subtree updates
meta-security: a397a38ed9..53c5cc794f:
Anton Antonov (2):
Fix PACKAGECONFIG check in Parsec OEQA tests
Flush caches after OEQA tests
Armin Kuster (6):
checksecurity: update to 2.0.16
krill: forced to inclued fetch hashes.
suricata: Fixup to work within the recent crate changes.
suricata: Missed on crate depends
parsec-tool: update SRC_URI hash
parsec-service: fix SRC_URI hash
Gowtham Suresh Kumar (2):
meta-parsec: Disable RSA-OAEP OEQA tests for Parsec PKCS11 backend
parsec-service: Update parsec recipes to 1.2.0 and parsec-tool to 0.6.0
Patrick Williams (1):
libwhisker2-perl: adjust perl-version variable
meta-openembedded: 17243e70c8..c5f330bc9a:
Alex Yao (3):
lcov: Fix Perl Path
lcov: Upgrade 1.14 -> 1.16
lcov: Fix homepage
Ari Parkkila (1):
python3-appdirs: add native and nativesdk to BBCLASSEXTEND
Arsalan H. Awan (1):
meta-networking/licenses/netperf: remove unused license
Bartosz Golaszewski (11):
reboot-mode: put the build artifacts in ${B}
libgpiod: enable all features for ptest
libgpiod: drop unneeded S assignment
libgpiod: generalize the local files directories
libgpiod: update to v2.0.1
python3-gpiod: don't hardcode the project version in recipe
python3-gpiod: add missing run-time dependencies
libgpiod: install the libgpiosim header
python3-gpiod: fetch sources from pypi
libgpiod: fold libgpiod-src.inc into libgpiod.inc
libgpiod: remove test executables from ${bindir}
Chen Qi (1):
android-tools: fix systemd service setting
Enrico Scholz (1):
sox: remove ffmpeg dependency
Etienne Cordonnier (4):
uutils-coreutils: Add crates checksum
uutils-coreutils: remove obsolete comment
uutils-coreutils: upgrade 0.0.17 -> 0.0.18
uutils-coreutils: disable musl support
Ever ATILANO (4):
meta-python: python3-path: Add ptest
meta-python: python3-lorem: Add ptest
meta-oe: recipes-support: dc: Add ptest
meta-oe: recipes-extended: bitwise: Add ptest
Gianfranco Costamagna (1):
vbxguestdrivers: upgrade 7.0.4 -> 7.0.8
Jasper Orschulko (1):
python3-gcovr: Add missing runtime dependency
Jayanth Othayoth (1):
etcd-cpp-apiv3: add recipe
Johannes Kirchmair (1):
redirect unwanted error message in nginx install
Johannes Pointner (1):
python3-pyzstd: add new recipe
Kai Kang (16):
xfce4-taskmanager: 1.5.2 -> 1.5.5
xfce4-terminal: 1.0.0 -> 1.0.4
syslog-ng: not deliver syslog-ng-update-virtualenv
xfce4-notifyd: 0.6.3 -> 0.8.2
xfce4-screenshooter: 1.9.10 -> 1.10.3
thunar: 4.18.0 -> 4.18.4
thunar-media-tags-plugin: 0.3.0 -> 0.4.0
libxfce4util: 4.18.0 -> 4.18.1
libxfce4ui: 4.18.0 -> 4.18.3
xfce4-settings: 4.18.0 -> 4.18.2
xfce4-session: 4.18.0 -> 4.18.2
xfce4-panel: 4.18.0 -> 4.18.3
thunar-archive-plugin: 0.5.0 -> 0.5.1
xfce4-power-manager: 4.18.0 -> 4.18.1
garcon: 4.18.0 -> 4.18.1
xfce4-screensaver: 4.16.0 -> 4.18.1
Khem Raj (36):
krb5: Fix build with autoconf 2.72
cyrus-sasl: Fix autoconf patch to work with new autoconf 2.72
gmime: Update to 3.2.13
imagemagick: Update to 7.1.1
mpv: Upgrade to 0.35.1
fwknop: Use pkg-config instead of gpgme-config
fwknop: Fix AS_IF configure syntax
libstemmer: Update to 2.2.0
libidn: Update largefile m4 macros
emacs: Fix build with autconf 2.72+
ptest-packagelists-meta-oe: Remove minicoredumper from PTESTS_FAST_META_OE on musl
poco: Remove pushd/popd from run-ptest
surf: Fix build with gtkwebkit 2.40
libio-pty-perl: Fix build with musl/clang
meta-gnome: Update patch status for several recipes
libnet-ssleay-perl: Fix patch upstream status
meta-xfce: Fix missing upstream status in patches
meta-multimedia: Fix missing upstream status in several patches
meta-webserver: Fix missing upstream status on patches
babl: Drop clang10 workaround for mips/rv64
babl: Package /usr/lib/babl-0.1/ directory
libtinyxml2: Add ptest support
ptest-packagelists-meta-oe: Add libtinyxml2
minifi-cpp: Always use stat on 64bit linux
libdnet: Upgrade to 1.16.3
python3-pyruvate: regenerate with updated bbclass
monkey,webmin: Fix upstream patch status
python3-pyruvate: Upgrade to 1.2.1
onig: Ignore .debug directories while finding ptests
python3-h5py: Fix TMPDIR references in dbg files
python3-pandas: Fix TMPDIR references in dbg files
fwupd: Do not emit build time paths into generated headers
libcereal: Fix TMPDIR leaking into debug_str section
xmlrpc-c: Upgrade to 1.59.01
grilo: Fix buildpaths in generated header file
python3-click: Fix ptest failure
Leon Anavi (2):
libpcsc-perl: Add recipe
pcsc-tools: Add runtime dependencies
Linus Jacobson (1):
khronos-cts: Replace wayland feature dependancy with vulkan
Markus Volk (40):
nv-codec-headers: add clean target to Makefile
flatpak: update 1.15.3 -> 1.15.4
libcamera: re-introduce fix for gcc-13
polkit-gnome: add recipe
eog: update 43.2 -> 44.0
evince: update 43.1 -> 44.0
gdm: update 43.0 -> 44.0
gnome-calculator: update 43.0.1 -> 44.0
gnome-calendar: update 43.1 -> 44.0
gnome-desktop: update 43 -> 44.0
gnome-disk-utility: update 43.0 -> 44.0
gnome-font-viewer: update 43.0 -> 44.0
gnome-online-accounts: update 3.46.0 -> 3.48.0
gnome-photos: update 43.0 -> 44.0
gnome-session: update 43.0 -> 44.0
gnome-settings-daemon: update 43.0 -> 44.0
gnome-shell-extensions: update 43.1 -> 44.0
gnome-software: update 43.4 -> 44.0
gnome-terminal: update 3.46.7 -> 3.48.0
gnome-text-editor: update 43.1 -> 44.0
tracker-miners: update 3.4.2 -> 3.5.0
zenity: update 3.43.0 -> 3.44.0
xdg-desktop-portal-gnome: update 43.1 -> 44.0
gedit: update 43.2 -> 44.2
evolution-data-server: build oauth with gtk+3
file-roller: set cpio path manually
libdecor: update 1.1.0 -> 1.1.99
freerdp: set PROXY_PLUGINDIR
libnfs: add recipe
pipewire: update 0.3.67 -> 0.3.68
iwd: update 2.3 -> 2.4
mozjs: update 102.5.0 -> 102.9.0
glibmm: fix reproducibility issues
adw-gtk3: add recipe
xdg-desktop-portal-wlr: update
pipewire: remove 'inherit gsettings'
polkit: update SRC_URI
webp-pixbuf-loader: update 0.2.0 -> 0.2.4
udisks2: add PACKAGECONFIGs for btrfs,lvm2 and lsm
pipewire: update 0.3.68 -> 0.3.70
Martin Jansa (7):
zsh: fix installed-vs-shipped with multilib
restinio: fix S variable in multilib builds
mongodb: fix chown user for multilib builds
pahole: respect libdir
lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
dleyna-{server,renderer}: fix dev-so QA issue with multilib
lirc: fix do_install with multilib
Mingli Yu (2):
mcelog: improve the ptest output
php: Fix GCC 12 -Og
Peter Johennecken (1):
nginx: added packagegroup for webdav module
Peter Kjellerstedt (5):
python3-crc32c: Correct the license information
paho-mqtt-cpp: Improve the license information
autossh: Correct the license information
paho-mqtt-c: Improve the license information
recipes: Remove double protocol= from SRC_URIs
Peter Marko (1):
ntp: whitelist CVE-2019-11331
Petr Gotthard (2):
cockpit: upgrade 276 -> 289
nftables: upgrade 1.0.6 -> 1.0.7
Randolph Sapp (1):
glfw: add packageconfig and wayland dependencies
Steffen Trumtrar (3):
openocd: 0.11->0.12
openocd: fix jimtcl url
openocd: enable jtag-vpi and buspirate
Tim Orling (11):
cli11: do not inherit ptest
span-lite: do not inherit ptest
ptest-packagelists-meta-oe.inc: add ptest recipes
meta-oe-ptest*-image: enable BBCLASSEXTEND parallel execution
ptest-packagelists-meta-python.inc: add ptest recipes
meta-python-ptest*-image: enable BBCLASSEXTEND parallel execution
python3-aspectlib: fix ptest
ptest-packagelists-meta-perl.inc: add ptest recipes
recipes-perl/packagegroups: move to recipes-core/
recipes-perl/images: move to recipes-core
meta-perl-ptest*-image: enable BBCLASSEXTEND parallel execution
Ulrich Ölmann (1):
jwt-cpp: enable usage in an SDK
Valeria Petrov (1):
apache2: upgrade 2.4.56 -> 2.4.57
Virendra Thakur (2):
p7zip: fix for CVE-2018-5996
p7zip: Fix for CVE-2016-9296
Wang Mingyu (117):
abseil-cpp: upgrade 20230125.1 -> 20230125.2
libbytesize: upgrade 2.7 -> 2.8
gegl: upgrade 0.4.42 -> 0.4.44
ctags: upgrade 6.0.20230319.0 -> 6.0.20230402.0
libdeflate: upgrade 1.17 -> 1.18
libldb: upgrade 2.7.1 -> 2.7.2
ndisc6: upgrade 1.0.6 -> 1.0.7
libpfm4: upgrade 4.12.0 -> 4.13.0
libtraceevent: upgrade 1.7.1 -> 1.7.2
nginx: upgrade 1.23.3 -> 1.23.4
links: upgrade 2.28 -> 2.29
python3-pyproj: upgrade 3.4.1 -> 3.5.0
ostree: upgrade 2023.1 -> 2023.2
openvpn: upgrade 2.6.1 -> 2.6.2
python3-aenum: upgrade 3.1.11 -> 3.1.12
python3-argcomplete: upgrade 3.0.0 -> 3.0.5
python3-cassandra-driver: upgrade 3.25.0 -> 3.26.0
python3-astroid: upgrade 2.15.0 -> 2.15.1
python3-cmake: upgrade 3.26.0 -> 3.26.1
python3-dateparser: upgrade 1.1.7 -> 1.1.8
python3-google-api-python-client: upgrade 2.81.0 -> 2.83.0
python3-elementpath: upgrade 4.0.1 -> 4.1.0
python3-googleapis-common-protos: upgrade 1.58.0 -> 1.59.0
python3-httplib2: upgrade 0.21.0 -> 0.22.0
python3-google-auth: upgrade 2.16.2 -> 2.17.1
python3-ipython: upgrade 8.11.0 -> 8.12.0
python3-imageio: upgrade 2.26.0 -> 2.27.0
python3-pychromecast: upgrade 13.0.4 -> 13.0.6
python3-jdatetime: upgrade 4.1.0 -> 4.1.1
python3-luma-oled: upgrade 3.11.0 -> 3.12.0
python3-pydantic: upgrade 1.10.6 -> 1.10.7
python3-pymodbus: upgrade 3.2.1 -> 3.2.2
python3-pymisp: upgrade 2.4.169.2 -> 2.4.169.3
python3-pywbemtools: upgrade 1.1.1 -> 1.2.0
python3-redis: upgrade 4.5.1 -> 4.5.4
python3-regex: upgrade 2022.10.31 -> 2023.3.23
python3-typeguard: upgrade 3.0.1 -> 3.0.2
python3-sentry-sdk: upgrade 1.17.0 -> 1.18.0
python3-rich: upgrade 13.3.2 -> 13.3.3
python3-watchdog: upgrade 2.3.1 -> 3.0.0
feh: upgrade 3.9.1 -> 3.10
c-periphery: upgrade 2.3.1 -> 2.4.0
grilo-plugins: upgrade 0.3.15 -> 0.3.16
hwdata: upgrade 0.368 -> 0.369
hwloc: upgrade 2.9.0 -> 2.9.1
libconfig-tiny-perl: upgrade 2.28 -> 2.29
mg: upgrade 20221112 -> 20230406
python3-pillow: upgrade 9.4.0 -> 9.5.0
python3-websockets: upgrade 10.4 -> 11.0.1
poppler: upgrade 23.03.0 -> 23.04.0
python3-alembic: upgrade 1.10.2 -> 1.10.3
python3-astroid: upgrade 2.15.1 -> 2.15.2
python3-coverage: upgrade 7.2.2 -> 7.2.3
python3-google-api-python-client: upgrade 2.83.0 -> 2.84.0
python3-google-auth: upgrade 2.17.1 -> 2.17.2
python3-imgtool: upgrade 1.9.0 -> 1.10.0
python3-pychromecast: upgrade 13.0.6 -> 13.0.7
python3-simplejson: upgrade 3.18.4 -> 3.19.1
python3-networkx: upgrade 3.0 -> 3.1
tesseract: upgrade 5.3.0 -> 5.3.1
python3-zeroconf: upgrade 0.47.4 -> 0.55.0
python3-web3: upgrade 6.0.0 -> 6.1.0
python3-sqlalchemy: upgrade 2.0.7 -> 2.0.9
python3-sentry-sdk: upgrade 1.18.0 -> 1.19.1
hdf5: Fix install conflict when enable multilib.
capnproto: upgrade 0.10.3 -> 0.10.4
ctags: upgrade 6.0.20230402.0 -> 6.0.20230416.0
mctp: upgrade 1.0 -> 1.1
php: upgrade 8.2.4 -> 8.2.5
openvpn: upgrade 2.6.2 -> 2.6.3
python3-croniter: upgrade 1.3.8 -> 1.3.14
python3-diskcache: upgrade 5.4.0 -> 5.5.1
python3-cmake: upgrade 3.26.1 -> 3.26.3
python3-elementpath: upgrade 4.1.0 -> 4.1.1
python3-google-api-python-client: upgrade 2.84.0 -> 2.85.0
python3-google-auth: upgrade 2.17.2 -> 2.17.3
python3-protobuf: upgrade 4.22.1 -> 4.22.3
python3-web3: upgrade 6.1.0 -> 6.2.0
python3-rich: upgrade 13.3.3 -> 13.3.4
python3-pymisp: upgrade 2.4.169.3 -> 2.4.170
python3-xlsxwriter: upgrade 3.0.9 -> 3.1.0
python3-zeroconf: upgrade 0.55.0 -> 0.56.0
remmina: upgrade 1.4.29 -> 1.4.30
tbb: upgrade 2021.8.0 -> 2021.9.0
sip: upgrade 6.7.7 -> 6.7.8
tcpdump: upgrade 4.99.3 -> 4.99.4
tcsh: upgrade 6.24.07 -> 6.24.10
evolution-data-server: upgrade 3.48.0 -> 3.48.1
babl: upgrade 0.1.102 -> 0.1.104
gensio: upgrade 2.6.2 -> 2.6.4
libopus: upgrade 1.3.1 -> 1.4
network-manager-applet: upgrade 1.30.0 -> 1.32.0
networkmanager: upgrade 1.42.4 -> 1.42.6
opencl-headers: upgrade 2023.02.06 -> 2023.04.17
c-periphery: upgrade 2.4.0 -> 2.4.1
mbw: upgrade 1.5 -> 2.0
libmodule-build-tiny-perl: upgrade 0.039 -> 0.043
python3-periphery: upgrade 2.3.0 -> 2.4.1
python3-astroid: upgrade 2.15.2 -> 2.15.3
python3-diskcache: upgrade 5.5.1 -> 5.6.1
python3-engineio: upgrade 4.4.0 -> 4.4.1
python3-soupsieve: upgrade 2.4 -> 2.4.1
python3-google-api-python-client: upgrade 2.85.0 -> 2.86.0
python3-mock: upgrade 5.0.1 -> 5.0.2
python3-pyalsaaudio: upgrade 0.9.2 -> 0.10.0
python3-icu: upgrade 2.10.2 -> 2.11
python3-pymisp: upgrade 2.4.170 -> 2.4.170.1
python3-python-vlc: upgrade 3.0.18121 -> 3.0.18122
python3-sentry-sdk: upgrade 1.19.1 -> 1.20.0
python3-pyscaffold: upgrade 4.4 -> 4.4.1
python3-websockets: upgrade 11.0.1 -> 11.0.2
python3-tornado: upgrade 6.2 -> 6.3
redis: upgrade 7.0.10 -> 7.0.11
python3-xmlschema: upgrade 2.2.2 -> 2.2.3
samba: upgrade 4.18.1 -> 4.18.2
ser2net: upgrade 4.3.11 -> 4.3.12
sip: upgrade 6.7.8 -> 6.7.9
Wentao Zhang (2):
jemalloc: include the missing shell scripts and source the corresponds shell scripts for some test cases.
nss: fix failed test of nss.
Wolfgang Meyer (2):
qrencode: add PACKAGECONFIG for command line tools
qrencode: enable native build
Yi Zhao (1):
samba: upgrade 4.18.0 -> 4.18.1
Yogita Urade (1):
dlt-daemon: fix CVE-2023-26257
Zoltán Böszörményi (2):
hplip: Fix installation and QA
libgusb: Allow building in native mode
poky: 0907793d5e..cce6db2a59:
Alex Kiernan (2):
cargo_common.bbclass: Support local github repos
rust: Upgrade 1.68.1 -> 1.68.2
Alexander Kanavin (5):
rust: do not run separate build/install steps
rust: install llvm item only once
rust: update 1.67.1 -> 1.68.1
ffmpeg: update 5.1.2 -> 6.0
meta/recipes: ensure all recipes have a SUMMARY
Arslan Ahmad (1):
kernel-fitimage: Fix the default dtb config check
Bartosz Golaszewski (5):
python3-pyproject-hooks: add missing run-time dependencies
python3-packaging: add missing run-time dependencies
python3-manifest: add tomllib
python3-manifest: add ensurepip
python3-build: add missing run-time dependencies
Bruce Ashfield (7):
kernel: improve initramfs bundle processing time
linux-yocto/6.1: update to v6.1.23
linux-yocto/5.15: update to v5.15.106
linux-yocto/6.1: update to v6.1.24
linux-yocto/5.15: update to v5.15.107
linux-yocto/6.1: update to v6.1.25
linux-yocto/5.15: update to v5.15.108
Chen Qi (1):
bitbake: runqueue: fix PSI check calculation
Chris Elledge (1):
busybox: move hwclock init earlier in startup
Denys Dmytriyenko (2):
xz: upgrade 5.4.1 -> 5.4.2
grep: upgrade 3.9 -> 3.10
Dit Kozmaj (2):
wic: use part_name when defined
selftest: wic: Add test for --part-name argument
Dmitry Baryshkov (1):
linux-firmware: upgrade 20230210 -> 20230404
Enrico Jörns (10):
oeqa/selftest/cases/runqemu: update imports
oeqa/targetcontrol: fix misspelled RuntimeError
oeqa/targetcontrol: do not set dump_host_cmds redundantly
oeqa/targetcontrol: remove unused imports
oeqa/utils/commands: fix usage of undefined EPIPE
oeqa/utils/commands: remove unused imports
oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output
oeqa/utils/qemurunner: limit precision of timing debugging output
oeqa/utils/qemurunner: fix undefined TimeoutExpired
oeqa: whitespace and indentation cleanups
Enrico Scholz (2):
bitbake: fetch2/crate: create versioned 'name' entries
bitbake: cooker: do not abort on single ctrl-c
Fabio Estevam (1):
u-boot: Upgrade to 2023.04
Frank WOLFF (1):
logrotate: add ptest support
Frederic Martinsons (6):
cargo_common.bbclass: add support of user in url for patch
devtool: add support for multiple git url inside a cargo based recipe
patch: support of git patches when the source uri contained subpath parameter
meta-selftest: provide a recipe for zvariant
cargo-update-recipe-crates: force name overrides
bitbake: fetch2: Display all missing checksum at once
Geoffrey GIRY (1):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
Jan Vermaete (1):
cve-update-nvd2-native: added the missing http import
Kai Kang (2):
libnotify: remove dependency dbus
bitbake: bitbake: ConfHandler: Allow variable flag name with a single character
Khem Raj (16):
e2fsprogs: Define 64bit off_t on rv32
ffmpeg: Disable asm and rvv on riscv32
cargo: Fix build on musl/riscv
musl: Update to latest trunk
systemd: Refresh a musl patch to remove patch-fuzz with 253.3
musl-locales: Add Canadian French (fr_CA) locale support
gawk: Disable known ptest fails on musl
gawk: Remove redundant patch
gawk: Add skipped.txt to emit test to ignore
libxml2: Disable icu tests on musl
apt-util: Fix ptest on musl
lua: Disable locale dependent tests on musl
attr: Disable attr.test on musl
acl: Disable misc.test on musl
fts: Fix typo in summary
m4: Do not munge locale in ptests for musl
Lee Chee Yang (2):
migration-guides: add release-notes for 4.0.9
release-notes-4.2: update RC3 changes
Luca Ceresoli (1):
devicetree.bbclass: fix typo
Marek Vasut (1):
cpio: Fix wrong CRC with ASCII CRC for large files
Mark Asselstine (2):
oeqa/selftest/bblogging: uncomment python stdout checks
python3-psutil: fix-up -tests runtime dependencies
Mark Hatle (1):
sanity.bbclass: Update minimum gcc version to 8.0
Markus Volk (1):
at-spi2-core: update 2.46.0 -> 2.48.0
Marta Rybczynska (1):
cve-update-nvd2-native: new CVE database fetcher
Martin Jansa (8):
selftest: imagefeatures.py: don't mix tabs and spaces for indentation
selftest: runqemu: better check for ROOTFS: in the log
selftest: runqemu: use better error message when asserts fail
runqemu: respect IMAGE_LINK_NAME
python3-cryptography-crates.inc: regenerate with updated bbclass
python3-bcrypt-crates.inc: regenerate with updated bbclass
selftest: efibootpartition.py: fix QEMU_USE_KVM usage
populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override
Michael Opdenacker (20):
manuals: update disk space requirements
manuals: add rm_work disk space data
manuals: add minimum RAM requirements
ref-manual: release-process.rst: update testing section
ref-manual: release-process.rst: major updates
manuals: add "LTS" term
manuals: improve and fix target for supported distros
ref-manual: variables: document VOLATILE_TMP_DIR
migration-guides: update 4.2 migration and release notes
ref-manual: classes.rst: document devicetree.bbclass
ref-manual: remove unused and obsolete file
ref-manual: variables.rst: add wikipedia shortcut for "getty"
overview-manual: update section about source archives
manuals: document SPDX_CUSTOM_ANNOTATION_VARS
overview-manual: development-environment: update text and screenshots
ref-manual: add "Mixin" term
migration-guides: release-notes-4.0.9.rst: add missing SPDX info
migration-guides: fixes and improvements to 4.2 release notes
manuals: expand init manager documentation
ref-manual: variables.rst: document KERNEL_DANGLING_FEATURES_WARN_ONLY
Mikko Rapeli (2):
oeqa ping.py: avoid busylooping failing ping command
oeqa ping.py: fail test if target IP address has not been set
Mingli Yu (3):
report-error: catch Nothing PROVIDES error
bitbake: event: add bb.event.ParseError
report-error: make it catch ParseError error
Ola x Nilsson (2):
patch.py: Use shlex instead of deprecated pipe
package: Use shlex instead of deprecated pipe
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Paul Eggleton (20):
bitbake: bitbake-user-manual: document BB_CACHEDIR
bitbake: bitbake-user-manual: add addpylib and BB_GLOBAL_PYMODULES
bitbake: bitbake-user-manual: add BB_HASH_CODEPARSER_VALS
ref-manual: add new SDK_ZIP_OPTIONS variable
ref-manual: Add new RUST_CHANNEL variable
ref-manual: update for IMAGE_MACHINE_SUFFIX addition
dev/ref-manual: Remove references to INC_PR
ref-manual: add BB_CACHEDIR
migration-guides: Add coverage of addpylib directive
ref-manual: Remove references to package_tar class
ref-manual: add missing QA checks from previous releases
ref-manual: document new patch-status-* QA checks
ref-manual: add FIT_CONF_DEFAULT_DTB
ref-manual: add section link also to buildtools-extended entry
ref-manual: add SDK_ARCHIVE_TYPE
ref-manual: move Initramfs entry from variables to terms
dev/ref-manual: Document INIT_MANAGER
migration-guides: extend migration guide for 4.2
release-notes-4.1: fix some CVE links
release-notes-4.2: add release notes
Pavel Zhukov (2):
scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2
scripts/runqemu: Add possibility to disable network
Pawan Badganchi (1):
tiff: Add fix for CVE-2022-4645
Peter Kjellerstedt (1):
cargo-update-recipe-crates.bbclass: Do not add name= to crate:// URIs
Petr Kubizňák (12):
harfbuzz: depend on glib-2.0-native
json-glib: depend on glib-2.0-native
libgudev: depend on glib-2.0-native
at-spi2-core: depend on glib-2.0-native
avahi: add missing dependencies
graphene: add gobject-types PACKAGECONFIG
python3-pygobject: depend on gobject-introspection
gconf: add missing dependencies
webkitgtk: add missing dependencies
libnotify: depend on glib-2.0-native
vte: depend on glib-2.0-native
gobject-introspection: reduce dependencies
Piotr Łobacz (1):
libarchive: Enable acls, xattr for native as well as target
Qiu Tingting (1):
coreutils: Delete gcc sysroot parameter for ptest on target
Randolph Sapp (1):
wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
Richard Purdie (11):
oeqa/loader: Ensure module names don't contain uppercase characters
zvariant: Exclude from world for now to avoid reproducibility issues
xdg-utils: Add a patch for CVE-2020-27748
cve-extra-exclusions.inc: Exclude some issues not present in linux-yocto
xdg-utils: Fix CVE number
bitbake: bitbake: Bump to version 2.4.0
build-appliance-image: Update to master head revision
poky.conf: Bump version for 4.2 mickledore release
build-appliance-image: Update to master head revision
build-appliance-image: Update to master head revision
cve-exclusions: Document some further linux-yocto CVE statuses
Ross Burton (11):
llvm: remove redundant CMake variables
libgit2: clean up CMake variables
webkitgtk: clean up Python variables
oeqa/runtime: clean up deprecated backslash expansion
classes-recipe/setuptools3-base: clean up FILES assignments
bind: don't package non-existant .la files into -staticdev
gstreamer1.0-plugins: package the internal libraries explicitly
Increase minimum GCC version to 8.0
machine/qemuarm*: don't explicitly set vmalloc
screen: backport fix for CVE-2023-24626
go: backport fix for CVE-2023-24537
Soumya (1):
shadow: Fix can not print full login timeout message
Svend Meyland Nicolaisen (1):
bitbake: npmsw fetcher: Avoid instantiating Fetch class if url list is empty
Thomas De Schampheleire (3):
qemu: make tracetool-generated output reproducible
qemu: retain default trace backend if 'ust' is not enabled
qemu: rename deprecated --enable-trace-backend configure option
Thomas Roos (2):
oeqa/selftest: Use SSTATE_DIR of parent build dir
oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set
Tobias Hagelborn (1):
lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign
Ulrich Ölmann (3):
kernel-dev: fix typos
ref-manual: classes.rst: fix typo
bitbake: bitbake-user-manual: fix BB_RUNFMT's default value
Wang Mingyu (46):
apr: upgrade 1.7.2 -> 1.7.3
bind: upgrade 9.18.12 -> 9.18.13
cracklib: upgrade 2.9.10 -> 2.9.11
libhandy: upgrade 1.8.1 -> 1.8.2
libpcap: upgrade 1.10.3 -> 1.10.4
libsdl2: upgrade 2.26.3 -> 2.26.5
libsoup: upgrade 3.2.2 -> 3.4.0
mpg123: upgrade 1.31.2 -> 1.31.3
acpica: upgrade 20220331 -> 20230331
ccache: upgrade 4.7.4 -> 4.8
libcap: upgrade 2.67 -> 2.68
man-pages: upgrade 6.03 -> 6.04
mtools: upgrade 4.0.42 -> 4.0.43
pango: upgrade 1.50.13 -> 1.50.14
ruby: upgrade 3.2.1 -> 3.2.2
spirv-headers: upgrade 1.3.239.0 -> 1.3.243.0
spirv-tools: upgrade 1.3.239.0 -> 1.3.243.0
sqlite3: upgrade 3.41.0 -> 3.41.2
texinfo: upgrade 7.0.2 -> 7.0.3
wayland: upgrade 1.21.0 -> 1.22.0
wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
xserver-xorg: upgrade 21.1.7 -> 21.1.8
xwayland: upgrade 22.1.8 -> 23.1.1
vala: upgrade 0.56.4 -> 0.56.6
python3-cython: upgrade 0.29.33 -> 0.29.34
python3-hypothesis: upgrade 6.68.2 -> 6.71.0
python3-importlib-metadata: upgrade 6.0.0 -> 6.2.0
python3-installer: upgrade 0.6.0 -> 0.7.0
python3-markdown: upgrade 3.4.1 -> 3.4.3
python3-pathspec: upgrade 0.11.0 -> 0.11.1
python3-pygobject: upgrade 3.42.2 -> 3.44.1
python3-pyopenssl: upgrade 23.0.0 -> 23.1.1
python3-pytz: upgrade 2022.7.1 -> 2023.3
python3-setuptools: upgrade 67.6.0 -> 67.6.1
mesa: upgrade 23.0.0 -> 23.0.2
systemd: upgrade 253.1 -> 253.3
libgit2: upgrade 1.6.3 -> 1.6.4
libsolv: upgrade 0.7.23 -> 0.7.24
libxml2: upgrade 2.10.3 -> 2.10.4
boost: upgrade 1.81.0 -> 1.82.0
ofono: upgrade 2.0 -> 2.1
python3-dtschema: upgrade 2023.1 -> 2023.4
python3-packaging: upgrade 23.0 -> 23.1
python3-pytest: upgrade 7.2.2 -> 7.3.1
stress-ng: upgrade 0.15.06 -> 0.15.07
gdb: Fix conflict of sframe-spec.info
Wentao Zhang (1):
python3: Fix failing sysconfig.py test on x86(64 bit) using lib64 as baselib by updating test_sysconfig for posix_user purelib
Xiangyu Chen (1):
shadow: backport patch to fix CVE-2023-29383
Yoann Congal (4):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
cve-exclusions_6.1: ignore patched CVE-2022-38457 & CVE-2022-40133
cve-extra-exclusion: ignore disputed CVE-2023-23005
cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829
Zhixiong Chi (1):
libpam: Fix the xtests/tst-pam_motd[1|3] failures
bkylerussell@gmail.com (1):
kernel-devsrc: depend on python3-core instead of python3
meta-raspberrypi: 3afdbbf782..bf948e0aa8:
Jesse Visser (2):
recipe-bsp: Add support for Raspberry Pi Camera Module v3
docs: Update extra build config Raspberry Pi Camera Module section
Rodrigo M. Duarte (1):
python3-adafruit-blinka: Fix the correct python recipes path in dynamic-layer sub-dir
meta-arm: 9b6c8c95e4..c60d7865dd:
Adam Johnston (3):
arm-bsp/optee: Update OP-TEE TA devkit to 3.20 for N1SDP
CI: Remove ts-smm-gateway from N1SDP
arm-bsp/trusted-firmware-a: Update N1SDP to v2.8.0
Denys Dmytriyenko (4):
optee-os-tadevkit: remove old unused patches
optee-client: add 3.20.0 version
optee-test: add 3.20.0 version
optee-examples: add 3.20.0 version
Emekcan Aras (4):
arm-bsp/trusted-firmware-m: apply patches correctly from external repos
arm-bsp/trusted-firmware-m: Switch to TF-M BL1 in Corstone1000
arm-bsp/corstone1000: add OTP config for fvp
arm-bsp/trusted-firmware-m: Increase assets number for corstone1000
Jon Mason (8):
CI: dev kernel allow failure
arm/linux-yocto: remove IP_VS config fragment
CI: update to the latest kas version
CI: track mickledore branch
arm-bsp/tc1: Fix signed u-boot
arm-bsp/tc1: Add FVP support
arm/trusted-firmware-m-scripts: relocate to tfm directory
arm-bsp/tc1: disable signed kernel image
Peter Hoyes (1):
arm/scp-firmware: Add support for components other than SCP, MCP
Ross Burton (8):
arm/scp-firmware: add recipe for 2.11
arm-bsp/scp-firmware: move all machines to SCP 2.11
arm/scp-firmware: remove 2.10 recipe
arm/trusted-firmware-m: add the tf-m-extras repository that some machines need
arm/trusted-firmware-m: clean up environment flags
arm/trusted-firmware-m: package .elf files in PN-dbg
arm-bsp/trusted-firmware-m: enable for Total Compute on RSS
CI: add TF-M to TC build
Rui Miguel Silva (1):
arm-bsp/corstone1000: tf-m set/get fwu, private metadata using gpt
Xueliang Zhong (3):
arm-bsp/n1sdp-board-firmware: update to newer SHA
arm-bsp/optee-os: N1SDP support for optee-os 3.20
arm-bsp/n1sdp: use edk2-firmware 202211 version
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I68eb48f27b781da34c4a7636f9b3bb1507b46416
diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
index a281a8a..0ca75ba 100644
--- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -136,6 +136,16 @@
# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
CVE_CHECK_IGNORE += "CVE-2022-1462"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2196
+# Introduced in version v5.8 5c911beff20aa8639e7a1f28988736c13e03ed54
+# Breaking commit backported in v5.4.47 64b8f33b2e1e687d465b5cb382e7bec495f1e026
+# Patched in kernel since v6.2 2e7eab81425ad6c875f2ed47c0ce01e78afc38a5
+# Backported in version v5.4.233 f93a1a5bdcdd122aae0a3eab7a52c15b71fb725b
+# Backported in version v5.10.170 1b0cafaae8884726c597caded50af185ffc13349
+# Backported in version v5.15.96 6b539a7dbb49250f92515c2ba60aea239efc9e35
+# Backported in version v6.1.14 63fada296062e91ad9f871970d4e7f19e21a6a15
+CVE_CHECK_IGNORE += "CVE-2022-2196"
+
# https://nvd.nist.gov/vuln/detail/CVE-2022-2308
# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
@@ -169,6 +179,15 @@
# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
CVE_CHECK_IGNORE += "CVE-2022-3176"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3424
+# Introduced in version v2.6.33 55484c45dbeca2eec7642932ec3f60f8a2d4bdbf
+# Patched in kernel since v6.2 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
+# Backported in version v5.4.229 0078dd8758561540ed30b2c5daa1cb647e758977
+# Backported in version v5.10.163 0f67ed565f20ea2fdd98e3b0b0169d9e580bb83c
+# Backported in version v5.15.86 d5c8f9003a289ee2a9b564d109e021fc4d05d106
+# Backported in version v6.1.2 4e947fc71bec7c7da791f8562d5da233b235ba5e
+CVE_CHECK_IGNORE += "CVE-2022-3424"
+
# https://nvd.nist.gov/vuln/detail/CVE-2022-3435
# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
@@ -365,6 +384,14 @@
# 2023
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0179
+# Patched in kernel since v6.2 696e1a48b1a1b01edad542a1ef293665864a4dd0
+# Backported in version v5.10.164 550efeff989b041f3746118c0ddd863c39ddc1aa
+# Backported in version v5.15.89 a8acfe2c6fb99f9375a9325807a179cd8c32e6e3
+# Backported in version v6.1.7 76ef74d4a379faa451003621a84e3498044e7aa3
+CVE_CHECK_IGNORE += "CVE-2023-0179"
+
# https://nvd.nist.gov/vuln/detail/CVE-2023-0266
# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
# Patched in kernel since v6.2 56b88b50565cd8b946a2d00b0c83927b7ebb055e
@@ -381,6 +408,129 @@
# Backported in version v6.1.7 0afa5f0736584411771299074bbeca8c1f9706d4
CVE_CHECK_IGNORE += "CVE-2023-0394"
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0461
+# Introduced in version v4.13 734942cc4ea6478eed125af258da1bdbb4afe578
+# Patched in kernel since v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c
+# Backported in version v5.4.229 c6d29a5ffdbc362314853462a0e24e63330a654d
+# Backported in version v5.10.163 f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0
+# Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6
+# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c
+CVE_CHECK_IGNORE += "CVE-2023-0461"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0386
+# Introduced in 5.11 459c7c565ac36ba09ffbf24231147f408fde4203
+# Patched in kernel v6.2 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3
+# Backported in version 6.1.9 42fea1c35254c49cce07c600d026cbc00c6d3c81
+# Backported in version 5.15.91 e91308e63710574c4b6a0cadda3e042a3699666e
+CVE_CHECK_IGNORE += "CVE-2023-0386"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1073
+# Introduced in v3.16 1b15d2e5b8077670b1e6a33250a0d9577efff4a5
+# Patched in kernel v6.2 b12fece4c64857e5fab4290bf01b2e0317a88456
+# Backported in version 5.10.166 5dc3469a1170dd1344d262a332b26994214eeb58
+# Backported in version 5.15.91 2b49568254365c9c247beb0eabbaa15d0e279d64
+# Backported in version 6.1.9 cdcdc0531a51659527fea4b4d064af343452062d
+CVE_CHECK_IGNORE += "CVE-2023-1073"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1074
+# Patched in kernel v6.2 458e279f861d3f61796894cd158b780765a1569f
+# Backported in version 5.15.91 3391bd42351be0beb14f438c7556912b9f96cb32
+# Backported in version 6.1.9 9f08bb650078dca24a13fea1c375358ed6292df3
+CVE_CHECK_IGNORE += "CVE-2023-1074"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1076
+# Patched in kernel v6.3 a096ccca6e503a5c575717ff8a36ace27510ab0a
+# Backported in version v5.4.235 d92d87000eda9884d49f1acec1c1fccd63cd9b11
+# Backported in version v5.10.173 9a31af61f397500ccae49d56d809b2217d1e2178
+# Backported in version v5.15.99 67f9f02928a34aad0a2c11dab5eea269f5ecf427
+# Backported in version v6.1.16 b4ada752eaf1341f47bfa3d8ada377eca75a8d44
+# Backported in version v6.2.3 4aa4b4b3b3e9551c4de2bf2987247c28805fb8f6
+CVE_CHECK_IGNORE += "CVE-2023-1076"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1077
+# Patched in kernel 6.3rc1 7c4a5b89a0b5a57a64b601775b296abf77a9fe97
+# Backported in version 5.15.99 2c36c390a74981d03f04f01fe7ee9c3ac3ea11f7
+# Backported in version 6.1.16 6b4fcc4e8a3016e85766c161daf0732fca16c3a3
+CVE_CHECK_IGNORE += "CVE-2023-1077"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1078
+# Patched in kernel 6.2 f753a68980cf4b59a80fe677619da2b1804f526d
+# Backported in version 5.15.94 528e3f3a4b53df36dafd10cdf6b8c0fe2aa1c4ba
+# Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3
+CVE_CHECK_IGNORE += "CVE-2023-1078"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1079
+# Patched in kernel since v6.3-rc1 4ab3a086d10eeec1424f2e8a968827a6336203df
+# Backported in version v5.4.235 dd08e68d04d08d2f42b09162c939a0b0841216cc
+# Backported in version v5.10.173 21a2eec4a440060a6eb294dc890eaf553101ba09
+# Backported in version v5.15.99 3959316f8ceb17866646abc6be4a332655407138
+# Backported in version v6.1.16 ee907829b36949c452c6f89485cb2a58e97c048e
+# Backported in version v6.2.3 b08bcfb4c97d7bd41b362cff44b2c537ce9e8540
+CVE_CHECK_IGNORE += "CVE-2023-1079"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1118
+# Introduced in version v2.6.36 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6
+# Patched in kernel since v6.3-rc1 29b0589a865b6f66d141d79b2dd1373e4e50fe17
+# Backported in version v5.4.235 d120334278b370b6a1623a75ebe53b0c76cb247c
+# Backported in version v5.10.173 78da5a378bdacd5bf68c3a6389bdc1dd0c0f5b3c
+# Backported in version v5.15.99 29962c478e8b2e6a6154d8d84b8806dbe36f9c28
+# Backported in version v6.1.16 029c1410e345ce579db5c007276340d072aac54a
+# Backported in version v6.2.3 182ea492aae5b64067277e60a4ea5995c4628555
+CVE_CHECK_IGNORE += "CVE-2023-1118"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1281
+# Introduced in version v4.14 9b0d4446b56904b59ae3809913b0ac760fa941a6
+# Patched in kernel since v6.2 ee059170b1f7e94e55fa6cadee544e176a6e59c2
+# Backported in version v5.10.169 eb8e9d8572d1d9df17272783ad8a84843ce559d4
+# Backported in version v5.15.95 becf55394f6acb60dd60634a1c797e73c747f9da
+# Backported in version v6.1.13 bd662ba56187b5ef8a62a3511371cd38299a507f
+CVE_CHECK_IGNORE += "CVE-2023-1281"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1513
+# Patched in kernel since v6.2 2c10b61421a28e95a46ab489fd56c0f442ff6952
+# Backported in version v5.4.232 9f95a161a7deef62d6d2f57b1a69f94e0546d8d8
+# Backported in version v5.10.169 6416c2108ba54d569e4c98d3b62ac78cb12e7107
+# Backported in version v5.15.95 35351e3060d67eed8af1575d74b71347a87425d8
+# Backported in version v6.1.13 747ca7c8a0c7bce004709143d1cd6596b79b1deb
+CVE_CHECK_IGNORE += "CVE-2023-1513"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1652
+# Patched in kernel since v6.2 e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd
+# Backported in version v5.15.91 0a27dcd5343026ac0cb168ee63304255372b7a36
+# Backported in version v6.1.9 32d5eb95f8f0e362e37c393310b13b9e95404560
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1652
+# Ref: Debian kernel-sec team: https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/retired/CVE-2023-1652
+CVE_CHECK_IGNORE += "CVE-2023-1652"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1829
+# Patched in kernel since v6.3-rc1 8c710f75256bb3cf05ac7b1672c82b92c43f3d28
+# Backported in version v5.4.235 7a6fb69bbcb21e9ce13bdf18c008c268874f0480
+# Backported in version v5.10.173 18c3fa7a7fdbb4d21dafc8a7710ae2c1680930f6
+# Backported in version v5.15.100 7c183dc0af472dec33d2c0786a5e356baa8cad19
+# Backported in version v6.1.18 3abebc503a5148072052c229c6b04b329a420ecd
+# Backported in version v6.2.5 372ae77cf11d11fb118cbe2d37def9dd5f826abd
+# Ref: https://www.linuxkernelcves.com/cves/CVE-2023-1829
+# Ref: Debian kernel-sec team : https://salsa.debian.org/kernel-team/kernel-sec/-/blob/1fa77554d4721da54e2df06fa1908a83ba6b1045/active/CVE-2023-1829
+CVE_CHECK_IGNORE += "CVE-2023-1829"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-23005
+# Introduced in version v6.1 7b88bda3761b95856cf97822efe8281c8100067b
+# Patched in kernel since v6.2 4a625ceee8a0ab0273534cb6b432ce6b331db5ee
+# But, the CVE is disputed:
+# > NOTE: this is disputed by third parties because there are no realistic cases
+# > in which a user can cause the alloc_memory_type error case to be reached.
+# See: https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2
+# We can safely ignore it.
+CVE_CHECK_IGNORE += "CVE-2023-23005"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-28466
+# Introduced in version v4.13 3c4d7559159bfe1e3b94df3a657b2cda3a34e218
+# Patched in kernel since v6.3-rc2 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
+# Backported in version v5.15.105 0b54d75aa43a1edebc8a3770901f5c3557ee0daa
+# Backported in version v6.1.20 14c17c673e1bba08032d245d5fb025d1cbfee123
+# Backported in version v6.2.7 5231fa057bb0e52095591b303cf95ebd17bc62ce
+CVE_CHECK_IGNORE += "CVE-2023-28466"
+
# Wrong CPE in NVD database
# https://nvd.nist.gov/vuln/detail/CVE-2022-3563
# https://nvd.nist.gov/vuln/detail/CVE-2022-3637