subtree updates

poky: 8d0ba08aa6..2696bf8cf3:
  Adam Johnston (1):
        useradd_base: Fix sed command line for passwd-expire

  Adrian Freihofer (1):
        vscode: add minimal configuration

  Alassane Yattara (44):
        bitbake: Update toaster-requirements to add django-log-viewer==1.1.7
        bitbake: toaster: bug-fix on tests.browser.test_most_recent_builds_states
        bitbake: Toaster: Bug-fix failure on tests.browser.test_layerdetails_page
        bitbake: Toaster: Fixed javascript issue on tests.browser.test_js_unit_tests
        bitbake: Toaster: bug-fix on /toastermain/logs.py
        bitbake: Toaster: bug-fix on custom image test cases
        bitbake: Toaster: bug-fix on tests/views/test_views.py
        bitbake: Toaster: bug-fix on tests.views.test_views.py
        bitbake: toaster: Write logs to BUILDDIR/toaster_logs
        bitbake: toaster: Add toaster-tests-requirements.txt to add pytest and some plugins
        bitbake: toaster: Update orm.models to catch error ProcessLookupError
        bitbake: toaster: Bug-fix pytest and Failed: Database access not allowed
        bitbake: toaster: fixed pytest error: Database access not allowed, use the "django_db"
        bitbake: toaster: Bug-fix django.db.utils.IntegrityError: Problem installing fixture
        bitbake: toaster: fixed: Tests fail when executed one after the other out of sequence
        bitbake: toaster: Added pytest.ini file
        bitbake: toaster: Check info_sign is visible and clickable in landing page
        bitbake: toaster: Test documentation link in landing header is displayed
        bitbake: toaster: Test jumbotron links visible and clickable
        bitbake: toaster: Bug-fix webdriver No parameter named options
        bitbake: Toaster: Write UI TestCase create new project
        bitbake: Toaster: Test create new project without project name
        bitbake: Toaster: Write UI TestCase import new project using
        bitbake: toaster/tests: Add UI TestCase to test if 'no build' message is shown
        bitbake: toaster/tests: Add UI TestCase to test search box on all build page
        bitbake: toaster/tests: Add UI TestCase to test the filtering feature on 'failure tasks' column
        bitbake: toaster/tests: Add UI TestCase to test filtering feature on 'completed_on' column
        bitbake: toaster/tests: Add UI TestCase to test "edit column" feature show/hide column
        bitbake: toaster/tests: Add UI TestCase to test "show rows" feature, change displaying rows in table
        bitbake: toaster/tests: Add UI TestCase for deleting project
        bitbake: toaster/tests: Add UI TestCase for Visualize all projects
        bitbake: toaster/tests: Add UI TestCase for visualize all projects edit column
        bitbake: toaster/tests: Add UI TestCase for visualize all projects show rows
        bitbake: toaster/tests/create_new_project: Code cleanup
        bitbake: toaster/tests: Add UI TestCase - Check project header contains right items
        bitbake: toaster/tests: Add UI TestCase - Test edit project name on project page
        bitbake: toaster/tests: Add UI TestCase - Test project page has right tabs displayed
        bitbake: toaster/tests: Add UI TestCase - Test project config tab navigation:
        bitbake: toaster/tests: Add UI TestCase - Test project config tab
        bitbake: toaster/tests: Add UI TestCase - Test project page tab import layer
        bitbake: toaster/tests: Add UI TestCase - Test project page tab "New custom image"
        bitbake: toaster/tests: Add UI TestCase - Test project page section images
        bitbake: toaster/tests: Add UI TestCase for the edit column feature in image recipe
        bitbake: toaster/tests: Add UI TestCase - Test the show rows feature in image recipe

  Alberto Pianon (1):
        bitbake: fetch2: Add API for upstream source tracing

  Alejandro Hernandez Samaniego (2):
        qemuarmv5: Drop QB_DTB conditional for older kernels
        baremetal-helloworld: Pull in fix for race condition on x86-64

  Alex Stewart (1):
        libsndfile1: fix CVE-2022-33065

  Alexander Kanavin (10):
        scripts/bitbake-whatchanged: remove
        selftest/buildoptions: tag the download mirror test with 'yocto-mirrors'
        bitbake: runqueue.py: clarify that 'closest' signature means 'most recent' (and not closest in its content)
        selftest/sstatetests: add tests for 'bitbake -S printdiff'
        lib/oe/sstatesig.py: dump locked.sigs.inc only when explicitly asked via -S lockedsigs
        selftest/sstatetests: add a test for CDN sstate cache
        populate_sdk_ext.bbclass: do not symlink unfsd from sdk image sysroot into eSDK tools path
        meta/lib/oe/copy_buildsystem.py: do not derefence symlinks
        scripts/esdk-tools: use a dedicated, static directory for esdk tools
        populate_sdk_ext: split copy_buildsystem() into logical steps defined as functions

  Alexander Lussier-Cullen (2):
        bitbake: toaster/tests: add passthroughs for relevant build environment variables
        bitbake: toaster: make django temp directory configurable

  Alexandre Belloni (1):
        strace: further clean up of ptest folders

  Alexis Lothoré (5):
        scripts/resulttool: limit the number of changes displayed per test
        scripts/resulttool: rearrange regressions report order
        scripts/resulttool: make additional info more compact
        scripts/yocto_testresults_query: add option to change display limit
        scripts/resulttool: group all regressions in regression report

  Anuj Mittal (9):
        gstreamer1.0: upgrade 1.22.6 -> 1.22.7
        gsettings-desktop-schemas: upgrade 44.0 -> 45.0
        harfbuzz: upgrade 8.2.2 -> 8.3.0
        libnotify: upgrade 0.8.2 -> 0.8.3
        libtirpc: upgrade 1.3.3 -> 1.3.4
        mmc-utils: upgrade to latest revision
        puzzles: upgrade to latest revision
        sqlite3: upgrade 3.43.2 -> 3.44.0
        vulkan: upgrade 1.3.261.1 -> 1.3.268.0

  Archana Polampalli (1):
        vim: Upgrade 9.0.2048 -> 9.0.2068

  Arne Schwerdt (1):
        ref-manual: Warn about COMPATIBLE_MACHINE skipping native recipes

  BELHADJ SALEM Talel (8):
        bitbake.conf: Drop DEPLOY_DIR_TAR
        ref-manual: Fix PACKAGECONFIG term and add an example
        dev-manual: layers: Add notes about layer.conf
        ref-manual: variables: add RECIPE_SYSROOT and RECIPE_SYSROOT_NATIVE
        ref-manual: variables: add TOOLCHAIN_OPTIONS variable
        ref-manual: variables: add example for SYSROOT_DIRS variable
        bitbake: Fix find_bbfiles string endswith call
        overview-manual: concepts: Add Bitbake Tasks Map

  Bastian Krause (1):
        linux-firmware: add new fw file to ${PN}-rtl8821

  Bruce Ashfield (22):
        linux-yocto/6.1: update to v6.1.56
        linux-yocto/6.5: update to v6.5.6
        linux-yocto/6.1: tiny: fix arm 32 boot
        linux-yocto/6.5: tiny: fix arm 32 boot
        linux-yocto/6.5: update to v6.5.7
        linux-yocto/6.1: update to v6.1.57
        linux-yocto/6.4: drop recipes
        linux-yocto/6.5: avoid serial port suspend issues
        linux-yocto/6.5: config: remove VIDEO_STK1160_COMMON
        linux-yocto/6.5: serial: core: integrate upstream fixes
        linux-yocto/6.5: update to v6.5.8
        linux-yocto/6.1: update to v6.1.59
        linux-yocto/6.5: update to v6.5.9
        linux-yocto/6.1: update to v6.1.60
        kern-tools: make lower context patches reproducible
        kern-tools: bump SRCREV for queue processing changes
        kern-tools: update SRCREV to include SECURITY.md file
        kernel-yocto: improve metadata patching
        linux-yocto/6.1: cfg: restore CONFIG_DEVMEM
        linux-yocto/6.1: update to v6.1.61
        linux-yocto/6.5: cfg: restore CONFIG_DEVMEM
        linux-yocto/6.5: update to v6.5.10

  Chen Qi (2):
        kernel.bbclass: add preceding space in appendVar setting
        systemd: fix DynamicUser issue

  Chris Laplante (4):
        bitbake: codeparser: replace deprecated ast.Str and 's'
        bitbake: runqueue: set has 'add', not 'append' method
        bitbake: codeparser: add missing 'import os'
        bitbake: codegen: cleanup deprecated AST usages

  Deepthi Hemraj (1):
        binutils: Fix CVE-2022-47007

  Desone Burns (1):
        bitbake: bitbake: fetch2: git: Update Git-LFS download and tests

  Dmitry Baryshkov (11):
        kernel-arch: drop CCACHE from KERNEL_STRIP definition
        meson: use correct targets for rust binaries
        linux-firmware: upgrade 20230804 -> 20231030
        linux-firmware: add missing depenencies on license packages
        linux-firmware: add notice file to sdm845 modem firmware
        linux-firmware: add audio topology symlink to the X13's audio package
        linux-firmware: package firmware for Qualcomm Adreno a702
        linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210
        linux-firmware: package Qualcomm Venus 6.0 firmware
        linux-firmware: package Robotics RB5 sensors DSP firmware
        libdrm: upgrade 2.4.116 -> 2.4.117

  Eero Aaltonen (3):
        base-files, systemd: add nss-resolve plugin
        systemd: add option to use stub-resolv.conf
        ref-manual: add systemd-resolved to distro features

  Etienne Cordonnier (1):
        bitbake: bitbake-worker: add header with length of message

  Fabio Estevam (1):
        packagegroup-core-tools-profile: Remove PROFILE_TOOLS_X

  Fahad Arslan (1):
        linux-firmware: create separate packages

  Felix Moessbauer (1):
        bitbake: fetch2/aws: forward env-vars used in gitlab-ci K8s

  Florian Wickert (1):
        systemd: fix libnss-mymachines packaging

  Glenn Strauss (3):
        lighttpd: upgrade 1.4.71 -> 1.4.72
        lighttpd: update init script
        lighttpd: modernize lighttpd.conf

  Javier Tia (1):
        kernel-arch: use ccache only for compiler

  Jermain Horsman (3):
        lib/oe/buildcfg.py: Include missing import
        lib/oe/buildcfg.py: Remove unused parameter
        lib/bblayers/setupwriters/oe-setup-layers.py: Fix indentation

  Joakim Tjernlund (1):
        sed -i destroys symlinks

  Johannes Schneider (1):
        base-files: profile: allow profile.d to set EDITOR

  Jon Mason (2):
        qemu: drop unreferenced patch
        linux-yocto: Update dtb path for qemuarmv5

  Jose Quaresma (5):
        sstatesig: be more precise and show the full path in exceptions
        systemd: sort packages before pn
        systemd: add systemd-crypt package
        systemd: add cryptsetup-plugins package config
        systemd: add p11kit package config

  Joshua Watt (24):
        goarch: Move Go architecture mapping to a library
        bitbake: asyncrpc: Abstract sockets
        bitbake: hashserv: Add websocket connection implementation
        bitbake: asyncrpc: Add context manager API
        bitbake: hashserv: tests: Add external database tests
        bitbake: asyncrpc: Prefix log messages with client info
        bitbake: bitbake-hashserv: Allow arguments from environment
        bitbake: hashserv: Abstract database
        bitbake: hashserv: Add SQLalchemy backend
        bitbake: hashserv: Implement read-only version of "report" RPC
        bitbake: asyncrpc: Add InvokeError
        bitbake: asyncrpc: client: Prevent double closing of loop
        bitbake: asyncrpc: client: Add disconnect API
        bitbake: hashserv: Add user permissions
        bitbake: hashserv: Add become-user API
        bitbake: hashserv: Add db-usage API
        bitbake: hashserv: Add database column query API
        bitbake: hashserv: test: Add bitbake-hashclient tests
        bitbake: bitbake-hashclient: Output stats in JSON format
        bitbake: bitbake-hashserver: Allow anonymous permissions to be space separated
        bitbake: hashserv: tests: Allow authentication for external server tests
        bitbake: hashserv: Allow self-service deletion
        bitbake: hashserv: server: Add owner if user is logged in
        bitbake: asyncrpc: Add option to set log level when running as a process

  Julien Stephan (10):
        oeqa/selftest/devtool: abort if a local workspace already exist
        oeqa/selftest/devtool: remove spaces on empty line
        recipetool/create_buildsys_python: fix license note
        recipetool/create_buildsys_python: prefix created recipes with python3-
        recipetool/create_buildsys_python: refactor code for futur PEP517 addition
        recipetool/create_buildsys_python: add PEP517 support
        oeqa/selftest/recipetool: add selftest for PEP-517 recipe creation
        oeqa/selftest/devtool: fix test_devtool_modify_overrides test
        bitbake: bitbake: utils: remove spaces on empty lines
        bitbake: fetch2: git: add missing destsuffix and subpath parameters in docstrings

  Jérémy Rosen (5):
        insane: Add unimplemented-ptest infrastructure
        insane: Detect python and perl based tests
        insane: Detect build-system test harnesses
        insane: Add a naive heuristic to detect test subdirectories
        ref-manual: Add documentation for the unimplemented-ptest QA warning

  Jörg Sommer (3):
        libtirpc: Support ipv6 in DISTRO_FEATURES
        base-files: Remove localhost ::1 from hosts if ipv6 missing
        package_qa_check_rdepends: Allow /usr/bin/sh if usrmerge

  Khem Raj (23):
        gcompat: Add fcntl64 wrapper
        gcompat: Upgrade to 1.1.0 release
        python3-urllib3: Update to 2.0.6
        llvm: Upgrade to 17.0.3
        shared-mime-info: Fix missing sentinel warning
        openssl: Match target name for riscv64/riscv32
        openssl: Inherit riscv32 config from latomic config on linux
        kernel.bbclass: Use strip utility used for kernel build in do_package
        python3-urllib3: Upgrade to 2.0.7
        qemuriscv: Add to common MACHINE_FEATURES instead of overriding them
        meson: Add check for riscv64 in link template
        machine-sdk: Add SDK_ARCH for riscv64
        uninative.bbclass: Add ldso information for riscv64
        rust-cross-canadian: Add riscv64 to cross-canadian hosts
        cdrtools: Fix build on riscv64
        llvm: Upgrade to 17.0.4 release
        systemd: Make libnss-mymachines conditional upon packageconfig
        ptest-packagelists: Remove strace/valgrind/lttng-tools on riscv32
        libarchive: Add packageconfig knob for libb2
        librsvg: Fix build for riscv32
        librsvg: Enable 64bit atomics in crossbeam again for riscv32
        libsoup: Upgrade to 3.4.2 -> 3.4.4
        llvm: Upgrade to 17.0.5

  Lee Chee Yang (6):
        qemu: ignore RHEL specific CVE-2023-2680
        machine: drop obsolete SERIAL_CONSOLES_CHECK
        documentation.conf: drop SERIAL_CONSOLES_CHECK
        release-notes-4.3: add Repositories / Downloads section
        migration-guide: add release notes for 4.0.14
        migration-guide: add release notes for 4.2.4

  Logan Gunthorpe (1):
        runqemu: Add squashfs filesystem types

  Lukas Funke (5):
        classes: go-vendor: Add go-vendor class
        selftest: recipetool: Add test for go recipe handler
        recipetool: Ignore *.go files while scanning for licenses
        recipetool: Add handler to create go recipes
        udev-extraconf: mount.sh: check if filesystem is supported before mounting

  Malte Schmidt (3):
        systemd: use nonarch libdir for tmpfiles.d
        pam: use nonarch libdir for tmpfiles.d
        sysstat: use nonarch libdir for tmpfiles.d

  Marcus Folkesson (1):
        qemuboot.bbclass: fix typos in documentation

  Markus Fuchs (1):
        systemd: Add 'no-ntp-fallback' PACKAGECONFIG option

  Markus Volk (6):
        libcroco: drop recipe
        gnomebase.bbclass: Use meson as default buildsystem
        ghostscript: Build and install shared lib
        cups: Upgrade 2.4.6 -> 2.4.7
        gtk: Add rdepend on printbackend for cups
        ffmpeg: Upgrade 6.0 -> 6.1

  Marlon Rodriguez Garcia (6):
        bitbake: toaster: updated bootstrap version 3.3.6 -> 3.3.7
        bitbake: toaster: Update bootstrap version to 3.4.1
        bitbake: toaster: update jquery version 2.0.3 -> 3.7.1
        bitbake: toaster: fixed functional test
        bitbake: toaster: add tox.ini file to execute test suite
        bitbake: toaster: replace deprecated tags ifequal and ifnotequal

  Marta Rybczynska (6):
        SECURITY.md: add file
        bitbake: SECURITY.md: add file
        dev-manual: add security team processes
        python3-beartype: upgrade 0.16.2 -> 0.16.4
        python3-spdx-tools: upgrade 0.8.1 -> 0.8.2
        dev-manual: extend the description of CVE patch preparation

  Martin Jansa (13):
        staging.bbclass: process installed dependencies in deterministic order as well
        bitbake.conf: drop ${PE} and ${PR} from -f{file,macro,debug}-prefix-map
        ovmf: drop PE, PR from /usr/src/debug paths
        go-cross-canadian.inc: drop PE, PR from /usr/src/debug paths
        acpica: drop PE, PR from /usr/src/debug paths
        libjpeg-turbo: drop PE, PR from /usr/src/debug paths
        ffmpeg: drop PE, PR from /usr/src/debug paths
        perf: drop PE, PR from /usr/src/debug paths
        rust: drop PE, PR from /usr/src/debug paths
        vulkan-samples: drop PE, PR from /usr/src/debug paths
        valgrind: drop PE, PR from /usr/src/debug paths
        python3-cython: drop PE, PR from /usr/src/debug paths
        igt-gpu-tools: drop PR from /usr/src/debug paths

  Massimiliano Minella (1):
        systemd: update LICENSE statement

  Max Krummenacher (2):
        Revert "bin_package.bbclass: Inhibit the default dependencies"
        perf: fix build with latest kernel

  Meenali Gupta (5):
        avahi: fix CVE-2023-38469
        avahi: fix CVE-2023-38470
        avahi: fix CVE-2023-38471
        avahi: fix CVE-2023-38472
        avahi: fix CVE-2023-38473

  Michael Halstead (1):
        docs: add support for nanbield (4.3) release

  Michael Opdenacker (29):
        manuals: update linux-yocto append examples
        dev-manual: wic: update "wic list images" output
        sdk-manual: appendix-obtain: improve and update descriptions
        manuals: update list of supported machines
        bsp-guide: bsp: skip Intel machines no longer supported in Poky
        brief-yoctoprojectqs: use new CDN mirror for sstate
        dev-manual: start.rst: remove obsolete reference
        local.conf.sample: remove mips edgerouter machine
        oeqa/runtime/cases/parselogs: remove "edgerouter" case
        manuals: correct "yocto-linux" by "linux-yocto"
        test-manual: reproducible-builds: stop mentioning LTO bug
        ref-manual: document KERNEL_LOCALVERSION
        ref-manual: variables: document OEQA_REPRODUCIBLE_TEST_PACKAGE
        migration-guides: updates for 4.3
        migration-guides: mention runqemu change in serial port management
        ref-manual: document KERNEL_STRIP
        migration-guides: further updates for 4.3
        manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS
        ref-manual: document MESON_TARGET
        ref-manual: document cargo_c class
        ref-manual: variables: mention new CDN for SSTATE_MIRRORS
        ref-manual: variables: add RECIPE_MAINTAINER
        ref-manual: variables: remove SERIAL_CONSOLES_CHECK
        migration-guides: further updates for release 4.3
        bsp-guide: bsp.rst: update beaglebone example
        ref-manual: classes: explain cml1 class name
        migration-guides: fix empty sections
        manuals: fix URL
        ref-manual: releases.svg: update nanbield release status

  Mickael RAMILISON (1):
        scripts/patchreview: Add a custom pattern for finding recipe patches

  Mingli Yu (2):
        openssh: Add sshd.service
        openssh: Don't hardcode the dir in sshd.service

  Niko Mauno (6):
        package_rpm: Fix some pycodestyle issues
        package_rpm: Minor cosmetic and style fixes
        package_rpm: Remove unused definitions
        package_rpm: Allow compression mode override
        image_types.bbclass: Use xz default compression preset level
        ccache.conf: Remove obsolete configuration option

  Paul Barker (1):
        ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults

  Paul Eggleton (12):
        Remove references to apm in MACHINE_FEATURES
        ref-manual: update SDK_NAME variable documentation
        ref-manual: remove semicolons from *PROCESS_COMMAND variables
        release-notes-4.3: fix some typos
        release-notes-4.3: tweaks to existing text
        release-notes-4.3: add CVEs, recipe upgrades, license changes, contributors
        release-notes-4.3: remove the Distribution section
        release-notes-4.3: move new classes to Rust section
        release-notes-4.3: feature additions
        migration-4.3: remove some unnecessary items
        migration-4.3: adjustments to existing text
        migration-4.3: additional migration items

  Pavel Zhukov (1):
        bitbake: tests/fetch.py: Add tests to cover multiple branch/name parameters

  Peter Kjellerstedt (5):
        bb-matrix-plot.sh: Show underscores correctly in labels
        bitbake: command: Make parseRecipeFile() handle virtual recipes correctly
        bitbake: cookerdata: Be consistent with what type bb_data represents
        bitbake: cache: Simplify virtualfn2realfn()
        oeqa/selftest/tinfoil: Add tests that parse virtual recipes

  Peter Marko (1):
        openssl: Upgrade 3.1.3 -> 3.1.4

  Quentin Schulz (2):
        recipes-rt: update README to match newer override syntax
        ref-manual: variables: provide no-match example for COMPATIBLE_MACHINE

  Ragesh Nair (1):
        bitbake: fetch2/git: fix lfs fetch with destsuffix param

  Randy MacLeod (2):
        strace: backport fix for so_peerpidfd-test
        strace: upgrade 6.5 -> 6.6

  Rasmus Villemoes (3):
        perf: lift TARGET_CC_ARCH modification out of security_flags.inc
        valgrind: split helper scripts to separate packages, update dependencies
        perf: add jevents PACKAGECONFIG item

  Richard Purdie (34):
        reproducible: Exclude rust for now again
        linux/cve-exclusion6.1/6.5: Update to latest kernel point releases
        oeqa/qemurunner: Drop newlines serial workaround
        local.conf.sample: Document new CDN mirror for sstate
        poky.conf: Bump version for 4.3 nanbield release
        build-appliance-image: Update to master head revision
        poky.conf: Update to post release versioning
        base: Ensure recipes using mercurial-native have certificates
        qemu: Upgrade 8.1.0 -> 8.1.2
        oeqa/selftest: Drop machines support
        sstate: Ensure sstate searches update file mtime
        insane: Move unpack tests to do_recipe_qa
        go-vendor: Minor style tweaks
        package/package_write: Improve packagedata code location
        debianutils: Fix warnings
        bitbake: runqueue: Fix runall option for setscene tasks
        bitbake: runqueue: Fix errors when using -S printdiff
        oeqa/selftest/sstatetests: Fix intermitttent errors and improve performance
        layer.conf: Switch layer to nanbield series only
        libdnf: Fix arm arch mapping issues for qemuarmv5
        linux/cve-exclusion6.1/6.5: Update to latest kernel point releases
        bitbake: Revert "toaster: Bug-fix webdriver No parameter named options"
        vim: Improve locale handling
        selftest/reproducible: Allow packages exclusion via config
        bitbake: runqueue: Move 'cantskip' into sqdata
        bitbake: runqueue: Refactor StaleSetSceneTasks event out of build_scenequeue_data
        bitbake: toaster/tox.ini: Add py 3.11 and 3.12
        bitbake.conf: Drop oldincludedir
        bitbake: cooker: Add support for BB_DEFAULT_EVENTLOG
        bitbake: cooker: Avoid sideeffects for autorev from getAllKeysWithFlags
        oeqa/selftest/sstatetests: Re-enable CDN tests
        bitbake.conf: Log events by default using BB_DEFAULT_EVENTLOG
        package_ipk: Fix Source: field variable dependency
        Revert "binutils: Fix CVE-2022-47007"

  Robert P. J. Day (2):
        dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section
        profile-manual: aesthetic cleanups

  Ross Burton (36):
        man-db: add RRECOMMENDS on glibc-utils for iconv
        man-db: remove inexplicable man_db.conf patch
        patchtest: remove unused imports
        patchtest: sort when reading patches from a directory
        linux-yocto: update CVE exclusions
        libxml2: ignore disputed CVE-2023-45322
        zlib: ignore CVE-2023-45853
        cve-check: sort the package list in the JSON report
        cve-check: slightly more verbose warning when adding the same package twice
        pixman: ignore CVE-2023-37769
        scripts/patchreview: rework patch detection
        scripts/contrib/patchreview: add commit and recipe count fields to JSON
        scripts/contrib/patchreview: consolidate imports
        scripts/contrib/patchreview: fix commit identification
        cve-check: don't warn if a patch is remote
        migration-guides: add debian 12 to newly supported distros
        migration-guides: edgerouter machine removed
        migration-guides: QEMU_USE_SLIRP variable removed
        migration-guides: remove non-notable change
        migration-guides: mention LLVM 17
        migration-guides: mention CDN
        migration-guides: add kernel notes
        migration-guides: remove SERIAL_CONSOLES_CHECK
        migration-guides: enabling SPDX only for Poky, not a global default
        migration-guides: add testing notes
        migration-guides: add utility notes
        migration-guides: add BitBake changes
        migration-guides: packaging changes
        migration-guides: git recipes reword
        poky-tiny: fix PACKAGE_EXCLUDE
        Revert "xserver-xorg: Fix for CVE-2023-5574"
        xwayland: upgrade to 23.2.2
        lib/oe/patch: ensure os.chdir restoring always happens
        oeqa/selftest/debuginfod: improve selftest
        shared-mime-info: embed PV in the filename
        rust-llvm: remove python3native dependency

  Rouven Czerwinski (1):
        glib-2.0: Remove unnecessary assignement

  Sean Nyekjaer (3):
        rust-cross-canadian: set CARGO_TARGET_<triple>_RUSTFLAGS
        rust-cross-canadian: set CARGO_TARGET_<triple>_RUNNER for nativesdk
        oeqa/sdk/rust: Add build and run test of rust binary with SDK host

  Sergei Zhmylev (1):
        classes: Move package RDEPENDS processing out of debian.bbclass

  Siddharth Doshi (2):
        vim: Upgrade 9.0.1894 -> 9.0.2009
        vim: Upgrade 9.0.2009 -> 9.0.2048

  Stefan Herbrechtsmeier (2):
        glibc: use nonarch libdir for tmpfiles.d
        classes: go-mod: do not pack go mod cache

  Steve Sakoman (1):
        vim: use upstream generated .po files

  Stéphane Veyret (2):
        volatile-binds: Allow creation of subdirectories
        volatile-binds: Calculate the name of the /var/lib service

  Thomas Perrot (1):
        opensbi: Upgrade to 1.3.1 release

  Thomas Wolber (1):
        kea: drop unused directory

  Tim Orling (9):
        recipetool: add python_hatchling support
        lsb-release: use https for UPSTREAM_CHECK_URI
        bitbake: toaster: drop deprecated USE_L10N from settings
        bitbake: toaster: use docs for BitBake link on landing page
        bitbake: toaster: fix obsolete use of find_element_by_link_text
        bitbake: toaster: test_create_new_project typos, whitespace
        python3-hypothesis: upgrade 6.88.3 -> 6.89.0
        python3-setuptools-scm: upgrade 7.1.0 -> 8.0.4
        python3-poetry-core: upgrade 1.7.0 -> 1.8.1

  Trevor Gamblin (30):
        patchtest: improve test issue messages
        patchtest: clean up test suite
        patchtest/requirements.txt: update
        patchtest: add supporting modules
        patchtest: add scripts to oe-core
        patchtest: set default repo and testdir targets
        patchtest: update SPDX identifiers
        patchtest/selftest: fix command arguments
        patchtest: check for untracked changes
        patchtest: test regardless of mergeability
        patchtest: skip merge test if not targeting master
        contributor-guide: add patchtest section
        contributor-guide: clarify patchtest usage
        patchtest: fix lic_files_chksum test regex
        patchtest-send-results: improve subject line
        patchtest: disable merge test
        patchtest-send-results: check max line length, simplify responses
        patchtest/selftest: add XSKIP, update test files
        patchtest: simplify test directory structure
        patchtest: reduce checksum test output length
        patchtest: shorten test result outputs
        patchtest-send-results: send results to submitter
        patchtest-send-results: add In-Reply-To
        patchtest: make pylint tests compatible with 3.x
        patchtest: remove test for CVE tag in mbox
        patchtest-send-results: fix sender parsing
        patchtest: rework license checksum tests
        python3-mako: upgrade 1.2.4 -> 1.3.0
        python3-trove-classifiers: upgrade 2023.10.18 -> 2023.11.14
        python3-numpy: upgrade 1.26.0 -> 1.26.2

  Vijay Anusuri (1):
        xserver-xorg: Fix for CVE-2023-5574

  Vincent Davis Jr (1):
        acpica: add nativesdk to BBCLASSEXTEND

  Vyacheslav Yurkov (1):
        lib/oe/path: Deploy files can start only with a dot

  Wang Mingyu (79):
        openssh: upgrade 9.4p1 -> 9.5p1
        bluez5: upgrade 5.69 -> 5.70
        btrfs-tools: upgrade 6.5.1 -> 6.5.2
        createrepo-c: upgrade 1.0.0 -> 1.0.1
        dhcpcd: upgrade 10.0.2 -> 10.0.3
        ell: upgrade 0.58 -> 0.59
        kmod: upgrade 30 -> 31
        libcomps: upgrade 0.1.19 -> 0.1.20
        libsdl2: upgrade 2.28.3 -> 2.28.4
        libubootenv: upgrade 0.3.4 -> 0.3.5
        ltp: upgrade 20230516 -> 20230929
        libva: upgrade 2.19.0 -> 2.20.0
        python3-git: upgrade 3.1.36 -> 3.1.37
        python3-babel: upgrade 2.12.1 -> 2.13.0
        python3-beartype: upgrade 0.15.0 -> 0.16.2
        python3-cffi: upgrade 1.15.1 -> 1.16.0
        python3-hypothesis: upgrade 6.86.2 -> 6.87.4
        python3-iso8601: upgrade 2.0.0 -> 2.1.0
        python3-markdown: upgrade 3.4.4 -> 3.5
        python3-packaging: upgrade 23.1 -> 23.2
        python3-pycairo: upgrade 1.24.0 -> 1.25.0
        python3-ruamel-yaml: upgrade 0.17.32 -> 0.17.35
        xkeyboard-config: upgrade 2.39 -> 2.40
        python3-wcwidth: upgrade 0.2.6 -> 0.2.8
        repo: upgrade 2.36.1 -> 2.37
        shared-mime-info: upgrade 2.2 -> 2.3
        sqlite3: upgrade 3.43.1 -> 3.43.2
        stress-ng: upgrade 0.16.05 -> 0.17.00
        base-passwd: upgrade 3.6.1 -> 3.6.2
        createrepo-c: upgrade 1.0.1 -> 1.0.2
        cronie: upgrade 1.6.1 -> 1.7.0
        dhcpcd: upgrade 10.0.3 -> 10.0.4
        enchant2: upgrade 2.6.1 -> 2.6.2
        btrfs-tools: upgrade 6.5.2 -> 6.5.3
        debianutils: upgrade 5.13 -> 5.14
        gpgme: upgrade 1.22.0 -> 1.23.1
        harfbuzz: upgrade 8.2.1 -> 8.2.2
        libdnf: upgrade 0.71.0 -> 0.72.0
        libical: upgrade 3.0.16 -> 3.0.17
        libjpeg-turbo: upgrade 3.0.0 -> 3.0.1
        libnewt: upgrade 0.52.23 -> 0.52.24
        libnsl2: upgrade 2.0.0 -> 2.0.1
        lighttpd: upgrade 1.4.72 -> 1.4.73
        msmtp: upgrade 1.8.24 -> 1.8.25
        ghostscript: upgrade 10.02.0 -> 10.02.1
        glib-2.0: upgrade 2.78.0 -> 2.78.1
        python3-pyrsistent: upgrade 0.19.3 -> 0.20.0
        python3-babel: upgrade 2.13.0 -> 2.13.1
        python3-gitdb: upgrade 4.0.10 -> 4.0.11
        python3-git: upgrade 3.1.37 -> 3.1.40
        python3-hypothesis: upgrade 6.87.4 -> 6.88.1
        python3-pip: upgrade 23.2.1 -> 23.3.1
        python3-psutil: upgrade 5.9.5 -> 5.9.6
        python3-pycairo: upgrade 1.25.0 -> 1.25.1
        python3-pyopenssl: upgrade 23.2.0 -> 23.3.0
        python3-pytest: upgrade 7.4.2 -> 7.4.3
        python3-setuptools-rust: upgrade 1.7.0 -> 1.8.1
        python3-testtools: upgrade 2.6.0 -> 2.7.0
        python3-trove-classifiers: upgrade 2023.9.19 -> 2023.10.18
        python3-wcwidth: upgrade 0.2.8 -> 0.2.9
        python3-wheel: upgrade 0.41.2 -> 0.41.3
        shaderc: upgrade 2023.6 -> 2023.7
        xserver-xorg: upgrade 21.1.8 -> 21.1.9
        python3-cryptography(-vectors): upgrade 41.0.4 -> 41.0.5
        dhcpcd: upgrade 10.0.4 -> 10.0.5
        diffoscope: upgrade 249 -> 251
        git: upgrade 2.42.0 -> 2.42.1
        iproute2: upgrade 6.5.0 -> 6.6.0
        libsdl2: upgrade 2.28.4 -> 2.28.5
        libsolv: upgrade 0.7.25 -> 0.7.26
        libuv: upgrade 1.46.0 -> 1.47.0
        bash: upgrade 5.2.15 -> 5.2.21
        dnf: upgrade 4.17.0 -> 4.18.1
        python3-hatch-vcs: upgrade 0.3.0 -> 0.4.0
        python3-hypothesis: upgrade 6.88.1 -> 6.88.3
        python3-pbr: upgrade 5.11.1 -> 6.0.0
        python3-testtools: upgrade 2.7.0 -> 2.7.1
        shared-mime-info: upgrade 2.3 -> 2.4
        stress-ng: upgrade 0.17.00 -> 0.17.01

  William A. Kennington III (1):
        kernel: Commit without running hooks

  William Lyu (2):
        perl: fix intermittent test failure
        openssl: improve handshake test error reporting

  Xiangyu Chen (4):
        linux-yocto: make sure the pahole-native available before do_kernel_configme
        grub: Fix for CVE-2023-4692 and CVE-2023-4693
        sudo: upgrade 1.9.14p3 -> 1.9.15p2
        openssh: add systemd readiness notification support

  Yoann Congal (4):
        insane: skip unimplemented-ptest on S=WORKDIR recipes
        insane: unimplemented-ptest: ignore source file errors
        selftest/reproducible: Split a long line
        meta-selftest/files: add xuser to static-passwd/-group

  david d zuhn (1):
        bitbake.conf: remove ${CCACHE} from FORTRAN compiler

  luca fancellu (1):
        oeqa/ssh: Handle SSHCall timeout error code

meta-arm: e914891eee..1dff3300fb:
  Abdellatif El Khlifi (6):
        arm-bsp/linux-yocto: corstone1000: bump to v6.5%
        arm-bsp/documentation: corstone1000: enable debug-tweaks
        arm-bsp/documentation: corstone1000: update the release note
        arm-bsp/documentation: corstone1000: update the change log
        arm-bsp/documentation: corstone1000: update the user guide
        kas: corstone1000: pin the SHAs

  Ali Can Ozaslan (1):
        arm-bsp/documentation: corstone1000: Update the user guide

  Debbie Martin (10):
        arm-bsp/u-boot: Divide the U-boot configuration by machine
        arm-bsp/fvp-base: Merge fvp-common.inc into fvp-base.conf
        arm-bsp/trusted-firmware-a/fvp-base: Add stdout path and virtio net and rng
        arm-bsp/u-boot/fvp-base: Configure FVP base U-boot machine and enable U-boot sysreset, CRC-32 and virtio RNG
        arm-bsp/fvp-base: Configure grub as the EFI provider
        arm/fvp-base: Update the default testsuites
        arm-systemready: Introduce the Arm SystemReady layer
        arm-bsp/systemready: Bring up the Arm SystemReady IR ACS 2.0 suite on FVP base
        kas: Add kas configuration for Arm SystemReady and fvp-base
        ci: Add fvpboot to IMAGE_CLASSES

  Delane Brandy (1):
        arm-bsp/documentation: corstone1000: Update the user guide

  Drew Reed (2):
        arm-bsp: Enable TF-A test building for the N1SDP
        CI: Enable TF-A TFTF test builds

  Emekcan Aras (17):
        arm-bsp/u-boot: corstone1000: enable on-disk capsule update
        arm-bsp/u-boot: corstone1000: fix runtime capsule update flag checks
        arm-bsp/trusted-firmware-m: fix capsule update alignment
        arm-bsp/trusted-firmware-m: update the upstream status of the out-of-tree patches
        arm-bsp/u-boot: corstone1000: scatter gather list workaround for ondisk capsule update
        arm-bsp/trusted-services: enable signaled handling interrupts for SPs
        arm-bsp/corstone1000: fix synchronization issue on openamp notification
        arm/fvp-corstone1000: upgrade to 11.23_25
        arm-bsp/corstone1000-fvp: Add virtio-net configuration
        arm-bsp/corstone1000-fvp: add unpadded image support for MMC card config
        arm-bsp/corstone1000-fvp: Disable Time Annotation
        arm-bsp/u-boot: corstone1000: enable virtio-net support for FVP
        arm-bsp/documentation: corstone1000: update the architecture document
        arm-bsp/documentation: corstone1000: Add EFI system partition section
        arm-bsp/documentation: corstone1000: add a note and fix instructions
        arm-bsp/documentation: corstone1000: add readthedocs.yaml file
        arm-bsp/documentation: corstone1000: fix the requirements.txt and conf.py path

  Harsimran Singh Tungal (4):
        arm-bsp/u-boot: corstone1000: Remove External system patches
        arm-bsp/linux: corstone1000: update the defconfig
        arm-bsp/linux: corstone1000: Remove External system patches
        arm-bsp/images: corstone1000: Remove the external system test package

  Javier Tia (1):
        trusted-firmware-a: fix build error when using ccache

  Jon Mason (10):
        arm-bsp/linux-yocto: add recipe for v6.4 kernel
        arm/linux-yocto: remove defconfig patch
        CI: add sbsa-acs to recipe report
        arm/linux-yocto: remove PHYS_VIRT config frag
        arm-bsp/optee: remove 3.18 recipes and patches
        arm-bsp/edk2: remove 202211
        arm/hafnium: update to v2.9
        arm/optee: update to 4.0.0
        arm/optee: cleanups from code review
        arm/toolchains: update to 13.2.Rel1

  Mariam Elshakfy (3):
        arm-bsp/n1sdp: Move OP-TEE to DDR4
        arm-bsp/n1sdp: Enable OP-TEE cache in N1SDP
        arm-bsp/corstone1000: Remove inappropriate kernel delay patch

  Ross Burton (24):
        arm/oeqa/selftest: tag all tests with "meta-arm"
        CI: don't hardcode the selftest tests to run
        CI: also run the _qemutiny testcase for poky-tiny
        CI: track nanbield branches
        arm/fvp-corstone1000: upgrade to 11.22.35, add aarch64 binaries
        kas/corstone1000: don't limit the FVP use to x86-64
        CI: don't pin corstone1000-fvp to x86-64
        CI: build both aarch64 and x86-64 packages for as many FVPs as possible
        arm-bsp/u-boot: remove 2023.01
        arm/trusted-firmware-a: update mbedtls to recommended release
        CI: Add meta-secure-core to pending-upgrades for corstone1000
        arm-bsp: corstone1000 depends on meta-efi-secure-boot
        arm/generic-arm64: remove obsolete SERIAL_CONSOLES_CHECK
        arm/lib/fvp/runner: don't pass '' as cwd
        scripts/runfvp: exit code should be the FVP exit code
        arm/selftest: add test that DISPLAY is forwarded into the runfvp child
        CI: use nanbield branch for meta-virtualization
        CI: use nanbield branch of meta-clang
        arm/optee: handle CVE-2021-36133 as disputed
        arm-bsp/optee-os: backport fix for CVE-2023-41325
        arm/fvp-base-a-aem: upgrade to 11.23.9
        arm-bsp/fvp-base: upgrade tune to v8.4
        arm-bsp/trusted-firmware-a: use v8.4 instructions on fvp-base
        arm-bsp/optee-os: update Upstream-Status tags

  Vikas Katariya (1):
        arm-bsp/corstone1000: Fix RSA key generation issue

  Xueliang Zhong (2):
        Update Corstone-1000 doc with security issue reporting guideline
        arm-bsp/n1sdp: update to linux yocto kernel 6.5

meta-raspberrypi: 482d864b8f..8231f97534:
  Andrei Gherzan (1):
        docs: Fix ReadTheDocs builds.os requirement

  Carlos Alberto Lopez Perez (1):
        linux-raspberrypi: stop setting powersave as the default CPU governor

  Jose Quaresma (2):
        linux-raspberrypi/linux-raspberrypi-v7: drop 5.10 version
        rpi-base: Adds EXTRA_IMAGEDEPENDS to fix the image task do_populate_lic_deploy

  Khem Raj (1):
        linux-raspberrypi_6.1.bb: Update to 6.1.61 release

  Leon Anavi (2):
        rpi-config: Upgrade to tip of tree
        rpi-config: reintroduce start_x

  Matthew Draws (1):
        rpi-eeprom: Update to 2023.10.18-2712

  Vincent Davis Jr (1):
        rpidistro-vlc: add new patch po-Fix-typos-in-oc

meta-openembedded: 62039a2c33..991e6852a5:
  Akash Hadke (1):
        libeigen: Update GPL-3.0-only to GPL-2.0-only

  Alex Kiernan (2):
        reptyr: Add 0.10.0
        mdns: Upgrade 2200.0.8 -> 2200.40.37.0.1

  Alper Ak (1):
        unionfs-fuse: upgrade 2.2 --> 3.4

  Andrew Jeffery (1):
        mdio-tools: Add virtual/kernel dependency to avoid stale SPDX reference

  Armin Kuster (4):
        netkit: Drop old and no upstream
        MAINTANERS: drop netkit
        README: drop netkit maintainer
        pkggrp: drop netkit

  Arthur Oliveira (5):
        python3-objectpath: Add ObjectPath Python Recipe
        python3-flask-restx: Add Flask-RestX Python Recipe
        python3-zopeevent: Add Zope.Event Python Recipe
        python3-aniso8601: Add ISO 8601 parsing library
        python3-flask-restx: Switch dependency from isodate to aniso8601

  Bartosz Golaszewski (5):
        shunit2: new recipe
        libgpiod: update to v2.1
        python3-gpiod: update to v2.1.3
        python3-gpiod: setup target config in ptest compile
        python3-gpiod: fix the required version of libgpiod

  Beniamin Sandu (2):
        mbedtls: upgrade 3.4.1 -> 3.5.0
        unbound: upgrade 1.18.0 -> 1.19.0

  Benjamin Bouvier (1):
        libsmi: enable native build

  Carlos Alberto Lopez Perez (1):
        libbacktrace: Update version and enable shared library.

  Charles Perry (4):
        libosip2: add recipe
        libexosip2: add recipe
        libexosip2: add c-ares and openssl PACKAGECONFIG
        libexosip2: package binaries in a separate package

  Chi Xu (1):
        re2: Add ptest support

  Christian Eggers (1):
        python3-gcovr: switch to main branch

  Christophe Vu-Brugier (1):
        exfatprogs: upgrade 1.2.1 -> 1.2.2

  Clément Péron (2):
        proj: Upgrade to 9.3.0 release
        pcapplusplus: Add recipe for 23.09 release

  Daiane Angolini (1):
        wireguard-tools: Use PACKAGECONFIG to select wg-quick and bash-completion

  Daniel McGregor (1):
        python3-pylint: allow native build

  Daniel Semkowicz (2):
        cockpit: Fix cockpit-askpass path
        cockpit: Bump to version 304

  David Pierret (3):
        libtext: add ptest
        cjson: Add ptest
        python3-rapidjson: add missing ptest dependency

  Edi Feschiyan (1):
        libbytesize: update SRC_URI

  Etienne Cordonnier (1):
        uutils-coreutils: upgrade 0.0.21 -> 0.0.22

  Fabien Thomas (2):
        klibc/klibc.inc : Add DEBUG_PREFIX_MAP flag.
        samba.bb : Disable ad-dc by default

  Fabio Estevam (5):
        edid-decode: Upgrade to latest master
        openocd: Use https for github
        python3-piccata: Use https for github
        multipath-tools: Use https for github
        crucible: Upgrade to 2023.11.02

  Gianfranco Costamagna (3):
        vbxguestdrivers: upgrade 7.0.10 -> 7.0.12
        cpulimit: add DESCRIPTION field
        dlt-daemon: cherry-pick another upstream-proposed patch

  Hains van den Bosch (1):
        libebml: Enable shared libraries

  Jamin Lin (1):
        Brotli: fix build failed if the path includes "-static"

  Jan Claußen (1):
        btop: Add recipe

  Jan Vermaete (3):
        netdata: chown in systemd service with ':' iso '.'
        netdata: version bump 1.43.0 -> 1.43.2
        README.md: was a Markdown paragraph and should be a list

  Jeffrey Pautler (1):
        apache2: add vendor to product name used for CVE checking

  Joe Slater (2):
        python3-pynacl: add RCONFLICTS with python3-nacl
        python3-django: move to version 4.2.5

  Johannes Kauffmann (1):
        open62541: update to v1.3.8

  Johnathan Mantey (1):
        ipmitool: Update and eliminate unneeded patch

  Jonas Gorski (1):
        frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}

  Jose Quaresma (4):
        ostree: Upgrade 2023.5 -> 2023.6
        ostree: drop trivial-httpd-cmdline
        ostree: add ed25519-openssl
        ostree: Upgrade 2023.6 -> 2023.7

  Kai Kang (4):
        xfce4-panel-profiles: 1.0.13 -> 1.0.14
        python3-nacl: drop duplicate recipe
        python3-blivet: 3.4.3 -> 3.8.2
        python3-blivetgui: 2.3.0 -> 2.4.2

  Khem Raj (209):
        libnet-idn-encode: Fix build with perl 2.38 and gcc13
        poco: Fix data race when create POSIX thread
        static-group: Match nogroup id to base-passwd from core.
        gutenprint: Upgrade to 5.3.4
        meta-perl: Add libtext-diff-perl to fast ptest list
        leveldb: Upgrade to 1.23 plus latest git
        meta-python: Add python3-rapidjson to PTESTS_FAST_META_PYTHON
        leveldb: Print uint64_t with PRI64
        network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker versioning patch when using lld only
        emlog: Add PV
        ccid: upgrade 1.5.2 -> 1.5.4
        jack: upgrade 1.19.22 -> 2
        abseil-cpp: upgrade 20230802.0 -> 20230802.1
        xterm: upgrade 387 -> 388
        toybox: upgrade 0.8.8 -> 0.8.10
        pahole: upgrade 1.24 -> 1.25
        gcab: upgrade 1.4 -> 1.6
        feh: upgrade 3.10 -> 3.10.1
        xmlsec1: upgrade 1.2.37 -> 1.3.2
        xmlsec1: Fix the key name in verify2 test
        ctags: upgrade 6.0.20231001.0 -> 6.0.20231029.0
        googlebenchmark: upgrade 1.8.0 -> 1.8.3
        opencl-headers: upgrade 04.17 -> 2023.04.17
        thingsboard-gateway: upgrade 3.4.1 -> 3.4.2
        neatvnc: upgrade 0.6.0 -> 0.7.0
        lastlog2: upgrade 1.1.0 -> 1.2.0
        libmbim: upgrade 1.30.0 -> 1.31.1
        ser2net: upgrade 4.3.13 -> 4.5.0
        fio: upgrade 3.32 -> 2022
        libosinfo: upgrade 1.10 -> 1.11.0
        webkitgtk3: upgrade 2.42.0 -> 2.42.1
        mstpd: upgrade 0.1 -> 0.05
        smarty: upgrade 4.3.0 -> 4.3.4
        geos: upgrade 3.12.0 -> 3.12.0beta2
        wtmpdb: upgrade 0.7.1 -> 0.9.3
        lsscsi: upgrade 0.32 -> 030
        glibmm-2.68: upgrade 2.74.0 -> 2.78.0
        mcelog: upgrade 194 -> 196
        libfastjson: upgrade 0.99.9 -> 1.2304.0
        libraw: upgrade 0.20.2 -> 0.21.1
        cairomm-1.16: upgrade 1.16.2 -> 1.18.0
        libbpf: upgrade 1.2.0 -> 1.2.2
        libtorrent: upgrade 0.13.8 -> 1
        modemmanager: upgrade 1.22.0 -> 1.23.1
        c-ares: upgrade 1.20.1 -> 1.21.0
        pmdk: upgrade 1.12.1 -> 2.0.0
        hwdata: upgrade 0.370 -> 0.375
        mksh: upgrade 59 -> R59c
        sdbus-c++: upgrade 1.3.0 -> 1.4.0
        cjson: upgrade 1.7.15 -> 1.7.16
        uftrace: upgrade 0.13.1 -> 0.14
        python3-trustme: upgrade 0.9.0 -> 1.1.0
        python3-eth-utils: upgrade 2.2.2 -> 2.3.0
        python3-xstatic-font-awesome: upgrade 4.7.0.0 -> 6.2.1.1
        python3-process-tests: upgrade 2.1.2 -> 3.0.0
        python3-pyperf: upgrade 2.6.1 -> 2.6.2
        python3-sentry-sdk: upgrade 1.26.0 -> 1.34.0
        python3-websockets: upgrade 11.0.3 -> 12.0
        python3-alembic: upgrade 1.12.0 -> 1.12.1
        python3-pymisp: upgrade 2.4.176 -> 2.4.178
        python3-traitlets: upgrade 5.11.2 -> 5.13.0
        python3-pytest-mock: upgrade 3.11.1 -> 3.12.0
        python3-kivy: upgrade 2.1.0 -> 2.2.1
        python3-web3: upgrade 6.11.1 -> 6.11.2
        python3-m2crypto: upgrade 0.39.0 -> 0.40.1
        python3-rapidjson: upgrade 1.12 -> 1.13
        python3-eth-typing: upgrade 3.5.0 -> 3.5.1
        python3-email-validator: upgrade 2.0.0 -> 2.1.0
        python3-icu: upgrade 2.11 -> 2.12
        python3-virtualenv: upgrade 20.24.5 -> 20.24.6
        python3-tzlocal: upgrade 5.1 -> 5.2
        python3-cantools: upgrade 39.2.0 -> 39.3.0
        python3-flask-login: upgrade 0.6.2 -> 0.6.3
        python3-argcomplete: upgrade 3.1.2 -> 3.1.4
        python3-wxgtk4: upgrade 4.2.0 -> 4.2.1
        python3-meson-python: upgrade 0.14.0 -> 0.15.0
        python3-pymongo: upgrade 4.5.0 -> 4.6.0
        python3-imgtool: upgrade 1.10.0 -> 2.0.0
        python3-google-api-python-client: upgrade 2.104.0 -> 2.106.0
        python3-tornado: upgrade 6.3 -> 6.3.3
        python3-imageio: upgrade 2.31.5 -> 2.31.6
        python3-blinker: upgrade 1.6.3 -> 1.7.0
        python3-pyhamcrest: upgrade 2.0.4 -> 2.1.0
        python3-pytest-asyncio: upgrade 0.21.1 -> 0.22.0
        python3-pyjwt: upgrade 2.7.0 -> 2.8.0
        python3-bitstruct: upgrade 8.18.0 -> 8.19.0
        python3-filelock: upgrade 3.12.4 -> 3.13.1
        python3-sqlalchemy: upgrade 2.0.22 -> 2.0.23
        python3-greenlet: upgrade 2.0.2 -> 3.0.1
        python3-charset-normalizer: upgrade 3.3.0 -> 3.3.2
        python3-cbor2: upgrade 5.4.6 -> 5.5.1
        python3-cbor2: Add missing hypothesis rdep for ptests
        python3-asttokens: upgrade 2.4.0 -> 2.4.1
        python3-xlsxwriter: upgrade 3.1.8 -> 3.1.9
        python3-cachetools: upgrade 5.3.1 -> 5.3.2
        python3-paramiko: upgrade 3.2.0 -> 3.3.1
        python3-tomlkit: upgrade 0.12.1 -> 0.12.2
        python3-eth-account: upgrade 0.9.0 -> 0.10.0
        python3-reedsolo: upgrade 1.7.0 -> 2.0.13
        python3-shellingham: upgrade 1.5.3 -> 1.5.4
        python3-ipython: upgrade 8.16.1 -> 8.17.2
        python3-argh: upgrade 0.29.4 -> 0.30.3
        python3-executing: upgrade 2.0.0 -> 2.0.1
        python3-pylint: upgrade 3.0.1 -> 3.0.2
        python3-google-auth: upgrade 2.23.3 -> 2.23.4
        libtest-harness-perl: upgrade 3.47 -> 3.48
        libmodule-build-tiny-perl: upgrade 0.046 -> 0.047
        libdbd-sqlite-perl: upgrade 1.72 -> 1.74
        libconfig-tiny-perl: upgrade 2.29 -> 2.30
        libcgi-perl: upgrade 4.57 -> 4.60
        ipset: upgrade 7.15 -> 7.19
        openvpn: upgrade 2.6.3 -> 2.6.6
        nng: upgrade 1.5.2 -> 12
        usrsctp: upgrade to latest revision
        python3-scapy: upgrade to latest revision
        wolfssl: upgrade 5.5.4 -> 5.6.4
        tnftp: upgrade 20210827 -> 20230507
        fluidsynth: upgrade 2.3.2 -> 2.3.4
        libuvc: upgrade 0.0.6 -> 0.0.7
        libdc1394: upgrade 2.2.6 -> 2.2.7
        ncmpc: upgrade 0.47 -> 0.49
        gerbera: upgrade 1.11.0 -> 1.12.1
        gst-shark: upgrade 0.7.3.1 -> 0.8.1
        gupnp-av: upgrade 0.14.0 -> 0.14.1
        libmediaart-2.0: upgrade 1.9.5 -> 1.9.6
        libdvbpsi: upgrade 1.3.0 -> 1.3.3
        fdk-aac: upgrade 2.0.1 -> 2.0.2
        libavif: upgrade 0.11.1 -> 1.0.1
        libdvdcss: upgrade 1.4.2 -> 1.4.3
        aom: upgrade 3.6.1 -> 3.7.0
        aom: Disable neon when building on arm
        dav1d: upgrade 1.2.0 -> 1.3.0
        network-manager-applet: upgrade 1.32.0 -> 1.34.0
        gvfs: upgrade 1.52.0 -> 1.52.1
        gnome-text-editor: upgrade 45.0 -> 45.1
        libwacom: upgrade 2.6.0 -> 2.8.0
        evolution-data-server: upgrade 3.50.0 -> 3.50.1
        orage: upgrade 4.16.0 -> 4.18.0
        xfce4-systemload-plugin: upgrade 1.3.1 -> 1.3.2
        xfce4-screenshooter: upgrade 1.10.3 -> 1.10.4
        xfce4-appfinder: upgrade 4.18.0 -> 4.19.1
        xfce4-netload-plugin: upgrade 1.4.0 -> 1.4.1
        thunar-shares-plugin: upgrade 0.3.1 -> 0.3.2
        xfce4-battery-plugin: upgrade 1.1.4 -> 1.1.5
        xfce4-places-plugin: upgrade 1.8.1 -> 1.8.3
        libxfce4util: upgrade 4.18.1 -> 4.19.2
        xfce4-notes-plugin: upgrade 1.9.0 -> 1.10.0
        xfce4-weather-plugin: upgrade 0.11.0 -> 0.11.1
        thunar: upgrade 4.18.4 -> 4.19.0
        catfish: upgrade 4.16.3 -> 4.18.0
        xfce4-time-out-plugin: upgrade 1.1.2 -> 1.1.3
        thunar-archive-plugin: upgrade 0.5.1 -> 0.5.2
        xfce4-timer-plugin: upgrade 1.7.1 -> 1.7.2
        xfce4-calculator-plugin: upgrade 0.7.1 -> 0.7.2
        xfmpc: upgrade 0.3.0 -> 0.3.1
        garcon: upgrade 4.18.1 -> 4.19.0
        xfce4-genmon-plugin: upgrade 4.1.1 -> 4.2.0
        xfce4-fsguard-plugin: upgrade 1.1.2 -> 1.1.3
        xfce4-cpugraph-plugin: upgrade 1.2.7 -> 1.2.8
        parole: upgrade 4.16.0 -> 4.18.0
        xfce4-datetime-plugin: upgrade 0.8.1 -> 0.8.3
        menulibre: upgrade 2.2.3 -> 2.3.2
        xfce4-pulseaudio-plugin: upgrade 0.4.3 -> 0.4.8
        libxfce4ui: upgrade 4.18.3 -> 4.19.3
        xfce4-taskmanager: upgrade 1.5.5 -> 1.5.6
        xfce4-mpc-plugin: upgrade 0.5.2 -> 0.5.3
        mousepad: upgrade 0.5.9 -> 0.6.1
        gigolo: upgrade 0.5.2 -> 0.5.3
        xfce4-verve-plugin: upgrade 2.0.1 -> 2.0.3
        exo: upgrade 4.18.0 -> 4.19.0
        xfce4-mailwatch-plugin: upgrade 1.3.0 -> 1.3.1
        xarchiver: upgrade 0.5.4.17 -> 0.5.4.21
        xfsprogs: upgrade 6.1.1 -> 6.5.0
        xfstests: upgrade 2023.03.05 -> 2023.10.29
        xfstests: Fix build with clang17
        xfstests: Fix build on musl
        ufs-utils: upgrade to latest revision
        xfce4-systemload-plugin: Fix build on 32bit machines
        libsodium: upgrade 1.0.18 -> 1.0.19
        libsodium: Fix build with clang on aarch64
        Revert "modemmanager: upgrade 1.22.0 -> 1.23.1"
        modemmanager: inherit upstream-version-is-even
        Revert "geos: upgrade 3.12.0 -> 3.12.0beta2"
        emlog: Drop SRCPV
        makedumpfile: Change COMPATIBLE_HOST check to exclude unsupported arches
        packagegroup-meta-oe: Update makedumpfile architecture support list
        gupnp: Add missing rdep on python3-core
        vte9: Upgrade to 0.74.1
        rygel: Upgrade to 0.40.4 -> 0.42.4
        vte9: Add knob for enabling systemd
        meta-networking: Use autotools make system
        meta-oe: Use autotools make system
        toscoterm: Skip recipe, slated for removal
        loudmouth: Upgrade to 1.5.4
        toscoterm: Delete recipe
        librest: Use autotools make system
        cannelloni: Fix build with clang and libc++ runtime
        gnome-console: Add missing dependency on gtk4-native
        gnome-terminal: Add missing dependency on libhandy
        dleyna-core: Update to tip of master
        dleyna: Skip all dleyna recipes, slated for removal
        packagegroup-meta-multimedia: Remove dleyna recipes
        beep: Upgrade to 1.4.12
        yelp: Use autotools for build system
        gstd: Upgrade to 0.15.0
        gimp: Update to 2.10.36
        projucer: Refresh patch to apply cleanly
        ledmon: Fix systemd unit install
        libxml++-5.0: Make use of gnomebase bbclass

  LI Qingwu (1):
        kmsxx: Add recipe

  Lei Maohui (1):
        gexiv2: Fix do_package QA issue when usrmerge enabled.

  Leon Anavi (32):
        sip: upgrade 6.7.11 -> 6.7.12
        python3-rarfile: add recipe
        python3-colorclass: add recipe
        python3-inflate64: add recipe
        python3-jsbeautifier: add recipe
        python3-pymemcache: add recipe
        python3-multivolumefile: add recipe
        python3-oletools: add recipe
        python3-olefile: add recipe
        python3-pcodedmp: add recipe
        python3-screeninfo: add recipe
        python3-unoconv: add recipe
        python3-pybcj: add recipe
        python3-pyppmd: add recipe
        python3-py7zr: add recipe
        python3-wand: add recipe
        python3-pdm-backend: add recipe
        python3-pdm: add recipe
        python3-jsonref: Upgrade 1.0.1 -> 1.1.0
        imlib2: Upgrade 1.7.1 -> 1.12.1
        libblockdev: Upgrade 3.0.3 -> 3.0.4
        exiftool: add recipe
        bindfs: add recipe
        qpdf: Update 10.6.3 -> 11.6.3
        python3-file-magic: add recipe
        python3-wrapt: Upgrade 1.15.0 -> 1.16.0
        python3-bitarray: Upgrade 2.8.2 -> 2.8.3
        python3-pillow: Upgrade 10.0.1 -> 10.1.0
        python3-polyline: upgrade 1.4.0 -> 2.0.1
        python3-py7zr: Upgrade 0.20.7 -> 0.20.8
        python3-zeroconf: upgrade 0.120.0 -> 0.126.0
        python3-pystemd: upgrade 0.10.0 -> 0.13.2

  Luca Fancellu (5):
        linuxptp: update linuxptp recipe to 4.1
        linuxptp: install default configuration file in sysconfdir
        linuxptp: add systemd services
        linuxptp: Drop unneeded downstream patches
        linuxptp: Use templates for the systemd services

  Marek Vasut (2):
        lvgl: lv-drivers: Allow empty package
        lvgl: Allow empty package

  Markus Fuchs (1):
        remove unused AUTHOR variable

  Markus Volk (52):
        libdecor: Upgrade 0.1.99 -> 0.2.0
        wireplumber: Upgrade 0.4.14 -> 0.4.15
        pipewire: Update 0.3.81 -> 0.3.83
        gnome-software: Update 45.0 -> 45.1
        gnome-calendar: Update 45.0 -> 45.1
        gnome-disk-utility: Update 44.0 -> 45.0
        gnome-control-center: Update 45.0 -> 45.1
        eog: Update 45.0 -> 45.1
        gnome-remote-desktop: Update 45.0 -> 45.1
        gnome-shell: Add missing dependency on pipewire
        gnome-shell: Remove deprecated libcroco dependency
        openbox: Drop deprecated libcroco dependency
        pipewire: Update 0.3.83 -> 0.3.84
        tracker-miners: Upgrade 3.6.0 -> 3.6.2
        libgweather4: Upgrade 4.2.0 -> 4.4.0
        gtksourceview5: Upgrade 5.7.1 -> 5.10.0
        openal-soft: Upgrade 1.20.1 -> 1.23.1
        gnome-shell: Upgrade 45.0 -> 45.1
        mutter: Upgrade 45.0 -> 45.1
        dconf-editor: Upgrade 43 -> 45.0.1
        libgsf: Upgrade 1.14.50 -> 1.14.51
        xdg-desktop-portal: Upgrade 1.18.0 -> 1.18.1
        xdg-desktop-portal-gtk: Upgrade 1.14.1 -> 1.15.1
        rest: Upgrade 0.9.0 -> 0.9.1
        nv-codec-headers: Upgrade 12.0.16.0 -> 12.1.14.0
        webp-pixbuf-loader: Upgrade 0.2.4 -> 0.2.5
        libchamplain: Upgrade 0.12.20 -> 0.12.21
        rest: Add packageconfigs for examples and tests
        gssdp: Fix build with api-documentation enabled
        gupnp: Upgrade 0.10.2 -> 0.12.1
        Gupnp-tools upgrade 0.10.2 -> 0.12.1
        gupnp-idg: Upgrade 1.2.0 -> 1.6.0
        gssdp: Upgrade 1.4.0.1 -> 1.6.3
        ghex: Upgrade 3.18.4 -> 45.0
        Adjust vala build according to changes in vala.bbclass
        drop GNOMEBASEBUILDCLASS = "meson"
        gnome-shell-extensions: Upgrade 44.1 -> 45.1
        cups-filters: Fix for current gcc
        gnome-console: Add recipe
        vte9: Fix build with api-documentation enabled
        gnome-terminal: Upgrade 3.48.1 -> 3.50.1
        cups-filters: Upgrade 1.28.17 -> 2.0.0
        gnome-terminal: Remove recommendation on vte-prompt
        ghex: backport patch to fix build for clang
        qpdf: cleanup
        gtksourceview4: Upgrade 4.8.2 -> 4.8.4
        gnome-control-center: Add rdepends
        system-config-printer: Add cups to rdepends
        pipewire: Upgrade 0.3.84 -> 0.3.85
        flatpak: Upgrade 1.15.4 -> 1.15.6
        flatpak: Add packageconfigs for man and docbook docs
        musicpd: unbreak build with ffmpeg 6.1

  Martin Jansa (12):
        nodejs: update to latest v20 version 20.8.1
        nodejs: Revert io_uring support from bundled libuv-1.46.0
        opencv: refresh protobuf-v22 compatibility patch with backported version
        leveldb: prevent installing gtest
        android-tools: drop ${PE}, ${PR} from /usr/src/debug paths
        minifi-cpp: drop ${PE}, ${PR} from /usr/src/debug paths
        xmlrcp-c: drop ${PE}, ${PR} from /usr/src/debug paths
        fluentbit: drop ${PE}, ${PR} from /usr/src/debug paths
        ntpsec, net-snmp: drop ${PE}, ${PR} from /usr/src/debug paths
        aom, x265: drop ${PE}, ${PR} from /usr/src/debug paths
        python3-{h5py,pandas}: drop ${PE}, ${PR} from /usr/src/debug paths
        evince, gnome-calendar, tracker: drop ${PE}, ${PR} from /usr/src/debug paths

  Martin Maurer (1):
        libqmi: Upgrade 1.32.4 -> 1.34.0

  Matthias Klein (1):
        paho-mqtt-c: upgrade 1.3.12 -> 1.3.13

  Mingli Yu (3):
        vboxguestdrivers: Remove the buildpath
        nlohmann-json: Add ptest support
        ptest-packagelists-meta-oe.inc: Add nlohmann-json

  Peter Kjellerstedt (18):
        libwebsockets: Support building for native
        mosquitto: Support building for native again
        jack: Revert to 1.9.22
        pahole: Correct the version in the recipe file name
        neatvnc: Specify the version in the recipe file name
        mstpd: Update to 0.1.0+
        Revert "libtorrent: upgrade 0.13.8 -> 1"
        libtorrent: Add UPSTREAM_CHECK_GITTAGREGEX
        mksh: Update to 59c properly
        fluidsynth: Specify the version in the recipe file name
        libuvc: Specify the version in the recipe file name
        gst-shark: Update to 0.8.1 properly
        xarchiver: Specify the version in the recipe file name
        python3-kivy: Move a comment so it makes more sense
        python3-greenlet: Avoid duplicate URI in SRC_URI
        python3-pylint: Only set SRCREV once
        python3-pytest-mock: Only set SRCREV once
        zeromq: Update to 4.3.5

  Peter Marko (1):
        grpc: Upgrade 1.56.2 -> 1.59.2

  Petr Gotthard (2):
        libmbim: upgrade 1.28.4 -> 1.30.0
        modemmanager: upgrade 1.20.6 -> 1.22.0

  Poonam Jadhav (1):
        sdbus-c++: Update ptest path

  Potin Lai (2):
        libplist: Upgrade to latest master
        idevicerestore: Upgrade to latest master

  Richard Purdie (4):
        meta-python: Drop broken BBCLASSEXTEND variants
        meta-oe: Drop broken BBCLASSEXTEND variants
        meta-networking: Drop broken BBCLASSEXTEND variants
        meta-perl: Drop broken BBCLASSEXTEND variants

  Ross Burton (1):
        yajl: fix CVE-2017-16516, CVE-2022-24795, CVE-2023-33460

  Sam Van Den Berge (1):
        netdata: Upgrade 1.36.1 -> 1.43.0

  Samuli Piippo (2):
        abseil-cpp: fix mingw build
        protobuf: stage protoc binary to sysroot

  Thomas Gessler (1):
        influxdb: Add start script used by systemd service

  Tim Orling (2):
        po4a: remove old recipe
        debsums: remove old recipe

  Trevor Gamblin (5):
        python-git-pw: add from meta-patchtest
        python3-py-cpuinfo: disable broken ptests
        python3-arrow: add from meta-patchtest
        python3-pytest-mock: disable broken ptests
        meta-python: update ptests status for py-cpuinfo, pytest-mock

  Wang Mingyu (149):
        dnf-plugin-tui: create symlinks from /usr/ to /.
        c-ares: upgrade 1.19.1 -> 1.20.1
        adw-gtk3: upgrade 4.9 -> 5.1
        ctags: upgrade 6.0.20230917.0 -> 6.0.20231001.0
        dialog: upgrade 1.3-20230209 -> 1.3-20231002
        freerdp: upgrade 2.11.1 -> 2.11.2
        gnome-backgrounds: upgrade 44.0 -> 45.0
        gnome-calculator: upgrade 45.0 -> 45.0.2
        gnome-font-viewer: upgrade 44.0 -> 45.0
        ipc-run: upgrade 20220807.0 -> 20231003.0
        libbytesize: upgrade 2.9 -> 2.10
        libcoap: upgrade 4.3.3 -> 4.3.4
        libyang: upgrade 2.1.111 -> 2.1.128
        lvgl: upgrade 8.3.9 -> 8.3.10
        metacity: upgrade 3.46.1 -> 3.50.0
        nautilus: upgrade 45.0 -> 45.1
        ceres-solver: upgrade 2.1.0 -> 2.2.0
        python3-eth-abi: upgrade 3.0.1 -> 4.2.1
        python3-mypy: upgrade 1.5.1 -> 1.6.1
        python3-pylint: upgrade 3.0.0 -> 3.0.1
        python3-aiodns: upgrade 3.0.0 -> 3.1.1
        python3-aiohttp: upgrade 3.8.5 -> 3.8.6
        python3-astroid: upgrade 3.0.0 -> 3.0.1
        python3-bitarray: upgrade 2.8.1 -> 2.8.2
        python3-bitstruct: upgrade 8.17.0 -> 8.18.0
        python3-blinker: upgrade 1.6.2 -> 1.6.3
        python3-charset-normalizer: upgrade 3.2.0 -> 3.3.0
        python3-cmake: upgrade 3.27.5 -> 3.27.7
        python3-coverage: upgrade 7.3.1 -> 7.3.2
        python3-croniter: upgrade 1.4.1 -> 2.0.1
        python3-dbus-fast: upgrade 1.85.0 -> 2.12.0
        python3-email-validator: upgrade 1.3.1 -> 2.0.0
        python3-engineio: upgrade 4.7.1 -> 4.8.0
        python3-eth-typing: upgrade 3.4.0 -> 3.5.0
        python3-eth-utils: upgrade 2.2.1 -> 2.2.2
        python3-executing: upgrade 1.2.0 -> 2.0.0
        python3-flask-babel: upgrade 3.1.0 -> 4.0.0
        python3-flask-jwt-extended: upgrade 4.5.2 -> 4.5.3
        python3-google-api-python-client: upgrade 2.101.0 -> 2.104.0
        python3-googleapis-common-protos: upgrade 1.60.0 -> 1.61.0
        python3-google-auth: upgrade 2.23.1 -> 2.23.3
        python3-h5py: upgrade 3.9.0 -> 3.10.0
        python3-huey: upgrade 2.4.5 -> 2.5.0
        python3-imageio: upgrade 2.31.3 -> 2.31.5
        python3-ipython: upgrade 8.15.0 -> 8.16.1
        python3-jedi: upgrade 0.19.0 -> 0.19.1
        python3-meson-python: upgrade 0.13.1 -> 0.14.0
        python3-msgpack: upgrade 1.0.6 -> 1.0.7
        python3-platformdirs: upgrade 3.10.0 -> 3.11.0
        python3-prompt-toolkit: upgrade 3.0.36 -> 3.0.39
        python3-protobuf: upgrade 4.24.3 -> 4.24.4
        python3-pycares: upgrade 4.3.0 -> 4.4.0
        python3-pycodestyle: upgrade 2.11.0 -> 2.11.1
        python3-pydantic: upgrade 2.4.1 -> 2.4.2
        python3-pyephem: upgrade 4.1.4 -> 4.1.5
        python3-pytest-timeout: upgrade 2.1.0 -> 2.2.0
        python3-rapidjson: upgrade 1.11 -> 1.12
        python3-regex: upgrade 2023.8.8 -> 2023.10.3
        python3-rich: upgrade 13.5.3 -> 13.6.0
        python3-schedule: upgrade 1.2.0 -> 1.2.1
        python3-semver: upgrade 3.0.1 -> 3.0.2
        python3-simplejson: upgrade 3.19.1 -> 3.19.2
        python3-socketio: upgrade 5.9.0 -> 5.10.0
        python3-sqlalchemy: upgrade 2.0.21 -> 2.0.22
        python3-stack-data: upgrade 0.6.2 -> 0.6.3
        python3-texttable: upgrade 1.6.7 -> 1.7.0
        python3-traitlets: upgrade 5.10.1 -> 5.11.2
        python3-types-psutil: upgrade 5.9.5.16 -> 5.9.5.17
        python3-tzlocal: upgrade 5.0.1 -> 5.1
        python3-web3: upgrade 6.10.0 -> 6.11.1
        python3-websocket-client: upgrade 1.6.3 -> 1.6.4
        python3-xlsxwriter: upgrade 3.1.3 -> 3.1.8
        python3-xxhash: upgrade 3.3.0 -> 3.4.1
        python3-zeroconf: upgrade 0.112.0 -> 0.119.0
        python3-zopeinterface: upgrade 6.0 -> 6.1
        rdma-core: upgrade 47.0 -> 48.0
        redis: upgrade 7.2.1 -> 7.2.2
        remmina: upgrade 1.4.32 -> 1.4.33
        tesseract: upgrade 5.3.2 -> 5.3.3
        thingsboard-gateway: upgrade 3.3 -> 3.4.1
        tio: upgrade 2.6 -> 2.7
        wireshark: upgrade 4.0.8 -> 4.0.10
        xterm: upgrade 384 -> 387
        zchunk: upgrade 1.3.1 -> 1.3.2
        hdf5: Fix install conflict when enable multilib.
        dnf-plugin-tui: Recover BBCLASSEXTEND variants
        gensio: upgrade 2.7.6 -> 2.7.7
        hwdata: upgrade 0.375 -> 0.376
        libio-socket-ssl-perl: upgrade 2.083 -> 2.084
        makedumpfile: upgrade 1.7.3 -> 1.7.4
        gnome-remote-desktop: move from meta-virtualization to meta-security
        ctags: upgrade 6.0.20231029.0 -> 6.0.20231105.0
        function2: upgrade 4.2.3 -> 4.2.4
        neatvnc: upgrade 0.7.0 -> 0.7.1
        python3-argh: upgrade 0.30.3 -> 0.30.4
        python3-geojson: upgrade 3.0.1 -> 3.1.0
        python3-imageio: upgrade 2.31.6 -> 2.32.0
        python3-inflate64: upgrade 0.3.1 -> 1.0.0
        python3-jsbeautifier: upgrade 1.14.9 -> 1.14.11
        python3-lru-dict: upgrade 1.2.0 -> 1.3.0
        python3-python-vlc: upgrade 3.0.18122 -> 3.0.20123
        python3-zeroconf: upgrade 0.119.0 -> 0.120.0
        c-ares: upgrade 1.21.0 -> 1.22.0
        ctags: upgrade 6.0.20231105.0 -> 6.0.20231112.0
        libencode-perl: upgrade 3.19 -> 3.20
        bindfs: upgrade 1.17.5 -> 1.17.6
        python3-hexbytes: upgrade 0.3.1 -> 1.0.0
        python3-linux-procfs: upgrade 0.7.1 -> 0.7.3
        openvpn: upgrade 2.6.6 -> 2.6.7
        python3-argcomplete: upgrade 3.1.4 -> 3.1.6
        python3-awesomeversion: upgrade 23.8.0 -> 23.11.0
        python3-dbus-fast: upgrade 2.12.0 -> 2.14.0
        python3-eth-typing: upgrade 3.5.1 -> 3.5.2
        python3-eth-utils: upgrade 2.3.0 -> 2.3.1
        python3-geomet: upgrade 1.0.0 -> 1.1.0
        python3-google-api-core: upgrade 2.12.0 -> 2.14.0
        python3-google-api-python-client: upgrade 2.106.0 -> 2.108.0
        python3-mypy: upgrade 1.6.1 -> 1.7.0
        python3-platformdirs: upgrade 3.11.0 -> 4.0.0
        python3-prompt-toolkit: upgrade 3.0.39 -> 3.0.41
        python3-pyaudio: upgrade 0.2.13 -> 0.2.14
        python3-pydantic: upgrade 2.4.2 -> 2.5.0
        python3-pymetno: upgrade 0.11.0 -> 0.12.0
        python3-pytest-xdist: upgrade 3.3.1 -> 3.4.0
        python3-sentry-sdk: upgrade 1.34.0 -> 1.35.0
        python3-tomlkit: upgrade 0.12.2 -> 0.12.3
        python3-types-setuptools: upgrade 68.2.0.0 -> 68.2.0.1
        python3-web3: upgrade 6.11.2 -> 6.11.3
        python3-zeroconf: upgrade 0.126.0 -> 0.127.0
        ser2net: upgrade 4.5.0 -> 4.5.1
        uftp: upgrade 5.0.1 -> 5.0.2
        webkitgtk3: upgrade 2.42.1 -> 2.42.2
        imlib2: delete non-existent file
        c-ares: upgrade 1.22.0 -> 1.22.1
        ctags: upgrade 6.0.20231112.0 -> 6.0.20231119.0
        exiftool: upgrade 12.69 -> 12.70
        gnome-bluetooth: upgrade 42.6 -> 42.7
        libextutils-cppguess-perl: upgrade 0.26 -> 0.27
        libwebsockets: upgrade 4.3.2 -> 4.3.3
        python3-aiohttp: upgrade 3.8.6 -> 3.9.0
        python3-dateparser: upgrade 1.1.8 -> 1.2.0
        python3-django: upgrade 4.2.5 -> 4.2.7
        python3-imageio: upgrade 2.32.0 -> 2.33.0
        python3-ldap: upgrade 3.4.3 -> 3.4.4
        python3-pastedeploy: upgrade 3.0.1 -> 3.1.0
        python3-pdm: upgrade 2.10.1 -> 2.10.3
        python3-pydantic: upgrade 2.5.0 -> 2.5.1
        python3-rich: upgrade 13.6.0 -> 13.7.0
        strongswan: upgrade 5.9.11 -> 5.9.12

  Yi Zhao (6):
        samba: upgrade 4.18.6 -> 4.18.8
        samba: use external cmocka instead of bundled cmocka
        libtevent: fix ptest
        libldb: add ptest
        conntrack-tools: upgrade 1.4.7 -> 1.4.8
        nftables: upgrade 1.0.8 -> 1.0.9

  Yoann Congal (5):
        emlog: ignore CVE-2022-3968 & CVE-2023-43291
        juce/projucer: Backport a fix for the compilation under recent GCC
        meta-oe/static-ids: Change postgres to 28 to match forced id in recipe
        static-id: add missing netdata group
        python3-soupsieve: Break circular dependency with beautifulsoup4

  Zoltán Böszörményi (3):
        python3-ninja-syntax: Set BBCLASSEXTEND = "native nativesdk"
        python3-ninja: Set BBCLASSEXTEND = "native nativesdk"
        geos: Fix packaging

  alperak (39):
        xdebug: upgrade 3.2.0 -> 3.2.2
        catch2: upgrade 2.13.7 -> 2.13.10
        tuna: upgrade 0.18 -> 0.19
        libsrtp: upgrade 2.4.2 -> 2.5.0
        libupnp: upgrade 1.14.6 -> 1.14.18
        libisofs: upgrade 1.5.4 -> 1.5.6
        libisoburn: 1.5.4 -> 1.5.6
        fuse-exfat: upgrade 1.3.0 -> 1.4.0
        fuse3: upgrade 3.15.1 -> 3.16.2
        ufs-utils: upgrade 3.12.3 -> 4.13.5
        libebml: upgrade 1.3.0 -> 1.4.4
        libmatroska: upgrade 1.4.1 -> 1.7.1
        libde265: upgrade 1.0.5 -> 1.0.12
        libopenmpt: upgrade 0.6.2 -> 0.7.3
        mpd: upgrade 0.23.12 -> 0.23.14
        opencore-amr: upgrade 0.1.3 -> 0.1.6
        tinyalsa: upgrade 1.1.1 -> 2.0.0
        cannelloni: upgrade 1.0.0 -> 1.1.0
        civetweb: upgrade 1.12 -> 1.16
        libdnet: upgrade 1.16.3 -> 1.17.0
        openfortivpn: upgrade 1.20.5 -> 1.21.0
        fuse-exfat: Dropped md5sum
        libopenmpt: Added license change reason and dropped md5sum
        bolt: upgrade 0.9.5 -> 0.9.6
        irssi: upgrade 1.4.4 -> 1.4.5
        libmtp: upgrade 1.1.20 -> 1.1.21
        libsigc++-2.0: upgrade 2.10.7 -> 2.12.1
        libsigc++-3: upgrade 3.2.0 -> 3.6.0
        ocl-icd: upgrade 2.3.1 -> 2.3.2
        opencl-icd-loader: upgrade v2022.01.04 -> v2023.04.17
        uutils-coreutils: upgrade 0.0.22 -> 0.0.23
        botan: upgrade 2.19.3 -> 3.2.0
        capnproto: upgrade 0.10.4 -> 1.0.1
        cloc: upgrade 1.94 -> 1.98
        cpuid: upgrade 20211129 -> 20230614
        gst-editing-services: upgrade 1.20.5 -> 1.22.7
        luaposix: upgrade 35.1 -> 36.2.1
        mercurial: upgrade 6.1 -> 6.5
        ledmon: upgrade 0.93 -> 0.97

  skandigraun (1):
        libvpx: don't specify armv5 and armv6 toolchains explicitly

meta-security: 3f7d40b0fc..070a1e82cc:
  Gowtham Suresh Kumar (1):
        Update parsec recipes

  Mingli Yu (1):
        samhain: remove the buildpath

  Stefan Berger (1):
        ima,evm: Add two variables to write filenames and signatures into

Change-Id: Ib809aa0df4162c50a06c542a94a0b06cdc149a2d
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch
deleted file mode 100644
index a47a203..0000000
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From effadce6c756247ea8bae32dc13bb3e6f464f0eb Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= <remi@remlab.net>
-Date: Sun, 16 Jul 2023 18:18:02 +0300
-Subject: [PATCH] avcodec/x86/mathops: clip constants used with shift
- instructions within inline assembly
-
-Fixes assembling with binutil as >= 2.41
-
-Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/effadce6c756247ea8bae32dc13bb3e6f464f0eb]
-Signed-off-by: James Almer <jamrial@gmail.com>
----
- libavcodec/x86/mathops.h | 26 +++++++++++++++++++++++---
- 1 file changed, 23 insertions(+), 3 deletions(-)
-
-diff --git a/libavcodec/x86/mathops.h b/libavcodec/x86/mathops.h
-index 6298f5ed19..ca7e2dffc1 100644
---- a/libavcodec/x86/mathops.h
-+++ b/libavcodec/x86/mathops.h
-@@ -35,12 +35,20 @@
- static av_always_inline av_const int MULL(int a, int b, unsigned shift)
- {
-     int rt, dummy;
-+    if (__builtin_constant_p(shift))
-     __asm__ (
-         "imull %3               \n\t"
-         "shrdl %4, %%edx, %%eax \n\t"
-         :"=a"(rt), "=d"(dummy)
--        :"a"(a), "rm"(b), "ci"((uint8_t)shift)
-+        :"a"(a), "rm"(b), "i"(shift & 0x1F)
-     );
-+    else
-+        __asm__ (
-+            "imull %3               \n\t"
-+            "shrdl %4, %%edx, %%eax \n\t"
-+            :"=a"(rt), "=d"(dummy)
-+            :"a"(a), "rm"(b), "c"((uint8_t)shift)
-+        );
-     return rt;
- }
- 
-@@ -113,19 +121,31 @@ __asm__ volatile(\
- // avoid +32 for shift optimization (gcc should do that ...)
- #define NEG_SSR32 NEG_SSR32
- static inline  int32_t NEG_SSR32( int32_t a, int8_t s){
-+    if (__builtin_constant_p(s))
-     __asm__ ("sarl %1, %0\n\t"
-          : "+r" (a)
--         : "ic" ((uint8_t)(-s))
-+         : "i" (-s & 0x1F)
-     );
-+    else
-+        __asm__ ("sarl %1, %0\n\t"
-+               : "+r" (a)
-+               : "c" ((uint8_t)(-s))
-+        );
-     return a;
- }
- 
- #define NEG_USR32 NEG_USR32
- static inline uint32_t NEG_USR32(uint32_t a, int8_t s){
-+    if (__builtin_constant_p(s))
-     __asm__ ("shrl %1, %0\n\t"
-          : "+r" (a)
--         : "ic" ((uint8_t)(-s))
-+         : "i" (-s & 0x1F)
-     );
-+    else
-+        __asm__ ("shrl %1, %0\n\t"
-+               : "+r" (a)
-+               : "c" ((uint8_t)(-s))
-+        );
-     return a;
- }
- 
--- 
-2.41.0
-
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch
deleted file mode 100644
index 94e0ba6..0000000
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 85eefb65eb632d827e17a72518dd289dcd721084 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sun, 2 Jul 2023 19:29:55 -0700
-Subject: [PATCH] libswscale/riscv: Fix syntax of vsetvli
-
-Add missing operand which clang complains about but gcc assumes it to be
-'m1' if not specifiied.
-
-Fixes building with clang
-| src/libswscale/riscv/rgb2rgb_rvv.S:88:25: error: operand must be e[8|16|32|64|128|256|512|1024],m[1|2|4|8|f2|f4|f8],[ta|tu],[ma|mu]
-|         vsetvli t4, t3, e8, ta, ma
-|                         ^
-
-Upstream-Status: Submitted [https://ffmpeg.org/pipermail/ffmpeg-devel/2023-July/311514.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- libswscale/riscv/rgb2rgb_rvv.S | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S
-index 5626d90..bbdfdbe 100644
---- a/libswscale/riscv/rgb2rgb_rvv.S
-+++ b/libswscale/riscv/rgb2rgb_rvv.S
-@@ -85,7 +85,7 @@ func ff_interleave_bytes_rvv, zve32x
-         mv      t3, a3
-         addi    a4, a4, -1
- 2:
--        vsetvli    t4, t3, e8, ta, ma
-+        vsetvli    t4, t3, e8, m1, ta, ma
-         sub        t3, t3, t4
-         vle8.v     v8, (t0)
-         add        t0, t4, t0
--- 
-2.41.0
-
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb
rename to poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.bb
index e65f80d..162eb41 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.bb
@@ -22,11 +22,9 @@
                     file://COPYING.LGPLv2.1;md5=bd7a443320af8c812e4c18d1b79df004 \
                     file://COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02"
 
-SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
-           file://0001-avcodec-x86-mathops-clip-constants-used-with-shift-i.patch \
-           file://0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch"
+SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz"
 
-SRC_URI[sha256sum] = "57be87c22d9b49c112b6d24bc67d42508660e6b718b3db89c44e47e289137082"
+SRC_URI[sha256sum] = "488c76e57dd9b3bee901f71d5c95eaf1db4a5a31fe46a28654e837144207c270"
 
 # https://nvd.nist.gov/vuln/detail/CVE-2023-39018
 # https://github.com/bramp/ffmpeg-cli-wrapper/issues/291
@@ -151,7 +149,7 @@
     export TMPDIR="${B}/tmp"
     mkdir -p ${B}/tmp
     ${S}/configure ${EXTRA_OECONF}
-    sed -i -e "s,^X86ASMFLAGS=.*,& --debug-prefix-map=${S}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR} --debug-prefix-map=${B}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR},g" ${B}/ffbuild/config.mak
+    sed -i -e "s,^X86ASMFLAGS=.*,& --debug-prefix-map=${S}=${TARGET_DBGSRC_DIR} --debug-prefix-map=${B}=${TARGET_DBGSRC_DIR},g" ${B}/ffbuild/config.mak
 }
 
 # patch out build host paths for reproducibility
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.7.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.7.bb
index 90bbd9c..b545f02 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.7.bb
@@ -12,7 +12,7 @@
            file://0001-connect-has-a-different-signature-on-musl.patch \
            "
 
-SRC_URI[sha256sum] = "8928560efaf16137c30285e718708e5d0bab0777eb4ef8127e0274e120d3d86b"
+SRC_URI[sha256sum] = "157cf93fb2741cf0c3dea731be3af2ffae703c9f2cd3c0c91b380fbc685eb9f9"
 
 DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
 RRECOMMENDS:${PN} = "git"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.7.bb
similarity index 91%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.7.bb
index 8906556..7169223 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.7.bb
@@ -12,7 +12,7 @@
                     "
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "7789e6408388a25f23cbf948cfc5c6230d735bbcd8b7f37f4a01c9e348a1e3a7"
+SRC_URI[sha256sum] = "1525b917141b895fe5cf618fe8867622b2528278a0286e9f727b5f37317daca1"
 
 S = "${WORKDIR}/gst-libav-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.7.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.7.bb
index 2579aa3..ad40cf5 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.7.bb
@@ -10,7 +10,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "223833c42518ad7eb1923bb4dd3726809f59a66d6e9aaaa69cb29ad0750c8758"
+SRC_URI[sha256sum] = "d7a18ec47d40a472bd5cba2015e0be72b732f1699895398cec5cd8e6a3a53b44"
 
 S = "${WORKDIR}/gst-omx-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.7.bb
similarity index 98%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.7.bb
index 3db7ddf..b7d787b 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.7.bb
@@ -10,7 +10,7 @@
            file://0002-avoid-including-sys-poll.h-directly.patch \
            file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
            "
-SRC_URI[sha256sum] = "b4029cd2908a089c55f1d902a565d007495c95b1442d838485dc47fb12df7137"
+SRC_URI[sha256sum] = "c716f8dffa8fac3fb646941af1c6ec72fff05a045131311bf2d049fdc87bce2e"
 
 S = "${WORKDIR}/gst-plugins-bad-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.7.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.7.bb
index 1f67ca3..3b8923e 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.7.bb
@@ -11,7 +11,7 @@
            file://0003-viv-fb-Make-sure-config.h-is-included.patch \
            file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
            "
-SRC_URI[sha256sum] = "50f2b4d17c02eefe430bbefa8c5cd134b1be78a53c0f60e951136d96cf49fd4b"
+SRC_URI[sha256sum] = "62519e0d8f969ebf62a9a7996f2d23efdda330217a635f4a32c0bf1c71577468"
 
 S = "${WORKDIR}/gst-plugins-base-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.7.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.7.bb
index 6b76ba9..b8496a1 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.7.bb
@@ -8,7 +8,7 @@
            file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
            file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch"
 
-SRC_URI[sha256sum] = "b3b07fe3f1ce7fe93aa9be7217866044548f35c4a7792280eec7e108a32f9817"
+SRC_URI[sha256sum] = "b6db0e18e398b52665b7cdce301c34a8750483d5f4fbac1ede9f80b03743cd15"
 
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.7.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.7.bb
index 77f79a6..8a67531 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.7.bb
@@ -14,7 +14,7 @@
 SRC_URI = " \
             https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
             "
-SRC_URI[sha256sum] = "3e31454c98cb2f7f6d2d355eceb933a892fa0f1dc09bc36c9abc930d8e29ca48"
+SRC_URI[sha256sum] = "520b46bca637189ad86a298ff245b2d89375dbcac8b05d74daea910f81a9e9da"
 
 S = "${WORKDIR}/gst-plugins-ugly-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.7.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.7.bb
index addf12c..a387031 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.7.bb
@@ -8,7 +8,7 @@
 LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "51de2d6d13b12ce095eac97c0b94ee59c2aeba3712bb7462b78c4d57dde176c5"
+SRC_URI[sha256sum] = "1ef8df7608012fa469329799c950ec087737a6dabad3003c230658b58c710172"
 
 DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
 RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.7.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.7.bb
index fd79fe4..af1c2ce 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.7.bb
@@ -10,7 +10,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "0ae33a8b50443b62f11581a9181e906b41cd3877b2d799dbea72912c3eda4bb3"
+SRC_URI[sha256sum] = "f7fac001e20ad21e36d18397741c4657c5d43571eb1cc3b49f9a93ae127dc88f"
 
 S = "${WORKDIR}/${PNREAL}-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.7.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.7.bb
index bf4c105..4cad507 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.7.bb
@@ -11,7 +11,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "d9ba2fc26bef98c78e982c599f585d46bbb65fe122da89c2d7ab41f468a52c7b"
+SRC_URI[sha256sum] = "0e9fff768b89de6d318b34146e4e781d82b9a0f4025dc541b2c8349c7bcb7f67"
 
 S = "${WORKDIR}/${REALPN}-${PV}"
 DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.7.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.7.bb
index a898464..72161b2 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.7.bb
@@ -22,7 +22,7 @@
            file://0003-tests-use-a-dictionaries-for-environment.patch;striplevel=3 \
            file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
            "
-SRC_URI[sha256sum] = "f500e6cfddff55908f937711fc26a0840de28a1e9ec49621c0b6f1adbd8f818e"
+SRC_URI[sha256sum] = "01e42c6352a06bdfa4456e64b06ab7d98c5c487a25557c761554631cbda64217"
 
 PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
                    check \
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch
new file mode 100644
index 0000000..fa4b2fc
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/cve-2022-33065.patch
@@ -0,0 +1,739 @@
+From c7ce5b0ebeeb58934825077d1324960aa0747718 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Tue, 10 Oct 2023 16:10:34 -0400
+Subject: [PATCH] mat4/mat5: fix int overflow in dataend calculation
+
+The clang sanitizer warns of a possible signed integer overflow when
+calculating the `dataend` value in `mat4_read_header()`.
+
+```
+src/mat4.c:323:41: runtime error: signed integer overflow: 205 * -100663296 cannot be represented in type 'int'
+SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:41 in
+src/mat4.c:323:48: runtime error: signed integer overflow: 838860800 * 4 cannot be represented in type 'int'
+SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:48 in
+```
+
+Cast the offending `rows` and `cols` ints to `sf_count_t` (the type of
+`dataend` before performing the calculation, to avoid the issue.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/789
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Upstream-Status: Backport [9a829113c88a51e57c1e46473e90609e4b7df151]
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/mat4.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/mat4.c b/src/mat4.c
+index 0b1b414b..575683ba 100644
+--- a/src/mat4.c
++++ b/src/mat4.c
+@@ -320,7 +320,7 @@ mat4_read_header (SF_PRIVATE *psf)
+ 				psf->filelength - psf->dataoffset, psf->sf.channels * psf->sf.frames * psf->bytewidth) ;
+ 		}
+ 	else if ((psf->filelength - psf->dataoffset) > psf->sf.channels * psf->sf.frames * psf->bytewidth)
+-		psf->dataend = psf->dataoffset + rows * cols * psf->bytewidth ;
++		psf->dataend = psf->dataoffset + (sf_count_t) rows * (sf_count_t) cols * psf->bytewidth ;
+ 
+ 	psf->datalength = psf->filelength - psf->dataoffset - psf->dataend ;
+ 
+From 842303f984b2081481e74cb84a9a24ecbe3dec1a Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:36:02 -0400
+Subject: [PATCH] au: avoid int overflow while calculating data_end
+
+At several points in au_read_header(), we calculate the functional end
+of the data segment by adding the (int)au_fmt.dataoffset and the
+(int)au_fmt.datasize. This can overflow the implicit int_32 return value
+and cause undefined behavior.
+
+Instead, precalculate the value and assign it to a 64-bit
+(sf_count_t)data_end variable.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/au.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/src/au.c b/src/au.c
+index 62bd691d..f68f2587 100644
+--- a/src/au.c
++++ b/src/au.c
+@@ -291,6 +291,7 @@ static int
+ au_read_header (SF_PRIVATE *psf)
+ {	AU_FMT	au_fmt ;
+ 	int		marker, dword ;
++	sf_count_t data_end ;
+ 
+ 	memset (&au_fmt, 0, sizeof (au_fmt)) ;
+ 	psf_binheader_readf (psf, "pm", 0, &marker) ;
+@@ -317,14 +318,15 @@ au_read_header (SF_PRIVATE *psf)
+ 		return SFE_AU_EMBED_BAD_LEN ;
+ 		} ;
+ 
++	data_end = (sf_count_t) au_fmt.dataoffset + (sf_count_t) au_fmt.datasize ;
+ 	if (psf->fileoffset > 0)
+-	{	psf->filelength = au_fmt.dataoffset + au_fmt.datasize ;
++	{	psf->filelength = data_end ;
+ 		psf_log_printf (psf, "  Data Size   : %d\n", au_fmt.datasize) ;
+ 		}
+-	else if (au_fmt.datasize == -1 || au_fmt.dataoffset + au_fmt.datasize == psf->filelength)
++	else if (au_fmt.datasize == -1 || data_end == psf->filelength)
+ 		psf_log_printf (psf, "  Data Size   : %d\n", au_fmt.datasize) ;
+-	else if (au_fmt.dataoffset + au_fmt.datasize < psf->filelength)
+-	{	psf->filelength = au_fmt.dataoffset + au_fmt.datasize ;
++	else if (data_end < psf->filelength)
++	{	psf->filelength = data_end ;
+ 		psf_log_printf (psf, "  Data Size   : %d\n", au_fmt.datasize) ;
+ 		}
+ 	else
+From 0754d3380a54e3fbdde0f684b88955c80c79f58f Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:46:29 -0400
+Subject: [PATCH] avr: fix int overflow in avr_read_header()
+
+Pre-cast hdr.frames to sf_count_t, to provide the calculation with
+enough numeric space to avoid an int-overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/avr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/avr.c b/src/avr.c
+index 6c78ff69..1bc1ffc9 100644
+--- a/src/avr.c
++++ b/src/avr.c
+@@ -162,7 +162,7 @@ avr_read_header (SF_PRIVATE *psf)
+ 	psf->endian = SF_ENDIAN_BIG ;
+ 
+  	psf->dataoffset = AVR_HDR_SIZE ;
+-	psf->datalength = hdr.frames * (hdr.rez / 8) ;
++	psf->datalength = (sf_count_t) hdr.frames * (hdr.rez / 8) ;
+ 
+ 	if (psf->fileoffset > 0)
+ 		psf->filelength = AVR_HDR_SIZE + psf->datalength ;
+From 6ac31a68a614e2bba4a05b54e5558d6270c98376 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:54:21 -0400
+Subject: [PATCH] sds: fix int overflow warning in sample calculations
+
+The sds_*byte_read() functions compose their uint_32 sample buffers by
+shifting 7bit samples into a 32bit wide buffer, and adding them
+together. Because the 7bit samples are stored in 32bit ints, code
+fuzzers become concerned that the addition operation can overflow and
+cause undefined behavior.
+
+Instead, bitwise-OR the bytes together - which should accomplish the
+same arithmetic operation, without risking an int-overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+
+Do the same for the 3byte and 4byte read functions.
+---
+ src/sds.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/sds.c b/src/sds.c
+index 6bc76171..2a0f164c 100644
+--- a/src/sds.c
++++ b/src/sds.c
+@@ -454,7 +454,7 @@ sds_2byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+ 
+ 	ucptr = psds->read_data + 5 ;
+ 	for (k = 0 ; k < 120 ; k += 2)
+-	{	sample = arith_shift_left (ucptr [k], 25) + arith_shift_left (ucptr [k + 1], 18) ;
++	{	sample = arith_shift_left (ucptr [k], 25) | arith_shift_left (ucptr [k + 1], 18) ;
+ 		psds->read_samples [k / 2] = (int) (sample - 0x80000000) ;
+ 		} ;
+ 
+@@ -498,7 +498,7 @@ sds_3byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+ 
+ 	ucptr = psds->read_data + 5 ;
+ 	for (k = 0 ; k < 120 ; k += 3)
+-	{	sample = (((uint32_t) ucptr [k]) << 25) + (ucptr [k + 1] << 18) + (ucptr [k + 2] << 11) ;
++	{	sample = (((uint32_t) ucptr [k]) << 25) | (ucptr [k + 1] << 18) | (ucptr [k + 2] << 11) ;
+ 		psds->read_samples [k / 3] = (int) (sample - 0x80000000) ;
+ 		} ;
+ 
+@@ -542,7 +542,7 @@ sds_4byte_read (SF_PRIVATE *psf, SDS_PRIVATE *psds)
+ 
+ 	ucptr = psds->read_data + 5 ;
+ 	for (k = 0 ; k < 120 ; k += 4)
+-	{	sample = (((uint32_t) ucptr [k]) << 25) + (ucptr [k + 1] << 18) + (ucptr [k + 2] << 11) + (ucptr [k + 3] << 4) ;
++	{	sample = (((uint32_t) ucptr [k]) << 25) | (ucptr [k + 1] << 18) | (ucptr [k + 2] << 11) | (ucptr [k + 3] << 4) ;
+ 		psds->read_samples [k / 4] = (int) (sample - 0x80000000) ;
+ 		} ;
+ 
+From 96428e1dd4998f1cd47df24f8fe9b0da35d7b947 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 17:26:51 -0400
+Subject: [PATCH] aiff: fix int overflow when counting header elements
+
+aiff_read_basc_chunk() tries to count the AIFF header size by keeping
+track of the bytes returned by psf_binheader_readf(). Though improbable,
+it is technically possible for these added bytes to exceed the int-sized
+`count` accumulator.
+
+Use a 64-bit sf_count_t type for `count`, to ensure that it always has
+enough numeric space.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/aiff.c b/src/aiff.c
+index a2bda8f4..6b244302 100644
+--- a/src/aiff.c
++++ b/src/aiff.c
+@@ -1702,7 +1702,7 @@ static int
+ aiff_read_basc_chunk (SF_PRIVATE * psf, int datasize)
+ {	const char * type_str ;
+ 	basc_CHUNK bc ;
+-	int count ;
++	sf_count_t count ;
+ 
+ 	count = psf_binheader_readf (psf, "E442", &bc.version, &bc.numBeats, &bc.rootNote) ;
+ 	count += psf_binheader_readf (psf, "E222", &bc.scaleType, &bc.sigNumerator, &bc.sigDenominator) ;
+From b352c350d35bf978e4d3a32e5d9df1f2284445f4 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 17:43:02 -0400
+Subject: [PATCH] ircam: fix int overflow in ircam_read_header()
+
+When reading the IRCAM header, it is possible for the calculated
+blockwidth to exceed the bounds of a signed int32.
+
+Use a 64bit sf_count_t to store the blockwidth.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/common.h |  2 +-
+ src/ircam.c  | 10 +++++-----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/common.h b/src/common.h
+index d92eabde..5369cb67 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -439,7 +439,7 @@ typedef struct sf_private_tag
+ 	sf_count_t		datalength ;	/* Length in bytes of the audio data. */
+ 	sf_count_t		dataend ;		/* Offset to file tailer. */
+ 
+-	int				blockwidth ;	/* Size in bytes of one set of interleaved samples. */
++	sf_count_t		blockwidth ;	/* Size in bytes of one set of interleaved samples. */
+ 	int				bytewidth ;		/* Size in bytes of one sample (one channel). */
+ 
+ 	void			*dither ;
+diff --git a/src/ircam.c b/src/ircam.c
+index 8e7cdba8..3d73ba44 100644
+--- a/src/ircam.c
++++ b/src/ircam.c
+@@ -171,35 +171,35 @@ ircam_read_header	(SF_PRIVATE *psf)
+ 	switch (encoding)
+ 	{	case IRCAM_PCM_16 :
+ 				psf->bytewidth = 2 ;
+-				psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++				psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+ 
+ 				psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_PCM_16 ;
+ 				break ;
+ 
+ 		case IRCAM_PCM_32 :
+ 				psf->bytewidth = 4 ;
+-				psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++				psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+ 
+ 				psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_PCM_32 ;
+ 				break ;
+ 
+ 		case IRCAM_FLOAT :
+ 				psf->bytewidth = 4 ;
+-				psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++				psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+ 
+ 				psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_FLOAT ;
+ 				break ;
+ 
+ 		case IRCAM_ALAW :
+ 				psf->bytewidth = 1 ;
+-				psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++				psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+ 
+ 				psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_ALAW ;
+ 				break ;
+ 
+ 		case IRCAM_ULAW :
+ 				psf->bytewidth = 1 ;
+-				psf->blockwidth = psf->sf.channels * psf->bytewidth ;
++				psf->blockwidth = (sf_count_t) psf->sf.channels * psf->bytewidth ;
+ 
+ 				psf->sf.format = SF_FORMAT_IRCAM | SF_FORMAT_ULAW ;
+ 				break ;
+From 3bcd291e57867f88f558fa6f80990e84311df78c Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Wed, 11 Oct 2023 16:12:22 -0400
+Subject: [PATCH] mat4/mat5: fix int overflow when calculating blockwidth
+
+Pre-cast the components of the blockwidth calculation to sf_count_t to
+avoid overflowing integers during calculation.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/mat4.c | 2 +-
+ src/mat5.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/mat4.c b/src/mat4.c
+index 575683ba..9f046f0c 100644
+--- a/src/mat4.c
++++ b/src/mat4.c
+@@ -104,7 +104,7 @@ mat4_open	(SF_PRIVATE *psf)
+ 
+ 	psf->container_close = mat4_close ;
+ 
+-	psf->blockwidth = psf->bytewidth * psf->sf.channels ;
++	psf->blockwidth = (sf_count_t) psf->bytewidth * psf->sf.channels ;
+ 
+ 	switch (subformat)
+ 	{	case SF_FORMAT_PCM_16 :
+diff --git a/src/mat5.c b/src/mat5.c
+index da5a6eca..20f0ea64 100644
+--- a/src/mat5.c
++++ b/src/mat5.c
+@@ -114,7 +114,7 @@ mat5_open	(SF_PRIVATE *psf)
+ 
+ 	psf->container_close = mat5_close ;
+ 
+-	psf->blockwidth = psf->bytewidth * psf->sf.channels ;
++	psf->blockwidth = (sf_count_t) psf->bytewidth * psf->sf.channels ;
+ 
+ 	switch (subformat)
+ 	{	case SF_FORMAT_PCM_U8 :
+From c177e292d47ef73b1d3c1bb391320299a0ed2ff9 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Mon, 16 Oct 2023 12:37:47 -0400
+Subject: [PATCH] common: fix int overflow in psf_binheader_readf()
+
+The psf_binheader_readf() function attempts to count and return the
+number of bytes traversed in the header. During this accumulation, it is
+possible to overflow the int-sized byte_count variable.
+
+Avoid this overflow by checking that the accumulated bytes do not exceed
+INT_MAX and throwing an error if they do. This implies that files with
+multi-gigabyte headers threaten to produce this error, but I imagine
+those files don't really exist - and this error is better than the
+undefined behavior which would have resulted previously.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/common.c | 36 ++++++++++++++++++++++++------------
+ 1 file changed, 24 insertions(+), 12 deletions(-)
+
+diff --git a/src/common.c b/src/common.c
+index 1c3d951d..7f6cceca 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -18,6 +18,7 @@
+ 
+ #include <config.h>
+ 
++#include <limits.h>
+ #include <stdarg.h>
+ #include <string.h>
+ #if HAVE_UNISTD_H
+@@ -990,6 +991,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 	double			*doubleptr ;
+ 	char			c ;
+ 	int				byte_count = 0, count = 0 ;
++	int				read_bytes = 0 ;
+ 
+ 	if (! format)
+ 		return psf_ftell (psf) ;
+@@ -998,6 +1000,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 
+ 	while ((c = *format++))
+ 	{
++		read_bytes = 0 ;
+ 		if (psf->header.indx + 16 >= psf->header.len && psf_bump_header_allocation (psf, 16))
+ 			break ;
+ 
+@@ -1014,7 +1017,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 					intptr = va_arg (argptr, unsigned int*) ;
+ 					*intptr = 0 ;
+ 					ucptr = (unsigned char*) intptr ;
+-					byte_count += header_read (psf, ucptr, sizeof (int)) ;
++					read_bytes = header_read (psf, ucptr, sizeof (int)) ;
+ 					*intptr = GET_MARKER (ucptr) ;
+ 					break ;
+ 
+@@ -1022,7 +1025,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 					intptr = va_arg (argptr, unsigned int*) ;
+ 					*intptr = 0 ;
+ 					ucptr = (unsigned char*) intptr ;
+-					byte_count += header_read (psf, sixteen_bytes, sizeof (sixteen_bytes)) ;
++					read_bytes = header_read (psf, sixteen_bytes, sizeof (sixteen_bytes)) ;
+ 					{	int k ;
+ 						intdata = 0 ;
+ 						for (k = 0 ; k < 16 ; k++)
+@@ -1034,14 +1037,14 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case '1' :
+ 					charptr = va_arg (argptr, char*) ;
+ 					*charptr = 0 ;
+-					byte_count += header_read (psf, charptr, sizeof (char)) ;
++					read_bytes = header_read (psf, charptr, sizeof (char)) ;
+ 					break ;
+ 
+ 			case '2' : /* 2 byte value with the current endian-ness */
+ 					shortptr = va_arg (argptr, unsigned short*) ;
+ 					*shortptr = 0 ;
+ 					ucptr = (unsigned char*) shortptr ;
+-					byte_count += header_read (psf, ucptr, sizeof (short)) ;
++					read_bytes = header_read (psf, ucptr, sizeof (short)) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						*shortptr = GET_BE_SHORT (ucptr) ;
+ 					else
+@@ -1051,7 +1054,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case '3' : /* 3 byte value with the current endian-ness */
+ 					intptr = va_arg (argptr, unsigned int*) ;
+ 					*intptr = 0 ;
+-					byte_count += header_read (psf, sixteen_bytes, 3) ;
++					read_bytes = header_read (psf, sixteen_bytes, 3) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						*intptr = GET_BE_3BYTE (sixteen_bytes) ;
+ 					else
+@@ -1062,7 +1065,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 					intptr = va_arg (argptr, unsigned int*) ;
+ 					*intptr = 0 ;
+ 					ucptr = (unsigned char*) intptr ;
+-					byte_count += header_read (psf, ucptr, sizeof (int)) ;
++					read_bytes = header_read (psf, ucptr, sizeof (int)) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						*intptr = psf_get_be32 (ucptr, 0) ;
+ 					else
+@@ -1072,7 +1075,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case '8' : /* 8 byte value with the current endian-ness */
+ 					countptr = va_arg (argptr, sf_count_t *) ;
+ 					*countptr = 0 ;
+-					byte_count += header_read (psf, sixteen_bytes, 8) ;
++					read_bytes = header_read (psf, sixteen_bytes, 8) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						countdata = psf_get_be64 (sixteen_bytes, 0) ;
+ 					else
+@@ -1083,7 +1086,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case 'f' : /* Float conversion */
+ 					floatptr = va_arg (argptr, float *) ;
+ 					*floatptr = 0.0 ;
+-					byte_count += header_read (psf, floatptr, sizeof (float)) ;
++					read_bytes = header_read (psf, floatptr, sizeof (float)) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						*floatptr = float32_be_read ((unsigned char*) floatptr) ;
+ 					else
+@@ -1093,7 +1096,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case 'd' : /* double conversion */
+ 					doubleptr = va_arg (argptr, double *) ;
+ 					*doubleptr = 0.0 ;
+-					byte_count += header_read (psf, doubleptr, sizeof (double)) ;
++					read_bytes = header_read (psf, doubleptr, sizeof (double)) ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						*doubleptr = double64_be_read ((unsigned char*) doubleptr) ;
+ 					else
+@@ -1117,7 +1120,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 					charptr = va_arg (argptr, char*) ;
+ 					count = va_arg (argptr, size_t) ;
+ 					memset (charptr, 0, count) ;
+-					byte_count += header_read (psf, charptr, count) ;
++					read_bytes = header_read (psf, charptr, count) ;
+ 					break ;
+ 
+ 			case 'G' :
+@@ -1128,7 +1131,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 					if (psf->header.indx + count >= psf->header.len && psf_bump_header_allocation (psf, count))
+ 						break ;
+ 
+-					byte_count += header_gets (psf, charptr, count) ;
++					read_bytes = header_gets (psf, charptr, count) ;
+ 					break ;
+ 
+ 			case 'z' :
+@@ -1152,7 +1155,7 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 			case 'j' :	/* Seek to position from current position. */
+ 					count = va_arg (argptr, size_t) ;
+ 					header_seek (psf, count, SEEK_CUR) ;
+-					byte_count += count ;
++					read_bytes = count ;
+ 					break ;
+ 
+ 			case '!' : /* Clear buffer, forcing re-read. */
+@@ -1164,8 +1167,17 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
+ 				psf->error = SFE_INTERNAL ;
+ 				break ;
+ 			} ;
++
++		if (read_bytes > 0 && byte_count > (INT_MAX - read_bytes))
++		{	psf_log_printf (psf, "Header size exceeds INT_MAX. Aborting.", c) ;
++			psf->error = SFE_INTERNAL ;
++			break ;
++		} else
++		{	byte_count += read_bytes ;
+ 		} ;
+ 
++		} ;	/*end while*/
++
+ 	va_end (argptr) ;
+ 
+ 	return byte_count ;
+From a23d563386e7c8d93dcdbe7d5b1d63cad6009116 Mon Sep 17 00:00:00 2001
+From: Alex Stewart <alex.stewart@ni.com>
+Date: Thu, 19 Oct 2023 14:07:19 -0400
+Subject: [PATCH] nms_adpcm: fix int overflow in signal estimate
+
+It is possible (though functionally incorrect) for the signal estimate
+calculation in nms_adpcm_update() to overflow the int value of s_e,
+resulting in undefined behavior.
+
+Since adpcm state signal values are never practically larger than
+16 bits, use smaller numeric sizes throughout the file to avoid the
+overflow.
+
+CVE: CVE-2022-33065
+Fixes: https://github.com/libsndfile/libsndfile/issues/833
+
+Authored-by: Arthur Taylor <art@ified.ca>
+Signed-off-by: Alex Stewart <alex.stewart@ni.com>
+Rebased-by: Alex Stewart <alex.stewart@ni.com>
+---
+ src/nms_adpcm.c | 85 ++++++++++++++++++++++++-------------------------
+ 1 file changed, 42 insertions(+), 43 deletions(-)
+
+diff --git a/src/nms_adpcm.c b/src/nms_adpcm.c
+index 96d6ad26..460ea077 100644
+--- a/src/nms_adpcm.c
++++ b/src/nms_adpcm.c
+@@ -48,36 +48,36 @@
+ /* Variable names from ITU G.726 spec */
+ struct nms_adpcm_state
+ {	/* Log of the step size multiplier. Operated on by codewords. */
+-	int yl ;
++	short yl ;
+ 
+ 	/* Quantizer step size multiplier. Generated from yl. */
+-	int y ;
++	short y ;
+ 
+-	/* Coefficents of the pole predictor */
+-	int a [2] ;
++	/* Coefficients of the pole predictor */
++	short a [2] ;
+ 
+-	/* Coefficents of the zero predictor  */
+-	int b [6] ;
++	/* Coefficients of the zero predictor  */
++	short b [6] ;
+ 
+ 	/* Previous quantized deltas (multiplied by 2^14) */
+-	int d_q [7] ;
++	short d_q [7] ;
+ 
+ 	/* d_q [x] + s_ez [x], used by the pole-predictor for signs only. */
+-	int p [3] ;
++	short p [3] ;
+ 
+ 	/* Previous reconstructed signal values. */
+-	int s_r [2] ;
++	short s_r [2] ;
+ 
+ 	/* Zero predictor components of the signal estimate. */
+-	int s_ez ;
++	short s_ez ;
+ 
+ 	/* Signal estimate, (including s_ez). */
+-	int s_e ;
++	short s_e ;
+ 
+ 	/* The most recent codeword (enc:generated, dec:inputted) */
+-	int Ik ;
++	char Ik ;
+ 
+-	int parity ;
++	char parity ;
+ 
+ 	/*
+ 	** Offset into code tables for the bitrate.
+@@ -109,7 +109,7 @@ typedef struct
+ } NMS_ADPCM_PRIVATE ;
+ 
+ /* Pre-computed exponential interval used in the antilog approximation. */
+-static unsigned int table_expn [] =
++static unsigned short table_expn [] =
+ {	0x4000, 0x4167, 0x42d5, 0x444c,	0x45cb, 0x4752, 0x48e2, 0x4a7a,
+ 	0x4c1b, 0x4dc7, 0x4f7a, 0x5138,	0x52ff, 0x54d1, 0x56ac, 0x5892,
+ 	0x5a82, 0x5c7e, 0x5e84, 0x6096,	0x62b4, 0x64dd, 0x6712, 0x6954,
+@@ -117,21 +117,21 @@ static unsigned int table_expn [] =
+ } ;
+ 
+ /* Table mapping codewords to scale factor deltas. */
+-static int table_scale_factor_step [] =
++static short table_scale_factor_step [] =
+ {	0x0,	0x0,	0x0,	0x0,	0x4b0,	0x0,	0x0,	0x0,	/* 2-bit */
+ 	-0x3c,	0x0,	0x90,	0x0,	0x2ee,	0x0,	0x898,	0x0,	/* 3-bit */
+ 	-0x30,	0x12,	0x6b,	0xc8,	0x188,	0x2e0,	0x551,	0x1150,	/* 4-bit */
+ } ;
+ 
+ /* Table mapping codewords to quantized delta interval steps. */
+-static unsigned int table_step [] =
++static unsigned short table_step [] =
+ {	0x73F,	0,		0,		0,		0x1829,	0,		0,		0,		/* 2-bit */
+ 	0x3EB,	0,		0xC18,	0,		0x1581,	0,		0x226E,	0,		/* 3-bit */
+ 	0x20C,	0x635,	0xA83,	0xF12,	0x1418,	0x19E3,	0x211A,	0x2BBA,	/* 4-bit */
+ } ;
+ 
+ /* Binary search lookup table for quantizing using table_step. */
+-static int table_step_search [] =
++static short table_step_search [] =
+ {	0,		0x1F6D,	0,		-0x1F6D,	0,		0,			0,			0, /* 2-bit */
+ 	0x1008,	0x1192,	0,		-0x219A,	0x1656,	-0x1656,	0,			0, /* 3-bit */
+ 	0x872,	0x1277,	-0x8E6,	-0x232B,	0xD06,	-0x17D7,	-0x11D3,	0, /* 4-bit */
+@@ -179,23 +179,23 @@ static sf_count_t nms_adpcm_seek (SF_PRIVATE *psf, int mode, sf_count_t offset)
+ ** Maps [1,20480] to [1,1024] in an exponential relationship. This is
+ ** approximately ret = b^exp where b = e^(ln(1024)/ln(20480)) ~= 1.0003385
+ */
+-static inline int
+-nms_adpcm_antilog (int exp)
+-{	int ret ;
++static inline short
++nms_adpcm_antilog (short exp)
++{	int_fast32_t r ;
+ 
+-	ret = 0x1000 ;
+-	ret += (((exp & 0x3f) * 0x166b) >> 12) ;
+-	ret *= table_expn [(exp & 0x7c0) >> 6] ;
+-	ret >>= (26 - (exp >> 11)) ;
++	r = 0x1000 ;
++	r += (((int_fast32_t) (exp & 0x3f) * 0x166b) >> 12) ;
++	r *= table_expn [(exp & 0x7c0) >> 6] ;
++	r >>= (26 - (exp >> 11)) ;
+ 
+-	return ret ;
++	return (short) r ;
+ } /* nms_adpcm_antilog */
+ 
+ static void
+ nms_adpcm_update (struct nms_adpcm_state *s)
+ {	/* Variable names from ITU G.726 spec */
+-	int a1ul ;
+-	int fa1 ;
++	short a1ul, fa1 ;
++	int_fast32_t se ;
+ 	int i ;
+ 
+ 	/* Decay and Modify the scale factor in the log domain based on the codeword. */
+@@ -222,7 +222,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ 	else if (fa1 > 256)
+ 		fa1 = 256 ;
+ 
+-	s->a [0] = (0xff * s->a [0]) >> 8 ;
++	s->a [0] = (s->a [0] * 0xff) >> 8 ;
+ 	if (s->p [0] != 0 && s->p [1] != 0 && ((s->p [0] ^ s->p [1]) < 0))
+ 		s->a [0] -= 192 ;
+ 	else
+@@ -230,7 +230,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ 		fa1 = -fa1 ;
+ 		}
+ 
+-	s->a [1] = fa1 + ((0xfe * s->a [1]) >> 8) ;
++	s->a [1] = fa1 + ((s->a [1] * 0xfe) >> 8) ;
+ 	if (s->p [0] != 0 && s->p [2] != 0 && ((s->p [0] ^ s->p [2]) < 0))
+ 		s->a [1] -= 128 ;
+ 	else
+@@ -250,19 +250,18 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ 			s->a [0] = a1ul ;
+ 		} ;
+ 
+-	/* Compute the zero predictor estimate. Rotate past deltas too. */
+-	s->s_ez = 0 ;
++	/* Compute the zero predictor estimate and rotate past deltas. */
++	se = 0 ;
+ 	for (i = 5 ; i >= 0 ; i--)
+-	{	s->s_ez += s->d_q [i] * s->b [i] ;
++	{	se += (int_fast32_t) s->d_q [i] * s->b [i] ;
+ 		s->d_q [i + 1] = s->d_q [i] ;
+ 		} ;
++	s->s_ez = se >> 14 ;
+ 
+-	/* Compute the signal estimate. */
+-	s->s_e = s->a [0] * s->s_r [0] + s->a [1] * s->s_r [1] + s->s_ez ;
+-
+-	/* Return to scale */
+-	s->s_ez >>= 14 ;
+-	s->s_e >>= 14 ;
++	/* Complete the signal estimate. */
++	se += (int_fast32_t) s->a [0] * s->s_r [0] ;
++	se += (int_fast32_t) s->a [1] * s->s_r [1] ;
++	s->s_e = se >> 14 ;
+ 
+ 	/* Rotate members to prepare for next iteration. */
+ 	s->s_r [1] = s->s_r [0] ;
+@@ -274,7 +273,7 @@ nms_adpcm_update (struct nms_adpcm_state *s)
+ static int16_t
+ nms_adpcm_reconstruct_sample (struct nms_adpcm_state *s, uint8_t I)
+ {	/* Variable names from ITU G.726 spec */
+-	int dqx ;
++	int_fast32_t dqx ;
+ 
+ 	/*
+ 	** The ordering of the 12-bit right-shift is a precision loss. It agrees
+@@ -308,17 +307,17 @@ nms_adpcm_codec_init (struct nms_adpcm_state *s, enum nms_enc_type type)
+ /*
+ ** nms_adpcm_encode_sample()
+ **
+-** Encode a linear 16-bit pcm sample into a 2,3, or 4 bit NMS-ADPCM codeword
++** Encode a linear 16-bit pcm sample into a 2, 3, or 4 bit NMS-ADPCM codeword
+ ** using and updating the predictor state.
+ */
+ static uint8_t
+ nms_adpcm_encode_sample (struct nms_adpcm_state *s, int16_t sl)
+ {	/* Variable names from ITU G.726 spec */
+-	int d ;
++	int_fast32_t d ;
+ 	uint8_t I ;
+ 
+ 	/* Down scale the sample from 16 => ~14 bits. */
+-	sl = (sl * 0x1fdf) / 0x7fff ;
++	sl = ((int_fast32_t) sl * 0x1fdf) / 0x7fff ;
+ 
+ 	/* Compute estimate, and delta from actual value */
+ 	nms_adpcm_update (s) ;
+@@ -407,7 +406,7 @@ nms_adpcm_encode_sample (struct nms_adpcm_state *s, int16_t sl)
+ */
+ static int16_t
+ nms_adpcm_decode_sample (struct nms_adpcm_state *s, uint8_t I)
+-{	int sl ;
++{	int_fast32_t sl ;
+ 
+ 	nms_adpcm_update (s) ;
+ 	sl = nms_adpcm_reconstruct_sample (s, I) ;
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
index 9c1f601..a9ee7c3 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.2.2.bb
@@ -9,6 +9,7 @@
 
 SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/libsndfile-${PV}.tar.xz \
            file://noopus.patch \
+           file://cve-2022-33065.patch \
           "
 GITHUB_BASE_URI = "https://github.com/libsndfile/libsndfile/releases/"