PHP_SYSCONFDIR "/etc"
#define PHP_LOCALSTATEDIR "/var"
The differences of php_config.h are as follows:
@@ -2064,7 +2064,7 @@
/* #undef SIZEOF_INTMAX_T */
/* The size of `long', as computed by sizeof. */
-#define SIZEOF_LONG 8
+#define SIZEOF_LONG 4
/* The size of `long long', as computed by sizeof. */
#define SIZEOF_LONG_LONG 8
@@ -2079,7 +2079,7 @@
#define SIZEOF_SHORT 2
/* The size of `size_t', as computed by sizeof. */
-#define SIZEOF_SIZE_T 8
+#define SIZEOF_SIZE_T 4
/* Size of ssize_t */
#define SIZEOF_SSIZE_T 8
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
* avoid imagemagick-native like upstream did in:
https://sourceforge.net/p/giflib/code/ci/d54b45b0240d455bbaedee4be5203d2703e59967/
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Includes fix for CVE-2024-5458, CVE-2024-2408 and other bugs
Changelog:
https://www.php.net/ChangeLog-8.php#8.1.29
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to latest version giflib v5.2.2.
This version fixes bugs listed in link below:
Link: https://sourceforge.net/p/giflib/code/ci/5.2.2/tree/NEWS
Fixes for CVE-2023-48161, CVE-2022-28506, CVE-2023-39742
Link: https://clients.neighbourhood.ie/yocto/1-40.html#:~:text=CVE%2D2023%2D39742%3A%20giflib%3Agiflib%2Dnative
Added dependency on ImageMagick which includes "convert" utility,
to ensure availability of required tool during compilation process.
Add patch to rename binary used in Makefile from
"convert" to "convert.im7" as installed by imagemagick package.
Drop CVE-2022-28506.patch as it is fixed in this version.
Signed-off-by: Bhabu Bindu <bhabubindu@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
import patch from ubuntu to fix
CVE-2022-24795
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/yajl/tree/debian/patches/?h=ubuntu%2Ffocal-security
Upstream commit
https://github.com/ppisar/yajl/commit/23cea2d7677e396efed78bbf1bf153961fab6bad]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The first version of this patch introduced a problem with python3-pyqt5.
Python emitted the following error message when one attempted to import
PyQt5.Qt:
ImportError: dynamic module does not define module export function (PyInit_Qt)
This came about due to segfault in sip when executed in do_configure of
python3-pyqt5. This resulted in a zero-length sipQtcmodule.c file being
produced. This compiled successfully which meant no build failure was
observed.
The segfault was caused by a mistake in backporting the patch from SIP 6.
The generateCompositeCpp() function uses the generate_include_sip_h()
helper function in later versions which doesn't exist in SIP 4.
We must replace the first parameter passed to isPY_SSIZE_T_CLEAN() from
mod to pt->module to account for this. The change is not necessary for
generateInternalAPIHeader()
To simplify the patch we can remove the generated lexer and parser files
and run flex and bison in do_configure instead.
Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Tested-by: Toby Flynn <campingandskiing@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
