subtree updates
meta-raspberrypi: c57b464b88..45d56d82b7:
Andrei Gherzan (8):
linux-firmware-rpidistro: Fix wireless on Raspberry Pi 4
sdcard_image-rpi.bbclass: Move SDIMG_KERNELIMAGE definitions to their machines
raspberrypi0-2w.conf: Include the RPi 0-2w dtb for all 32-bit machines
rpi-base.inc: Split IMAGE_BOOT_FILES for kernel image
Add support for a ARMv7 machine supporting multiple Raspberry Pi boards
ci: Add raspberrypi-armv7 to the build matrix
Add support for a ARMv8 machine supporting multiple Raspberry Pi boards
ci: Add raspberrypi-armv8 to the build matrix
Chris Blättermann (1):
meta-raspberrypi: Include the device tree for Raspberry Pi CM4S
Khem Raj (2):
rpidistro-vlc,rpidistro-ffmpeg: Limit scope to just rpi machines
layers: Add langdale to LAYERSERIES_COMPAT
Vincent Davis Jr (4):
raspidistro-ffmpeg: add support for building raspidistro ffmpeg
rpidistro-vlc: add rpidistro VLC build (with MMAL enabled)
Add support for optional selection of vlc and ffmpeg
docs: add info for raspberrypi distro vlc
Vinicius Aquino (1):
raspberrypi-firmware: Update to 20220830 snapshot
meta-openembedded: a755af4fb5..0782ea454a:
Adrian Freihofer (1):
networkmanager: update 1.38.0 -> 1.40.0
Alejandro Enedino Hernandez Samaniego (1):
emacs: Update to version 28.2
Alex Kiernan (2):
libcoap: Fix gnutls/openssl/mbedtls PACKAGECONFIG conflicts
libcoap: Upgrade 4.3.0 -> 4.3.1
Alexander Kanavin (7):
mozjs-91: update to 91.13.0
collectd: add a python PACKAGECONFIG, off by default
zbar: disable python3 support as incompatible with py 3.11
libsigrockdecode: add python 3.11 compatibility
minifi-cpp: disable python support as incompatible with python 3.11
mozjs-91: backport a python 3.11 compatibility patch
mozjs-78: remove the recipe
Andreas Müller (1):
octave: upgrade 7.1.0 -> 7.2.0
Andrej Kozemcak (1):
squid: upgrade 4.15 -> 5.7
Andres Beltran (1):
Make graph dependencies optional
Bernhard Messerklinger (1):
libconfig-tiny-perl: add recipe
Chen Qi (2):
passwdqc: fix the libpasswdqc FILES setting
polkit: refresh patch
Frank de Brabander (1):
ntp: add missing runtime dependency on libgcc for sntp
Gianfranco Costamagna (1):
vboxguestdrivers: upgrade 6.1.36 -> 6.1.38
Hitendra Prajapati (1):
wireshark: CVE-2022-3190 Infinite loop in legacy style dissector
Howard Cochran (1):
ufw: Fix "could not find required binary 'iptables'"
Ivan Maidanski (1):
bdwgc: Fix typo in EXTRA_OECONF and remove unneeded extra CFLAGS
Jan Vermaete (1):
makeself: upate anonymous git access and dropped man page.
Khem Raj (140):
gtk+: Fix function signature of create_menu()
ippool: Fix build with clang15
corosync: Upgrade to 3.1.6
dlm: Upgrade to 4.1.1
dante: Upgrade to 1.4.3
ez-ipupdate: Fix build with clang
openflow: Include sys/stat.h for fchmod
nautilus: Backport a patch to fix build with clang-15
mctp: Update to latest tip of trunk
ypbind-mt: Upgrade to 2.7.2
packagegroup-meta-networking: Remove ypbind-mt on musl
fping: Fix build with musl
iscsi-initiator-utils: Upgrade to 2.1.7
radvd: Fix build on musl
linux-atm: Include missing string.h
memcached: Upgrade to 1.6.17
openlldp: Upgrade to 1.1.0
ettercap: Pass -D_GNU_SOURCE
rdma-core: Fix build with musl
openl2tp: Provide prototype for l2tp_api_rpc_check_request
iscsi-initiator-utils: Avoid hardcoding sed to /usr/bin/sed
toybox: Remove mount.h conflict fix
libuser: Upgrade to 0.63
gnome-keyring: Upgrade to 42.1
folks: Disable LTO and implicit-function-declaration as error
libgtop: Fix build with clang
ot-daemon,ot-br-posix: Fix mbedtls module builds
libcurses-perl: Fix main prototype in testtyp.c
rasdaemon: Upgrade to 0.6.8
psqlodbc: Upgrade to 13.02.0000
soci: Fix build with clang 15
geany-plugins: Fix type error found with clang 15
nlohmann-fifo: Update to tip of trunk
xfce4-dev-tools: Fix configure check for libX11
frr: Fix configure check for libreadline
quagga: Fix AC_CHECK_LIB for libreadline
libutempter: Upgrade to 1.2.2-alt1
libuio: Update to latest tip of trunk
serial-forward: Correct typo in specifying string.h header
mcelog: Upgrade to v189
fvwm: Disable int-conversion and implicit-int warnings as errors
hddtemp: Add missing prototype for ata_get_powermode in sata.c
nana: Include stdlib.h form exit() and abort() functions
libsmi: Fix build with clang 15
ckermit: Fix build with clang
linuxptp: Include string.h for strncpy()
wifi-test-suite: Fix build with clang
xf86-video-nouveau: Do not treat implicit-function-declaration as error
android-tools: Add protoype declaration for b64_pton
libio-pty-perl: Fix build on musl
xrdp: Fix build with clang-15
libpwquality: Do not use fgetpwent_r on musl
lmbench: Add patch to fix typo including string.h header
lxdm: Fix msghdr initialization on musl
zabbix: Upgrade to 6.2.2
epeg: Fix AC_CHECK_LIB for libjpeg and libexif
gensio: Fix AC_CHECK_LIB for libwrap
pam-plugin-ccreds: Fix AC_CHECK_LIB for libdb
sblim-sfcb: Fix AC_CHECK_LIB tests for various libraries
rdfind: Fix AC_CHECK_LIB for libnettle
srecord: Fix AC_CHECK_LIB for gpg-error
tokyocabinet: Fix AC_CHECK_LIB test functions
libcereal: Do not use uniform_int_distribution<char> template
raptor2: Match reutrn type from RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE
pam-ssh-agent-auth: Fix __progname configure check
daemontools: Fix build with clang15 and musl
pmtools: Update patch to include string.h and function prototype for main
uw-imap: Fix build with clang/musl
libx86: Fix pointer typecasting in assignment
obconf: Add fixes for missing function prototypes
sblim-sfcc: Fix build with clang
sblim-sfcb: Add missing headers file for clang/musl
sanlock: Add missing prototype for mem* functions
geis: Add missing prototypes to functions
libgxim: Enable debug mode
hplip: Upgrade to 3.22.6
scsirastools: Pass -D_LARGEFILE64_SOURCE via CFLAGS
con2fbmap: Include string.h for strerror
directfb-examples: Fix pthread_t assignment type
uml-utilities: Add missing headers for exit and str+ functions
oprofile: Fix configure check for perf_events support
libmcrypt: Suppress implicit-int warnings as errors
gtkperf: Define prototype for setup_appdata
cyrus-sasl: Fix time.h detection logic in configure
enscript: Include string.h form str* function prototypes
glm: Disable clang specific warnings
mg: Upgrade to 20220614 release
gphoto2: Upgrade to 2.5.28
ipmiutil: Add missing headers for protypes of free/malloc/atoi
cdrkit: Add missing header for function prototypes
fluentbit: Drop redundant patch
minifi-cpp: Disable gnu extention of strerror_r when using musl
augeas: Check for __GLIBC__ to use gnu extention for strerror_r
nlohmann-fifo: Disable cpp11 shuffle with clang/libc++
ipmitool: Update to 1.8.19
autofs: Backport innetgr and strerror_r musl patches
linux-atm: Remove AC_CHECK_LIB for libresolv
hdf5: Upgrade to 1.13.2
openldap: Fix configure check for pthread_detach
libimobiledevice: Explicitly pass -D_GNU_SOURCE via cflags
jq: Upgrade to latest and fix configure tests
lcdproc: Fix build on non-x86 and arm architectures
libsmi: Define _DEFAULT_SOURCE for timegm API
tftp-hpa: Fix includes for bsd_signal()
sblim-sfcb: Include config.h before using CONFIG_ERROR_H
minifi-cpp: Disable lto.
ntp: Fix check for pthread_detach
netkit-telnet: Add time.h from strftime/time prototypes
passwdqc: Upgrade to 2.0.2
lmbench: Fix build time tests and use the scripts/build
mcpp: Fix build with clang
ot-br-posix: Fix unused variable error
sthttpd: Define _GNU_SOURCE if HAVE_SIGSET is set
libesmtp: Enable gnu strerror_r on glibc
android-tools: Use local strlcpy implementation on glibc
uw-imap: Avoid programs using gets()
matplotlib: Upgrade to 3.5.3
cockpit: Update to 276
geary: Fix build with clang
toybox: Fix build on 32bit arches with 64bit time_t defaults
libcdio: Define _LARGEFILE64_SOURCE
rocksdb: Upgrade to 7.5.3 release
fwupd: Upgrade to 1.8.4
luajit: Use builtin for __clear_cache on clang
kexec-tools-klibc: Fix type mismatch in calls to dtb_set_initrd on mips
minifi-cpp: Fix build on musl
aom: Provide missing function prototypes
vulkan-cts,opengl-es-cts: Upgrade to1.3.3.1 and 3.2.8 respectively
python3-lxml: Delete
fwupd: Fix tostring() call to not have xml_declaration param
sox: Enable -D_FILE_OFFSET_BITS=64 and depend on libtool
rdfind: Fix patch-fuzz warnings
fwupd: Drop sqlite3 from default deps
sqlite: Drop sqlite2 recipe
wvstreams: Add missing dependency on boost
jack: Upgrade to 1.19.21
python3-grpcio-tools: Disable clang's musttail attribute on mips
fwupd: Replace python3.7 patch with upstreamed one
mdio-tools,mdio-netlink: Upgrade recipes to 1.2.0
python3-requests-unixsocket: Fix override syntax
Lei Maohui (5):
fltk: Fix buildpaths warning.
exiv2: Fix buildpaths warning.
tracker-miners: Fix buildpaths warning.
gexiv2: Fix buildpaths warning.
mariadb: Fix buildpaths warning.
Leon Anavi (24):
python3-imageio: Upgrade 2.21.1 -> 2.21.2
python3-prompt-toolkit: Upgrade 3.0.30 -> 3.0.31
python3-haversine: Upgrade 2.6.0 -> 2.7.0
python3-transitions: Upgrade 0.8.11 -> 0.9.0
python3-astroid: Upgrade 2.12.5 -> 2.12.9
python3-imageio: Upgrade 2.21.2 -> 2.21.3
python3-portion: Upgrade 2.2.0 -> 2.3.0
python3-networkx: Upgrade 2.8.5 -> 2.8.6
python3-prettytable: Upgrade 3.3.0 -> 3.4.1
python3-pydantic: Upgrade 1.9.1 -> 1.10.2
python3-soupsieve: Upgrade 2.3.1 -> 2.3.2.post1
python3-awesomeversion: Upgrade 22.8.0 -> 22.9.0
python3-ujson: Upgrade 5.4.0 -> 5.5.0
python3-marshmallow: Upgrade 3.17.1 -> 3.18.0
python3-elementpath: Upgrade 3.0.1 -> 3.0.2
python3-traitlets: Upgrade 5.3.0 -> 5.4.0
python3-joblib: Upgrade 1.1.0 -> 1.2.0
python3-astroid: Upgrade 2.12.9 -> 2.12.10
python3-imageio: Upgrade 2.21.3 -> 2.22.0
python3-email-validator: Upgrade 1.2.1 -> 1.3.0
python3-termcolor: Upgrade 1.1.0 -> 2.0.1
python3-aiohttp: Upgrade 3.8.1 -> 3.8.3
python3-pytz-deprecation-shim: Runtime dependencies
python3-license-expression: Upgrade 21.6.14 -> 30.0.0
Luca Boccassi (1):
dbus-broker: update to v32
Markus Volk (4):
pipewire: update 0.3.56 -> 0.3.57
flatbuffers: upgrade 2.0.6 -> 2.0.8
appstream-glib: fix manpage generation
jansson: use cmake instead of autotools
Martin Jansa (2):
lvm2: use bfd even with ld-is-gold in DISTRO_FEATURES
libcec: fix runtime dependencies for ${PN}-examples
Ming Liu (1):
libusbgx: add PACKAGECONFIG to make build predicable
Mingli Yu (2):
python3-pyzmq: Fix buildpaths issue
python3-pyzmq: Add RDEPENDS for python3-pyzmq-ptest
Naveen Saini (1):
ocl-icd: add nativesdk support
Ovidiu Panait (1):
redis: build with USE_SYSTEMD=yes when systemd is enabled
Patrick Williams (1):
unifex: remove recipe
Philippe Coval (3):
lvgl: Add dialog-lvgl recipe as demo example
pim435: Relocate sources to eclipse
ot-br-posix: Add dep to ipset as used by firewall
Riyaz Khan (2):
sdbus-c++: Upgrade sdbus-c++ 1.1.0 to 1.2.0
sdbus-c++-tools: Upgrade sdbus-c++-tools 1.1.0 to 1.2.0
Sergio Prado (1):
polkit: refresh patch to fix warning
Steffen Olsen (1):
postgreql: Fix pg_config not working after buildpaths patch
Vincent Davis Jr (1):
cglm: New recipe for cglm-0.8.5
Wang Mingyu (16):
abseil-cpp: upgrade 20220623.0 -> 20220623.1
chrony: upgrade 4.2 -> 4.3
ctags: upgrade 5.9.20220821.0 -> 5.9.20220828.0
fio: upgrade 3.31 -> 3.32
libblockdev: upgrade 2.26 -> 2.27
libdev-checklib-perl: upgrade 1.14 -> 1.16
lvm2/libdevmapper: upgrade 2.03.11 -> 2.03.16
libforms: upgrade 1.2.3 -> 1.2.4
python3-astroid: upgrade 2.12.4 -> 2.12.5
python3-colorlog: upgrade 6.6.0 -> 6.7.0
python3-django: upgrade 3.2.12 -> 4.1
python3-google-api-core: upgrade 2.8.2 -> 2.10.0
python3-google-api-python-client: upgrade 2.57.0 -> 2.58.0
python3-grpcio: upgrade 1.48.0 -> 1.48.1
python3-grpcio-tools: upgrade 1.48.0 -> 1.48.1
cli11: upgrade 1.9.1 -> 2.2.0
Xu Huan (5):
python3-greenlet: upgrade 1.1.2 -> 1.1.3
python3-marshmallow: upgrade 3.17.0 -> 3.17.1
python3-pyudev: upgrade 0.23.2 -> 0.24.0
python3-websocket-client: upgrade 1.3.3 -> 1.4.0
python3-xmlschema: upgrade 2.0.2 -> 2.0.3
Yi Zhao (1):
tcpreplay: fix buildpaths issue
Zheng Qiu (2):
jq: add ptest
rsyslog: update 8.2206->8.2208
hongxu (1):
python3-h5py: fix wrong file driver version
wangmy (78):
fuse3: upgrade 3.11.0 -> 3.12.0
xfstests: upgrade 2022.08.07 -> 2022.08.21
gnome-bluetooth: upgrade 42.3 -> 42.4
libadwaita: upgrade 1.1.4 -> 1.1.5
networkmanager-openvpn: upgrade 1.8.18 -> 1.10.0
open-isns: upgrade 0.101 -> 0.102
boost-sml: upgrade 1.1.5 -> 1.1.6
ctags: upgrade 5.9.20220828.0 -> 5.9.20220904.0
hwdata: upgrade 0.361 -> 0.362
modemmanager: upgrade 1.18.10 -> 1.18.12
php: upgrade 8.1.9 -> 8.1.10
poppler: upgrade 22.08.0 -> 22.09.0
syslog-ng: upgrade 3.37.1 -> 3.38.1
libio-socket-ssl-perl: upgrade 2.074 -> 2.075
python3-aiofiles: upgrade 0.8.0 -> 22.1.0
python3-antlr4-runtime: upgrade 4.10 -> 4.11.1
python3-croniter: upgrade 1.3.5 -> 1.3.7
python3-google-api-python-client: upgrade 2.58.0 -> 2.60.0
python3-langtable: upgrade 0.0.58 -> 0.0.59
python3-oauthlib: upgrade 3.2.0 -> 3.2.1
python3-pymetno: upgrade 0.9.0 -> 0.10.0
python3-sqlalchemy: upgrade 1.4.40 -> 1.4.41
python3-twisted: upgrade 22.4.0 -> 22.8.0
python3-websocket-client: upgrade 1.4.0 -> 1.4.1
python3-xmlschema: upgrade 2.0.3 -> 2.0.4
libadwaita: upgrade 1.1.5 -> 1.2.0
bats: upgrade 1.7.0 -> 1.8.0
ctags: upgrade 5.9.20220904.0 -> 5.9.20220911.0
iceauth: upgrade 1.0.8 -> 1.0.9
iwd: upgrade 1.29 -> 1.30
libblockdev: upgrade 2.27 -> 2.28
libjcat: upgrade 0.1.11 -> 0.1.12
libpfm4: upgrade 4.11.0 -> 4.12.0
libxmlb: upgrade 0.3.9 -> 0.3.10
neon: upgrade 0.32.2 -> 0.32.4
setxkbmap: upgrade 1.3.2 -> 1.3.3
xclock: upgrade 1.0.9 -> 1.1.1
xkbutils: upgrade 1.0.4 -> 1.0.5
xlsfonts: upgrade 1.0.6 -> 1.0.7
xmag: upgrade 1.0.6 -> 1.0.7
xwud: upgrade 1.0.5 -> 1.0.6
python3-cachecontrol: upgrade 0.12.11 -> 0.12.12
python3-cantools: upgrade 37.1.2 -> 37.2.0
python3-eth-typing: upgrade 3.1.0 -> 3.2.0
python3-fasteners: upgrade 0.17.3 -> 0.18
python3-flask-socketio: upgrade 5.3.0 -> 5.3.1
python3-google-api-core: upgrade 2.10.0 -> 2.10.1
python3-google-api-python-client: upgrade 2.60.0 -> 2.61.0
python3-grpcio-tools: upgrade 1.48.1 -> 1.49.0
python3-grpcio: upgrade 1.48.1 -> 1.49.0
python3-jsonrpcserver: upgrade 5.0.8 -> 5.0.9
python3-protobuf: upgrade 4.21.5 -> 4.21.6
xfstests: upgrade 2022.08.21 -> 2022.09.04
gnome-font-viewer: upgrade 42.0 -> 43.0
tracker: upgrade 3.3.3 -> 3.4.0
yelp-xsl: upgrade 42.0 -> 42.1
dnsmasq: upgrade 2.86 -> 2.87
unbound: upgrade 1.16.2 -> 1.16.3
cairomm-1.16: upgrade 1.16.1 -> 1.16.2
ctags: upgrade 5.9.20220911.0 -> 5.9.20220925.0
libgee: upgrade 0.20.5 -> 0.20.6
libpeas: upgrade 1.32.0 -> 1.34.0
opencl-headers: upgrade 2022.05.18 -> 2022.09.23
pangomm-2.48: upgrade 2.50.0 -> 2.50.1
thrift: upgrade 0.16.0 -> 0.17.0
zabbix: upgrade 6.2.2 -> 6.2.3
python3-djangorestframework: upgrade 3.13.1 -> 3.14.0
python3-google-api-python-client: upgrade 2.61.0 -> 2.62.0
python3-google-auth: upgrade 2.11.0 -> 2.11.1
python3-grpcio-tools: upgrade 1.49.0 -> 1.49.1
python3-grpcio: upgrade 1.49.0 -> 1.49.1
python3-h11: upgrade 0.13.0 -> 0.14.0
python3-humanize: upgrade 4.3.0 -> 4.4.0
python3-langtable: upgrade 0.0.59 -> 0.0.60
python3-ldap: upgrade 3.4.2 -> 3.4.3
python3-pandas: upgrade 1.4.4 -> 1.5.0
python3-path: upgrade 16.4.0 -> 16.5.0
python3-xmlschema: upgrade 2.0.4 -> 2.1.0
zhengrq.fnst (8):
python3-astroid: upgrade 2.12.2 -> 2.12.4
python3-flatbuffers: upgrade 2.0.6 -> 2.0.7
python3-flask-socketio: upgrade 5.2.0 -> 5.3.0
python3-gnupg: upgrade 0.4.9 -> 0.5.0
python3-natsort: upgrade 8.1.0 -> 8.2.0
python3-sympy: upgrade 1.10.1 -> 1.11.1
python3-pandas: upgrade 1.4.3 -> 1.4.4
python3-parsimonious: upgrade 0.9.0 -> 0.10.0
zhengruoqin (15):
wolfssl: upgrade 5.4.0 -> 5.5.0
ser2net: upgrade 4.3.7 -> 4.3.8
tree: upgrade 2.0.3 -> 2.0.4
xorgxrdp: upgrade 0.2.18 -> 0.9.19
python3-zeroconf: upgrade 0.39.0 -> 0.39.1
smarty: upgrade 4.2.0 -> 4.2.1
python3-pycocotools: upgrade 2.0.4 -> 2.0.5
python3-pyproj: upgrade 3.3.1 -> 3.4.0
python3-pyzmq: upgrade 23.2.1 -> 24.0.0
python3-regex: upgrade 2022.8.17 -> 2022.9.13
python3-pyjwt: upgrade 2.4.0 -> 2.5.0
python3-pyscaffold: upgrade 4.3 -> 4.3.1
python3-pyzmq: upgrade 24.0.0 -> 24.0.1
python3-sqlparse: upgrade 0.4.2 -> 0.4.3
python3-web3: upgrade 5.30.0 -> 5.31.0
meta-security: 10fdc2b13a..824d2762f6:
Armin Kuster (4):
suricata: fix compile issue
cryptmount: fix systemd service install
update sssd to 2.7.4
update chipsec to 1.8.8
poky: 9b1db65e7d..5200799866:
Alejandro Hernandez Samaniego (1):
rootfs.py: dont try to list installed packages for baremetal images
Alexander Kanavin (15):
selftest/cases/bblayers.py: build python3-jsonschema only once
oe-setup-builddir: do not suggest local.conf as a source of examples
init-system-helpers: exclude experimental tags from version check
ref-manual: correct the location of default configuration template
dev-manual: common-tasks.rst: drop the output of 'bitbake-layers --help'
common-tasks.rst: describe the layer setup tooling
dev-manual: common-tasks.rst: describe the newly added layer setup and template config commands
dev-manual: common-tasks.rst: rewrite the section about configuration templates
github-releases: add a class that consolidates version checks
meta: fix version checks in all github recipes using the github-releases class
virglrenderer: use https for fetching from gitlab
local.conf.sample: correct the location of public hashserv
scripts/oe-setup-builddir: do not read TEMPLATECONF from templateconf.cfg
rpm: update 4.18.0-rc1 -> 4.18.0-release
tzdata: update to 2022d
Alexandre Belloni (2):
runqemu: display host uptime when starting
oeqa/runtime/dnf: fix typo
Andrei Gherzan (6):
depmodwrapper-cross: Take into consideration kernel package name
kernel.bbclass: Pass the kernel package name to depmodwrapper
kernel-module-split.bbclass: Pass the kernel package name to depmodwrapper
rootfs.py: Run depmod(wrapper) against each compiled kernel
rootfs.py: Drop FAKEROOT support in exec function
grub: Allow build on armv7ve/a with softfp
Aryaman Gupta (1):
bitbake: doc: bitbake-user-manual: Add definition for BB_PRESSURE_MAX variables
Bob Henz (1):
systemd-systemctl: Fix WantedBy processing
Bruce Ashfield (11):
linux-yocto/5.15: update to v5.15.63
linux-yocto/5.19: update to v5.19.5
linux-yocto/5.19: update to v5.19.7
linux-yocto/5.15: update to v5.15.65
kern-tools: fix queue processing in relative TOPDIR configurations
kern-tools: allow 'y' or 'm' to avoid config audit warnings
linux-yocto/5.19: update to v5.19.9
linux-yocto/5.15: update to v5.15.68
linux-yocto/5.19: cfg: fix ACPI warnings for -tiny
linux-yocto/5.15: cfg: fix ACPI warnings for -tiny
linux-yocto/5.19: fix gcc-11 warning
Changhyeok Bae (2):
iproute2: Unset CLEANBROKEN
iproute2: merge .inc into .bb
Changqing Li (1):
parselogs.py: ignore systemd-logind warning message
Chen Qi (2):
shadow-securetty: allow ttyS4 for amd-snowyowl-64
useradd-example: do not use unsupported clear text password
Daniel Gomez (3):
rootfs-postcommands: Remove dropbear inconsistent comment
gtk-icon-cache: Fix GTKIC_CMD if-else condition
dropbear: Add enable-x11-forwarding PACKAGECONFIG option
Daniel McGregor (2):
coreutils: add openssl PACKAGECONFIG
gcc: set the default target arch
Denys Dmytriyenko (1):
glibc-locale: explicitly remove empty dirs in ${libdir}
Dmitry Baryshkov (2):
linux-firmware: upgrade 20220708 -> 20220913
linux-firmware: package new Qualcomm firmware
Etienne Cordonnier (2):
python3: add PACKAGECONFIG[editline]
opkg: add option for zstd support
Fabio Estevam (1):
README.hardware.md: Fix the tftp example
Florin Diaconescu (1):
expat: upgrade 2.4.8 -> 2.4.9
He Zhe (2):
lttng-tools: Disable on qemuriscv32
lttng-tools: Disable on riscv32
Johan Korsnes (1):
ref-manual: variables: document KERNEL_IMAGETYPES
John Edward Broadbent (1):
externalsrc: git submodule--helper list unsupported
Jose Quaresma (2):
bitbake: lib/bb: warning when the debug message is invalid
bitbake: fetch2/crate fixup c212b0f3 loglevel
Joshua Watt (2):
oeqa: qemurunner: Report UNIX Epoch timestamp on login
bitbake: bitbake: Fix a few more logger debug() calls
Kai Kang (2):
binutils: handle symlink files for gprofng
binutils: another way to clear GPROFNG_ALTS for clang and musl
Khem Raj (20):
autoconf: Update K & R stype functions
webkitgtk: Update to 2.6.37
rust: Use variable to specify extra tools to install
boost: Refrain bjam from poking into host includes
gobject-introspection: Do not hardcode objdump name
binutils-cross-canadian: Do not package gprofng.rc
webkitgtk: Fix build on 32bit arm
python3-lxml: Add recipe
bitbake.conf: Define TC_CXX_RUNTIME
rust: Use libc++ runtime when using clang with llvm runtime
glibc: Upgrade to tip of 2.36 branch
binutils: Ignore CVE-2022-38126 CVE-2022-38127
inetutils: Fix remote DoS vulnerability in inetutils-telnetd
curl: Add missing perl modules in ptest rdepends
elfutils: Enable ptests on musl targets
grub: Apply backports to fix build with clang on x86
apt: Fix type mismatches and ptest builds
linux-yocto: Enable mdio for qemu
gcompat: Add __getauxval wrapper needed on aarch64
ref-manual: Define TC_CXX_RUNTIME
Konrad Weihmann (1):
python3-idna: migrate to flit-core
Kristian Amlie (1):
externalsrc: Don't wipe out src dir when EXPORT_FUNCTIONS is used.
Leon Anavi (1):
python3-manifest.json: Add zoneinfo
Markus Volk (5):
squashfs-tools: build with lzo support
libsdl2: update 2.0.22 -> 2.24.0
libdrm: upgrade 2.4.112 -> 2.4.113
mesa: upgrade 22.1.6 -> 22.2.0
virglrenderer: upgrade 0.9.1 -> 0.10.3
Martin Jansa (3):
webkitgtk: fix gstreamer include paths
libxml2: Port gentest.py to Python-3
create-pull-request: don't switch the git remote protocol to git://
Mattias Jernberg (1):
bitbake: utils: Add enable_loopback_networking()
Michael Opdenacker (8):
bitbake: bitbake-user-manual: mention pydevshell in OE
dev-manual: common-tasks.rst: refer to Python functions in BitBake manual
ref-manual: features.rst: add missing default distro features
ref-manual: variables.rst: remove BBPATH
ref-manual: structure.rst: add reference to the contents of the build directory
ref-manual: structure.rst: improve information about build/cache/
ref-manual: variables.rst: correct templateconf.cfg file name
ref-manual: structure.rst: add more subsection levels
Mikko Rapeli (7):
u-boot: switch from append to += in SRC_URI
glibc-tests: use += instead of :append
go-native: switch from SRC_URI:append to SRC_URI +=
python3-rfc3986-validator: switch from SRC_URI:append to SRC_URI +=
linux-libc-headers: switch from SRC_URI:append to SRC_URI +=
common-tasks.rst: remove SRC_URI:append from examples
kernel-dev/common.rst: remove SRC_URI:append from examples
Mingli Yu (1):
busybox: add devmem 128-bit support
Otavio Salvador (2):
bitbake: toaster: fix kirkstone version
rust-hello-world: move to recipes-extended
Pascal Bach (1):
bitbake: fetch2/ssh.py: fix checkstatus
Paulo Neves (2):
watchdog: Remove unneeded tirpc dependency
bitbake: fetch2: Remove unneeded conditional
Pavel Zhukov (1):
core-image.bbclass: Exclude openssh complementary packages
Peter Bergin (1):
rootfs-postcommands.bbclass: avoid moving ssh host keys if etc is writable
Peter Kjellerstedt (6):
cairo: Adapt the license information based on what is being built
oe-setup-builddir: Correct when validation of the templates dir is run
oe-setup-builddir: Simplify error handling
oe-setup-builddir: Avoid shellcheck warnings
oe-setup-builddir: Keep templateconf.cfg relative if $TEMPLATECONF is
oe-setup-builddir: Always update templateconf.cfg
Petr Vorel (1):
ltp: Update list of tests not buildable on musl
Richard Purdie (54):
bitbake: wget: Avoid bad checksum race issues
bitbake: asyncrpc/client: Fix unix domain socket chdir race issues
build-appliance-image: Update to master head revision
sstate: Fix sstate file mirroring checksum issue
bitbake: fetch2: Ensure mirror tarballs don't enforce checksum
qemu: Upgrade 7.0.0 -> 7.1.0
qemurunner: Update to match qmp changes
build-appliance-image: Update to master head revision
vim: Upgrade 9.0.0341 -> 9.0.0453
selftest/qemurunner: Work around possible control character contamination
oetest: Drop unused variable
oetest: Drop getResults usage from oeRuntimeTest
oeqa/utils/decorators: Drop unused decorators
oeqa/utils/decorators: Drop getResults
autoconf-archive: upgrade 2022.02.11 -> 2022.09.03
ofono: upgrade 1.34 -> 2.0
ccache: upgrade 4.6.2 -> 4.6.3
btrfs-tools: upgrade 5.19 -> 5.19.1
dnf: upgrade 4.13.0 -> 4.14.0
git: upgrade 2.37.2 -> 2.37.3
ell: upgrade 0.52 -> 0.53
file: upgrade 5.42 -> 5.43
ninja: upgrade 1.11.0 -> 1.11.1
libcomps: upgrade 0.1.18 -> 0.1.19
python3-hatchling: upgrade 1.8.1 -> 1.9.0
meson: upgrade 0.63.1 -> 0.63.2
python3-idna: upgrade 3.3 -> 3.4
librepo: upgrade 1.14.4 -> 1.14.5
python3-hypothesis: upgrade 6.46.11 -> 6.54.5
python3-numpy: upgrade 1.23.2 -> 1.23.3
libdnf: upgrade 0.68.0 -> 0.69.0
python3-psutil: upgrade 5.9.1 -> 5.9.2
ffmpeg: upgrade 5.1 -> 5.1.1
repo: upgrade 2.29.1 -> 2.29.2
nghttp2: upgrade 1.48.0 -> 1.49.0
libjitterentropy: upgrade 3.4.0 -> 3.4.1
sqlite3: upgrade 3.39.2 -> 3.39.3
diffoscope: upgrade 220 -> 221
python3-certifi: upgrade 2022.6.15 -> 2022.9.14
libpng: upgrade 1.6.37 -> 1.6.38
numactl: upgrade 2.0.14 -> 2.0.15
rpm: Upgrade 4.17.1 -> 4.18rc1
perf: Fix for recent kernel upgrades
oeqa/runtime/virgl: Update test to match new mesa version
vim: Upgrade 9.0.453 -> 9.0.541
vim: Upgrade 9.0.0541 -> 9.0.0598
qemu: Add patch to address arm qemu upgrade issues
layer.conf: Update to use langdale as the core layer name
poky: Update to 4.1 version
poky: Update to match poky version numbers
bitbake: bitbake: Bump to version 2.2.0
build-appliance-image: Update to master head revision
go: Fix reproducibility failures
build-appliance-image: Update to master head revision
Robert Joslyn (6):
xorg-lib-common: Add variable to set tarball type
libxfont2: Update 2.0.5 to 2.0.6
libxau: Update 1.0.9 to 1.0.10
libfontenc: Update 1.1.4 to 1.1.6
flac: Update 1.3.4 to 1.4.0
tzdata: Update from 2022b to 2022c
Ross Burton (16):
meta-selftest/poison: improve sysroot poisoning test case
gcc-cross: pass -Werror=poison-system-directories to compiler stages
gcc: remove obsolete 0012-export-CPP.patch
xmlto: remove redundant patches
tiff: backport fix for CVE-2022-2953
gcc: remove obsolete poisoned calloc workaround
gcc: remove obsolete MinGW patch
oeqa/selftest/debuginfod: don't re-use the database
libgcrypt: disable bench-slope test case
libxml2: don't override XML_CATALOG_FILES in xmllint wrapper if already set
glibc: mark a CVE where we have merged the fix
qemu: re-add the fix for CVE-2022-1050
qemu: fix CVE-2022-2962
dnf: add dummy packages for testing
oeqa/runtime/dnf: use dnf-test packages
Revert "wic/plugins/images/direct: Allow changes in fstab on rootfs"
Ruiqiang Hao (1):
tune-neoversen2: support tune-neoversen2 base on armv9a
Samuli Piippo (2):
Revert "gcc-cross-canadian: Add symlink to real-ld alongside other symlinks"
gcc-cross-canadian: add default plugin linker
Stefano Babic (1):
libubootenv: upgrade 0.3.2 -> 0.3.3
Sundeep KOKKONDA (1):
rust-cross-canadian: Fix for the issue caused by using sdk shell
Teoh Jay Shen (1):
bind: upgrade 9.18.6 -> 9.18.7
Tom Hochstein (2):
cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK
connman: Drop redundant nfsroot handling
Ulrich Ölmann (5):
icecc.bbclass: fix typos
icecc.bbclass: delete 'rm' command
manuals: fix paths to default templates & clean up whitespaces
icecc.bbclass: fix filename of recipe in comment
manuals: fix typos in the context of 'icecc' & clean up whitespaces
Vyacheslav Yurkov (5):
oeqa/selftest: drop image_feature test from overlayfs
classes: Update overlayfs classes to use new bitbake functionality
files: overlayfs-etc: refactor preinit template
classes: files: Extend overlayfs-etc class
oeqa/selftest: Add lower layer test for overlayfs-etc
niko.mauno@vaisala.com (2):
systemd: Add 'no-dns-fallback' PACKAGECONFIG option
systemd: Fix unwritable /var/lock when no sysvinit handling
pgowda (4):
rust: Add linker configurations for cross compilation
rust: Enable verbose-tests to get the test results in readable format
binutils : CVE-2022-38533
binutils : Fix CVE-2022-38128
wangmy (9):
cracklib: upgrade 2.9.7 -> 2.9.8
kmscube: upgrade to latest revision
piglit: upgrade to latest revision
python3-dtschema: upgrade 2022.8.1 -> 2022.8.3
python3-mako: upgrade 1.2.1 -> 1.2.2
python3-pathspec: upgrade 0.9.0 -> 0.10.1
python3-pytest: upgrade 7.1.2 -> 7.1.3
vala: upgrade 0.56.2 -> 0.56.3
less: upgrade 600 -> 608
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I1705b78d8a5ef5762fe770a69ed9b866fac52ccf
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
deleted file mode 100644
index 394aa16..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-From c9dcb6afef9c343d070aaff208d11a997a45a105 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Wed, 5 Sep 2018 22:19:38 -0700
-Subject: [PATCH] Migrate to openssl 1.1
-
-Upstream-Status: Backport [https://sourceforge.net/p/ipmitool/source/ci/1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1/]
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/plugins/lanplus/lanplus_crypt_impl.c | 50 ++++++++++++++----------
- 1 file changed, 29 insertions(+), 21 deletions(-)
-
-diff --git a/src/plugins/lanplus/lanplus_crypt_impl.c b/src/plugins/lanplus/lanplus_crypt_impl.c
-index d5fac37..9652a5e 100644
---- a/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
- uint8_t * output,
- uint32_t * bytes_written)
- {
-- EVP_CIPHER_CTX ctx;
-- EVP_CIPHER_CTX_init(&ctx);
-- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
-- EVP_CIPHER_CTX_set_padding(&ctx, 0);
--
-+ EVP_CIPHER_CTX *ctx = NULL;
-
- *bytes_written = 0;
-
-@@ -182,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
- printbuf(input, input_length, "encrypting this data");
- }
-
-+ ctx = EVP_CIPHER_CTX_new();
-+ if (ctx == NULL) {
-+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+ return;
-+ }
-+ EVP_CIPHER_CTX_init(ctx);
-+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+ EVP_CIPHER_CTX_set_padding(ctx, 0);
-
- /*
- * The default implementation adds a whole block of padding if the input
-@@ -191,28 +195,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
- assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
-
-
-- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- {
- /* Error */
- *bytes_written = 0;
-- return;
- }
- else
- {
- uint32_t tmplen;
-
-- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- {
-+ /* Error */
- *bytes_written = 0;
-- return; /* Error */
- }
- else
- {
- /* Success */
- *bytes_written += tmplen;
-- EVP_CIPHER_CTX_cleanup(&ctx);
- }
- }
-+ /* performs cleanup and free */
-+ EVP_CIPHER_CTX_free(ctx);
- }
-
-
-@@ -239,11 +243,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
- uint8_t * output,
- uint32_t * bytes_written)
- {
-- EVP_CIPHER_CTX ctx;
-- EVP_CIPHER_CTX_init(&ctx);
-- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
-- EVP_CIPHER_CTX_set_padding(&ctx, 0);
--
-+ EVP_CIPHER_CTX *ctx = NULL;
-
- if (verbose >= 5)
- {
-@@ -252,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
- printbuf(input, input_length, "decrypting this data");
- }
-
--
- *bytes_written = 0;
-
- if (input_length == 0)
- return;
-
-+ ctx = EVP_CIPHER_CTX_new();
-+ if (ctx == NULL) {
-+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+ return;
-+ }
-+ EVP_CIPHER_CTX_init(ctx);
-+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+ EVP_CIPHER_CTX_set_padding(ctx, 0);
-+
- /*
- * The default implementation adds a whole block of padding if the input
- * data is perfectly aligned. We would like to keep that from happening.
-@@ -266,33 +274,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
- assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
-
-
-- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- {
- /* Error */
- lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
- *bytes_written = 0;
-- return;
- }
- else
- {
- uint32_t tmplen;
-
-- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- {
-+ /* Error */
- char buffer[1000];
- ERR_error_string(ERR_get_error(), buffer);
- lprintf(LOG_DEBUG, "the ERR error %s", buffer);
- lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
- *bytes_written = 0;
-- return; /* Error */
- }
- else
- {
- /* Success */
- *bytes_written += tmplen;
-- EVP_CIPHER_CTX_cleanup(&ctx);
- }
- }
-+ /* performs cleanup and free */
-+ EVP_CIPHER_CTX_free(ctx);
-
- if (verbose >= 5)
- {
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-configure-Remove-the-logic-to-download-IANA-PEN-data.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-configure-Remove-the-logic-to-download-IANA-PEN-data.patch
new file mode 100644
index 0000000..442f132
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-configure-Remove-the-logic-to-download-IANA-PEN-data.patch
@@ -0,0 +1,41 @@
+From 63d72f97bd106dd2101cd7fdac6df4f7a053d67c Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 2 Sep 2022 08:27:39 -0700
+Subject: [PATCH] configure: Remove the logic to download IANA PEN database
+ during configure
+
+OE will do all downloading before it starts to configure therefore this
+step is moved out into bitbake recipe, so we can make it immutable build
+
+Upstream-Status: Inappropriate [OE-Specific]
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ configure.ac | 16 +---------------
+ 1 file changed, 1 insertion(+), 15 deletions(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -56,21 +56,7 @@ if test "x$exec_prefix" = "xNONE"; then
+ exec_prefix="$prefix"
+ fi
+
+-if test "x$WGET" = "x"; then
+- if test "x$CURL" = "x"; then
+- AC_MSG_WARN([** Neither wget nor curl could be found.])
+- AC_MSG_WARN([** IANA PEN database will not be installed by `make install` !])
+- else
+- DOWNLOAD="$CURL --location --progress-bar"
+- AM_CONDITIONAL([DOWNLOAD], [true])
+- fi
+-else
+- DOWNLOAD="$WGET -c -nd -O -"
+- AM_CONDITIONAL([DOWNLOAD], [true])
+-fi
+-
+-AC_MSG_WARN([** Download is:])
+-AC_MSG_WARN($DOWNLOAD)
++AM_CONDITIONAL([DOWNLOAD], [false])
+ AC_SUBST(DOWNLOAD, $DOWNLOAD)
+
+ dnl
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch
deleted file mode 100644
index eadfb7e..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 24aed93efb30a8f557aedc2f03b6ccec758ccbf4 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:44:18 +0000
-Subject: [PATCH 1/5] fru: Fix buffer overflow in ipmi_spd_print_fru
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_spd_print_fru` function has a similar issue as the one fixed
-by the previous commit in `read_fru_area_section`. An initial request is
-made to get the `fru.size`, which is used as the size for the allocation
-of `spd_data`. Inside a loop, further requests are performed to get the
-copy sizes which are not checked before being used as the size for a
-copy into the buffer.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/840fb1cbb4fb365cb9797300e3374d4faefcdb10]
-CVE: CVE-2020-5208
-
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- lib/dimm_spd.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c
-index 91ae117..4c9c21d 100644
---- a/lib/dimm_spd.c
-+++ b/lib/dimm_spd.c
-@@ -1014,7 +1014,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
- struct ipmi_rq req;
- struct fru_info fru;
- uint8_t *spd_data, msg_data[4];
-- int len, offset;
-+ uint32_t len, offset;
-
- msg_data[0] = id;
-
-@@ -1091,6 +1091,13 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
- }
-
- len = rsp->data[0];
-+ if(rsp->data_len < 1
-+ || len > rsp->data_len - 1
-+ || len > fru.size - offset)
-+ {
-+ printf(" Not enough buffer size");
-+ return -1;
-+ }
- memcpy(&spd_data[offset], rsp->data + 1, len);
- offset += len;
- } while (offset < fru.size);
---
-1.9.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch
deleted file mode 100644
index b65e3ef..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-fru-Fix-buffer-overflow-vulnerabilities.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From e824c23316ae50beb7f7488f2055ac65e8b341f2 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:33:59 +0000
-Subject: [PATCH] fru: Fix buffer overflow vulnerabilities
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `read_fru_area_section` function only performs size validation of
-requested read size, and falsely assumes that the IPMI message will not
-respond with more than the requested amount of data; it uses the
-unvalidated response size to copy into `frubuf`. If the response is
-larger than the request, this can result in overflowing the buffer.
-
-The same issue affects the `read_fru_area` function.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2]
-CVE: CVE-2020-5208
-
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- lib/ipmi_fru.c | 33 +++++++++++++++++++++++++++++++--
- 1 file changed, 31 insertions(+), 2 deletions(-)
-
-diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c
-index c2a139d..2e323ff 100644
---- a/lib/ipmi_fru.c
-+++ b/lib/ipmi_fru.c
-@@ -663,7 +663,10 @@ int
- read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- uint32_t offset, uint32_t length, uint8_t *frubuf)
- {
-- uint32_t off = offset, tmp, finish;
-+ uint32_t off = offset;
-+ uint32_t tmp;
-+ uint32_t finish;
-+ uint32_t size_left_in_buffer;
- struct ipmi_rs * rsp;
- struct ipmi_rq req;
- uint8_t msg_data[4];
-@@ -676,10 +679,12 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
-
- finish = offset + length;
- if (finish > fru->size) {
-+ memset(frubuf + fru->size, 0, length - fru->size);
- finish = fru->size;
- lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
- "Adjusting to %d",
- offset + length, finish - offset);
-+ length = finish - offset;
- }
-
- memset(&req, 0, sizeof(req));
-@@ -715,6 +720,7 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- }
- }
-
-+ size_left_in_buffer = length;
- do {
- tmp = fru->access ? off >> 1 : off;
- msg_data[0] = id;
-@@ -756,9 +762,18 @@ read_fru_area(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- }
-
- tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
-+ if(rsp->data_len < 1
-+ || tmp > rsp->data_len - 1
-+ || tmp > size_left_in_buffer)
-+ {
-+ printf(" Not enough buffer size");
-+ return -1;
-+ }
-+
- memcpy(frubuf, rsp->data + 1, tmp);
- off += tmp;
- frubuf += tmp;
-+ size_left_in_buffer -= tmp;
- /* sometimes the size returned in the Info command
- * is too large. return 0 so higher level function
- * still attempts to parse what was returned */
-@@ -791,7 +806,9 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- uint32_t offset, uint32_t length, uint8_t *frubuf)
- {
- static uint32_t fru_data_rqst_size = 20;
-- uint32_t off = offset, tmp, finish;
-+ uint32_t off = offset;
-+ uint32_t tmp, finish;
-+ uint32_t size_left_in_buffer;
- struct ipmi_rs * rsp;
- struct ipmi_rq req;
- uint8_t msg_data[4];
-@@ -804,10 +821,12 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
-
- finish = offset + length;
- if (finish > fru->size) {
-+ memset(frubuf + fru->size, 0, length - fru->size);
- finish = fru->size;
- lprintf(LOG_NOTICE, "Read FRU Area length %d too large, "
- "Adjusting to %d",
- offset + length, finish - offset);
-+ length = finish - offset;
- }
-
- memset(&req, 0, sizeof(req));
-@@ -822,6 +841,8 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- if (fru->access && fru_data_rqst_size > 16)
- #endif
- fru_data_rqst_size = 16;
-+
-+ size_left_in_buffer = length;
- do {
- tmp = fru->access ? off >> 1 : off;
- msg_data[0] = id;
-@@ -853,8 +874,16 @@ read_fru_area_section(struct ipmi_intf * intf, struct fru_info *fru, uint8_t id,
- }
-
- tmp = fru->access ? rsp->data[0] << 1 : rsp->data[0];
-+ if(rsp->data_len < 1
-+ || tmp > rsp->data_len - 1
-+ || tmp > size_left_in_buffer)
-+ {
-+ printf(" Not enough buffer size");
-+ return -1;
-+ }
- memcpy((frubuf + off)-offset, rsp->data + 1, tmp);
- off += tmp;
-+ size_left_in_buffer -= tmp;
-
- /* sometimes the size returned in the Info command
- * is too large. return 0 so higher level function
---
-2.17.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-hpmfwupg-move-variable-definition-to-.c-file.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-hpmfwupg-move-variable-definition-to-.c-file.patch
deleted file mode 100644
index a765c3a..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-hpmfwupg-move-variable-definition-to-.c-file.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 3f7bb7218181745ca7762c1b4832cbb1c9e692f5 Mon Sep 17 00:00:00 2001
-From: Vaclav Dolezal <vdolezal@redhat.com>
-Date: Thu, 23 Jan 2020 11:26:32 +0100
-Subject: [PATCH] hpmfwupg: move variable definition to .c file
-
-Upstream-Status: Pending
-Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com>
----
- include/ipmitool/ipmi_hpmfwupg.h | 2 +-
- lib/ipmi_hpmfwupg.c | 2 ++
- 2 files changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/include/ipmitool/ipmi_hpmfwupg.h b/include/ipmitool/ipmi_hpmfwupg.h
-index de65292..07f597b 100644
---- a/include/ipmitool/ipmi_hpmfwupg.h
-+++ b/include/ipmitool/ipmi_hpmfwupg.h
-@@ -800,7 +800,7 @@ typedef struct _VERSIONINFO {
- char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
- }VERSIONINFO, *PVERSIONINFO;
-
--VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+extern VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-
- #define TARGET_VER (0x01)
- #define ROLLBACK_VER (0x02)
-diff --git a/lib/ipmi_hpmfwupg.c b/lib/ipmi_hpmfwupg.c
-index bbcffc0..d7cdcd6 100644
---- a/lib/ipmi_hpmfwupg.c
-+++ b/lib/ipmi_hpmfwupg.c
-@@ -58,6 +58,8 @@ ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf);
-
- extern int verbose;
-
-+VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+
- int HpmfwupgUpgrade(struct ipmi_intf *intf, char *imageFilename,
- int activate, int, int);
- int HpmfwupgValidateImageIntegrity(struct HpmfwupgUpgradeCtx *pFwupgCtx);
---
-2.28.0
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-ipmi_fru.c-Provide-missing-function-declarations.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-ipmi_fru.c-Provide-missing-function-declarations.patch
new file mode 100644
index 0000000..704bbdb
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-ipmi_fru.c-Provide-missing-function-declarations.patch
@@ -0,0 +1,34 @@
+From e5bbf96edf776821f29ab67baed22a690bf8ab10 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 2 Sep 2022 07:30:10 -0700
+Subject: [PATCH] ipmi_fru.c: Provide missing function declarations
+
+Fixes build with clang-15+
+
+Upstream-Status: Submitted [https://github.com/ipmitool/ipmitool/pull/360]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ lib/ipmi_fru.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c
+index 3d1d8a1..5c5661c 100644
+--- a/lib/ipmi_fru.c
++++ b/lib/ipmi_fru.c
+@@ -60,6 +60,13 @@ static const char *section_id[4] = {
+ "Board Section",
+ "Product Section"
+ };
++/* From lib/ipmi_hpmfwupg.c: */
++uint16_t
++ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf);
++
++/* From src/plugins/ipmi_intf.c: */
++uint16_t
++ipmi_intf_get_max_response_data_size(struct ipmi_intf * intf);
+
+ static const char * combined_voltage_desc[] = {
+ "12 V",
+--
+2.37.3
+
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch
deleted file mode 100644
index b8742b1..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 81144cfba131b4ddbfcf9c530274b23bfc7e0ea8 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:51:49 +0000
-Subject: [PATCH 2/5] session: Fix buffer overflow in ipmi_get_session_info
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_get_session_info` function does not properly check the
-response `data_len`, which is used as a copy size, allowing stack buffer
-overflow.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22]
-CVE: CVE-2020-5208
-
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- lib/ipmi_session.c | 12 ++++++++----
- 1 file changed, 8 insertions(+), 4 deletions(-)
-
-diff --git a/lib/ipmi_session.c b/lib/ipmi_session.c
-index 4855bc4..71bef4c 100644
---- a/lib/ipmi_session.c
-+++ b/lib/ipmi_session.c
-@@ -319,8 +319,10 @@ ipmi_get_session_info(struct ipmi_intf * intf,
- }
- else
- {
-- memcpy(&session_info, rsp->data, rsp->data_len);
-- print_session_info(&session_info, rsp->data_len);
-+ memcpy(&session_info, rsp->data,
-+ __min(rsp->data_len, sizeof(session_info)));
-+ print_session_info(&session_info,
-+ __min(rsp->data_len, sizeof(session_info)));
- }
- break;
-
-@@ -351,8 +353,10 @@ ipmi_get_session_info(struct ipmi_intf * intf,
- break;
- }
-
-- memcpy(&session_info, rsp->data, rsp->data_len);
-- print_session_info(&session_info, rsp->data_len);
-+ memcpy(&session_info, rsp->data,
-+ __min(rsp->data_len, sizeof(session_info)));
-+ print_session_info(&session_info,
-+ __min(rsp->data_len, sizeof(session_info)));
-
- } while (i <= session_info.session_slot_count);
- break;
---
-1.9.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch
deleted file mode 100644
index deebd35..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0003-channel-Fix-buffer-overflow.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 5057761e30e3a7682edab60f98f631616392ddc6 Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 16:56:38 +0000
-Subject: [PATCH 3/3] channel: Fix buffer overflow
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `ipmi_get_channel_cipher_suites` function does not properly check
-the final response’s `data_len`, which can lead to stack buffer overflow
-on the final copy.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/9452be87181a6e83cfcc768b3ed8321763db50e4]
-CVE: CVE-2020-5208
-
-[Make some changes to apply it]
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- include/ipmitool/ipmi_channel.h | 2 ++
- lib/ipmi_channel.c | 10 ++++++++--
- 2 files changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/include/ipmitool/ipmi_channel.h b/include/ipmitool/ipmi_channel.h
-index b138c26..d7cce5e 100644
---- a/include/ipmitool/ipmi_channel.h
-+++ b/include/ipmitool/ipmi_channel.h
-@@ -77,6 +77,8 @@ struct channel_access_t {
- uint8_t user_level_auth;
- };
-
-+#define MAX_CIPHER_SUITE_DATA_LEN 0x10
-+
- /*
- * The Get Authentication Capabilities response structure
- * From table 22-15 of the IPMI v2.0 spec
-diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c
-index fab2e54..76ecdcd 100644
---- a/lib/ipmi_channel.c
-+++ b/lib/ipmi_channel.c
-@@ -378,7 +378,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
- lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
- return -1;
- }
-- if (rsp->ccode > 0) {
-+ if (rsp->ccode
-+ || rsp->data_len < 1
-+ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)
-+ {
- lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
- val2str(rsp->ccode, completion_code_vals));
- return -1;
-@@ -413,7 +416,10 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
- lprintf(LOG_ERR, "Unable to Get Channel Cipher Suites");
- return -1;
- }
-- if (rsp->ccode > 0) {
-+ if (rsp->ccode
-+ || rsp->data_len < 1
-+ || rsp->data_len > sizeof(uint8_t) + MAX_CIPHER_SUITE_DATA_LEN)
-+ {
- lprintf(LOG_ERR, "Get Channel Cipher Suites failed: %s",
- val2str(rsp->ccode, completion_code_vals));
- return -1;
---
-2.18.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch
deleted file mode 100644
index b5ce9e9..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-From e6aa6076f65e71544bd6450d20d943d7baaccb9f Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 17:06:39 +0000
-Subject: [PATCH 4/5] lanp: Fix buffer overflows in get_lan_param_select
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Partial fix for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-The `get_lan_param_select` function is missing a validation check on the
-response’s `data_len`, which it then returns to caller functions, where
-stack buffer overflow can occur.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/d45572d71e70840e0d4c50bf48218492b79c1a10]
-CVE: CVE-2020-5208
-
-[Make some changes to apply it]
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- lib/ipmi_lanp.c | 14 +++++++-------
- 1 file changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/lib/ipmi_lanp.c b/lib/ipmi_lanp.c
-index 060e753..dee21ee 100644
---- a/lib/ipmi_lanp.c
-+++ b/lib/ipmi_lanp.c
-@@ -1917,7 +1917,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- /* set new ipaddr */
- memcpy(data+3, temp, 4);
- printf("Setting LAN Alert %d IP Address to %d.%d.%d.%d\n", alert,
-@@ -1932,7 +1932,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
- /* set new macaddr */
- memcpy(data+7, temp, 6);
- printf("Setting LAN Alert %d MAC Address to "
-@@ -1947,7 +1947,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
-
- if (strncasecmp(argv[1], "def", 3) == 0 ||
- strncasecmp(argv[1], "default", 7) == 0) {
-@@ -1973,7 +1973,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
-
- if (strncasecmp(argv[1], "on", 2) == 0 ||
- strncasecmp(argv[1], "yes", 3) == 0) {
-@@ -1998,7 +1998,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
-
- if (strncasecmp(argv[1], "pet", 3) == 0) {
- printf("Setting LAN Alert %d destination to PET Trap\n", alert);
-@@ -2026,7 +2026,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
-
- if (str2uchar(argv[1], &data[2]) != 0) {
- lprintf(LOG_ERR, "Invalid time: %s", argv[1]);
-@@ -2042,7 +2042,7 @@ ipmi_lan_alert_set(struct ipmi_intf * intf, uint8_t chan, uint8_t alert,
- if (p == NULL) {
- return (-1);
- }
-- memcpy(data, p->data, p->data_len);
-+ memcpy(data, p->data, __min(p->data_len, sizeof(data)));
-
- if (str2uchar(argv[1], &data[3]) != 0) {
- lprintf(LOG_ERR, "Invalid retry: %s", argv[1]);
---
-1.9.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch
deleted file mode 100644
index cf8b925..0000000
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool/0005-fru-sdr-Fix-id_string-buffer-overflows.patch
+++ /dev/null
@@ -1,142 +0,0 @@
-From 26e64ca78ae844c5ceedde89531e2924d7d4594c Mon Sep 17 00:00:00 2001
-From: Chrostoper Ertl <chertl@microsoft.com>
-Date: Thu, 28 Nov 2019 17:13:45 +0000
-Subject: [PATCH 5/5] fru, sdr: Fix id_string buffer overflows
-
-Final part of the fixes for CVE-2020-5208, see
-https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
-
-9 variants of stack buffer overflow when parsing `id_string` field of
-SDR records returned from `CMD_GET_SDR` command.
-
-SDR record structs have an `id_code` field, and an `id_string` `char`
-array.
-
-The length of `id_string` is calculated as `(id_code & 0x1f) + 1`,
-which can be larger than expected 16 characters (if `id_code = 0xff`,
-then length will be `(0xff & 0x1f) + 1 = 32`).
-
-In numerous places, this can cause stack buffer overflow when copying
-into fixed buffer of size `17` bytes from this calculated length.
-
-Upstream-Status: Backport[https://github.com/ipmitool/ipmitool/commit/7ccea283dd62a05a320c1921e3d8d71a87772637]
-CVE: CVE-2020-5208
-
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
----
- lib/ipmi_fru.c | 2 +-
- lib/ipmi_sdr.c | 40 ++++++++++++++++++++++++----------------
- 2 files changed, 25 insertions(+), 17 deletions(-)
-
-diff --git a/lib/ipmi_fru.c b/lib/ipmi_fru.c
-index b71ea23..1decea2 100644
---- a/lib/ipmi_fru.c
-+++ b/lib/ipmi_fru.c
-@@ -3038,7 +3038,7 @@ ipmi_fru_print(struct ipmi_intf * intf, struct sdr_record_fru_locator * fru)
- return 0;
-
- memset(desc, 0, sizeof(desc));
-- memcpy(desc, fru->id_string, fru->id_code & 0x01f);
-+ memcpy(desc, fru->id_string, __min(fru->id_code & 0x01f, sizeof(desc)));
- desc[fru->id_code & 0x01f] = 0;
- printf("FRU Device Description : %s (ID %d)\n", desc, fru->device_id);
-
-diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
-index fa7b082..175a86f 100644
---- a/lib/ipmi_sdr.c
-+++ b/lib/ipmi_sdr.c
-@@ -2113,7 +2113,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf,
- return -1;
-
- memset(desc, 0, sizeof (desc));
-- snprintf(desc, (sensor->id_code & 0x1f) + 1, "%s", sensor->id_string);
-+ snprintf(desc, sizeof(desc), "%.*s", (sensor->id_code & 0x1f) + 1, sensor->id_string);
-
- if (verbose) {
- printf("Sensor ID : %s (0x%x)\n",
-@@ -2164,7 +2164,7 @@ ipmi_sdr_print_sensor_mc_locator(struct ipmi_intf *intf,
- return -1;
-
- memset(desc, 0, sizeof (desc));
-- snprintf(desc, (mc->id_code & 0x1f) + 1, "%s", mc->id_string);
-+ snprintf(desc, sizeof(desc), "%.*s", (mc->id_code & 0x1f) + 1, mc->id_string);
-
- if (verbose == 0) {
- if (csv_output)
-@@ -2257,7 +2257,7 @@ ipmi_sdr_print_sensor_generic_locator(struct ipmi_intf *intf,
- char desc[17];
-
- memset(desc, 0, sizeof (desc));
-- snprintf(desc, (dev->id_code & 0x1f) + 1, "%s", dev->id_string);
-+ snprintf(desc, sizeof(desc), "%.*s", (dev->id_code & 0x1f) + 1, dev->id_string);
-
- if (!verbose) {
- if (csv_output)
-@@ -2314,7 +2314,7 @@ ipmi_sdr_print_sensor_fru_locator(struct ipmi_intf *intf,
- char desc[17];
-
- memset(desc, 0, sizeof (desc));
-- snprintf(desc, (fru->id_code & 0x1f) + 1, "%s", fru->id_string);
-+ snprintf(desc, sizeof(desc), "%.*s", (fru->id_code & 0x1f) + 1, fru->id_string);
-
- if (!verbose) {
- if (csv_output)
-@@ -2518,35 +2518,43 @@ ipmi_sdr_print_name_from_rawentry(struct ipmi_intf *intf,uint16_t id,
-
- int rc =0;
- char desc[17];
-+ const char *id_string;
-+ uint8_t id_code;
- memset(desc, ' ', sizeof (desc));
-
- switch ( type) {
- case SDR_RECORD_TYPE_FULL_SENSOR:
- record.full = (struct sdr_record_full_sensor *) raw;
-- snprintf(desc, (record.full->id_code & 0x1f) +1, "%s",
-- (const char *)record.full->id_string);
-+ id_code = record.full->id_code;
-+ id_string = record.full->id_string;
- break;
-+
- case SDR_RECORD_TYPE_COMPACT_SENSOR:
- record.compact = (struct sdr_record_compact_sensor *) raw ;
-- snprintf(desc, (record.compact->id_code & 0x1f) +1, "%s",
-- (const char *)record.compact->id_string);
-+ id_code = record.compact->id_code;
-+ id_string = record.compact->id_string;
- break;
-+
- case SDR_RECORD_TYPE_EVENTONLY_SENSOR:
- record.eventonly = (struct sdr_record_eventonly_sensor *) raw ;
-- snprintf(desc, (record.eventonly->id_code & 0x1f) +1, "%s",
-- (const char *)record.eventonly->id_string);
-- break;
-+ id_code = record.eventonly->id_code;
-+ id_string = record.eventonly->id_string;
-+ break;
-+
- case SDR_RECORD_TYPE_MC_DEVICE_LOCATOR:
- record.mcloc = (struct sdr_record_mc_locator *) raw ;
-- snprintf(desc, (record.mcloc->id_code & 0x1f) +1, "%s",
-- (const char *)record.mcloc->id_string);
-+ id_code = record.mcloc->id_code;
-+ id_string = record.mcloc->id_string;
- break;
-+
- default:
- rc = -1;
-- break;
-- }
-+ }
-+ if (!rc) {
-+ snprintf(desc, sizeof(desc), "%.*s", (id_code & 0x1f) + 1, id_string);
-+ }
-
-- lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
-+ lprintf(LOG_INFO, "ID: 0x%04x , NAME: %-16s", id, desc);
- return rc;
- }
-
---
-1.9.1
-
diff --git a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb
similarity index 60%
rename from meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb
rename to meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb
index 3337fe5..0a600e2 100644
--- a/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.18.bb
+++ b/meta-openembedded/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb
@@ -21,24 +21,31 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=9aa91e13d644326bf281924212862184"
DEPENDS = "openssl readline ncurses"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/ipmitool/ipmitool-${PV}.tar.bz2 \
- file://0001-Migrate-to-openssl-1.1.patch \
- file://0001-fru-Fix-buffer-overflow-vulnerabilities.patch \
- file://0001-fru-Fix-buffer-overflow-in-ipmi_spd_print_fru.patch \
- file://0002-session-Fix-buffer-overflow-in-ipmi_get_session_info.patch \
- file://0003-channel-Fix-buffer-overflow.patch \
- file://0004-lanp-Fix-buffer-overflows-in-get_lan_param_select.patch \
- file://0005-fru-sdr-Fix-id_string-buffer-overflows.patch \
- file://0001-hpmfwupg-move-variable-definition-to-.c-file.patch \
+SRCREV = "19d78782d795d0cf4ceefe655f616210c9143e62"
+SRC_URI = "git://github.com/ipmitool/ipmitool;protocol=https;branch=master \
+ ${IANA_ENTERPRISE_NUMBERS} \
+ file://0001-ipmi_fru.c-Provide-missing-function-declarations.patch \
+ file://0001-configure-Remove-the-logic-to-download-IANA-PEN-data.patch \
"
-SRC_URI[md5sum] = "bab7ea104c7b85529c3ef65c54427aa3"
-SRC_URI[sha256sum] = "0c1ba3b1555edefb7c32ae8cd6a3e04322056bc087918f07189eeedfc8b81e01"
+IANA_ENTERPRISE_NUMBERS ?= ""
+
+# Add these via bbappend if this database is needed by the system
+#IANA_ENTERPRISE_NUMBERS ?= "http://www.iana.org/assignments/enterprise-numbers;name=iana-enterprise-numbers;downloadfilename=iana-enterprise-numbers"
+#SRC_URI[iana-enterprise-numbers.sha256sum] = "cdd97fc08325667434b805eb589104ae63f7a9eb720ecea73cb55110b383934c"
+
+S = "${WORKDIR}/git"
inherit autotools
+do_install:append() {
+ if [ -e ${WORKDIR}/iana-enterprise-numbers ]; then
+ install -Dm 0755 ${WORKDIR}/iana-enterprise-numbers ${D}${datadir}/misc/enterprise-numbers
+ fi
+}
+
PACKAGES =+ "${PN}-ipmievd"
FILES:${PN}-ipmievd += "${sbindir}/ipmievd"
+FILES:${PN} += "${datadir}/misc"
# --disable-dependency-tracking speeds up the build
# --enable-file-security adds some security checks