subtree updates:openembedded:poky: Jan 27 2023
poky: 0ce159991d..5e249ec855:
Alex Kiernan (2):
rust: Upgrade 1.66.0 -> 1.66.1
rust: Remove CARGO_VERSION
Alexander Kanavin (7):
selftest/virgl: use pkg-config from the host
ethtool: upgrade 6.0 -> 6.1
man-pages: upgrade 6.01 -> 6.02
mesa: update 22.2.3 -> 22.3.3
webkitgtk: submit a patch upstream
python3-sphinxcontrib-applehelp: update 1.0.2 -> 1.0.3
vulkan-samples: branch rename master -> main
Benoît Mauduit (1):
lib/oe/reproducible: Use git log without gpg signature
Bruce Ashfield (6):
linux-yocto/6.1: edgerouter: Replace OCTEON_USB with USB_OCTEON_HCD
linux-yocto/6.1: qemuriscv32: Enable CONFIG_NONPORTABLE
linux-yocto/6.1: update to v6.1.5
linux-yocto/5.15: update to v5.15.87
conf/qemu: bump preferred kernel version to 6.1
poky/poky-tiny: bump preferred version to 6.1
Changqing Li (1):
cmake-native: use internal cmcurl library
Chen Qi (2):
file: export MAGIC in SDK
rpm: do not export MAGIC in SDK
Chuck Wolber (1):
scripts/oe-setup-layers: Make efficiently idempotent
Fabio Estevam (2):
u-boot: Upgrade to 2023.01
u-boot: Update Upstream-Status
He Zhe (1):
lttng-modules: update 2.13.7 -> 2.13.8
Jan Luebbe (1):
p11-kit: add native to BBCLASSEXTEND
Jermain Horsman (1):
cve-check: write the cve manifest to IMGDEPLOYDIR
Kevin Hao (1):
meta-yocto-bsp: Update the default kernel to 6.1
Khem Raj (31):
createrepo-c: Include missing rpm/rpmstring.h
libglu: Remove deprecated register in C++17
cpio: Do not use _Noreturn in gnulib
groff: Drop use of `register` storage class
vulkan-samples: Update to the tip of trunk
unfs3: Fix implicit function declarations of fix_dir_times()
gperf: Make the code C++17 compliant
libxcb: Fixed c2x standard undefined behaviour
dbus: Use Alignof when using C11 or newer standard
m4: Define alignof_slot using _Alignof when using C11 or newer
opkg: Define alignof using _Alignof when using C11 or newer
cpio: Fix gnulib alignof implementation on clang
python3-numpy: Define _ALIGN using _Alignof when using C11 or newer
vulkan-samples: Drop using u8string_view
musl-obstack: Update to 1.2.3
mdadm: Define alignof using _Alignof when using C11 or newer
lttng-tools: Switch to alternative upstream submitted patch
libtirpc: Check if file exists before operating on it
ruby: Use C11 _Alignof to define ALIGN_OF when possible
libusb1: Link with latomic only if compiler has no atomic builtins
libusb1: Strip trailing whitespaces
elfutils: Fix build with libcurl >= 7.87
stress-ng: Robustify test-float test
harfbuzz: Add missing <cstdio> and <cstdlib> includes
apt: add missing <cstdint> for uint16_t
vulkan-samples: Include missing header cstdint for uint32_t
ruby: Update the patch status
systemd: Add another fix for using XSI strerror_r
elfutils: Remove funcretval test from run-native-test.sh for now
binutils: Upgrade to 2.40 release
binutils: Package libsframe
Lee Chee Yang (1):
migration-guides: add release-notes for 4.1.2
Luca Boccassi (1):
systemd: add PACKAGECONFIG to select default compression format
Luca Ceresoli (1):
manuals: fix typo in the MLPREFIX description
Markus Volk (3):
gptfdisk: add follow-up patch to fix with current popt
gtk+3: add PACKAGECONFIG for libcloudservice and tracker; fix cups backend
gtk4: add PACKAGECONFIG for cloudproviders
Martin Jansa (1):
mesa: update submitted patch with backported version
Michael Opdenacker (3):
rust-bin.bbclass: remove unused class
meta/classes-global: remove package_tar.bbclass
ref-manual: initial documentation for go and go-mod classes
Mikko Rapeli (1):
kmod: enable openssl support by default
Niko Mauno (1):
Fix missing leading whitespace with ':append'
Ovidiu Panait (1):
webkitgtk: fix perl-native dependency
Paulo Neves (1):
bitbake: bitbake-getvar: Add a quiet command line argument
Pavel Zhukov (3):
bitbake: fetch2: kill parameters in uri_find_decoded
bitbake: fetch2/tests: Add test for Mercurial
bitbake: fetch2/tests: Add parameter to recipe_uri
Pawel Zalewski (1):
classes/fs-uuid: Fix command output decoding issue
Peter Kjellerstedt (2):
librsvg: Only enable the Vala bindings if GObject Introspection is enabled
cargo-update-recipe-crates.bbclass: Mark the update_crates task as nostamp
Peter Marko (1):
iproute2: separate routel and add python dependency
Quentin Schulz (1):
packagegroup-core-boot: make init-ifupdown package a recommendation
Randy MacLeod (1):
vim: upgrade 9.0.0947 -> 9.0.1211
Richard Purdie (23):
bitbake: server/process: Improve lockfile handling at exit
pseudo: Update to pull in linux-libc-headers race fix
pseudo: Switch back to the master branch
insane: Improve patch warning/error handling
poky: Set INIT_MANAGER by a separate variable
bitbake: server/process: Fix lockfile contents check bug
bitbake: cooker: Fix siggen recipe cache race issue
bitbake: cache: Only write files if we have data
bitbake: cooker: Fix parsing race around cache handling
bitbake: data: Add support for new BB_HASH_CODEPARSER_VALS for cache optimisation
bitbake: data_smart: Small optimisation to _findVar()
native: Drop special variable handling
bitbake.conf: Add BB_HASH_CODEPARSER_VALS
pseudo: Update to include logic fix
bitbake.conf: Add METADATA_REVISION to BB_HASH_CODEPARSER_VALS
native: Implement BBCLASSEXTEND PACKAGES_DYNAMIC handling
conf/sdk/x86-64: Set march specifically
bitbake: cache/codeparser: Switch to a new BB_CACHEDIR variable for cache location
oeqa/selftest/devtool: Fix for linux 6.1 versions onwards
wic/efi-bootdisk.wks: Fix for 6.1 kernel versions
kernel/linux-kernel-base: Fix kernel build artefact determinism issues
build-appliance-image: Update to master head revision
build-appliance: Fix merge error
Ross Burton (12):
python3-pyproject-hooks: add new recipe
python3-build: add 0.10.0
python_pep517: use python3-build, not picobuild
python3-picobuild: remove
cve-update-db-native: show IP on failure
quilt: rewrite ptest glue
quilt: fix intermittent failure in faildiff.test
spirv-headers/spirv-tools: set correct branch name
quilt: use upstreamed faildiff.test fix
ppp: backport fix for CVE-2022-4603
bitbake: bb/utils: include SSL certificate paths in export_proxies
buildtools-tarball: set pkg-config search path
Thomas Roos (1):
devtool: fix devtool finish when gitmodules file is empty
Tim Orling (3):
bitbake: bitbake: fix deprecated threading.Thread.setDaemon
python3-cryptography{-vectors}: 38.0.4 -> 39.0.0
bitbake: toaster: update fixtures
Tom Hochstein (1):
gstreamer1.0-plugins-good: Fix libsoup runtime dependency
Vincent Davis Jr (1):
mesa: allow mesa (gbm) to compile without backend
Wang Mingyu (20):
btrfs-tools: upgrade 6.1 -> 6.1.2
libpcap: upgrade 1.10.2 -> 1.10.3
libwebp: upgrade 1.2.4 -> 1.3.0
man-db: upgrade 2.11.1 -> 2.11.2
dpkg: upgrade 1.21.17 -> 1.21.18
ed: upgrade 1.18 -> 1.19
gi-docgen: upgrade 2022.2 -> 2023.1
python3-alabaster: upgrade 0.7.12 -> 0.7.13
python3-setuptools: upgrade 65.6.3 -> 65.7.0
patchelf: upgrade 0.17.0 -> 0.17.2
python3-cython: upgrade 0.29.32 -> 0.29.33
python3-dbusmock: upgrade 0.28.6 -> 0.28.7
python3-hatchling: upgrade 1.12.1 -> 1.12.2
python3-hypothesis: upgrade 6.61.0 -> 6.62.0
python3-importlib-metadata: upgrade 5.2.0 -> 6.0.0
python3-packaging: upgrade 22.0 -> 23.0
python3-pbr: upgrade 5.11.0 -> 5.11.1
python3-pygments: upgrade 2.13.0 -> 2.14.0
stress-ng: upgrade 0.15.01 -> 0.15.02
xz: upgrade 5.4.0 -> 5.4.1
Xiangyu Chen (4):
numactl: skip test case when target platform doesn't have 2 CPU node
qemuboot.bbclass: add QB_NFSROOTFS_EXTRA_OPT for nfs rootfs extra option
runqemu: add process of option QB_NFSROOTFS_EXTRA_OPT
qemuppc64: set the qemuppc64 nfs r/wsize mount options to 524288
Yoann Congal (2):
bitbake: persist_data: Handle sqlite error when cachefile path is too long
sanity: Fix small typos
meta-openembedded: cd13881611..2ab113e8be:
Alejandro Enedino Hernandez Samaniego (1):
weechat: Update 3.4.1 -> 3.8
Alex Kiernan (4):
dnsmasq: Merge .inc into .bb
dnsmasq: Expand configuration options
ntpsec: Upgrade 1.2.1 -> 1.2.2
keyutils: Upgrade 1.6.1 -> 1.6.3
Archana Polampalli (1):
Nodejs: Upgrade to 18.12.1
Bartosz Golaszewski (1):
libgpiod: fix python bindings build
Chee Yang Lee (5):
opencv: fix reproducible builds
xerces-c: upgrade to 3.2.4
zsh: Fix CVE-2021-45444
redis: Upgrade to 7.0.8
redis: Upgrade to 6.2.9
Dmitry Baryshkov (1):
edid-decode: an utility to parse EDID information
Etienne Cordonnier (1):
uutils-coreutils: upgrade 0.0.16 -> 0.0.17
Fabio Estevam (1):
lvgl-demo-fb: Add recipe
Gianfranco Costamagna (1):
boinc-client: Update boinc from 7.20.4 to 7.20.5
Hermes Zhang (1):
kernel_add_regdb: Change the task order
Jan Luebbe (3):
pcsc-lite: fix native build
pcsc-lite: fix homepage URL
opensc: fix homepage URL
Kai Kang (2):
mozjs: fix compile error for arm
crda: 3.18 -> 4.15
Khem Raj (65):
packagegroup-meta-oe: Remove boost-url from comments
trace-cmd: Update to upstream submitted patches
packagegroup-meta-oe: Update to reflect latest recipes
freeglut: Add packageconfigs for x11/wayland/gles
xdg-desktop-portal-wlr: Add wayland to REQUIRED_DISTRO_FEATURES
ipmitool: Remove unneeded patch
dibbler: Fix build with c++17 and newer std
libtevent: Package cmocka tests into ptest package
netkit-telnet: Drop using register storage class keyword
libxml-libxml-perl: Fix function pointer types
fatcat: Fix build with std=c++17
ncmpc: Upgrade to 0.47
python3-matplotlib: Upgrade to 3.6.3
python3-matplotlib: Fix build with c++17
python3-greenlet: Drop using register keyword
libmodplug: Fix build with c++17
xmlrpc-c: Upgrade to 1.54.06
satyr: Fix build with musl
p8platform: Fix build with c++17 clang
freerdp: Fix incompatible function pointer type
libtorrent: Update to tip of trunk
gnuchess: Fix build with c++17
ippool: Use unsigned int type for 1-bit integer bitfield
audiofile: Stick to c++14 std
ssiapi: Use c++14 standard
log4cpp: Keep using std=c++14
gengetopt: Use std=c++14
libmimetic: Pin to using -std=c++14
ace: Upgrade to 6.5.19
pipewire-media-session: Use PW_ENABLE_DEPRECATED
rtorrent: Update to latest tip of trunk
nspr: Fix build with clang16
net-snmp: Fix build with clang16
xmlstarlet: Fix build with clang16
libol: Drop recipe
hplip: Update to 3.22.10
espeak: Drop using 'register' keyword for storage classifier
uw-imap: Fix build with clang 16
xmlsec1: Include xmlsec/parser.h for xmlSecParserSetDefaultOptions()
exiv2: Upgrade to 0.27.6
packagegroup-meta-oe: Remove mongodb for upsupported arches
rtorrent: Add missing dependency on autoconf-archive
thrift: Fix c++ and system header include order problem
libcereal: Use -idirafter instead of -isystem
poppler: cmake: Do not use -isystem
uftreace: Fix a build race
sdbus-c++: Disable ccache
libcamera: Fix build with gcc-13
mariadb: Fix build with gcc-13
vulkan-cts,opengl-es-cts: Fix build with gcc-13
rocksdb: Fix build with gcc13
rocksdb: Upgrade to 7.9.2
redis-plus-plus: Upgrade to 1.3.7
redis-plus-plus: Fix build with gcc13
rdfind: Upgrade to 1.5.0 release
rdfind: Fix build with gcc13
libiodbc: Fix SRC_URI to not use gitlab archives
opensaf: Fix build with gcc13
crossguid: Fix build with gcc13
dbus-cxx: Fix build with gcc13
dbus-cxx: Upgrade to 2.3.1
msktutil: Upgrade to 1.2.1
hiredis: Enable SSL/TLS support by default
redis-plus-plus: Enable SSL/TLS by default
rocksdb: Fix build with clang compiler
Lei Maohui (2):
biodbc: Added a new recipe.
trace-cmd: Fix QA Issue of do_package when enable multilib:
Leon Anavi (14):
python3-traitlets: Upgrade 5.8.0 -> 5.8.1
python3-prettytable: Upgrade 3.4.1 -> 3.6.0
python3-cantools: Upgrade 38.0.0 -> 38.0.1
python3-imageio: Upgrade 2.23.0 -> 2.24.0
python3-astroid: Upgrade 2.12.13 -> 2.13.2
python3-alembic: Upgrade 1.9.1 -> 1.9.2
python3-autobahn: Upgrade 22.12.1 -> 23.1.1
python3-eventlet: Upgrade 0.33.2 -> 0.33.3
python3-configobj: Upgrade 5.0.6 -> 5.0.8
python3-nocaselist: Upgrade 1.0.6 -> 1.1.0
python3-nocasedict: Upgrade 1.0.4 -> 1.1.0
python3-email-validator: Upgrade 1.3.0 -> 1.3.1
python3-imageio: Upgrade 2.24.0 -> 2.25.0
python3-cachetools: Upgrade 5.2.1 -> 5.3.0
Markus Volk (8):
webp-pixbuf-loader: add recipe
freerdp: build the rdp server
nv-codec-headers: add recipe
gnome-chess: import recipe
gnome-shell: update 43.1 -> 43.2
pipewire: update 0.3.63 -> 0.3.64
cups-filters: build with dbus support
cups-pk-helper: add recipe
Martin Jansa (3):
s-nail: fix Upstream-Status format
smartmontools: fix Upstream-Status format
htop: fix Upstream-Status format
Niko Mauno (2):
Fix missing leading whitespace with ':append'
nftables: Fix missing leading whitespace with ':append'
Peter Bašista (1):
Make tvheadend recipe compatible with the latest tvheadend version
Quentin Schulz (1):
python3-reedsolo: Add recipe
Randy MacLeod (2):
librelp: update to 1.11.0
rsyslog: update to 8.2212.0
Richard Hughes (1):
fwupd: Upgrade to 1.8.9
Robert Yang (1):
tftpy: Add it for python tftp server and client
Ross Burton (3):
khronos-cts: fix build when python3-build-native is present
python3-pytest-forked: update for move from picobuild to build
mbedtls: add option to use PSA for X.509/TLS operations
Stefan Ghinea (1):
mbedtls: upgrade to 2.28.2 to fix CVE-2022-46392, CVE-2022-46393
Trevor Woerner (1):
psqlodbc: fix HOMEPAGE
Wang Mingyu (62):
ctags: upgrade 6.0.20230101.0 -> 6.0.20230108.0
flatbuffers: upgrade 22.12.06 -> 23.1.4
libadwaita: upgrade 1.2.0 -> 1.2.1
hwdata: upgrade 0.365 -> 0.366
libmoo-perl: upgrade 2.005004 -> 2.005005
evolution-data-server-native: upgrade 3.46.2 -> 3.46.3
cli11: upgrade 2.3.1 -> 2.3.2
imapfilter: upgrade 2.7.6 -> 2.8.1
libcgi-perl: upgrade 4.54 -> 4.55
hidapi: upgrade 0.12.0 -> 0.13.0
python3-lazy-object-proxy: upgrade 1.8.0 -> 1.9.0
xfsprogs: upgrade 6.0.0 -> 6.1.0
tbb: upgrade 2021.7.0 -> 2021.8.0
python3-networkx: upgrade 2.8.8 -> 3.0
python3-sqlalchemy: upgrade 1.4.45 -> 1.4.46
python3-aiohue: upgrade 4.5.0 -> 4.6.1
python3-cachetools: upgrade 5.2.0 -> 5.2.1
python3-google-api-python-client: upgrade 2.70.0 -> 2.71.0
python3-flask-migrate: upgrade 4.0.0 -> 4.0.1
python3-coverage: upgrade 7.0.3 -> 7.0.4
python3-googleapis-common-protos: upgrade 1.57.0 -> 1.58.0
python3-ipython: upgrade 8.7.0 -> 8.8.0
python3-redis: upgrade 4.4.0 -> 4.4.1
python3-robotframework: upgrade 6.0.1 -> 6.0.2
python3-uefi-firmware: upgrade 1.9 -> 1.10
python3-ujson: upgrade 5.6.0 -> 5.7.0
python3-xlsxwriter: upgrade 3.0.5 -> 3.0.6
xfsprogs: upgrade 6.1.0 -> 6.1.1
xfstests: upgrade 2022.12.18 -> 2023.01.01
eog: upgrade 43.1 -> 43.2
gvfs: upgrade 1.50.2 -> 1.50.3
libnma: upgrade 1.10.4 -> 1.10.6
nautilus: upgrade 43.1 -> 43.2
nbdkit: upgrade 1.33.4 -> 1.33.7
networkmanager: upgrade 1.40.0 -> 1.40.10
tcpdump: upgrade 4.99.2 -> 4.99.3
unbound: upgrade 1.17.0 -> 1.17.1
ctags: upgrade 6.0.20230108.0 -> 6.0.20230115.0
dnfdragora: upgrade 2.1.3 -> 2.1.4
gensio: upgrade 2.6.1 -> 2.6.2
hidapi: upgrade 0.13.0 -> 0.13.1
librelp: upgrade 1.10.0 -> 1.11.0
libtraceevent: upgrade 1.7.0 -> 1.7.1
libtracefs: upgrade 1.6.3 -> 1.6.4
uftrace: upgrade 0.12 -> 0.13
xterm: upgrade 377 -> 378
python3-absl: upgrade 1.3.0 -> 1.4.0
python3-coverage: upgrade 7.0.4 -> 7.0.5
python3-dateparser: upgrade 1.1.5 -> 1.1.6
python3-decouple: upgrade 3.6 -> 3.7
python3-dnspython: upgrade 2.2.1 -> 2.3.0
python3-flask-wtf: upgrade 1.0.1 -> 1.1.0
python3-future: upgrade 0.18.2 -> 0.18.3
python3-google-api-python-client: upgrade 2.71.0 -> 2.72.0
python3-google-auth: upgrade 2.15.0 -> 2.16.0
python3-mock: upgrade 5.0.0 -> 5.0.1
python3-pymodbus: upgrade 3.0.2 -> 3.1.0
python3-pyzmq: upgrade 24.0.1 -> 25.0.0
python3-redis: upgrade 4.4.1 -> 4.4.2
python3-sentry-sdk: upgrade 1.12.1 -> 1.13.0
python3-txaio: upgrade 22.2.1 -> 23.1.1
python3-xlsxwriter: upgrade 3.0.6 -> 3.0.7
Yi Zhao (2):
freeradius: upgrade 3.0.21 -> 3.0.26
strongswan: upgrade 5.9.8 -> 5.9.9
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I625cfaa0bd5052cd72a121f010db3ecd2f274caf
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch
deleted file mode 100644
index 96146a1..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 04d5f4805a86302a0e135a28d58a6c1ff6a68d52 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Andreas=20M=C3=BCller?= <schnitzeltony@gmail.com>
-Date: Thu, 30 Jul 2020 23:03:51 +0200
-Subject: [PATCH] Use compiler -fcf-protection only if compiler/arch supports
- it
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-There have been some PRs they were either rejected or some general suggestion
-for more flags suggested. So
-
-Upstream-Status: Pending
-
-Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
----
- cmake/compilerFlags.cmake | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/cmake/compilerFlags.cmake b/cmake/compilerFlags.cmake
-index 12caf42..455525e 100644
---- a/cmake/compilerFlags.cmake
-+++ b/cmake/compilerFlags.cmake
-@@ -26,7 +26,12 @@ if ( MINGW OR UNIX OR MSYS ) # MINGW, Linux, APPLE, CYGWIN
- # This fails under Fedora, MinGW GCC 8.3.0 and CYGWIN/MSYS 9.3.0
- if (NOT (MINGW OR CMAKE_HOST_SOLARIS OR CYGWIN OR MSYS) )
- if (COMPILER_IS_GCC AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 8.0)
-- add_compile_options(-fstack-clash-protection -fcf-protection)
-+ # Gcc does support -fcf-protection on few arches only
-+ CHECK_CXX_COMPILER_FLAG(-fcf-protection COMPILER_SUPPORTS_FCF_PROTECTION)
-+ if (COMPILER_SUPPORTS_FCF_PROTECTION)
-+ add_compile_options(-fcf-protection)
-+ endif()
-+ add_compile_options(-fstack-clash-protection)
- endif()
-
- if( (COMPILER_IS_GCC AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 5.0) # Not in GCC 4.8
---
-2.21.3
-
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29457.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29457.patch
deleted file mode 100644
index e5d0694..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29457.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 13e5a3e02339b746abcaee6408893ca2fd8e289d Mon Sep 17 00:00:00 2001
-From: Pydera <pydera@mailbox.org>
-Date: Thu, 8 Apr 2021 17:36:16 +0200
-Subject: [PATCH] Fix out of buffer access in #1529
-
----
- src/jp2image.cpp | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/jp2image.cpp b/src/jp2image.cpp
-index 88ab9b2d6..12025f966 100644
---- a/src/jp2image.cpp
-+++ b/src/jp2image.cpp
-@@ -776,9 +776,10 @@ static void boxes_check(size_t b,size_t m)
- #endif
- box.length = (uint32_t) (io_->size() - io_->tell() + 8);
- }
-- if (box.length == 1)
-+ if (box.length < 8)
- {
-- // FIXME. Special case. the real box size is given in another place.
-+ // box is broken, so there is nothing we can do here
-+ throw Error(kerCorruptedMetadata);
- }
-
- // Read whole box : Box header + Box data (not fixed size - can be null).
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch
deleted file mode 100644
index 285f6fe..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29458.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 9b7a19f957af53304655ed1efe32253a1b11a8d0 Mon Sep 17 00:00:00 2001
-From: Kevin Backhouse <kevinbackhouse@github.com>
-Date: Fri, 9 Apr 2021 13:37:48 +0100
-Subject: [PATCH] Fix integer overflow.
----
- src/crwimage_int.cpp | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp
-index aefaf22..2e3e507 100644
---- a/src/crwimage_int.cpp
-+++ b/src/crwimage_int.cpp
-@@ -559,7 +559,7 @@ namespace Exiv2 {
- void CiffComponent::setValue(DataBuf buf)
- {
- if (isAllocated_) {
-- delete pData_;
-+ delete[] pData_;
- pData_ = 0;
- size_ = 0;
- }
-@@ -1167,7 +1167,11 @@ namespace Exiv2 {
- pCrwMapping->crwDir_);
- if (edX != edEnd || edY != edEnd || edO != edEnd) {
- uint32_t size = 28;
-- if (cc && cc->size() > size) size = cc->size();
-+ if (cc) {
-+ if (cc->size() < size)
-+ throw Error(kerCorruptedMetadata);
-+ size = cc->size();
-+ }
- DataBuf buf(size);
- std::memset(buf.pData_, 0x0, buf.size_);
- if (cc) std::memcpy(buf.pData_ + 8, cc->pData() + 8, cc->size() - 8);
---
-2.25.1
-
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29463.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29463.patch
deleted file mode 100644
index 5ab64a7..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29463.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-From 783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b Mon Sep 17 00:00:00 2001
-From: Kevin Backhouse <kevinbackhouse@github.com>
-Date: Mon, 19 Apr 2021 18:06:00 +0100
-Subject: [PATCH] Improve bound checking in WebPImage::doWriteMetadata()
-
----
- src/webpimage.cpp | 41 ++++++++++++++++++++++++++++++-----------
- 1 file changed, 30 insertions(+), 11 deletions(-)
-
-diff --git a/src/webpimage.cpp b/src/webpimage.cpp
-index 4ddec544c..fee110bca 100644
---- a/src/webpimage.cpp
-+++ b/src/webpimage.cpp
-@@ -145,7 +145,7 @@ namespace Exiv2 {
- DataBuf chunkId(WEBP_TAG_SIZE+1);
- chunkId.pData_ [WEBP_TAG_SIZE] = '\0';
-
-- io_->read(data, WEBP_TAG_SIZE * 3);
-+ readOrThrow(*io_, data, WEBP_TAG_SIZE * 3, Exiv2::kerCorruptedMetadata);
- uint64_t filesize = Exiv2::getULong(data + WEBP_TAG_SIZE, littleEndian);
-
- /* Set up header */
-@@ -185,13 +185,20 @@ namespace Exiv2 {
- case we have any exif or xmp data, also check
- for any chunks with alpha frame/layer set */
- while ( !io_->eof() && (uint64_t) io_->tell() < filesize) {
-- io_->read(chunkId.pData_, WEBP_TAG_SIZE);
-- io_->read(size_buff, WEBP_TAG_SIZE);
-- long size = Exiv2::getULong(size_buff, littleEndian);
-+ readOrThrow(*io_, chunkId.pData_, WEBP_TAG_SIZE, Exiv2::kerCorruptedMetadata);
-+ readOrThrow(*io_, size_buff, WEBP_TAG_SIZE, Exiv2::kerCorruptedMetadata);
-+ const uint32_t size_u32 = Exiv2::getULong(size_buff, littleEndian);
-+
-+ // Check that `size_u32` is safe to cast to `long`.
-+ enforce(size_u32 <= static_cast<size_t>(std::numeric_limits<unsigned int>::max()),
-+ Exiv2::kerCorruptedMetadata);
-+ const long size = static_cast<long>(size_u32);
- DataBuf payload(size);
-- io_->read(payload.pData_, payload.size_);
-- byte c;
-- if ( payload.size_ % 2 ) io_->read(&c,1);
-+ readOrThrow(*io_, payload.pData_, payload.size_, Exiv2::kerCorruptedMetadata);
-+ if ( payload.size_ % 2 ) {
-+ byte c;
-+ readOrThrow(*io_, &c, 1, Exiv2::kerCorruptedMetadata);
-+ }
-
- /* Chunk with information about features
- used in the file. */
-@@ -199,6 +206,7 @@ namespace Exiv2 {
- has_vp8x = true;
- }
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8X) && !has_size) {
-+ enforce(size >= 10, Exiv2::kerCorruptedMetadata);
- has_size = true;
- byte size_buf[WEBP_TAG_SIZE];
-
-@@ -227,6 +235,7 @@ namespace Exiv2 {
- }
- #endif
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8) && !has_size) {
-+ enforce(size >= 10, Exiv2::kerCorruptedMetadata);
- has_size = true;
- byte size_buf[2];
-
-@@ -244,11 +253,13 @@ namespace Exiv2 {
-
- /* Chunk with with lossless image data. */
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8L) && !has_alpha) {
-+ enforce(size >= 5, Exiv2::kerCorruptedMetadata);
- if ((payload.pData_[4] & WEBP_VP8X_ALPHA_BIT) == WEBP_VP8X_ALPHA_BIT) {
- has_alpha = true;
- }
- }
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8L) && !has_size) {
-+ enforce(size >= 5, Exiv2::kerCorruptedMetadata);
- has_size = true;
- byte size_buf_w[2];
- byte size_buf_h[3];
-@@ -276,11 +287,13 @@ namespace Exiv2 {
-
- /* Chunk with animation frame. */
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_ANMF) && !has_alpha) {
-+ enforce(size >= 6, Exiv2::kerCorruptedMetadata);
- if ((payload.pData_[5] & 0x2) == 0x2) {
- has_alpha = true;
- }
- }
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_ANMF) && !has_size) {
-+ enforce(size >= 12, Exiv2::kerCorruptedMetadata);
- has_size = true;
- byte size_buf[WEBP_TAG_SIZE];
-
-@@ -309,16 +322,22 @@ namespace Exiv2 {
-
- io_->seek(12, BasicIo::beg);
- while ( !io_->eof() && (uint64_t) io_->tell() < filesize) {
-- io_->read(chunkId.pData_, 4);
-- io_->read(size_buff, 4);
-+ readOrThrow(*io_, chunkId.pData_, 4, Exiv2::kerCorruptedMetadata);
-+ readOrThrow(*io_, size_buff, 4, Exiv2::kerCorruptedMetadata);
-+
-+ const uint32_t size_u32 = Exiv2::getULong(size_buff, littleEndian);
-
-- long size = Exiv2::getULong(size_buff, littleEndian);
-+ // Check that `size_u32` is safe to cast to `long`.
-+ enforce(size_u32 <= static_cast<size_t>(std::numeric_limits<unsigned int>::max()),
-+ Exiv2::kerCorruptedMetadata);
-+ const long size = static_cast<long>(size_u32);
-
- DataBuf payload(size);
-- io_->read(payload.pData_, size);
-+ readOrThrow(*io_, payload.pData_, size, Exiv2::kerCorruptedMetadata);
- if ( io_->tell() % 2 ) io_->seek(+1,BasicIo::cur); // skip pad
-
- if (equalsWebPTag(chunkId, WEBP_CHUNK_HEADER_VP8X)) {
-+ enforce(size >= 1, Exiv2::kerCorruptedMetadata);
- if (has_icc){
- payload.pData_[0] |= WEBP_VP8X_ICC_BIT;
- } else {
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29464.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29464.patch
deleted file mode 100644
index f0c4824..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29464.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From 61734d8842cb9cc59437463e3bac54d6231d9487 Mon Sep 17 00:00:00 2001
-From: Wang Mingyu <wangmy@fujitsu.com>
-Date: Tue, 18 May 2021 10:52:54 +0900
-Subject: [PATCH] modify
-
-Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
----
- src/jp2image.cpp | 14 +++++++++-----
- 1 file changed, 9 insertions(+), 5 deletions(-)
-
-diff --git a/src/jp2image.cpp b/src/jp2image.cpp
-index 52723a4..0ac4f50 100644
---- a/src/jp2image.cpp
-+++ b/src/jp2image.cpp
-@@ -643,11 +643,11 @@ static void boxes_check(size_t b,size_t m)
- void Jp2Image::encodeJp2Header(const DataBuf& boxBuf,DataBuf& outBuf)
- {
- DataBuf output(boxBuf.size_ + iccProfile_.size_ + 100); // allocate sufficient space
-- int outlen = sizeof(Jp2BoxHeader) ; // now many bytes have we written to output?
-- int inlen = sizeof(Jp2BoxHeader) ; // how many bytes have we read from boxBuf?
-+ long outlen = sizeof(Jp2BoxHeader) ; // now many bytes have we written to output?
-+ long inlen = sizeof(Jp2BoxHeader) ; // how many bytes have we read from boxBuf?
- Jp2BoxHeader* pBox = (Jp2BoxHeader*) boxBuf.pData_;
-- int32_t length = getLong((byte*)&pBox->length, bigEndian);
-- int32_t count = sizeof (Jp2BoxHeader);
-+ uint32_t length = getLong((byte*)&pBox->length, bigEndian);
-+ uint32_t count = sizeof (Jp2BoxHeader);
- char* p = (char*) boxBuf.pData_;
- bool bWroteColor = false ;
-
-@@ -664,6 +664,7 @@ static void boxes_check(size_t b,size_t m)
- #ifdef EXIV2_DEBUG_MESSAGES
- std::cout << "Jp2Image::encodeJp2Header subbox: "<< toAscii(subBox.type) << " length = " << subBox.length << std::endl;
- #endif
-+ enforce(subBox.length <= length - count, Exiv2::kerCorruptedMetadata);
- count += subBox.length;
- newBox.type = subBox.type;
- } else {
-@@ -672,12 +673,13 @@ static void boxes_check(size_t b,size_t m)
- count = length;
- }
-
-- int32_t newlen = subBox.length;
-+ uint32_t newlen = subBox.length;
- if ( newBox.type == kJp2BoxTypeColorHeader ) {
- bWroteColor = true ;
- if ( ! iccProfileDefined() ) {
- const char* pad = "\x01\x00\x00\x00\x00\x00\x10\x00\x00\x05\x1cuuid";
- uint32_t psize = 15;
-+ enforce(newlen <= output.size_ - outlen, Exiv2::kerCorruptedMetadata);
- ul2Data((byte*)&newBox.length,psize ,bigEndian);
- ul2Data((byte*)&newBox.type ,newBox.type,bigEndian);
- ::memcpy(output.pData_+outlen ,&newBox ,sizeof(newBox));
-@@ -686,6 +688,7 @@ static void boxes_check(size_t b,size_t m)
- } else {
- const char* pad = "\0x02\x00\x00";
- uint32_t psize = 3;
-+ enforce(newlen <= output.size_ - outlen, Exiv2::kerCorruptedMetadata);
- ul2Data((byte*)&newBox.length,psize+iccProfile_.size_,bigEndian);
- ul2Data((byte*)&newBox.type,newBox.type,bigEndian);
- ::memcpy(output.pData_+outlen ,&newBox ,sizeof(newBox) );
-@@ -694,6 +697,7 @@ static void boxes_check(size_t b,size_t m)
- newlen = psize + iccProfile_.size_;
- }
- } else {
-+ enforce(newlen <= output.size_ - outlen, Exiv2::kerCorruptedMetadata);
- ::memcpy(output.pData_+outlen,boxBuf.pData_+inlen,subBox.length);
- }
-
---
-2.25.1
-
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29470.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29470.patch
deleted file mode 100644
index eedf9d7..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29470.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 6628a69c036df2aa036290e6cd71767c159c79ed Mon Sep 17 00:00:00 2001
-From: Kevin Backhouse <kevinbackhouse@github.com>
-Date: Wed, 21 Apr 2021 12:06:04 +0100
-Subject: [PATCH] Add more bounds checks in Jp2Image::encodeJp2Header
----
- src/jp2image.cpp | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/jp2image.cpp b/src/jp2image.cpp
-index b424225..349a9f0 100644
---- a/src/jp2image.cpp
-+++ b/src/jp2image.cpp
-@@ -645,13 +645,16 @@ static void boxes_check(size_t b,size_t m)
- DataBuf output(boxBuf.size_ + iccProfile_.size_ + 100); // allocate sufficient space
- long outlen = sizeof(Jp2BoxHeader) ; // now many bytes have we written to output?
- long inlen = sizeof(Jp2BoxHeader) ; // how many bytes have we read from boxBuf?
-+ enforce(sizeof(Jp2BoxHeader) <= static_cast<size_t>(output.size_), Exiv2::kerCorruptedMetadata);
- Jp2BoxHeader* pBox = (Jp2BoxHeader*) boxBuf.pData_;
- uint32_t length = getLong((byte*)&pBox->length, bigEndian);
-+ enforce(length <= static_cast<size_t>(output.size_), Exiv2::kerCorruptedMetadata);
- uint32_t count = sizeof (Jp2BoxHeader);
- char* p = (char*) boxBuf.pData_;
- bool bWroteColor = false ;
-
- while ( count < length || !bWroteColor ) {
-+ enforce(sizeof(Jp2BoxHeader) <= length - count, Exiv2::kerCorruptedMetadata);
- Jp2BoxHeader* pSubBox = (Jp2BoxHeader*) (p+count) ;
-
- // copy data. pointer could be into a memory mapped file which we will decode!
---
-2.25.1
-
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch
deleted file mode 100644
index 4afedf8..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From e6a0982f7cd9282052b6e3485a458d60629ffa0b Mon Sep 17 00:00:00 2001
-From: Kevin Backhouse <kevinbackhouse@github.com>
-Date: Fri, 23 Apr 2021 11:44:44 +0100
-Subject: [PATCH] Add bounds check in Jp2Image::doWriteMetadata().
-
----
- src/jp2image.cpp | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/jp2image.cpp b/src/jp2image.cpp
-index 1694fed27..ca8c9ddbb 100644
---- a/src/jp2image.cpp
-+++ b/src/jp2image.cpp
-@@ -908,6 +908,7 @@ static void boxes_check(size_t b,size_t m)
-
- case kJp2BoxTypeUuid:
- {
-+ enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
- if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0)
- {
- #ifdef EXIV2_DEBUG_MESSAGES
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-3482.patch b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-3482.patch
deleted file mode 100644
index e7c5e1b..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-3482.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 22ea582c6b74ada30bec3a6b15de3c3e52f2b4da Mon Sep 17 00:00:00 2001
-From: Robin Mills <robin@clanmills.com>
-Date: Mon, 5 Apr 2021 20:33:25 +0100
-Subject: [PATCH] fix_1522_jp2image_exif_asan
-
----
- src/jp2image.cpp | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/src/jp2image.cpp b/src/jp2image.cpp
-index eb31cea4a..88ab9b2d6 100644
---- a/src/jp2image.cpp
-+++ b/src/jp2image.cpp
-@@ -28,6 +28,7 @@
- #include "image.hpp"
- #include "image_int.hpp"
- #include "basicio.hpp"
-+#include "enforce.hpp"
- #include "error.hpp"
- #include "futils.hpp"
- #include "types.hpp"
-@@ -353,7 +354,7 @@ static void boxes_check(size_t b,size_t m)
- if (io_->error()) throw Error(kerFailedToReadImageData);
- if (bufRead != rawData.size_) throw Error(kerInputDataReadFailed);
-
-- if (rawData.size_ > 0)
-+ if (rawData.size_ > 8) // "II*\0long"
- {
- // Find the position of Exif header in bytes array.
- long pos = ( (rawData.pData_[0] == rawData.pData_[1])
-@@ -497,6 +498,7 @@ static void boxes_check(size_t b,size_t m)
- position = io_->tell();
- box.length = getLong((byte*)&box.length, bigEndian);
- box.type = getLong((byte*)&box.type, bigEndian);
-+ enforce(box.length <= io_->size()-io_->tell() , Exiv2::kerCorruptedMetadata);
-
- if (bPrint) {
- out << Internal::stringFormat("%8ld | %8ld | ", (size_t)(position - sizeof(box)),
-@@ -581,12 +583,13 @@ static void boxes_check(size_t b,size_t m)
- throw Error(kerInputDataReadFailed);
-
- if (bPrint) {
-- out << Internal::binaryToString(makeSlice(rawData, 0, 40));
-+ out << Internal::binaryToString(
-+ makeSlice(rawData, 0, rawData.size_>40?40:rawData.size_));
- out.flush();
- }
- lf(out, bLF);
-
-- if (bIsExif && bRecursive && rawData.size_ > 0) {
-+ if (bIsExif && bRecursive && rawData.size_ > 8) { // "II*\0long"
- if ((rawData.pData_[0] == rawData.pData_[1]) &&
- (rawData.pData_[0] == 'I' || rawData.pData_[0] == 'M')) {
- BasicIo::AutoPtr p = BasicIo::AutoPtr(new MemIo(rawData.pData_, rawData.size_));
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
deleted file mode 100644
index 1380638..0000000
--- a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ /dev/null
@@ -1,30 +0,0 @@
-SUMMARY = "Exif, Iptc and XMP metadata manipulation library and tools"
-LICENSE = "GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2"
-
-DEPENDS = "zlib expat"
-
-SRC_URI = "https://exiv2.org/releases/${BPN}-${PV}-Source.tar.gz"
-SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
-
-# Once patch is obsolete (project should be aware due to PRs), dos2unix can be removed either
-inherit dos2unix
-SRC_URI += "file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch \
- file://CVE-2021-29457.patch \
- file://CVE-2021-29458.patch \
- file://CVE-2021-29463.patch \
- file://CVE-2021-29464.patch \
- file://CVE-2021-29470.patch \
- file://CVE-2021-29473.patch \
- file://CVE-2021-3482.patch"
-
-S = "${WORKDIR}/${BPN}-${PV}-Source"
-
-inherit cmake gettext
-
-do_install:append:class-target() {
- # reproducibility: remove build host path
- sed -i ${D}${libdir}/cmake/exiv2/exiv2Config.cmake \
- -e 's:${STAGING_DIR_HOST}::g'
-}
-
diff --git a/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.6.bb b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.6.bb
new file mode 100644
index 0000000..6ccd9fb
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-support/exiv2/exiv2_0.27.6.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Exif, Iptc and XMP metadata manipulation library and tools"
+LICENSE = "GPL-2.0-only"
+LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2"
+
+DEPENDS = "zlib expat"
+
+SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz"
+SRC_URI[sha256sum] = "4c192483a1125dc59a3d70b30d30d32edace9e14adf52802d2f853abf72db8a6"
+# Once patch is obsolete (project should be aware due to PRs), dos2unix can be removed either
+# inherit dos2unix
+S = "${WORKDIR}/${BP}-Source"
+
+inherit cmake gettext
+
+do_install:append:class-target() {
+ # reproducibility: remove build host path
+ sed -i ${D}${libdir}/cmake/exiv2/exiv2Config.cmake \
+ -e 's:${STAGING_DIR_HOST}::g'
+}