linux/poky.git/meta/recipes-support/libxslt, branch master

The poky repository master branch is no longer being updated.

2025-11-07T13:31:53+00:00

You can either: a) switch to individual clones of bitbake, openembedded-core, meta-yocto and yocto-docs b) use the new bitbake-setup You can find information about either approach in our documentation: https://docs.yoctoproject.org/ Note that "poky" the distro setting is still available in meta-yocto as before and we continue to use and maintain that. Long live Poky! Some further information on the background of this change can be found in: https://lists.openembedded.org/g/openembedded-architecture/message/2179 Signed-off-by: Richard Purdie

libxslt: apply patch for CVE-2025-7424

2025-09-11T10:31:56+00:00

This patch is taken from the upstream bug, and is used by Apple in their build of WebKit. (From OE-Core rev: 19122ccb05282e9b8803c4d1aaf06b61c22a1bab) Signed-off-by: Ross Burton Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie

recipes: cleanup CVE_STATUS which are resolved now

2025-08-28T09:47:08+00:00

The don't show up in CVE metrics anymore since they were either fixed upstream or recipe version was upgraded meanwhile. * bind CVE-2019-6470: cpe got corrected in nvd db * libxml2 CVE-2023-45322: version is now higher than NVD cpe * zlib CVE-2023-45853: version is now higher than NVD cpe * gcc CVE-2021-37322: version is now higher than NVD cpe * python3 * CVE-2007-4559: version is now higher than NVD cpe * CVE-2019-18348: version is now higher than NVD cpe * CVE-2020-15523: version is now higher than NVD cpe * CVE-2022-26488: version is now higher than NVD cpe * CVE-2015-20107: version is now higher than NVD cpe * CVE-2023-36632: version is now higher than NVD cpe * rust * CVE-2024-24576: NVD has no cpe, but we have newer version as fix * CVE-2024-43402: version is now higher than NVD cpe * cups CVE-2021-25317: version is now higher than NVD cpe * ghostscript CVE-2023-38559: version is now higher than NVD cpe * libtirpc CVE-2021-46828: version is now higher than NVD cpe * unzip CVE-2008-0888: version is now higher than NVD cpe * ffmpeg CVE-2023-39018: cpe got corrected in nvd db * libxslt CVE-2022-29824: version is now higher than NVD cpe * libyaml * CVE-2024-35325: CVE is now rejected in NVD DB * CVE-2024-35326: CVE is now rejected in NVD DB * CVE-2024-35328: CVE is now rejected in NVD DB Also add comment for iputils regarding reports for FKIE/NVD2. Also remove some trailing spaces in python recipe. (From OE-Core rev: 73ee9789183aa95072af2b51ac9e08203f4e33f9) Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie

meta: set S to be in UNPACKDIR in recipes that explicitly set S

2025-06-20T11:07:26+00:00

(From OE-Core rev: 7321cc17ae5483f17fe9cdffea7b62acd9d9c3a2) Signed-off-by: Alexander Kanavin Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie

libxslt: upgrade 1.1.42 -> 1.1.43

2025-03-17T22:38:32+00:00

(From OE-Core rev: 16e6ce22f6fb9a4cfdf87f52654e01c4e27a493c) Signed-off-by: Richard Purdie

libxslt: 1.1.39 -> 1.1.42

2024-08-23T21:43:27+00:00

Remove mem-debug option [1] [1] https://gitlab.gnome.org/GNOME/libxslt/-/commit/c65a7c05f98ea4e9fae1247510b45db9dd3ec907 (From OE-Core rev: 25120a49a4f3175df3e6b73d426f96acd47979fe) Signed-off-by: Hongxu Jia Signed-off-by: Richard Purdie

libxslt: upgrade 1.1.38 -> 1.1.39

2023-11-30T08:43:03+00:00

Changelog: =========== - extensions: Don't search imports for extension prefixes - transform: Check maximum depth when processing default templates - build: Add more missing includes - python: Don't set deprecated global - build: Add missing includes - imports: Limit nesting depth - extensions: Report top-level elements in xsltDebugDumpExtensions - Add extern "C" { } block to xsltlocale.h - python: Make it compatible with python3.12 - date: Fix check for localtime_s - date: Fix check for gmtime_s - pkg-config files include cflags for static builds - Handle NOCONFIG case when setting locations from CMake target properties - autotools: Make xslt-config executable - tests: Structured error handler now passes a const xmlError - python: Fix tests on MinGW - fuzz: Fix xmlFuzzEntityLoader after recent libxml2 changes (From OE-Core rev: 48b353f3fb8e5ab1853cba7faa3065d2fe6f36b4) Signed-off-by: Wang Mingyu Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie

cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS

2023-07-21T10:52:26+00:00

- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version (From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7) Signed-off-by: Andrej Valek Reviewed-by: Peter Marko Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie

libxslt: upgrade 1.1.37 -> 1.1.38

2023-06-16T14:40:10+00:00

(From OE-Core rev: 1fc95356b016303b9333741cf8fd1e374931ead2) Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie

libxslt: upgrade 1.1.35 -> 1.1.37

2022-10-29T15:28:36+00:00

Drop the no longer supported option. (From OE-Core rev: 587c24b7d77730bfeaf6c926e36f143e71cfb229) Signed-off-by: Alexander Kanavin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie