summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* rust-llvm: fix build with gcc-15Martin Jansa2025-09-014-2/+89
| | | | | | | | | | As in meta-clang for clang-native: https://github.com/kraj/meta-clang/commit/f915bbfc71f7b58c38607b8407718bd8b5cefa44 (From OE-Core rev: 818750db213dc2c0daac4757d078092be6de3fe6) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libgpg-error: fix build with gcc-15Martin Jansa2025-09-012-0/+53
| | | | | | | | | Backport a fix for native build with gcc-15 on host (From OE-Core rev: cef0a6c3245a2556614f7e009c2e00e1eb16e08e) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* pkgconfig: fix build with gcc-15Martin Jansa2025-09-012-0/+37
| | | | | | | | | | | | | | | | | | | | | * on hosts with gcc-15 or whenever glib PACKAGECONFIG isn't enabled and pkgconfig uses own old bundled glib * fixes: http://errors.yoctoproject.org/Errors/Details/853015/ ../../../git/glib/glib/goption.c:169:14: error: two or more data types in declaration specifiers 169 | gboolean bool; | ^~~~ ../../../git/glib/glib/goption.c:169:18: warning: declaration does not declare anything 169 | gboolean bool; | ^ (From OE-Core rev: 948e0170d83949e2d5a676afb81edc44f07c5ba4) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* unifdef: Don't use C23 constexpr keywordKhem Raj2025-09-012-1/+59
| | | | | | | | | | | Fixes build with GCC-15 (From OE-Core rev: 3085783dd5585a85a3853858215689c362429c64) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gdbm: Use C11 standardKhem Raj2025-09-011-0/+4
| | | | | | | | | | | | | | GCC15 is switching defaults to C23 and gdbm is not yet ready to compile using C23 std. For scarthgap also add it in BUILD_CFLAGS. (From OE-Core rev: 97989d81c5e30434594beadd9449e907e98d3ceb) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gmp: Fix build with older gcc versionsKhem Raj2025-09-012-0/+51
| | | | | | | | | | | | The fix to make this work with GCC15/C23 caused problems with older gcc versions. Add a fix for that. (From OE-Core rev: 237085506a454fb927389d681f30c8c995bc7b2b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gmp: Fix build with GCC15/C23Khem Raj2025-09-012-0/+26
| | | | | | | | | (From OE-Core rev: 5114bea0e9fe3cc15cb4f4d264a932d5b9897296) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* m4: Stick to C17 standardKhem Raj2025-09-011-0/+3
| | | | | | | | | | | | | | GCC15 imposes C23 by default and 1.4.19 release has gnulib version which can not be compiled without errors, while new release of m4 is in progress we might use C17 until then and use GCC15 to compile it For scarthgap also add it in BUILD_CFLAGS. (From OE-Core rev: 94ec72b332dce71a2756560ddf738f864e3c853d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* unzip: Fix build with GCC-15Khem Raj2025-09-012-0/+19
| | | | | | | | | | | | Add a patch to remove redundant declarations (From OE-Core rev: b84d6ceb89277462d7069defaeb9ecfed9c30d56) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* git: fix build with gcc-15 on hostMartin Jansa2025-09-013-0/+109
| | | | | | | (From OE-Core rev: a534cf958f9c7d05af795def43ee5ba09fb34ca2) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cmake: fix build with gcc-15 on hostMartin Jansa2025-09-012-0/+31
| | | | | | | (From OE-Core rev: bdfccaa382c1669bff8788e09953c3a770243fab) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* vim: upgrade 9.1.1198 -> 9.1.1652Peter Marko2025-09-014-15/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158. Changes between 9.1.1198 -> 9.1.1652 ==================================== https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652 Refresh patches. Disable newly introduced wayland support (in patch version 1485). To this belongs also adding recursion in delete command for dir auto which was newly failing as there is wayland directory inside now. If someone is interested, this can be probably enabled, but without additional work it results in compilation error due to function redefinition conflicts. (From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094) (From OE-Core rev: 052fd7e55d2c73f13f63267fbfb5e39fa504baa3) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libarchive: patch regression of patch for CVE-2025-5918Peter Marko2025-09-012-0/+52
| | | | | | | | | | | Picked commit per [1]. [1] https://security-tracker.debian.org/tracker/CVE-2025-5918 (From OE-Core rev: d2b8d2f7d579779a9effcff677960dbc576b1cc8) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dpkg: patch CVE-2025-6297Peter Marko2025-09-012-0/+126
| | | | | | | | | | | Pick commit per [1] from 1.22.x branch. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-6297 (From OE-Core rev: 859e5a47744a91b40d5d12c46ff4d8657ef5cf6e) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glib-2.0: patch CVE-2025-6052Peter Marko2025-09-014-0/+204
| | | | | | | | | | | | | | Pick commit per [1]. Also pick commits from [2] which is referencing this CVE as the original fix was not complete. [1] https://security-tracker.debian.org/tracker/CVE-2025-6052 [2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4681 (From OE-Core rev: 8e85effc1a79e78f34b0b17341dd223bb80b25e4) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glib-2.0: patch CVE-2025-7039Peter Marko2025-09-012-0/+44
| | | | | | | | | | | Pick commit per [1]. [1] https://security-tracker.debian.org/tracker/CVE-2025-7039 (From OE-Core rev: 36402f219bc6fc03970e5277d449f2717199cf44) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go-binary-native: ignore CVE-2025-0913Peter Marko2025-09-011-0/+1
| | | | | | | | | This was already done for all other go recipes. (From OE-Core rev: 63dfdbf774dc24ea4e736a6d13d6aa8c72ebee4d) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* qemu: set status of CVE-2024-7730 to fixedPeter Marko2025-09-011-0/+2
| | | | | | | | | | This was backported to v8.2.7 and also it is mentioned in commit upgrading qemu in oe-core. (From OE-Core rev: d05df779286288d1f8b69159ebcfc45a853bd23b) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ncurses: Pin to C17 standardKhem Raj2025-09-011-0/+4
| | | | | | | | | | | | | | | Newer snapshots of ncurses have the fixes but they are many needed to get C23 going. Until next release lets stick with C17 even while GCC 15 switches to C23 defaults. For scarthgap also add it in BUILD_CFLAGS. (From OE-Core rev: 2ee706f58a96f30904ac3d292c0ac532739c91ea) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go: fix CVE-2025-47907Praveen Kumar2025-09-013-0/+563
| | | | | | | | | | | | | | | | | | | | | Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-47907 Upstream-patch: https://github.com/golang/go/commit/8a924caaf348fdc366bab906424616b2974ad4e9 (From OE-Core rev: 22d8ac9884208b8f9b2a69ec6a257c62e1f2f8d2) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ffmpeg: fix CVE-2025-1594Archana Polampalli2025-09-012-0/+106
| | | | | | | | | | | | | A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. (From OE-Core rev: c9a15206bae7f1e85dc3b8812eabb936a7e6d383) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ffmpeg: upgrade 6.1.2 -> 6.1.3Archana Polampalli2025-09-0111-499/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2023-6604 CVE-2023-6602 CVE-2025-7700 Changelog: https://github.com/FFmpeg/FFmpeg/blob/n6.1.3/Changelog Removed the CVE patches which are already fixed with this upgrade ref: https://github.com/FFmpeg/FFmpeg/commit/c104119c6b5e00496c5ff14071c85f95c98b7ae5 https://github.com/FFmpeg/FFmpeg/commit/7d79d0a43b5533ff584249332bc1db7fedbab1d2 https://github.com/FFmpeg/FFmpeg/commit/a4b6e37ad5f50454974fa22cc8f19d83cdaff0eb https://github.com/FFmpeg/FFmpeg/commit/efedc1d1b6aef2481cf613a11992b1dce6320055 https://github.com/FFmpeg/FFmpeg/commit/dcf34f13f516aa0e214384f3185aff306feba01d https://github.com/FFmpeg/FFmpeg/commit/bed04417b4d38af7a1b477b24ea6e26547e32373 https://github.com/FFmpeg/FFmpeg/commit/b43a12363c1fef0efa7eac15b6b830417656db15 https://github.com/FFmpeg/FFmpeg/commit/e2b20632b8c71a4e174511f8ff6e8342e0c63bd3 https://github.com/FFmpeg/FFmpeg/commit/43f64690ad9df72976bcbd6ea9e41b2542db2464 (From OE-Core rev: 901304a22413030b9744006ae18b587146b71953) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gstreamer1.0-plugins-base: fix CVE-2025-47807Hitendra Prajapati2025-09-012-0/+50
| | | | | | | | | Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/9e2238adc1cad1fba5aad23bc8c2a6c2a65794d2 (From OE-Core rev: 19eca5d7373667dbacd02a2c1dd8c9de8101cd34) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go: fix CVE-2025-4674Archana Polampalli2025-09-012-0/+333
| | | | | | | | | | | | | The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via "go get", are not affected. (From OE-Core rev: efdc4920571677c9051d4402eaa801672eeb24e3) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* build-appliance-image: Update to scarthgap head revisionyocto-5.0.12scarthgap-5.0.12Steve Sakoman2025-08-221-1/+1
| | | | | | (From OE-Core rev: 93c7489d843a0e46fe4fc685b356d0ae885300d7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* poky.conf: bump version for 5.0.12Steve Sakoman2025-08-221-1/+1
| | | | | | (From meta-yocto rev: 82602cda1a89644d1acbe230a81c93e3fb5031c8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bash: use -std=gnu17 also for native CFLAGSMartin Jansa2025-08-221-0/+3
| | | | | | | | | | | | | | | * fixes builds on host with gcc-15: http://errors.yoctoproject.org/Errors/Details/853016/ ../../bash-5.2.37/builtins/mkbuiltins.c:268:29: error: too many arguments to function ‘xmalloc’; expected 0, have 1 268 | error_directory = xmalloc (2 + strlen (argv[arg_index])); | ^~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ (From OE-Core rev: 55c144bd17665f70cd15e36f3405f502a962f039) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* bash: Stick to C17 stdKhem Raj2025-08-221-0/+2
| | | | | | | | | | | GCC 15 defaults to C23 and bash is not yet ready for that so keep using C17 like GCC 14 for now (From OE-Core rev: adf63fe5f76cbd0fd93ce5fa23229a388211e992) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cairo: fix build with gcc-15 on hostMartin Jansa2025-08-223-0/+51
| | | | | | | | | | | | | | | | | | | | * backports from 1.18.2 used since: https://git.openembedded.org/openembedded-core/commit/?id=070d79c8adec7e0a8862019cf61910a59b18613a * fixes build on hosts with gcc-15 (e.g. ubuntu-25.10) ../cairo-1.18.0/test/pdiff/pdiff.h:22:13: error: ‘bool’ cannot be defined via ‘typedef’ 22 | typedef int bool; | ^~~~ ../cairo-1.18.0/test/pdiff/pdiff.h:22:13: note: ‘bool’ is a keyword with ‘-std=c23’ onwards ../cairo-1.18.0/test/pdiff/pdiff.h:22:1: warning: useless type name in empty declaration 22 | typedef int bool; | ^~~~~~~ (From OE-Core rev: 6bd49cba1d7e12a6d8a4521a2097ff9f5ddc6368) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* parted: Fix build with GCC 15Khem Raj2025-08-222-0/+41
| | | | | | | | | (From OE-Core rev: 67c47f0ed5ba852930e0815691ee7ec06dec1d0e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* e2fsprogs: Fix build failure with gcc 15Khem Raj2025-08-222-0/+43
| | | | | | | | | | | Backport a needed fix (From OE-Core rev: f5a7d9aa471e05d7cdb3127eaec3dba1b15bf72d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libxml2: ignore CVE-2025-8732Daniel Turull2025-08-221-0/+4
| | | | | | | | | | | | | | The code maintainer disputes the CVE as the issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. The issue triggers a crash if an invalid file is provided. Source: https://gitlab.gnome.org/GNOME/libxml2/-/issues/958" (From OE-Core rev: 348ce728af1cea4f909de5c3597801b5612719e4) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* glib-2.0: ignore CVE-2025-4056Peter Marko2025-08-221-0/+2
| | | | | | | | | | | | | | | | | | | | NVD report [1] says: A flaw was found in GLib. A denial of service on **Windows platforms** may occur if an application attempts to spawn a program using long command lines. The fix [3] (linked from [2]) also changes only files glib/gspawn-win32-helper.c glib/gspawn-win32.c [1] https://nvd.nist.gov/vuln/detail/CVE-2025-4056 [2] https://gitlab.gnome.org/GNOME/glib/-/issues/3668 [3] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4570 (From OE-Core rev: 5858567a9222d9fff6f0a282cf7c7bda4e19af57) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* xz: ignore CVE-2024-47611Daniel Turull2025-08-221-0/+2
| | | | | | | | | | According to the NVD entry, it is only applicable when built for native Windows (MinGW-w64 or MSVC). (From OE-Core rev: 04ce4704e603cd66f30ffc001541c6497d84050e) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* dropbear: patch CVE-2025-47203Peter Marko2025-08-226-0/+572
| | | | | | | | | | | | Based on Debian patch for this CVE, pick the same commits as mentioned in kirkstone for this CVE except those already included in 2022.83. https://salsa.debian.org/debian/dropbear/-/commit/7f48e75892c40cfc6336137d62581d2c4ca7d84c (From OE-Core rev: 6d287785611c344aa0c97048c3bfc280b1787ff5) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cve-check: Add missing call to exit_if_errorsPhilip Lorenz2025-08-221-0/+1
| | | | | | | | | | | | | | | check_cves may raise the cve_status_not_in_db QA check. Call exit_if_errors to make sure that the task is marked as failed when the check is categorized as an error. cve_status_not_in_db was in the meantime dropped in OE-Core 452e605b55ad61c08f4af7089a5a9c576ca28f7d so this change is only required on scarthgap. (From OE-Core rev: b3d12589c26f4e86b153bbdcda774985e4e046bd) Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual/classes.rst: document the testexport classAntonin Godard2025-08-201-0/+16
| | | | | | | | | | | | | This class has been in OE-Core for a while but never documented in the reference manual. Add some description for it and link to the existing documentation on it. (From yocto-docs rev: dd665216fa578a1f2f268790d708c6a5d2912ecf) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> (cherry picked from commit 362a331255525fc853dab3af4ec905c417fabb0b) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual/variables.rst: document SPL_DTB_BINARYAntonin Godard2025-08-202-0/+8
| | | | | | | | | | | This variable is part of uboot-sign but not documented. (From yocto-docs rev: 999e81f17bf60e187e709368ede3965df19bee59) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> (cherry picked from commit 05eb461cb1da76ad9cbaf634da7f47447b3f6765) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual/variables.rst: document the FIT_CONF_PREFIX variableAntonin Godard2025-08-201-0/+4
| | | | | | | | | | | | Added by commit 7892ee3dc37d ("kernel-fitimage: allow overriding FIT configuration prefix") in OE-Core, but never documented. (From yocto-docs rev: 47a0181cc471667d78f7810aa1ef55027a761a82) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> (cherry picked from commit 860891492b96eb127af5e7bab6348fca12167c68) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* overview-manual/yp-intro.rst: fix broken link to articleErik Lindsten2025-08-201-1/+1
| | | | | | | | | | (From yocto-docs rev: 1f7bad17b9457c9e74273bceb962c53eb60fdfe3) Signed-off-by: Erik Lindsten <erik@awto.se> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> (cherry picked from commit b9680ad83ad3fc5e2b87594f7c62c057134d198b) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* ref-manual/system-requirements.rst: update supported distributionsAntonin Godard2025-08-201-23/+30
| | | | | | | | | | | | | | | | Update the distributions to match the list of workers on the Autobuilder. This list was generated with the help of yocto-autobuilder-helper/scripts/yocto-supported-distros. Also: - Sort the lists alphabetically. - Decrease spacing between entries for readability. (From yocto-docs rev: e99a9283e30ae2b844018d1ffb88560ab6877ab7) Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go-helloworld: fix licenseQuentin Schulz2025-08-201-2/+2
| | | | | | | | | | | | | | | | | The example repo doesn't seem to have ever been under MIT to begin with but rather Apache-2.0. It was then changed to the license used by the goland projectm that is BSD-3-Clause, 2 years ago in commit 00c7068f9d83 ("all: update to Go license"). The license file exists in the sources, so use that one instead of taking it from the OE-Core license directory. License-Update: Incorrect license is now proper (From OE-Core rev: fa45d6d5bec8fe503ff6b9166a3b4af31ea95369) Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* cmake: Add PACKAGECONFIG option for debugger supportNikhil R2025-08-201-1/+3
| | | | | | | | | | | | | | | | | Starting from CMake version 2.27 support for interactive debugging of CMake scripts and configurations was added. However, by default the `nativesdk-cmake` is compiled with debugger support turned off. This change adds debugger support for cmake (From OE-Core rev: 8acfca456c3502f0d097ba01a2d08f83fb75ab60) (From OE-Core rev: 776846eb8aa2f5f8c1ec8842cdbaff6b6bcdfa65) Signed-off-by: Nikhil R <nikhilr5@kpit.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* libpam: re-add missing libgen includeMartin Jansa2025-08-201-2/+2
| | | | | | | | | | | | | | | | | | It was added by original commit for CVE-2025-6020-01.patch https://github.com/linux-pam/linux-pam/commit/475bd60c552b98c7eddb3270b0b4196847c0072e#diff-05f443e6acbe32a148a45648148739bf6f02f13acc5c20c6037bf933223d4d77 but removed here in the rebase, causing: ../../../Linux-PAM-1.5.3/modules/pam_namespace/pam_namespace.c:326:11: error: call to undeclared function 'dirname'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 326 | parent = dirname(buf); | ^ ../../../Linux-PAM-1.5.3/modules/pam_namespace/pam_namespace.c:326:9: error: incompatible integer to pointer conversion assigning to 'char*' from 'int' [-Wint-conversion] 326 | parent = dirname(buf); | ^ ~~~~~~~~~~~~ (From OE-Core rev: 6d88a28ac7b6ff61808eb46e5c85dabd17c77f2e) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gstreamer1.0-plugins-good: fix multiple CVEsHitendra Prajapati2025-08-204-0/+274
| | | | | | | | | | * CVE-2025-47183 - Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c4d0f4bbd9a8e97f119a4528b9f4662a6b80922c && https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/d76cae74dad89994bfcdad83da6ef1ad69074332 * CVE-2025-47219 - Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b80803943388050cb870c95934fc52feeffb94ac (From OE-Core rev: 3e82483c777d0a59a9d93e7c41f8fe88a9d75b22) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gstreamer1.0-plugins-base: fix CVE-2025-47806Hitendra Prajapati2025-08-202-0/+51
| | | | | | | | | Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/da4380c4df0e00f8d0bad569927bfc7ea35ec37d (From OE-Core rev: fbe8dd2aa6160530b84d3a174f3f8fc14f9fbab5) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* gstreamer1.0-plugins-base: fix CVE-2025-47808Hitendra Prajapati2025-08-202-0/+37
| | | | | | | | | Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/6b19f117518a765a25c99d1c4b09f2838a8ed0c9 (From OE-Core rev: 2611a16cad53d2bf0cda2946678e7d31e3ffa007) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* go: ignore CVE-2025-0913Peter Marko2025-08-201-0/+2
| | | | | | | | | | | | | | | | | | This is problem on Windows platform only. Per NVD report [1], CPE has "and" clause Running on/with cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* Also linked patch [2] changes Windows files only (and tests). [1] https://nvd.nist.gov/vuln/detail/CVE-2025-0913 [2] https://go-review.googlesource.com/c/go/+/672396 (From OE-Core rev: ec1c6ab989b298773e8df8a6a4532f88b93617ff) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: patch CVE-2025-8194Peter Marko2025-08-202-4/+224
| | | | | | | | | | Pick commit from 3.12 branch mentioned in NVD report. https://nvd.nist.gov/vuln/detail/CVE-2025-8194 (From OE-Core rev: 34f1b4877a0601d2057453c159c76a54754f229a) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* avahi: fix CVE-2024-52615Zhang Peng2025-08-202-0/+229
| | | | | | | | | | | | | | | | | | CVE-2024-52615: A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-52615] [https://github.com/avahi/avahi/security/advisories/GHSA-x6vp-f33h-h32g] Upstream patches: [https://github.com/avahi/avahi/commit/4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942] (From OE-Core rev: ec22ec26b3f40ed5e0d84d60c29d8c315cf72e23) Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-04 12:04:48 +0000