| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
You can either:
a) switch to individual clones of bitbake, openembedded-core, meta-yocto and yocto-docs
b) use the new bitbake-setup
You can find information about either approach in our documentation:
https://docs.yoctoproject.org/
Note that "poky" the distro setting is still available in meta-yocto as
before and we continue to use and maintain that.
Long live Poky!
Some further information on the background of this change can be found
in: https://lists.openembedded.org/g/openembedded-architecture/message/2179
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: df47dc1b374aae7cf6aabfc12d8a3be3683ee728)
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
* Dropping CVE_PRODUCT, because it was equal to the default.
(From OE-Core rev: 2b7e57466940a2b3a303fca1de67fb3524cf2c78)
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
- sync event codes with kernel 6.16
- change the bit to shift to ULL
- sync headers with kernel 6.17
(From OE-Core rev: fa8d7550e751cd8e617fd0a5a94fd67da22cf7f7)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Pick commit mentioned in NVD report.
(From OE-Core rev: 02ddc794e2378dae2dbc9fc9f371739cd07937ac)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This ensures that, native pieces in target builds
are build with correct flags to be able to run on build host
(From OE-Core rev: c82e49d1707f2057baa3f7fbaeea0b785712a11f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the SMAIL-GPL license name, as that is the official SPDX name and we
now have it in our license list.
This means we can delete the SMAIL_GPL license, that appears to be only
used by debianutils and nobody else.
(From OE-Core rev: a8b0d3bc7b073cc0e9e8a735df6d36a4816520dc)
(From OE-Core rev: af771279f3ef8aa2ba137e018da8fc6bf6a1b335)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
- Refresh pkgconfig.patch
(From OE-Core rev: 207112631575d5f85e57bc35dacc25fff768d280)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
- Refresh 0001-Revert-build-Make-gpgme.m4-use-gpgrt-config-with-.pc.patch
(From OE-Core rev: 9346858c20cb25b710cea896e3d236ad4c4b2b2e)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vte 0.82+ has started to package fmt as a subproject if this is not found
on system, the bundled version however, does not work with clang on
32bit machines, since it is 11.0 and there are fixes in newer version
needed to work with clang
Fixes
../sources/vte-0.82.1/subprojects/fmt/include/fmt/format.h:752:35: error: call to function 'free' that is neither visible in the template
(From OE-Core rev: 826c4a1339b8f8c354d55a5dad7aa7674b30dc2e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Commitlog:
https://gitlab.gnome.org/GNOME/vte/-/compare/0.80.3...0.82.1
(From OE-Core rev: d2e5df7e3daa4b58d8802b62fbbba5f6959379c3)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles CVE-2025-9389
Changes between 9.1.1652 -> 9.1.1683
====================================
https://github.com/vim/vim/compare/v9.1.1652...v9.1.1683
(From OE-Core rev: ad24eedbbef303e67acb1241ed54c253ec5ab50c)
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some as yet unknown reason, vte on arm (specifically, the qemuarm
and beaglebone-yocto machines at least) will fail during G-I code
generation (which runs the target binaries inside qemu-user):
Bail out! VTE:ERROR:../sources/vte-0.80.3/src/vtegtk.cc:158:void
style_provider_parsing_error_cb(GtkCssProvider *, void *, GError *):
assertion failed (error == NULL): Expected an identifier (gtk-css-parser-error-quark, 1)
qemu: uncaught target signal 6 (Aborted) - core dumped
Until this can be root-caused, we can disable G-I for this edge case.
(From OE-Core rev: 7874ea42bff4950bd0f0abf0ac729bce5ceb702c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://curl.se/changes.html#8_16_0
CVE: CVE-2025-9086
CVE: CVE-2025-10148
(From OE-Core rev: 15e206a61bca24c2948c93b562621ca8668289d1)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When Bash runs with 'set -u' (nounset), accessing an unset variable
directly (e.g. [ -z "$SSL_CERT_FILE" ]) causes a fatal "unbound variable"
error. As a result, the fallback logic to set SSL_CERT_FILE/SSL_CERT_DIR
is never triggered and the script aborts.
The current code assumes these variables may be unset or empty, but does
not guard against 'set -u'. This breaks builds in stricter shell
environments or when users explicitly enable 'set -u'.
Fix this by using parameter expansion with a default value, e.g.
"${SSL_CERT_FILE:-}", so that unset variables are treated as empty
strings. This preserves the intended logic (respect host env first, then
CAFILE/CAPATH, then buildtools defaults) and makes the script robust
under 'set -u'.
(From OE-Core rev: 4d880c2eccd534133a2a4e6579d955605c0956ec)
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
2.5.x are pre-releases (there was an update to 2.5.0 one year ago by mistake), but
it's good to pull in bug fixes and stabilisation and stay close to eventual final release.
(From OE-Core rev: 2c0abc3d96f5dcf6d21fcf3198515dfb1ceb280a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Take an upstream patch to remove buildpaths from the generator's CMake
files, so we don't need to sed them out.
Also, the generator tool is only needed when cross-compiling libical,
so we don't actually need to install it in the target package. This has
the nice side-effect of removing libxml2 from the target RDEPENDS as it
is only used in the tool.
(From OE-Core rev: 01ac9719b32088a809ca1553fceba71cec31054d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The 0001-cmake-Do-not-export-CC-into-gir-compiler.patch changes have
been merged upstream.
(From OE-Core rev: a3fe63ec859f72a19e49a5c7677c263240a68a98)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When another project uses the libassuan.m4 file to find libassuan details,
the macro first tries to execute the gpgrt-config executable if it can find
any in the PATH. However it also prepends the PATH with ${prefix}/bin, which
usually translates to /usr/bin - in case the build host has this executable
installed, then it is executed, and it shows warnings about mis-matched
architecture before pkg-config would be executed.
To avoid this, extend the existing patch to not prepend the PATH with the
build host path - the existing PATH should be good enough.
(From OE-Core rev: d5e41e1cee17c25a63a9df0769052ff4dce44333)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog
=========
Features:
* compose: Accept .ttc font files
* compose: Give font icons a background shape
* compose: Render more elaborate font sample cards
Bugfixes:
* compose: Insert screenshot tags for auto-generated font screenshots
* compose: Trim substring when truncating font sample text
* meson: don't override appstreamcli when cross-building
* compose: Prefer rendering font icon with "Regular" style
* compose: Sanitize font text samples before using them as icon
* Follow directory symlinks when looking for Flatpak data
* compose: Drop bad private-header include in public header
* compose: Drop unneeded const declaration for GKeyFile
* Fix typo that prevented video metadata from being composed properly
(From OE-Core rev: 8c9bee08eb4106874844347eed60b9803dcc86a8)
Signed-off-by: Markus Kurz <m.kurz92@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog: Update vendor ids
(From OE-Core rev: b7dd80d1f4c92f0590b17caf870316d0b0fc9613)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch is taken from the upstream bug, and is used by Apple in their
build of WebKit.
(From OE-Core rev: 19122ccb05282e9b8803c4d1aaf06b61c22a1bab)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
302:
* Mask stderr from the extract-vmlinux script.
* Make it much more explicit that we return 'success' from the
extract-vmlinux script instead of just falling through to the bottom of the
script.
* Use Difference.from_operation in an attempt to pipeline the output of
extract-vmlinux, potentially avoiding it all residing in memory. This is an
attempt to prevent out of memory issues on try.diffoscope.org.
* Use --print-armap long option with nm in the "ar" comparator for wider
compatibility.
303:
* Don't check for PyPDF version 3 specifically, check for >= 3. Thanks,
Vagrant, for the patch.
* Ensure that Java class files are named .class on the filesystem before
passing them to javap(1).
* Update copyright years.
304:
* Do not run jsondiff on files over 100KiB as the algorithm runs in O(n^2)
time.
* Fix test after the upload of systemd-ukify 258~rc3 (vs. 258~rc2).
* Move from a mono-utils dependency to versioned "mono-devel | mono-utils"
dependency, taking care to maintain the riscv64 architecture
restriction.
* Use sed -ne over awk -F= to to avoid mangling dependency lines containing
equals signs (=), for example version restrictions.
* Use sed backreferences when generating debian/tests/control to avoid DRY
violations.
* Update copyright years.
* Avoid a crash in the HTML presenter when page limit is None.
305:
Upload to unstable/sid after the release of trixie.
306:
* Fix compatibility with RPM 6.
* Use regular 'open' calls instead of the deprecated 'codecs.open'.
* Accept additional 'v' when calling 'fdtump --version'.
(From OE-Core rev: 4901bf71978136df0446d88ca71fb6712297e4ce)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 9b0c07c800f0237af8c0be792b11ba0552231d86)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 02d66279071cbd043474dc44f44d348ec3228583)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: dafd5c068a40e9c306a3b9baadbb6db0afe7463f)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed do_install error with automake 1.18
$ makeinfo -I ../../check-0.15.2/doc -o ../../check-0.15.2/doc/check.info \
../../check-0.15.2/doc/check.texi
[snip]
check.texi:2329: no matching `@end verbatim'
[snip]
The automake before 1.17's mdate-sh couldn't update libcheck's
doc/version.texi, so the doc/check.info wasn't re-generated, then we couldn't
see the build error.
(From OE-Core rev: bf4227f982a845039acecedb78e20f109aa467d8)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shortlog:
-qt: Replace icons for dark mode with 16x16 icons
-qt,qt5: Ensure that input field is large enough for generated password
-qt5: Add dark mode icon variants and detection
-Make Show/Hide Password functionality accessible
-qt5: Make Show/Hide Password functionality accessible
-m4: Update libassuan.m4.
-build: Remove defining GPG_ERR_ENABLE_ERRNO_MACROS.
-build: Fix warning about obsolete pinentry-emacs.
-curses: Factor out dialog release to separate function.
-qt: Add dark mode icon variants and detection
-m4: Update gpg-error.m4 and libassuan.m4.
Also: Simplify patch to find gpg-error with pkg-config
(From OE-Core rev: afa8d2becc9c53a92d29f413d9eec737d7e12601)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog: https://www.boost.org/releases/1.89.0/
(From OE-Core rev: 67ed4255dfa70b7b1d6b32e60a436bad67051d52)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog: https://www.boost.org/releases/1.89.0/
(From OE-Core rev: d1a1dedc92f90901998a8dec31450bb219c58c0a)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the changelog see:
https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.46
This is a security-only release, to address CVE-2025-58050:
https://nvd.nist.gov/vuln/detail/CVE-2025-58050
(From OE-Core rev: d5b45d0db9ed40b3eef2e6a076c94da3ecc48acf)
Signed-off-by: Markus Kurz <m.kurz92@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Changelog: Update pci, usb and vendor ids
(From OE-Core rev: 3a507f924d9033695b84a25c1de06446bf805c1e)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0004-fast_float-Add-single-header-library-for-from_char-i.patch
and 0005-color-parser-Use-fast_float-implementation-for-from_.patch
patches dropped: upstream has adopted the changes, and oe-core also
provides now fastfloat, no need to vendor it with a patch.
0002-lib-Typo-fix.patch is dropped, because it was a backport, and
it is included in this release.
Shortlog: https://gitlab.gnome.org/GNOME/vte/-/compare/0.80.3...0.78.2
(From OE-Core rev: 0a849dc7edeecb6c16a8a0fe347015d6d85e9dfd)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
-fix: enable FFI_MMAP_EXEC_WRIT for DragonFly BSD
-Emscripten: Add wasm64 target
-fix: Ensure trampoline file descriptors are closed on exec.
(From OE-Core rev: dc4f97acb91e54444cff02aa574d12121348e756)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches:
- 0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch
- 0001-tests-Fix-link-errors-for-t-thread-local.patch
(From OE-Core rev: 3fd1cfadefa876b403c7d8dfe6169f4c429fe78e)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The don't show up in CVE metrics anymore since they were either fixed
upstream or recipe version was upgraded meanwhile.
* bind CVE-2019-6470: cpe got corrected in nvd db
* libxml2 CVE-2023-45322: version is now higher than NVD cpe
* zlib CVE-2023-45853: version is now higher than NVD cpe
* gcc CVE-2021-37322: version is now higher than NVD cpe
* python3
* CVE-2007-4559: version is now higher than NVD cpe
* CVE-2019-18348: version is now higher than NVD cpe
* CVE-2020-15523: version is now higher than NVD cpe
* CVE-2022-26488: version is now higher than NVD cpe
* CVE-2015-20107: version is now higher than NVD cpe
* CVE-2023-36632: version is now higher than NVD cpe
* rust
* CVE-2024-24576: NVD has no cpe, but we have newer version as fix
* CVE-2024-43402: version is now higher than NVD cpe
* cups CVE-2021-25317: version is now higher than NVD cpe
* ghostscript CVE-2023-38559: version is now higher than NVD cpe
* libtirpc CVE-2021-46828: version is now higher than NVD cpe
* unzip CVE-2008-0888: version is now higher than NVD cpe
* ffmpeg CVE-2023-39018: cpe got corrected in nvd db
* libxslt CVE-2022-29824: version is now higher than NVD cpe
* libyaml
* CVE-2024-35325: CVE is now rejected in NVD DB
* CVE-2024-35326: CVE is now rejected in NVD DB
* CVE-2024-35328: CVE is now rejected in NVD DB
Also add comment for iputils regarding reports for FKIE/NVD2.
Also remove some trailing spaces in python recipe.
(From OE-Core rev: 73ee9789183aa95072af2b51ac9e08203f4e33f9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Commit mentioned in [1] is included in 77-1.
This comit was also backported to Yocto all stable/LTS releases.
[1] https://security-tracker.debian.org/tracker/CVE-2025-5222
(From OE-Core rev: 69c2956d6af3ffdedc77649ea833dc04ab62b8d3)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is mentioned in [1].
NVD tracks this as version-less CVE.
[1] https://gitlab.com/gnutls/gnutls/-/blob/3.8.10/NEWS?ref_type=tags#L8
(From OE-Core rev: 8367ddb87a51abaa8949614faabc146f40f518a1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes segfaults in ptests on musl
Failed ptests:
{'libseccomp': ['11-basic-basic_errors%%001-00001_11-basic-basic_errors_rc=139']}
(From OE-Core rev: 4f26edb6fd7e3dc5f81c56faed3a0edd9264bf66)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
What's new in at-spi2-core 2.56.4:
* Fix key grabs when num lock or caps lock are on under Wayland.
atk-bridge: Don't crash when requesting a plug if not activated
* Add sanity checks for child indices received via DBus.
https://gitlab.gnome.org/GNOME/at-spi2-core/-/blob/2.56.4/NEWS?ref_type=tags
Comparing changes:
https://github.com/GNOME/at-spi2-core/compare/2.56.3...2.56.4
(From OE-Core rev: 59c9aa2411514f448cec23c0ceefeada2a103d85)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.
Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652
Refresh patches.
Add tag to SRC_URI.
Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.
(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This recipe for nghttp2 doesn't build any of the binaries, just the core
library, but is structured like a recipe that is primarily an application
that happens to ship libraries.
Remove the lib${BPN} package and put the library into PN (which will then
be debian-renamed).
Use the shorthand option to just build the library.
Add documentation enabling/disabling options so we don't install the
docs if not needed. Currently there are no extra dependencies as the
sphinx-generated manpages are pre-built in the tarballs, but this could
change.
(From OE-Core rev: 0fe1fb05cf6b36d70d43b3bd245a53ac36d389fa)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix issue that:
| nothing provides nghttp2-proxy >= 1.66.0 needed by nghttp2-1.66.0-r0.core2_64 from base
nghttp2-proxy is supposed to involve files ${bindir}/nghttpx and ${datadir}/${BPN}/fetch-ocsp-response
But now nghttp2-proxy will not be created because:
1. ENABLE_APP=OFF in EXTRA_OECMAKE makes ${bindir}/nghttpx not be produced
2. 1.66.0 version has removed fetch-ocsp-response-file according to the Changelog
| cat /tmp/work/aarch64-ubinux-linux/nghttp2/1.66.0/sources/nghttp2-1.66.0/ChangeLog
| ....
| nghttpx: Remove OCSP stapling
|
| This commit removes OCSP stapling features and the following options
| are deprecated and have no effect:
|
| - fetch-ocsp-response-file
| - no-ocsp
| - no-verify-ocsp
| - ocsp-update-interval
(From OE-Core rev: 7008e2d00165991bf218ca2f96fb34244e518456)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Skip building of translations when NLS is disabled.
(From OE-Core rev: b58a3f4e9c78522423a94821b7ba7a35eb18f75a)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Disable NLS in the build when USE_NLS is off.
(From OE-Core rev: b94798ecd535956ef4565663710ea9a701ff21ed)
Signed-off-by: Philip Lorenz <philip.lorenz@bmw.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade curl to the latest release.
Release notes:
https://curl.se/changes.html#8_15_0
This version includes bug fixes and security updates.
(From OE-Core rev: ead10dcf9876a745224e3ff683ee5f687b13da03)
Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ChangeLog:
* run-parts: Remove warning on non-existing directory with `--list`. It
was emitted to `stdout` and even on `stderr` it would cause issues.
(From OE-Core rev: f7417aa1629b5f2276e39a382485b9ff25b0fe4a)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Skip compress-cert-conf test when running ptests, because it requires
gnutls to be compiled with brotli PACKAGECONFIG, however brotli is not
part of oe-core.
Changelog: https://gitlab.com/gnutls/gnutls/-/blob/master/NEWS
(From OE-Core rev: 2ad41436acdc5f37803ade51c98ae0dc06103e45)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dropped 0001-getopt-Fix-getopt-getenv-signatures-in-declarations.patch, as
it is fixed in this release.
Changelog:
https://git.lysator.liu.se/nettle/nettle/-/blob/master/ChangeLog
ptests passed:
All 116 tests passed
DURATION: 2
END: /usr/lib/nettle/ptest
2025-08-01T14:21
STOP: ptest-runner
TOTAL: 1 FAIL: 0
(From OE-Core rev: e02f67fadd6310e1ce9d2313b3b3f9cad59f3696)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The tarball includes the relevant M4 macros, so autoconf-archive is not
needed to reconfigure.
(From OE-Core rev: 82c96be0ccda5077d279c1182875d14f16bb6e7b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
