subtree updates
meta-security: a397a38ed9..53c5cc794f:
Anton Antonov (2):
Fix PACKAGECONFIG check in Parsec OEQA tests
Flush caches after OEQA tests
Armin Kuster (6):
checksecurity: update to 2.0.16
krill: forced to inclued fetch hashes.
suricata: Fixup to work within the recent crate changes.
suricata: Missed on crate depends
parsec-tool: update SRC_URI hash
parsec-service: fix SRC_URI hash
Gowtham Suresh Kumar (2):
meta-parsec: Disable RSA-OAEP OEQA tests for Parsec PKCS11 backend
parsec-service: Update parsec recipes to 1.2.0 and parsec-tool to 0.6.0
Patrick Williams (1):
libwhisker2-perl: adjust perl-version variable
meta-openembedded: 17243e70c8..c5f330bc9a:
Alex Yao (3):
lcov: Fix Perl Path
lcov: Upgrade 1.14 -> 1.16
lcov: Fix homepage
Ari Parkkila (1):
python3-appdirs: add native and nativesdk to BBCLASSEXTEND
Arsalan H. Awan (1):
meta-networking/licenses/netperf: remove unused license
Bartosz Golaszewski (11):
reboot-mode: put the build artifacts in ${B}
libgpiod: enable all features for ptest
libgpiod: drop unneeded S assignment
libgpiod: generalize the local files directories
libgpiod: update to v2.0.1
python3-gpiod: don't hardcode the project version in recipe
python3-gpiod: add missing run-time dependencies
libgpiod: install the libgpiosim header
python3-gpiod: fetch sources from pypi
libgpiod: fold libgpiod-src.inc into libgpiod.inc
libgpiod: remove test executables from ${bindir}
Chen Qi (1):
android-tools: fix systemd service setting
Enrico Scholz (1):
sox: remove ffmpeg dependency
Etienne Cordonnier (4):
uutils-coreutils: Add crates checksum
uutils-coreutils: remove obsolete comment
uutils-coreutils: upgrade 0.0.17 -> 0.0.18
uutils-coreutils: disable musl support
Ever ATILANO (4):
meta-python: python3-path: Add ptest
meta-python: python3-lorem: Add ptest
meta-oe: recipes-support: dc: Add ptest
meta-oe: recipes-extended: bitwise: Add ptest
Gianfranco Costamagna (1):
vbxguestdrivers: upgrade 7.0.4 -> 7.0.8
Jasper Orschulko (1):
python3-gcovr: Add missing runtime dependency
Jayanth Othayoth (1):
etcd-cpp-apiv3: add recipe
Johannes Kirchmair (1):
redirect unwanted error message in nginx install
Johannes Pointner (1):
python3-pyzstd: add new recipe
Kai Kang (16):
xfce4-taskmanager: 1.5.2 -> 1.5.5
xfce4-terminal: 1.0.0 -> 1.0.4
syslog-ng: not deliver syslog-ng-update-virtualenv
xfce4-notifyd: 0.6.3 -> 0.8.2
xfce4-screenshooter: 1.9.10 -> 1.10.3
thunar: 4.18.0 -> 4.18.4
thunar-media-tags-plugin: 0.3.0 -> 0.4.0
libxfce4util: 4.18.0 -> 4.18.1
libxfce4ui: 4.18.0 -> 4.18.3
xfce4-settings: 4.18.0 -> 4.18.2
xfce4-session: 4.18.0 -> 4.18.2
xfce4-panel: 4.18.0 -> 4.18.3
thunar-archive-plugin: 0.5.0 -> 0.5.1
xfce4-power-manager: 4.18.0 -> 4.18.1
garcon: 4.18.0 -> 4.18.1
xfce4-screensaver: 4.16.0 -> 4.18.1
Khem Raj (36):
krb5: Fix build with autoconf 2.72
cyrus-sasl: Fix autoconf patch to work with new autoconf 2.72
gmime: Update to 3.2.13
imagemagick: Update to 7.1.1
mpv: Upgrade to 0.35.1
fwknop: Use pkg-config instead of gpgme-config
fwknop: Fix AS_IF configure syntax
libstemmer: Update to 2.2.0
libidn: Update largefile m4 macros
emacs: Fix build with autconf 2.72+
ptest-packagelists-meta-oe: Remove minicoredumper from PTESTS_FAST_META_OE on musl
poco: Remove pushd/popd from run-ptest
surf: Fix build with gtkwebkit 2.40
libio-pty-perl: Fix build with musl/clang
meta-gnome: Update patch status for several recipes
libnet-ssleay-perl: Fix patch upstream status
meta-xfce: Fix missing upstream status in patches
meta-multimedia: Fix missing upstream status in several patches
meta-webserver: Fix missing upstream status on patches
babl: Drop clang10 workaround for mips/rv64
babl: Package /usr/lib/babl-0.1/ directory
libtinyxml2: Add ptest support
ptest-packagelists-meta-oe: Add libtinyxml2
minifi-cpp: Always use stat on 64bit linux
libdnet: Upgrade to 1.16.3
python3-pyruvate: regenerate with updated bbclass
monkey,webmin: Fix upstream patch status
python3-pyruvate: Upgrade to 1.2.1
onig: Ignore .debug directories while finding ptests
python3-h5py: Fix TMPDIR references in dbg files
python3-pandas: Fix TMPDIR references in dbg files
fwupd: Do not emit build time paths into generated headers
libcereal: Fix TMPDIR leaking into debug_str section
xmlrpc-c: Upgrade to 1.59.01
grilo: Fix buildpaths in generated header file
python3-click: Fix ptest failure
Leon Anavi (2):
libpcsc-perl: Add recipe
pcsc-tools: Add runtime dependencies
Linus Jacobson (1):
khronos-cts: Replace wayland feature dependancy with vulkan
Markus Volk (40):
nv-codec-headers: add clean target to Makefile
flatpak: update 1.15.3 -> 1.15.4
libcamera: re-introduce fix for gcc-13
polkit-gnome: add recipe
eog: update 43.2 -> 44.0
evince: update 43.1 -> 44.0
gdm: update 43.0 -> 44.0
gnome-calculator: update 43.0.1 -> 44.0
gnome-calendar: update 43.1 -> 44.0
gnome-desktop: update 43 -> 44.0
gnome-disk-utility: update 43.0 -> 44.0
gnome-font-viewer: update 43.0 -> 44.0
gnome-online-accounts: update 3.46.0 -> 3.48.0
gnome-photos: update 43.0 -> 44.0
gnome-session: update 43.0 -> 44.0
gnome-settings-daemon: update 43.0 -> 44.0
gnome-shell-extensions: update 43.1 -> 44.0
gnome-software: update 43.4 -> 44.0
gnome-terminal: update 3.46.7 -> 3.48.0
gnome-text-editor: update 43.1 -> 44.0
tracker-miners: update 3.4.2 -> 3.5.0
zenity: update 3.43.0 -> 3.44.0
xdg-desktop-portal-gnome: update 43.1 -> 44.0
gedit: update 43.2 -> 44.2
evolution-data-server: build oauth with gtk+3
file-roller: set cpio path manually
libdecor: update 1.1.0 -> 1.1.99
freerdp: set PROXY_PLUGINDIR
libnfs: add recipe
pipewire: update 0.3.67 -> 0.3.68
iwd: update 2.3 -> 2.4
mozjs: update 102.5.0 -> 102.9.0
glibmm: fix reproducibility issues
adw-gtk3: add recipe
xdg-desktop-portal-wlr: update
pipewire: remove 'inherit gsettings'
polkit: update SRC_URI
webp-pixbuf-loader: update 0.2.0 -> 0.2.4
udisks2: add PACKAGECONFIGs for btrfs,lvm2 and lsm
pipewire: update 0.3.68 -> 0.3.70
Martin Jansa (7):
zsh: fix installed-vs-shipped with multilib
restinio: fix S variable in multilib builds
mongodb: fix chown user for multilib builds
pahole: respect libdir
lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
dleyna-{server,renderer}: fix dev-so QA issue with multilib
lirc: fix do_install with multilib
Mingli Yu (2):
mcelog: improve the ptest output
php: Fix GCC 12 -Og
Peter Johennecken (1):
nginx: added packagegroup for webdav module
Peter Kjellerstedt (5):
python3-crc32c: Correct the license information
paho-mqtt-cpp: Improve the license information
autossh: Correct the license information
paho-mqtt-c: Improve the license information
recipes: Remove double protocol= from SRC_URIs
Peter Marko (1):
ntp: whitelist CVE-2019-11331
Petr Gotthard (2):
cockpit: upgrade 276 -> 289
nftables: upgrade 1.0.6 -> 1.0.7
Randolph Sapp (1):
glfw: add packageconfig and wayland dependencies
Steffen Trumtrar (3):
openocd: 0.11->0.12
openocd: fix jimtcl url
openocd: enable jtag-vpi and buspirate
Tim Orling (11):
cli11: do not inherit ptest
span-lite: do not inherit ptest
ptest-packagelists-meta-oe.inc: add ptest recipes
meta-oe-ptest*-image: enable BBCLASSEXTEND parallel execution
ptest-packagelists-meta-python.inc: add ptest recipes
meta-python-ptest*-image: enable BBCLASSEXTEND parallel execution
python3-aspectlib: fix ptest
ptest-packagelists-meta-perl.inc: add ptest recipes
recipes-perl/packagegroups: move to recipes-core/
recipes-perl/images: move to recipes-core
meta-perl-ptest*-image: enable BBCLASSEXTEND parallel execution
Ulrich Ölmann (1):
jwt-cpp: enable usage in an SDK
Valeria Petrov (1):
apache2: upgrade 2.4.56 -> 2.4.57
Virendra Thakur (2):
p7zip: fix for CVE-2018-5996
p7zip: Fix for CVE-2016-9296
Wang Mingyu (117):
abseil-cpp: upgrade 20230125.1 -> 20230125.2
libbytesize: upgrade 2.7 -> 2.8
gegl: upgrade 0.4.42 -> 0.4.44
ctags: upgrade 6.0.20230319.0 -> 6.0.20230402.0
libdeflate: upgrade 1.17 -> 1.18
libldb: upgrade 2.7.1 -> 2.7.2
ndisc6: upgrade 1.0.6 -> 1.0.7
libpfm4: upgrade 4.12.0 -> 4.13.0
libtraceevent: upgrade 1.7.1 -> 1.7.2
nginx: upgrade 1.23.3 -> 1.23.4
links: upgrade 2.28 -> 2.29
python3-pyproj: upgrade 3.4.1 -> 3.5.0
ostree: upgrade 2023.1 -> 2023.2
openvpn: upgrade 2.6.1 -> 2.6.2
python3-aenum: upgrade 3.1.11 -> 3.1.12
python3-argcomplete: upgrade 3.0.0 -> 3.0.5
python3-cassandra-driver: upgrade 3.25.0 -> 3.26.0
python3-astroid: upgrade 2.15.0 -> 2.15.1
python3-cmake: upgrade 3.26.0 -> 3.26.1
python3-dateparser: upgrade 1.1.7 -> 1.1.8
python3-google-api-python-client: upgrade 2.81.0 -> 2.83.0
python3-elementpath: upgrade 4.0.1 -> 4.1.0
python3-googleapis-common-protos: upgrade 1.58.0 -> 1.59.0
python3-httplib2: upgrade 0.21.0 -> 0.22.0
python3-google-auth: upgrade 2.16.2 -> 2.17.1
python3-ipython: upgrade 8.11.0 -> 8.12.0
python3-imageio: upgrade 2.26.0 -> 2.27.0
python3-pychromecast: upgrade 13.0.4 -> 13.0.6
python3-jdatetime: upgrade 4.1.0 -> 4.1.1
python3-luma-oled: upgrade 3.11.0 -> 3.12.0
python3-pydantic: upgrade 1.10.6 -> 1.10.7
python3-pymodbus: upgrade 3.2.1 -> 3.2.2
python3-pymisp: upgrade 2.4.169.2 -> 2.4.169.3
python3-pywbemtools: upgrade 1.1.1 -> 1.2.0
python3-redis: upgrade 4.5.1 -> 4.5.4
python3-regex: upgrade 2022.10.31 -> 2023.3.23
python3-typeguard: upgrade 3.0.1 -> 3.0.2
python3-sentry-sdk: upgrade 1.17.0 -> 1.18.0
python3-rich: upgrade 13.3.2 -> 13.3.3
python3-watchdog: upgrade 2.3.1 -> 3.0.0
feh: upgrade 3.9.1 -> 3.10
c-periphery: upgrade 2.3.1 -> 2.4.0
grilo-plugins: upgrade 0.3.15 -> 0.3.16
hwdata: upgrade 0.368 -> 0.369
hwloc: upgrade 2.9.0 -> 2.9.1
libconfig-tiny-perl: upgrade 2.28 -> 2.29
mg: upgrade 20221112 -> 20230406
python3-pillow: upgrade 9.4.0 -> 9.5.0
python3-websockets: upgrade 10.4 -> 11.0.1
poppler: upgrade 23.03.0 -> 23.04.0
python3-alembic: upgrade 1.10.2 -> 1.10.3
python3-astroid: upgrade 2.15.1 -> 2.15.2
python3-coverage: upgrade 7.2.2 -> 7.2.3
python3-google-api-python-client: upgrade 2.83.0 -> 2.84.0
python3-google-auth: upgrade 2.17.1 -> 2.17.2
python3-imgtool: upgrade 1.9.0 -> 1.10.0
python3-pychromecast: upgrade 13.0.6 -> 13.0.7
python3-simplejson: upgrade 3.18.4 -> 3.19.1
python3-networkx: upgrade 3.0 -> 3.1
tesseract: upgrade 5.3.0 -> 5.3.1
python3-zeroconf: upgrade 0.47.4 -> 0.55.0
python3-web3: upgrade 6.0.0 -> 6.1.0
python3-sqlalchemy: upgrade 2.0.7 -> 2.0.9
python3-sentry-sdk: upgrade 1.18.0 -> 1.19.1
hdf5: Fix install conflict when enable multilib.
capnproto: upgrade 0.10.3 -> 0.10.4
ctags: upgrade 6.0.20230402.0 -> 6.0.20230416.0
mctp: upgrade 1.0 -> 1.1
php: upgrade 8.2.4 -> 8.2.5
openvpn: upgrade 2.6.2 -> 2.6.3
python3-croniter: upgrade 1.3.8 -> 1.3.14
python3-diskcache: upgrade 5.4.0 -> 5.5.1
python3-cmake: upgrade 3.26.1 -> 3.26.3
python3-elementpath: upgrade 4.1.0 -> 4.1.1
python3-google-api-python-client: upgrade 2.84.0 -> 2.85.0
python3-google-auth: upgrade 2.17.2 -> 2.17.3
python3-protobuf: upgrade 4.22.1 -> 4.22.3
python3-web3: upgrade 6.1.0 -> 6.2.0
python3-rich: upgrade 13.3.3 -> 13.3.4
python3-pymisp: upgrade 2.4.169.3 -> 2.4.170
python3-xlsxwriter: upgrade 3.0.9 -> 3.1.0
python3-zeroconf: upgrade 0.55.0 -> 0.56.0
remmina: upgrade 1.4.29 -> 1.4.30
tbb: upgrade 2021.8.0 -> 2021.9.0
sip: upgrade 6.7.7 -> 6.7.8
tcpdump: upgrade 4.99.3 -> 4.99.4
tcsh: upgrade 6.24.07 -> 6.24.10
evolution-data-server: upgrade 3.48.0 -> 3.48.1
babl: upgrade 0.1.102 -> 0.1.104
gensio: upgrade 2.6.2 -> 2.6.4
libopus: upgrade 1.3.1 -> 1.4
network-manager-applet: upgrade 1.30.0 -> 1.32.0
networkmanager: upgrade 1.42.4 -> 1.42.6
opencl-headers: upgrade 2023.02.06 -> 2023.04.17
c-periphery: upgrade 2.4.0 -> 2.4.1
mbw: upgrade 1.5 -> 2.0
libmodule-build-tiny-perl: upgrade 0.039 -> 0.043
python3-periphery: upgrade 2.3.0 -> 2.4.1
python3-astroid: upgrade 2.15.2 -> 2.15.3
python3-diskcache: upgrade 5.5.1 -> 5.6.1
python3-engineio: upgrade 4.4.0 -> 4.4.1
python3-soupsieve: upgrade 2.4 -> 2.4.1
python3-google-api-python-client: upgrade 2.85.0 -> 2.86.0
python3-mock: upgrade 5.0.1 -> 5.0.2
python3-pyalsaaudio: upgrade 0.9.2 -> 0.10.0
python3-icu: upgrade 2.10.2 -> 2.11
python3-pymisp: upgrade 2.4.170 -> 2.4.170.1
python3-python-vlc: upgrade 3.0.18121 -> 3.0.18122
python3-sentry-sdk: upgrade 1.19.1 -> 1.20.0
python3-pyscaffold: upgrade 4.4 -> 4.4.1
python3-websockets: upgrade 11.0.1 -> 11.0.2
python3-tornado: upgrade 6.2 -> 6.3
redis: upgrade 7.0.10 -> 7.0.11
python3-xmlschema: upgrade 2.2.2 -> 2.2.3
samba: upgrade 4.18.1 -> 4.18.2
ser2net: upgrade 4.3.11 -> 4.3.12
sip: upgrade 6.7.8 -> 6.7.9
Wentao Zhang (2):
jemalloc: include the missing shell scripts and source the corresponds shell scripts for some test cases.
nss: fix failed test of nss.
Wolfgang Meyer (2):
qrencode: add PACKAGECONFIG for command line tools
qrencode: enable native build
Yi Zhao (1):
samba: upgrade 4.18.0 -> 4.18.1
Yogita Urade (1):
dlt-daemon: fix CVE-2023-26257
Zoltán Böszörményi (2):
hplip: Fix installation and QA
libgusb: Allow building in native mode
poky: 0907793d5e..cce6db2a59:
Alex Kiernan (2):
cargo_common.bbclass: Support local github repos
rust: Upgrade 1.68.1 -> 1.68.2
Alexander Kanavin (5):
rust: do not run separate build/install steps
rust: install llvm item only once
rust: update 1.67.1 -> 1.68.1
ffmpeg: update 5.1.2 -> 6.0
meta/recipes: ensure all recipes have a SUMMARY
Arslan Ahmad (1):
kernel-fitimage: Fix the default dtb config check
Bartosz Golaszewski (5):
python3-pyproject-hooks: add missing run-time dependencies
python3-packaging: add missing run-time dependencies
python3-manifest: add tomllib
python3-manifest: add ensurepip
python3-build: add missing run-time dependencies
Bruce Ashfield (7):
kernel: improve initramfs bundle processing time
linux-yocto/6.1: update to v6.1.23
linux-yocto/5.15: update to v5.15.106
linux-yocto/6.1: update to v6.1.24
linux-yocto/5.15: update to v5.15.107
linux-yocto/6.1: update to v6.1.25
linux-yocto/5.15: update to v5.15.108
Chen Qi (1):
bitbake: runqueue: fix PSI check calculation
Chris Elledge (1):
busybox: move hwclock init earlier in startup
Denys Dmytriyenko (2):
xz: upgrade 5.4.1 -> 5.4.2
grep: upgrade 3.9 -> 3.10
Dit Kozmaj (2):
wic: use part_name when defined
selftest: wic: Add test for --part-name argument
Dmitry Baryshkov (1):
linux-firmware: upgrade 20230210 -> 20230404
Enrico Jörns (10):
oeqa/selftest/cases/runqemu: update imports
oeqa/targetcontrol: fix misspelled RuntimeError
oeqa/targetcontrol: do not set dump_host_cmds redundantly
oeqa/targetcontrol: remove unused imports
oeqa/utils/commands: fix usage of undefined EPIPE
oeqa/utils/commands: remove unused imports
oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output
oeqa/utils/qemurunner: limit precision of timing debugging output
oeqa/utils/qemurunner: fix undefined TimeoutExpired
oeqa: whitespace and indentation cleanups
Enrico Scholz (2):
bitbake: fetch2/crate: create versioned 'name' entries
bitbake: cooker: do not abort on single ctrl-c
Fabio Estevam (1):
u-boot: Upgrade to 2023.04
Frank WOLFF (1):
logrotate: add ptest support
Frederic Martinsons (6):
cargo_common.bbclass: add support of user in url for patch
devtool: add support for multiple git url inside a cargo based recipe
patch: support of git patches when the source uri contained subpath parameter
meta-selftest: provide a recipe for zvariant
cargo-update-recipe-crates: force name overrides
bitbake: fetch2: Display all missing checksum at once
Geoffrey GIRY (1):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
Jan Vermaete (1):
cve-update-nvd2-native: added the missing http import
Kai Kang (2):
libnotify: remove dependency dbus
bitbake: bitbake: ConfHandler: Allow variable flag name with a single character
Khem Raj (16):
e2fsprogs: Define 64bit off_t on rv32
ffmpeg: Disable asm and rvv on riscv32
cargo: Fix build on musl/riscv
musl: Update to latest trunk
systemd: Refresh a musl patch to remove patch-fuzz with 253.3
musl-locales: Add Canadian French (fr_CA) locale support
gawk: Disable known ptest fails on musl
gawk: Remove redundant patch
gawk: Add skipped.txt to emit test to ignore
libxml2: Disable icu tests on musl
apt-util: Fix ptest on musl
lua: Disable locale dependent tests on musl
attr: Disable attr.test on musl
acl: Disable misc.test on musl
fts: Fix typo in summary
m4: Do not munge locale in ptests for musl
Lee Chee Yang (2):
migration-guides: add release-notes for 4.0.9
release-notes-4.2: update RC3 changes
Luca Ceresoli (1):
devicetree.bbclass: fix typo
Marek Vasut (1):
cpio: Fix wrong CRC with ASCII CRC for large files
Mark Asselstine (2):
oeqa/selftest/bblogging: uncomment python stdout checks
python3-psutil: fix-up -tests runtime dependencies
Mark Hatle (1):
sanity.bbclass: Update minimum gcc version to 8.0
Markus Volk (1):
at-spi2-core: update 2.46.0 -> 2.48.0
Marta Rybczynska (1):
cve-update-nvd2-native: new CVE database fetcher
Martin Jansa (8):
selftest: imagefeatures.py: don't mix tabs and spaces for indentation
selftest: runqemu: better check for ROOTFS: in the log
selftest: runqemu: use better error message when asserts fail
runqemu: respect IMAGE_LINK_NAME
python3-cryptography-crates.inc: regenerate with updated bbclass
python3-bcrypt-crates.inc: regenerate with updated bbclass
selftest: efibootpartition.py: fix QEMU_USE_KVM usage
populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override
Michael Opdenacker (20):
manuals: update disk space requirements
manuals: add rm_work disk space data
manuals: add minimum RAM requirements
ref-manual: release-process.rst: update testing section
ref-manual: release-process.rst: major updates
manuals: add "LTS" term
manuals: improve and fix target for supported distros
ref-manual: variables: document VOLATILE_TMP_DIR
migration-guides: update 4.2 migration and release notes
ref-manual: classes.rst: document devicetree.bbclass
ref-manual: remove unused and obsolete file
ref-manual: variables.rst: add wikipedia shortcut for "getty"
overview-manual: update section about source archives
manuals: document SPDX_CUSTOM_ANNOTATION_VARS
overview-manual: development-environment: update text and screenshots
ref-manual: add "Mixin" term
migration-guides: release-notes-4.0.9.rst: add missing SPDX info
migration-guides: fixes and improvements to 4.2 release notes
manuals: expand init manager documentation
ref-manual: variables.rst: document KERNEL_DANGLING_FEATURES_WARN_ONLY
Mikko Rapeli (2):
oeqa ping.py: avoid busylooping failing ping command
oeqa ping.py: fail test if target IP address has not been set
Mingli Yu (3):
report-error: catch Nothing PROVIDES error
bitbake: event: add bb.event.ParseError
report-error: make it catch ParseError error
Ola x Nilsson (2):
patch.py: Use shlex instead of deprecated pipe
package: Use shlex instead of deprecated pipe
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Paul Eggleton (20):
bitbake: bitbake-user-manual: document BB_CACHEDIR
bitbake: bitbake-user-manual: add addpylib and BB_GLOBAL_PYMODULES
bitbake: bitbake-user-manual: add BB_HASH_CODEPARSER_VALS
ref-manual: add new SDK_ZIP_OPTIONS variable
ref-manual: Add new RUST_CHANNEL variable
ref-manual: update for IMAGE_MACHINE_SUFFIX addition
dev/ref-manual: Remove references to INC_PR
ref-manual: add BB_CACHEDIR
migration-guides: Add coverage of addpylib directive
ref-manual: Remove references to package_tar class
ref-manual: add missing QA checks from previous releases
ref-manual: document new patch-status-* QA checks
ref-manual: add FIT_CONF_DEFAULT_DTB
ref-manual: add section link also to buildtools-extended entry
ref-manual: add SDK_ARCHIVE_TYPE
ref-manual: move Initramfs entry from variables to terms
dev/ref-manual: Document INIT_MANAGER
migration-guides: extend migration guide for 4.2
release-notes-4.1: fix some CVE links
release-notes-4.2: add release notes
Pavel Zhukov (2):
scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2
scripts/runqemu: Add possibility to disable network
Pawan Badganchi (1):
tiff: Add fix for CVE-2022-4645
Peter Kjellerstedt (1):
cargo-update-recipe-crates.bbclass: Do not add name= to crate:// URIs
Petr Kubizňák (12):
harfbuzz: depend on glib-2.0-native
json-glib: depend on glib-2.0-native
libgudev: depend on glib-2.0-native
at-spi2-core: depend on glib-2.0-native
avahi: add missing dependencies
graphene: add gobject-types PACKAGECONFIG
python3-pygobject: depend on gobject-introspection
gconf: add missing dependencies
webkitgtk: add missing dependencies
libnotify: depend on glib-2.0-native
vte: depend on glib-2.0-native
gobject-introspection: reduce dependencies
Piotr Łobacz (1):
libarchive: Enable acls, xattr for native as well as target
Qiu Tingting (1):
coreutils: Delete gcc sysroot parameter for ptest on target
Randolph Sapp (1):
wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
Richard Purdie (11):
oeqa/loader: Ensure module names don't contain uppercase characters
zvariant: Exclude from world for now to avoid reproducibility issues
xdg-utils: Add a patch for CVE-2020-27748
cve-extra-exclusions.inc: Exclude some issues not present in linux-yocto
xdg-utils: Fix CVE number
bitbake: bitbake: Bump to version 2.4.0
build-appliance-image: Update to master head revision
poky.conf: Bump version for 4.2 mickledore release
build-appliance-image: Update to master head revision
build-appliance-image: Update to master head revision
cve-exclusions: Document some further linux-yocto CVE statuses
Ross Burton (11):
llvm: remove redundant CMake variables
libgit2: clean up CMake variables
webkitgtk: clean up Python variables
oeqa/runtime: clean up deprecated backslash expansion
classes-recipe/setuptools3-base: clean up FILES assignments
bind: don't package non-existant .la files into -staticdev
gstreamer1.0-plugins: package the internal libraries explicitly
Increase minimum GCC version to 8.0
machine/qemuarm*: don't explicitly set vmalloc
screen: backport fix for CVE-2023-24626
go: backport fix for CVE-2023-24537
Soumya (1):
shadow: Fix can not print full login timeout message
Svend Meyland Nicolaisen (1):
bitbake: npmsw fetcher: Avoid instantiating Fetch class if url list is empty
Thomas De Schampheleire (3):
qemu: make tracetool-generated output reproducible
qemu: retain default trace backend if 'ust' is not enabled
qemu: rename deprecated --enable-trace-backend configure option
Thomas Roos (2):
oeqa/selftest: Use SSTATE_DIR of parent build dir
oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set
Tobias Hagelborn (1):
lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign
Ulrich Ölmann (3):
kernel-dev: fix typos
ref-manual: classes.rst: fix typo
bitbake: bitbake-user-manual: fix BB_RUNFMT's default value
Wang Mingyu (46):
apr: upgrade 1.7.2 -> 1.7.3
bind: upgrade 9.18.12 -> 9.18.13
cracklib: upgrade 2.9.10 -> 2.9.11
libhandy: upgrade 1.8.1 -> 1.8.2
libpcap: upgrade 1.10.3 -> 1.10.4
libsdl2: upgrade 2.26.3 -> 2.26.5
libsoup: upgrade 3.2.2 -> 3.4.0
mpg123: upgrade 1.31.2 -> 1.31.3
acpica: upgrade 20220331 -> 20230331
ccache: upgrade 4.7.4 -> 4.8
libcap: upgrade 2.67 -> 2.68
man-pages: upgrade 6.03 -> 6.04
mtools: upgrade 4.0.42 -> 4.0.43
pango: upgrade 1.50.13 -> 1.50.14
ruby: upgrade 3.2.1 -> 3.2.2
spirv-headers: upgrade 1.3.239.0 -> 1.3.243.0
spirv-tools: upgrade 1.3.239.0 -> 1.3.243.0
sqlite3: upgrade 3.41.0 -> 3.41.2
texinfo: upgrade 7.0.2 -> 7.0.3
wayland: upgrade 1.21.0 -> 1.22.0
wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
xserver-xorg: upgrade 21.1.7 -> 21.1.8
xwayland: upgrade 22.1.8 -> 23.1.1
vala: upgrade 0.56.4 -> 0.56.6
python3-cython: upgrade 0.29.33 -> 0.29.34
python3-hypothesis: upgrade 6.68.2 -> 6.71.0
python3-importlib-metadata: upgrade 6.0.0 -> 6.2.0
python3-installer: upgrade 0.6.0 -> 0.7.0
python3-markdown: upgrade 3.4.1 -> 3.4.3
python3-pathspec: upgrade 0.11.0 -> 0.11.1
python3-pygobject: upgrade 3.42.2 -> 3.44.1
python3-pyopenssl: upgrade 23.0.0 -> 23.1.1
python3-pytz: upgrade 2022.7.1 -> 2023.3
python3-setuptools: upgrade 67.6.0 -> 67.6.1
mesa: upgrade 23.0.0 -> 23.0.2
systemd: upgrade 253.1 -> 253.3
libgit2: upgrade 1.6.3 -> 1.6.4
libsolv: upgrade 0.7.23 -> 0.7.24
libxml2: upgrade 2.10.3 -> 2.10.4
boost: upgrade 1.81.0 -> 1.82.0
ofono: upgrade 2.0 -> 2.1
python3-dtschema: upgrade 2023.1 -> 2023.4
python3-packaging: upgrade 23.0 -> 23.1
python3-pytest: upgrade 7.2.2 -> 7.3.1
stress-ng: upgrade 0.15.06 -> 0.15.07
gdb: Fix conflict of sframe-spec.info
Wentao Zhang (1):
python3: Fix failing sysconfig.py test on x86(64 bit) using lib64 as baselib by updating test_sysconfig for posix_user purelib
Xiangyu Chen (1):
shadow: backport patch to fix CVE-2023-29383
Yoann Congal (4):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
cve-exclusions_6.1: ignore patched CVE-2022-38457 & CVE-2022-40133
cve-extra-exclusion: ignore disputed CVE-2023-23005
cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829
Zhixiong Chi (1):
libpam: Fix the xtests/tst-pam_motd[1|3] failures
bkylerussell@gmail.com (1):
kernel-devsrc: depend on python3-core instead of python3
meta-raspberrypi: 3afdbbf782..bf948e0aa8:
Jesse Visser (2):
recipe-bsp: Add support for Raspberry Pi Camera Module v3
docs: Update extra build config Raspberry Pi Camera Module section
Rodrigo M. Duarte (1):
python3-adafruit-blinka: Fix the correct python recipes path in dynamic-layer sub-dir
meta-arm: 9b6c8c95e4..c60d7865dd:
Adam Johnston (3):
arm-bsp/optee: Update OP-TEE TA devkit to 3.20 for N1SDP
CI: Remove ts-smm-gateway from N1SDP
arm-bsp/trusted-firmware-a: Update N1SDP to v2.8.0
Denys Dmytriyenko (4):
optee-os-tadevkit: remove old unused patches
optee-client: add 3.20.0 version
optee-test: add 3.20.0 version
optee-examples: add 3.20.0 version
Emekcan Aras (4):
arm-bsp/trusted-firmware-m: apply patches correctly from external repos
arm-bsp/trusted-firmware-m: Switch to TF-M BL1 in Corstone1000
arm-bsp/corstone1000: add OTP config for fvp
arm-bsp/trusted-firmware-m: Increase assets number for corstone1000
Jon Mason (8):
CI: dev kernel allow failure
arm/linux-yocto: remove IP_VS config fragment
CI: update to the latest kas version
CI: track mickledore branch
arm-bsp/tc1: Fix signed u-boot
arm-bsp/tc1: Add FVP support
arm/trusted-firmware-m-scripts: relocate to tfm directory
arm-bsp/tc1: disable signed kernel image
Peter Hoyes (1):
arm/scp-firmware: Add support for components other than SCP, MCP
Ross Burton (8):
arm/scp-firmware: add recipe for 2.11
arm-bsp/scp-firmware: move all machines to SCP 2.11
arm/scp-firmware: remove 2.10 recipe
arm/trusted-firmware-m: add the tf-m-extras repository that some machines need
arm/trusted-firmware-m: clean up environment flags
arm/trusted-firmware-m: package .elf files in PN-dbg
arm-bsp/trusted-firmware-m: enable for Total Compute on RSS
CI: add TF-M to TC build
Rui Miguel Silva (1):
arm-bsp/corstone1000: tf-m set/get fwu, private metadata using gpt
Xueliang Zhong (3):
arm-bsp/n1sdp-board-firmware: update to newer SHA
arm-bsp/optee-os: N1SDP support for optee-os 3.20
arm-bsp/n1sdp: use edk2-firmware 202211 version
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I68eb48f27b781da34c4a7636f9b3bb1507b46416
diff --git a/poky/meta/recipes-extended/acpica/acpica_20220331.bb b/poky/meta/recipes-extended/acpica/acpica_20230331.bb
similarity index 91%
rename from poky/meta/recipes-extended/acpica/acpica_20220331.bb
rename to poky/meta/recipes-extended/acpica/acpica_20230331.bb
index 2c554f8..01b8833 100644
--- a/poky/meta/recipes-extended/acpica/acpica_20220331.bb
+++ b/poky/meta/recipes-extended/acpica/acpica_20230331.bb
@@ -10,14 +10,14 @@
SECTION = "console/tools"
LICENSE = "Intel | BSD-3-Clause | GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://source/compiler/aslcompile.c;beginline=7;endline=150;md5=41a76b4b1f816240f090cf010fefebf0"
+LIC_FILES_CHKSUM = "file://source/compiler/aslcompile.c;beginline=7;endline=150;md5=79a69059b499bccc70a484459549758f"
COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
DEPENDS = "m4-native flex-native bison-native"
SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz"
-SRC_URI[sha256sum] = "acaff68b14f1e0804ebbfc4b97268a4ccbefcfa053b02ed9924f2b14d8a98e21"
+SRC_URI[sha256sum] = "0c5d695d605aaa61709f3c63f57a1a99b8902291723998446b0813b57ac310e2"
UPSTREAM_CHECK_URI = "https://acpica.org/downloads"
diff --git a/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch b/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
new file mode 100644
index 0000000..4b96e43
--- /dev/null
+++ b/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
@@ -0,0 +1,39 @@
+From 77ff5f1be394eb2c786df561ff37dde7f982ec76 Mon Sep 17 00:00:00 2001
+From: Stefano Babic <sbabic@denx.de>
+Date: Fri, 28 Jul 2017 13:20:52 +0200
+Subject: [PATCH] Wrong CRC with ASCII CRC for large files
+
+Due to signedness, the checksum is not computed when filesize is bigger
+a 2GB.
+
+Upstream-Status: Submitted [https://lists.gnu.org/archive/html/bug-cpio/2017-07/msg00004.html]
+Signed-off-by: Stefano Babic <sbabic@denx.de>
+---
+ src/copyout.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/copyout.c b/src/copyout.c
+index 1f0987a..727aeca 100644
+--- a/src/copyout.c
++++ b/src/copyout.c
+@@ -34,13 +34,13 @@
+ compute and return a checksum for them. */
+
+ static uint32_t
+-read_for_checksum (int in_file_des, int file_size, char *file_name)
++read_for_checksum (int in_file_des, unsigned int file_size, char *file_name)
+ {
+ uint32_t crc;
+ char buf[BUFSIZ];
+- int bytes_left;
+- int bytes_read;
+- int i;
++ unsigned int bytes_left;
++ unsigned int bytes_read;
++ unsigned int i;
+
+ crc = 0;
+
+--
+2.7.4
+
diff --git a/poky/meta/recipes-extended/cpio/cpio_2.13.bb b/poky/meta/recipes-extended/cpio/cpio_2.13.bb
index 3350ba7..df5e09c 100644
--- a/poky/meta/recipes-extended/cpio/cpio_2.13.bb
+++ b/poky/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -12,6 +12,7 @@
file://0001-obstack-Fix-a-clang-warning.patch \
file://CVE-2021-38185.patch \
file://0001-Use-__alignof__-with-clang.patch \
+ file://0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch \
file://run-ptest \
"
diff --git a/poky/meta/recipes-extended/cracklib/cracklib_2.9.10.bb b/poky/meta/recipes-extended/cracklib/cracklib_2.9.11.bb
similarity index 94%
rename from poky/meta/recipes-extended/cracklib/cracklib_2.9.10.bb
rename to poky/meta/recipes-extended/cracklib/cracklib_2.9.11.bb
index 8197cda..34ef2b6 100644
--- a/poky/meta/recipes-extended/cracklib/cracklib_2.9.10.bb
+++ b/poky/meta/recipes-extended/cracklib/cracklib_2.9.11.bb
@@ -13,7 +13,7 @@
file://0001-packlib.c-support-dictionary-byte-order-dependent.patch \
"
-SRCREV = "e74c539344d024709ee76e2920b0af7f9a5c5556"
+SRCREV = "4cf5125250c6325ef0a2dc085eabff875227edc3"
S = "${WORKDIR}/git/src"
inherit autotools gettext
diff --git a/poky/meta/recipes-extended/gawk/gawk/remove-sensitive-tests.patch b/poky/meta/recipes-extended/gawk/gawk/remove-sensitive-tests.patch
deleted file mode 100644
index ffae550..0000000
--- a/poky/meta/recipes-extended/gawk/gawk/remove-sensitive-tests.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 354d24baf7c51977d22ff61ad42e6a2cbd4dc8ac Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@arm.com>
-Date: Tue, 21 Dec 2021 17:09:12 +0000
-Subject: [PATCH] gawk: remove load-sensitive tests
-
-These tests require an unloaded host as otherwise timing sensitive tests can fail
-https://bugzilla.yoctoproject.org/show_bug.cgi?id=14371
-
-Upstream-Status: Inappropriate
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
----
- test/Maketests | 10 ----------
- 1 file changed, 10 deletions(-)
-
-diff --git a/test/Maketests b/test/Maketests
-index 3a667af..f117697 100644
---- a/test/Maketests
-+++ b/test/Maketests
-@@ -2137,11 +2137,6 @@ symtab12:
- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
- @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
-
--timeout:
-- @echo $@ $(ZOS_FAIL)
-- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
-- @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
--
- typedregex1:
- @echo $@
- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
-@@ -2371,11 +2366,6 @@ rwarray:
- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk < "$(srcdir)"/$@.in >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
- @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
-
--time:
-- @echo $@
-- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
-- @-$(CMP) "$(srcdir)"/$@.ok _$@ && rm -f _$@
--
- mpfrbigint:
- @echo $@
- @-AWKPATH="$(srcdir)" $(AWK) -f $@.awk -M >_$@ 2>&1 || echo EXIT CODE: $$? >>_$@
diff --git a/poky/meta/recipes-extended/gawk/gawk/run-ptest b/poky/meta/recipes-extended/gawk/gawk/run-ptest
index 2675650..f4ef3e7 100644
--- a/poky/meta/recipes-extended/gawk/gawk/run-ptest
+++ b/poky/meta/recipes-extended/gawk/gawk/run-ptest
@@ -3,6 +3,11 @@
cd test
for i in `grep -E "^[a-z0-9_-]*:$" Maketests |awk -F: '{print $1}'`; do
unset LANG
+ grep -q "^$i$" skipped.txt
+ if [ $? -eq 0 ]; then
+ echo "SKIP: $i"
+ continue
+ fi
srcdir=`pwd` AWKPROG=gawk AWK=gawk CMP=cmp make -f Maketests $i >$i.tmp 2>&1
if [ -e _$i ]; then
cat _$i
diff --git a/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb b/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb
index e381bad..768c8eb 100644
--- a/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb
+++ b/poky/meta/recipes-extended/gawk/gawk_5.2.1.bb
@@ -16,7 +16,6 @@
PACKAGECONFIG[mpfr] = "--with-mpfr,--without-mpfr, mpfr"
SRC_URI = "${GNU_MIRROR}/gawk/gawk-${PV}.tar.gz \
- file://remove-sensitive-tests.patch \
file://run-ptest \
"
@@ -60,10 +59,29 @@
# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14371
rm -f ${D}${PTEST_PATH}/test/time.*
rm -f ${D}${PTEST_PATH}/test/timeout.*
+ for t in time timeout; do
+ echo $t >> ${D}${PTEST_PATH}/test/skipped.txt
+ done
}
-RDEPENDS:${PN}-ptest += "make"
+do_install_ptest:append:libc-musl() {
+ # Reported https://lists.gnu.org/archive/html/bug-gawk/2021-02/msg00005.html
+ rm -f ${D}${PTEST_PATH}/test/clos1way6.*
+ # Needs en_US.UTF-8 but then does not work with musl
+ rm -f ${D}${PTEST_PATH}/test/backsmalls1.*
+ # Needs en_US.UTF-8 but then does not work with musl
+ rm -f ${D}${PTEST_PATH}/test/commas.*
+ # The below two need LANG=C inside the make rule for musl
+ rm -f ${D}${PTEST_PATH}/test/rebt8b1.*
+ rm -f ${D}${PTEST_PATH}/test/regx8bit.*
+ for t in clos1way6 backsmalls1 commas rebt8b1 regx8bit; do
+ echo $t >> ${D}${PTEST_PATH}/test/skipped.txt
+ done
+}
-RDEPENDS:${PN}-ptest:append:libc-glibc = " locale-base-en-us locale-base-en-us.iso-8859-1"
+RDEPENDS:${PN}-ptest += "make locale-base-en-us"
+
+RDEPENDS:${PN}-ptest:append:libc-glibc = " locale-base-en-us.iso-8859-1"
+RDEPENDS:${PN}-ptest:append:libc-musl = " musl-locales"
BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
index d0de035..5483ecc 100644
--- a/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
+++ b/poky/meta/recipes-extended/go-examples/go-helloworld_0.1.bb
@@ -1,4 +1,4 @@
-DESCRIPTION = "This is a simple example recipe that cross-compiles a Go program."
+SUMMARY = "This is a simple example recipe that cross-compiles a Go program."
SECTION = "examples"
HOMEPAGE = "https://golang.org/"
diff --git a/poky/meta/recipes-extended/grep/grep_3.9.bb b/poky/meta/recipes-extended/grep/grep_3.10.bb
similarity index 93%
rename from poky/meta/recipes-extended/grep/grep_3.9.bb
rename to poky/meta/recipes-extended/grep/grep_3.10.bb
index 3c39a5f..33fd64d 100644
--- a/poky/meta/recipes-extended/grep/grep_3.9.bb
+++ b/poky/meta/recipes-extended/grep/grep_3.10.bb
@@ -8,7 +8,7 @@
SRC_URI = "${GNU_MIRROR}/grep/grep-${PV}.tar.xz"
-SRC_URI[sha256sum] = "abcd11409ee23d4caf35feb422e53bbac867014cfeed313bb5f488aca170b599"
+SRC_URI[sha256sum] = "24efa5b595fb5a7100879b51b8868a0bb87a71c183d02c4c602633b88af6855b"
inherit autotools gettext texinfo pkgconfig
diff --git a/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb b/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
index f447035..aafede3 100644
--- a/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
+++ b/poky/meta/recipes-extended/libarchive/libarchive_3.6.2.bb
@@ -7,11 +7,7 @@
DEPENDS = "e2fsprogs-native"
-PACKAGECONFIG ?= "zlib bz2 xz zstd"
-
-PACKAGECONFIG:append:class-target = "\
- ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)} \
-"
+PACKAGECONFIG ?= "zlib bz2 xz zstd ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)}"
DEPENDS_BZIP2 = "bzip2-replacement-native"
DEPENDS_BZIP2:class-target = "bzip2"
diff --git a/poky/meta/recipes-extended/libsolv/libsolv_0.7.23.bb b/poky/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
similarity index 95%
rename from poky/meta/recipes-extended/libsolv/libsolv_0.7.23.bb
rename to poky/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
index 1256905..7c8f1fd 100644
--- a/poky/meta/recipes-extended/libsolv/libsolv_0.7.23.bb
+++ b/poky/meta/recipes-extended/libsolv/libsolv_0.7.24.bb
@@ -12,7 +12,7 @@
file://0001-utils-Conside-musl-when-wrapping-qsort_r.patch \
"
-SRCREV = "6deaca7cf61ec2b32c4a3b494a751c8d15efbe8b"
+SRCREV = "4d05dca3974156faf2f025ca4a82b68904848307"
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)"
diff --git a/poky/meta/recipes-extended/logrotate/logrotate/run-ptest b/poky/meta/recipes-extended/logrotate/logrotate/run-ptest
new file mode 100755
index 0000000..b272def
--- /dev/null
+++ b/poky/meta/recipes-extended/logrotate/logrotate/run-ptest
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+set -u
+
+make -k check
diff --git a/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb b/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb
index 4e4ea10..87c0d9a 100644
--- a/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb
+++ b/poky/meta/recipes-extended/logrotate/logrotate_3.21.0.bb
@@ -10,7 +10,9 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.xz"
+SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.xz \
+ file://run-ptest \
+ "
SRC_URI[sha256sum] = "8fa12015e3b8415c121fc9c0ca53aa872f7b0702f543afda7e32b6c4900f6516"
@@ -44,7 +46,7 @@
# INSTALL=install and BASEDIR=/usr.
OS_NAME = "Linux"
-inherit autotools systemd github-releases
+inherit autotools systemd github-releases ptest
SYSTEMD_SERVICE:${PN} = "\
${BPN}.service \
@@ -86,3 +88,27 @@
install -p -m 0755 ${S}/examples/logrotate.cron ${D}${sysconfdir}/cron.daily/logrotate
fi
}
+
+do_install_ptest() {
+ cp -r ${S}/test/* ${D}${PTEST_PATH}
+ cp ${S}/test-driver ${D}${PTEST_PATH}
+ cp ${B}/test/Makefile ${D}${PTEST_PATH}
+
+ # Do not rebuild Makefile
+ sed -i 's/^Makefile:/_Makefile:/' ${D}${PTEST_PATH}/Makefile
+
+ # Fix top_builddir and top_srcdir
+ sed -e 's/^top_builddir = \(.*\)/top_builddir = ./' \
+ -e 's/^top_srcdir = \(.*\)/top_srcdir = ./' \
+ -i ${D}${PTEST_PATH}/Makefile
+
+ # Replace bash with sh
+ sed -i 's,/bin/bash,/bin/sh,' ${D}${PTEST_PATH}/Makefile
+
+ # Replace gawk with awk
+ sed -i 's/gawk/awk/' ${D}${PTEST_PATH}/Makefile
+ ln -s ${sbindir}/logrotate ${D}${PTEST_PATH}
+}
+
+# coreutils is needed to have "readlink"
+RDEPENDS:${PN}-ptest += "make coreutils"
diff --git a/poky/meta/recipes-extended/man-pages/man-pages_6.03.bb b/poky/meta/recipes-extended/man-pages/man-pages_6.04.bb
similarity index 91%
rename from poky/meta/recipes-extended/man-pages/man-pages_6.03.bb
rename to poky/meta/recipes-extended/man-pages/man-pages_6.04.bb
index bc02597..fee57e3 100644
--- a/poky/meta/recipes-extended/man-pages/man-pages_6.03.bb
+++ b/poky/meta/recipes-extended/man-pages/man-pages_6.04.bb
@@ -4,7 +4,7 @@
HOMEPAGE = "http://www.kernel.org/pub/linux/docs/man-pages"
LICENSE = "GPL-2.0-or-later & GPL-2.0-only & GPL-1.0-or-later & BSD-2-Clause & BSD-3-Clause & BSD-4-Clause & MIT"
-LIC_FILES_CHKSUM = "file://README;md5=0fdad39ebaa973a50785f79f0f59f87f \
+LIC_FILES_CHKSUM = "file://README;md5=5b7d7488344f5af8841dc13aaec49cdf \
file://LICENSES/BSD-2-Clause.txt;md5=d0f280d1058e77e66264a9b9e10e6c89 \
file://LICENSES/BSD-3-Clause.txt;md5=71f739ef75581cae312e8c711bcdab16 \
file://LICENSES/BSD-4-Clause-UC.txt;md5=1da3cf8ad50cd8d5d1de3cfc53196d01 \
@@ -16,7 +16,7 @@
"
SRC_URI = "${KERNELORG_MIRROR}/linux/docs/${BPN}/${BP}.tar.gz"
-SRC_URI[sha256sum] = "76eca045b42a90dd25d094c46d97ac90187bc0f1bfca358bb5dae5c4337acbb0"
+SRC_URI[sha256sum] = "590623b99bf1f8ee958483c35cc0aaef2363e42998c4d927d1f705890d15d51e"
inherit manpages
diff --git a/poky/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch b/poky/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
new file mode 100644
index 0000000..94dcb04
--- /dev/null
+++ b/poky/meta/recipes-extended/pam/libpam/0001-pam_motd-do-not-rely-on-all-filesystems-providing-a-.patch
@@ -0,0 +1,108 @@
+From 42404548721c653317c911c83d885e2fc7fbca70 Mon Sep 17 00:00:00 2001
+From: Per Jessen <per@jessen.ch>
+Date: Fri, 22 Apr 2022 18:15:36 +0200
+Subject: [PATCH] pam_motd: do not rely on all filesystems providing a filetype
+
+When using scandir() to look for MOTD files to display, we wrongly
+relied on all filesystems providing a filetype. This is a fix to divert
+to lstat() when we have no filetype. To maintain MT safety, it isn't
+possible to use lstat() in the scandir() filter function, so all of the
+filtering has been moved to an additional loop after scanning all the
+motd dirs.
+Also, remove superfluous alphasort from scandir(), we are doing
+a qsort() later.
+
+Resolves: https://github.com/linux-pam/linux-pam/issues/455
+
+Upstream-Status: Backport [https://github.com/linux-pam/linux-pam/commit/42404548721c653317c911c83d885e2fc7fbca70]
+
+Signed-off-by: Per Jessen <per@jessen.ch>
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+---
+ modules/pam_motd/pam_motd.c | 49 ++++++++++++++++++++++++++++++-------
+ 1 file changed, 40 insertions(+), 9 deletions(-)
+
+diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c
+index 6ac8cba2..5ca486e4 100644
+--- a/modules/pam_motd/pam_motd.c
++++ b/modules/pam_motd/pam_motd.c
+@@ -166,11 +166,6 @@ static int compare_strings(const void *a, const void *b)
+ }
+ }
+
+-static int filter_dirents(const struct dirent *d)
+-{
+- return (d->d_type == DT_REG || d->d_type == DT_LNK);
+-}
+-
+ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ char **motd_dir_path_split, unsigned int num_motd_dirs, int report_missing)
+ {
+@@ -199,8 +194,7 @@ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+
+ for (i = 0; i < num_motd_dirs; i++) {
+ int rv;
+- rv = scandir(motd_dir_path_split[i], &(dirscans[i]),
+- filter_dirents, alphasort);
++ rv = scandir(motd_dir_path_split[i], &(dirscans[i]), NULL, NULL);
+ if (rv < 0) {
+ if (errno != ENOENT || report_missing) {
+ pam_syslog(pamh, LOG_ERR, "error scanning directory %s: %m",
+@@ -215,6 +209,41 @@ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ if (dirscans_size_total == 0)
+ goto out;
+
++ /* filter out unwanted names, directories, and complement data with lstat() */
++ for (i = 0; i < num_motd_dirs; i++) {
++ struct dirent **d = dirscans[i];
++ for (unsigned int j = 0; j < dirscans_sizes[i]; j++) {
++ int rc;
++ char *fullpath;
++ struct stat s;
++
++ switch(d[j]->d_type) { /* the filetype determines how to proceed */
++ case DT_REG: /* regular files and */
++ case DT_LNK: /* symlinks */
++ continue; /* are good. */
++ case DT_UNKNOWN: /* for file systems that do not provide */
++ /* a filetype, we use lstat() */
++ if (join_dir_strings(&fullpath, motd_dir_path_split[i],
++ d[j]->d_name) <= 0)
++ break;
++ rc = lstat(fullpath, &s);
++ _pam_drop(fullpath); /* free the memory alloc'ed by join_dir_strings */
++ if (rc != 0) /* if the lstat() somehow failed */
++ break;
++
++ if (S_ISREG(s.st_mode) || /* regular files and */
++ S_ISLNK(s.st_mode)) continue; /* symlinks are good */
++ break;
++ case DT_DIR: /* We don't want directories */
++ default: /* nor anything else */
++ break;
++ }
++ _pam_drop(d[j]); /* free memory */
++ d[j] = NULL; /* indicate this one was dropped */
++ dirscans_size_total--;
++ }
++ }
++
+ /* Allocate space for all file names found in the directories, including duplicates. */
+ if ((dirnames_all = calloc(dirscans_size_total, sizeof(*dirnames_all))) == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "failed to allocate dirname array");
+@@ -225,8 +254,10 @@ static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ unsigned int j;
+
+ for (j = 0; j < dirscans_sizes[i]; j++) {
+- dirnames_all[i_dirnames] = dirscans[i][j]->d_name;
+- i_dirnames++;
++ if (NULL != dirscans[i][j]) {
++ dirnames_all[i_dirnames] = dirscans[i][j]->d_name;
++ i_dirnames++;
++ }
+ }
+ }
+
+--
+2.39.0
+
diff --git a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb
index db5410a..59ed174 100644
--- a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb
+++ b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb
@@ -25,7 +25,7 @@
file://pam-unix-nullok-secure.patch \
file://crypt_configure.patch \
file://pam-volatiles.conf \
- "
+ "
SRC_URI[md5sum] = "558ff53b0fc0563ca97f79e911822165"
SRC_URI[sha256sum] = "eff47a4ecd833fbf18de9686632a70ee8d0794b79aecb217ebd0ce11db4cd0db"
diff --git a/poky/meta/recipes-extended/screen/screen/signal-permission.patch b/poky/meta/recipes-extended/screen/screen/signal-permission.patch
new file mode 100644
index 0000000..77dc649
--- /dev/null
+++ b/poky/meta/recipes-extended/screen/screen/signal-permission.patch
@@ -0,0 +1,40 @@
+From e9ad41bfedb4537a6f0de20f00b27c7739f168f7 Mon Sep 17 00:00:00 2001
+From: Alexander Naumov <alexander_naumov@opensuse.org>
+Date: Mon, 30 Jan 2023 17:22:25 +0200
+Subject: fix: missing signal sending permission check on failed query messages
+
+Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
+
+CVE: CVE-2023-24626
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ src/socket.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/socket.c b/src/socket.c
+index 147dc54..54d8cb8 100644
+--- a/socket.c
++++ b/socket.c
+@@ -1285,11 +1285,16 @@ ReceiveMsg()
+ else
+ queryflag = -1;
+
+- Kill(m.m.command.apid,
++ if (CheckPid(m.m.command.apid)) {
++ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
++ }
++ else {
++ Kill(m.m.command.apid,
+ (queryflag >= 0)
+ ? SIGCONT
+ : SIG_BYE); /* Send SIG_BYE if an error happened */
+- queryflag = -1;
++ queryflag = -1;
++ }
+ }
+ break;
+ case MSG_COMMAND:
+--
+cgit v1.1
+
diff --git a/poky/meta/recipes-extended/screen/screen_4.9.0.bb b/poky/meta/recipes-extended/screen/screen_4.9.0.bb
index 77e8000..235cd8c 100644
--- a/poky/meta/recipes-extended/screen/screen_4.9.0.bb
+++ b/poky/meta/recipes-extended/screen/screen_4.9.0.bb
@@ -22,6 +22,7 @@
file://0001-fix-for-multijob-build.patch \
file://0001-Remove-more-compatibility-stuff.patch \
file://0001-configure-Add-needed-system-headers-in-checks.patch \
+ file://signal-permission.patch \
"
SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4"
diff --git a/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch b/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch
new file mode 100644
index 0000000..37ba5f3
--- /dev/null
+++ b/poky/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch
@@ -0,0 +1,41 @@
+commit 670cae834827a8f794e6f7464fa57790d911b63c
+Author: SoumyaWind <121475834+SoumyaWind@users.noreply.github.com>
+Date: Tue Dec 27 17:40:17 2022 +0530
+
+ shadow: Fix can not print full login timeout message
+
+ Login timed out message prints only first few bytes when write is immediately followed by exit.
+ Calling exit from new handler provides enough time to display full message.
+
+Upstream-Status: Accepted [https://github.com/shadow-maint/shadow/commit/670cae834827a8f794e6f7464fa57790d911b63c]
+
+diff --git a/src/login.c b/src/login.c
+index 116e2cb3..c55f4de0 100644
+--- a/src/login.c
++++ b/src/login.c
+@@ -120,6 +120,7 @@ static void get_pam_user (char **ptr_pam_user);
+
+ static void init_env (void);
+ static void alarm_handler (int);
++static void exit_handler (int);
+
+ /*
+ * usage - print login command usage and exit
+@@ -391,11 +392,16 @@ static void init_env (void)
+ #endif /* !USE_PAM */
+ }
+
++static void exit_handler (unused int sig)
++{
++ _exit (0);
++}
+
+ static void alarm_handler (unused int sig)
+ {
+ write (STDERR_FILENO, tmsg, strlen (tmsg));
+- _exit (0);
++ signal(SIGALRM, exit_handler);
++ alarm(2);
+ }
+
+ #ifdef USE_PAM
diff --git a/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
new file mode 100644
index 0000000..ac08be5
--- /dev/null
+++ b/poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
@@ -0,0 +1,65 @@
+From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 31 Mar 2023 14:46:50 +0200
+Subject: [PATCH] Overhaul valid_field()
+
+e5905c4b ("Added control character check") introduced checking for
+control characters but had the logic inverted, so it rejects all
+characters that are not control ones.
+
+Cast the character to `unsigned char` before passing to the character
+checking functions to avoid UB.
+
+Use strpbrk(3) for the illegal character test and return early.
+
+Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4]
+
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+---
+ lib/fields.c | 24 ++++++++++--------------
+ 1 file changed, 10 insertions(+), 14 deletions(-)
+
+diff --git a/lib/fields.c b/lib/fields.c
+index fb51b582..53929248 100644
+--- a/lib/fields.c
++++ b/lib/fields.c
+@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal)
+
+ /* For each character of field, search if it appears in the list
+ * of illegal characters. */
++ if (illegal && NULL != strpbrk (field, illegal)) {
++ return -1;
++ }
++
++ /* Search if there are non-printable or control characters */
+ for (cp = field; '\0' != *cp; cp++) {
+- if (strchr (illegal, *cp) != NULL) {
++ unsigned char c = *cp;
++ if (!isprint (c)) {
++ err = 1;
++ }
++ if (iscntrl (c)) {
+ err = -1;
+ break;
+ }
+ }
+
+- if (0 == err) {
+- /* Search if there are non-printable or control characters */
+- for (cp = field; '\0' != *cp; cp++) {
+- if (!isprint (*cp)) {
+- err = 1;
+- }
+- if (!iscntrl (*cp)) {
+- err = -1;
+- break;
+- }
+- }
+- }
+-
+ return err;
+ }
+
+--
+2.34.1
+
diff --git a/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch b/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch
new file mode 100644
index 0000000..f53341d
--- /dev/null
+++ b/poky/meta/recipes-extended/shadow/files/CVE-2023-29383.patch
@@ -0,0 +1,53 @@
+From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001
+From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com>
+Date: Thu, 23 Mar 2023 23:39:38 +0000
+Subject: [PATCH] Added control character check
+
+Added control character check, returning -1 (to "err") if control characters are present.
+
+CVE: CVE-2023-29383
+Upstream-Status: Backport
+
+Reference to upstream:
+https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
+
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+---
+ lib/fields.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/lib/fields.c b/lib/fields.c
+index 640be931..fb51b582 100644
+--- a/lib/fields.c
++++ b/lib/fields.c
+@@ -21,9 +21,9 @@
+ *
+ * The supplied field is scanned for non-printable and other illegal
+ * characters.
+- * + -1 is returned if an illegal character is present.
+- * + 1 is returned if no illegal characters are present, but the field
+- * contains a non-printable character.
++ * + -1 is returned if an illegal or control character is present.
++ * + 1 is returned if no illegal or control characters are present,
++ * but the field contains a non-printable character.
+ * + 0 is returned otherwise.
+ */
+ int valid_field (const char *field, const char *illegal)
+@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal)
+ }
+
+ if (0 == err) {
+- /* Search if there are some non-printable characters */
++ /* Search if there are non-printable or control characters */
+ for (cp = field; '\0' != *cp; cp++) {
+ if (!isprint (*cp)) {
+ err = 1;
++ }
++ if (!iscntrl (*cp)) {
++ err = -1;
+ break;
+ }
+ }
+--
+2.34.1
+
diff --git a/poky/meta/recipes-extended/shadow/shadow.inc b/poky/meta/recipes-extended/shadow/shadow.inc
index 2c70a2d..cf05a3a 100644
--- a/poky/meta/recipes-extended/shadow/shadow.inc
+++ b/poky/meta/recipes-extended/shadow/shadow.inc
@@ -14,6 +14,9 @@
SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
file://useradd \
+ file://0001-Fix-can-not-print-full-login.patch \
+ file://CVE-2023-29383.patch \
+ file://0001-Overhaul-valid_field.patch \
"
SRC_URI:append:class-target = " \
diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.15.06.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.15.07.bb
similarity index 94%
rename from poky/meta/recipes-extended/stress-ng/stress-ng_0.15.06.bb
rename to poky/meta/recipes-extended/stress-ng/stress-ng_0.15.07.bb
index 31cf2e8..674c58a 100644
--- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.15.06.bb
+++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.15.07.bb
@@ -7,7 +7,7 @@
SRC_URI = "git://github.com/ColinIanKing/stress-ng.git;protocol=https;branch=master \
"
-SRCREV = "f2a80e4fdba0aaf71d7d3687acb34e3827e68886"
+SRCREV = "83ab1d2d7e39d9accba9d6dd0cc567645bb21d92"
S = "${WORKDIR}/git"
DEPENDS = "coreutils-native libbsd"
diff --git a/poky/meta/recipes-extended/texinfo/texinfo_7.0.2.bb b/poky/meta/recipes-extended/texinfo/texinfo_7.0.3.bb
similarity index 96%
rename from poky/meta/recipes-extended/texinfo/texinfo_7.0.2.bb
rename to poky/meta/recipes-extended/texinfo/texinfo_7.0.3.bb
index da455df..b149177 100644
--- a/poky/meta/recipes-extended/texinfo/texinfo_7.0.2.bb
+++ b/poky/meta/recipes-extended/texinfo/texinfo_7.0.3.bb
@@ -35,7 +35,7 @@
${TARGET_PATCH} \
"
-SRC_URI[sha256sum] = "a9c646bc4f6bb31843f129f8408a3a627334575faf7b22ebc416be5cb1570553"
+SRC_URI[sha256sum] = "3cc5706fb086b895e1dc2b407aade9f95a3a233ff856273e2b659b089f117683"
tex_texinfo = "texmf/tex/texinfo"
diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch b/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
new file mode 100644
index 0000000..b236030
--- /dev/null
+++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
@@ -0,0 +1,145 @@
+xdg-email does not parse mailto uris properly for thunderbird
+
+When using thunderbird as mailto handler xdg-email translates mailto uris into an 'thunderbird -compose' argument. While to, cc and bcc values are properly enclosed in single quotes this is not the case for subject or body. This breaks functionality and allows to use all thunderbird -compose arguments within a mailto uri, e.g.
+
+xdg-email 'mailto:test@example.com?subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt'
+
+translates into
+
+thunderbird -compose to='test@example.com,',subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt
+
+with working attachment and message. (And, yes, ~ expands to the home directory.)
+
+Upstream-Status: Submitted [https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205]
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+CVE: CVE-2022-4055
+
+
+Index: xdg-utils-1.1.3/scripts/xdg-email.in
+===================================================================
+--- xdg-utils-1.1.3.orig/scripts/xdg-email.in
++++ xdg-utils-1.1.3/scripts/xdg-email.in
+@@ -30,53 +30,6 @@ _USAGE
+
+ #@xdg-utils-common@
+
+-run_thunderbird()
+-{
+- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY
+- THUNDERBIRD="$1"
+- MAILTO=$(echo "$2" | sed 's/^mailto://')
+- echo "$MAILTO" | grep -qs "^?"
+- if [ "$?" = "0" ] ; then
+- MAILTO=$(echo "$MAILTO" | sed 's/^?//')
+- else
+- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/')
+- fi
+-
+- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g')
+- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1)
+- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1)
+-
+- if [ -z "$TO" ] ; then
+- NEWMAILTO=
+- else
+- NEWMAILTO="to='$TO'"
+- fi
+- if [ -n "$CC" ] ; then
+- NEWMAILTO="${NEWMAILTO},cc='$CC'"
+- fi
+- if [ -n "$BCC" ] ; then
+- NEWMAILTO="${NEWMAILTO},bcc='$BCC'"
+- fi
+- if [ -n "$SUBJECT" ] ; then
+- NEWMAILTO="${NEWMAILTO},$SUBJECT"
+- fi
+- if [ -n "$BODY" ] ; then
+- NEWMAILTO="${NEWMAILTO},$BODY"
+- fi
+-
+- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//')
+- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\""
+- "$THUNDERBIRD" -compose "$NEWMAILTO"
+- if [ $? -eq 0 ]; then
+- exit_success
+- else
+- exit_failure_operation_failed
+- fi
+-}
+-
+ open_kde()
+ {
+ if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then
+@@ -130,15 +83,6 @@ open_kde()
+
+ open_gnome3()
+ {
+- local client
+- local desktop
+- desktop=`xdg-mime query default "x-scheme-handler/mailto"`
+- client=`desktop_file_to_binary "$desktop"`
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ if gio help open 2>/dev/null 1>&2; then
+ DEBUG 1 "Running gio open \"$1\""
+ gio open "$1"
+@@ -159,13 +103,6 @@ open_gnome3()
+
+ open_gnome()
+ {
+- local client
+- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || ""
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ if gio help open 2>/dev/null 1>&2; then
+ DEBUG 1 "Running gio open \"$1\""
+ gio open "$1"
+@@ -231,15 +168,6 @@ open_flatpak()
+
+ open_generic()
+ {
+- local client
+- local desktop
+- desktop=`xdg-mime query default "x-scheme-handler/mailto"`
+- client=`desktop_file_to_binary "$desktop"`
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ xdg-open "$1"
+ local ret=$?
+
+@@ -364,21 +292,6 @@ while [ $# -gt 0 ] ; do
+ shift
+ ;;
+
+- --attach)
+- if [ -z "$1" ] ; then
+- exit_failure_syntax "file argument missing for --attach option"
+- fi
+- check_input_file "$1"
+- file=`readlink -f "$1"` # Normalize path
+- if [ -z "$file" ] || [ ! -f "$file" ] ; then
+- exit_failure_file_missing "file '$1' does not exist"
+- fi
+-
+- url_encode "$file"
+- options="${options}attach=${result}&"
+- shift
+- ;;
+-
+ -*)
+ exit_failure_syntax "unexpected option '$parm'"
+ ;;
diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index 73acf6b..4d93180 100644
--- a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -21,6 +21,7 @@
file://0001-Reinstate-xdg-terminal.patch \
file://0001-Don-t-build-the-in-script-manual.patch \
file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
+ file://CVE-2022-4055.patch \
"
SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"
diff --git a/poky/meta/recipes-extended/xz/xz_5.4.1.bb b/poky/meta/recipes-extended/xz/xz_5.4.2.bb
similarity index 87%
rename from poky/meta/recipes-extended/xz/xz_5.4.1.bb
rename to poky/meta/recipes-extended/xz/xz_5.4.2.bb
index 71bf4b5..87f9602 100644
--- a/poky/meta/recipes-extended/xz/xz_5.4.1.bb
+++ b/poky/meta/recipes-extended/xz/xz_5.4.2.bb
@@ -17,15 +17,15 @@
LICENSE:${PN}-locale = "GPL-2.0-or-later"
LICENSE:liblzma = "PD"
-LIC_FILES_CHKSUM = "file://COPYING;md5=97d554a32881fee0aa283d96e47cb24a \
+LIC_FILES_CHKSUM = "file://COPYING;md5=c8ea84ebe7b93cce676b54355dc6b2c0 \
file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
- file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
+ file://COPYING.GPLv3;md5=1ebbd3e34237af26da5dc08a4e440464 \
file://COPYING.LGPLv2.1;md5=4fbd65380cdd255951079008b364516c \
file://lib/getopt.c;endline=23;md5=2069b0ee710572c03bb3114e4532cd84 \
"
SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz"
-SRC_URI[sha256sum] = "e4b0f81582efa155ccf27bb88275254a429d44968e488fc94b806f2a61cd3e22"
+SRC_URI[sha256sum] = "87947679abcf77cc509d8d1b474218fd16b72281e2797360e909deaee1ac9d05"
UPSTREAM_CHECK_REGEX = "xz-(?P<pver>\d+(\.\d+)+)\.tar"
CACHED_CONFIGUREVARS += "gl_cv_posix_shell=/bin/sh"