subtree updates
meta-arm: 1dff3300fb..0b61cc659a:
Ross Burton (1):
meta-arm/selftest: add test that PAC/BTI instructions are used
meta-openembedded: 991e6852a5..5ad7203f68:
Alexander Kanavin (1):
fio: revert "fio: upgrade 3.32 -> 2022"
BELOUARGA Mohamed (1):
monocypher: add crypto library recipe
Dylan Turner (1):
apache2: v2.4.57 to v2.4.58 to fix CVE-2023-43622
Hongxu Jia (1):
freeradius: make sub packages to runtime depends on freeradius
Kai Kang (1):
libnma: remove conflict xml file
Khem Raj (12):
nlohmann-json: Fix SRCREV_FORMAT and do not package git metadata into ptests
ptest-packagelists-meta-oe.inc: Move poco to slow tests
sdbus-c++-libsystemd: Upgrade to 254
sdbus-c++-tools: Upgrade to 1.4.0
gstd: Fix systemd user unit packaging
basu: Update to latest master
sdbus-c++: Install ptests into PTEST_PATH
liblognorm:Add asprintf to autoconf function check macro
gnome-console,gnome-terminal: Depend on vte from core layer
Revert "gnome-terminal: Remove recommendation on vte-prompt"
vte9: Drop recipe
basu: Update the SRCREV to get lld fix
Luca Fancellu (1):
linuxptp: Update downstream patches
Markus Volk (9):
libcacard: fix version string in libcacard.pc
cups-filters: fix Makefile race condition
system-config-printer: Add packageconfig for polkit
pipewire: upgrade 0.3.85 > 1.0.0
libcacard: set meson version based on PV
spice: Set meson version based on PV
spice-gtk: Set meson version based on PV
libdecor: update 0.2.0 -> 0.2.1
xdg-desktop-portal-gnome: upgrade 45.0 -> 45.1
Naveen Saini (2):
tbb: upgrade 2021.9.0 -> 2021.11.0
tbb: enable NUMA/Hybrid CPU support
Patrick Wicki (6):
squid: update from v5.7 to v6.5
squid: add nm dispatcher reload hook
squid: add auth packageconfig
squid: move configs to sub package
squid: add url-rewrite-helpers packageconfig
squid: add systemd service
Patrick Williams (1):
glog: Disable 64bit atomics on armv{5,6}
Peter Kjellerstedt (1):
redis: Inherit pkgconfig
Ross Burton (1):
python3-validators: add new recipe
Wang Mingyu (26):
ctags: upgrade 6.0.20231119.0 -> 6.0.20231126.0
dnfdragora: upgrade 2.1.4 -> 2.1.5
gensio: upgrade 2.7.7 -> 2.8.0
frr: upgrade 9.0.1 -> 9.1
capnproto: upgrade 1.0.1 -> 1.0.1.1
libbpf: upgrade 1.2.2 -> 1.3.0
paho-mqtt-cpp: upgrade 1.2.0 -> 1.3.1
tomoyo-tools: upgrade 2.5.0 -> 2.6.1
python3-aiohttp: upgrade 3.9.0 -> 3.9.1
python3-bitstring: upgrade 4.1.2 -> 4.1.3
python3-dbus-fast: upgrade 2.14.0 -> 2.15.0
python3-humanize: upgrade 4.8.0 -> 4.9.0
python3-ipython: upgrade 8.17.2 -> 8.18.0
python3-mypy: upgrade 1.7.0 -> 1.7.1
python3-pdm: upgrade 2.10.3 -> 2.10.4
python3-pexpect: upgrade 4.8.0 -> 4.9.0
python3-pychromecast: upgrade 13.0.7 -> 13.0.8
python3-pydantic: upgrade 2.5.1 -> 2.5.2
python3-pymisp: upgrade 2.4.178 -> 2.4.179
python3-pytest-xdist: upgrade 3.4.0 -> 3.5.0
python3-sentry-sdk: upgrade 1.35.0 -> 1.37.1
python3-types-setuptools: upgrade 68.2.0.1 -> 68.2.0.2
python3-virtualenv: upgrade 20.24.6 -> 20.24.7
redis: upgrade 7.2.2 -> 7.2.3
ser2net: upgrade 4.5.1 -> 4.6.0
thingsboard-gateway: upgrade 3.4.2 -> 3.4.3.1
alperak (12):
squashfs-tools-ng: upgrade 1.1.4 -> 1.2.0
tmate: Fix finding msgpack 6+
msgpack-c: upgrade 4.0.0 -> 6.0.0
msgpack-cpp: upgrade 4.1.1 -> 6.1.0
brotli: upgrade 1.0.9 -> 1.1.0
icewm: upgrade 2.9.9 -> 3.4.4
iotop: upgrade 1.21 -> 1.25
liblognorm: upgrade 1.0.1 -> 2.0.6
libmodbus: upgrade 3.1.7 -> 3.1.10
libpwquality: upgrade 1.4.4 -> 1.4.5
libspiro: upgrade 20200505 -> 20221101
gtkwave: upgrade 3.3.111 -> 3.3.117
poky: 2696bf8cf3..028b6f6226:
Adrian Freihofer (1):
cmake-qemu.bbclass: support qemu for cmake
Alassane Yattara (9):
bitbake: toaster/tests: Update methods wait_until_~ to skip using time.sleep
bitbake: toaster/tests: Override table edit columns TestCase from image recipe page
bitbake: toaster/tests: Test software recipe page
bitbake: toaster/tests: Added Machine page TestCase
bitbake: toaster/tests: Added Layers page TestCase
bitbake: toaster/tests: Added distro page TestCase
bitbake: toaster/tests: Bug-fix on tests/functional/test_project_page
bitbake: toaster/tests: Test single layer page
bitbake: toaster/tests: Test single recipe page
Alex Kiernan (4):
rust: Delete python2 configparser code path
rust: Drop TARGET_VENDOR export
eudev: Upgrade 3.2.12 -> 3.2.14
rust: Drop targets and hosts override magic
Alexander Kanavin (15):
python3-pyproject-hooks: fix upstream version check
cmake: upgrade 3.27.5 -> 3.27.7
desktop-file-utils: upgrade 0.26 -> 0.27
erofs-utils: upgrade 1.6 -> 1.7.1
webkitgtk: update 2.40.5 -> 2.42.2
epiphany: upgrade 44.6 -> 45.1
virglrenderer: upgrade 0.10.4 -> 1.0.0
libxkbcommon: upgrade 1.5.0 -> 1.6.0
mpg123: upgrade 1.31.3 -> 1.32.3
icu: upgrade 73-2 -> 74-1
p11-kit: upgrade 0.25.0 -> 0.25.2
glib-2.0: install gio-querymodules into bindir as well as libexecdir for native
meson: update 1.2.2 -> 1.3.0
repo: update 2.37 -> 2.39
rt-tests: update 2.5 -> 2.6
Bruce Ashfield (1):
lttng-modules: fix build for v6.7+
Changhyeok Bae (1):
iptables: upgrade 1.8.9 -> 1.8.10
Charlie Johnston (2):
bitbake.conf: Add gsutil as hosttool for gcp fetcher.
bitbake: fetch2: Ensure GCP fetcher checks if file exists before download.
Jan Vermaete (1):
systemd: fixed typo
Joao Marcos Costa (1):
documentation.conf: fix do_menuconfig description
Joshua Watt (2):
bitbake: bitbake-hashclient: Add commands to get hashes
bitbake: hashserv: sqlite: Ensure sync propagates to database connections
Julien Stephan (6):
devtool: fix update-recipe dry-run mode
lib/oe/recipeutils.py: remove trailing white-spaces
devtool: finish/update-recipe: restrict mode srcrev to recipes fetched from SCM
devtool: tag all submodules
devtool: add support for git submodules
oeqa/selftest/devtool: add test for git submodules
Justin Bronder (1):
contributor-guide: add License-Update tag
Kareem Zarka (2):
wic: bootimg-efi: Make kernel image installation configurable
oeqa/selftest/wic: Add tests for kernel image installation
Khem Raj (8):
shared-mime-info: Fix build with clang-17+
libsoup-2.4: Fix build with clang-17 and libxml2-2.12
busybox: Enable utmp support on musl systems
virglrenderer: Fix build with clang
llvm: Upgrade to 17.0.6
rust-common.bbclass: Define rust arch for x32 platforms
vte: Upgrade to 0.74.1
vte: Separate out gtk4 pieces of vte into individual packages
Lee Chee Yang (3):
wic: add test for partition hidden attributes
migration-guides: add release notes for 4.3.1
openssl: upgrade to 3.2.0
Malte Schmidt (1):
wic: rawcopy: add support for zstd decompression
Marco Felsch (1):
json-c: fix icecc compilation
Markus Volk (3):
bluez5: fix connection for ps5/dualshock controllers
cups: Add root,sys,wheel to system groups
vte: upgrade 0.72.2 -> 0.74.0
Martin Hundeb?ll (1):
libpam: split /etc/environment into pam-plugin-env package
Matsunaga-Shinji (1):
cve-check: Modify judgment processing using "=" in version comparison
Michael Opdenacker (4):
systemd-compat-units.bb: fix postinstall script
dev-manual: layers: update link to YP Compatible form
contributor-guide: fix command option
migration-guides: release 3.5 is actually 4.0
Niko Mauno (1):
rust-llvm: Allow overriding LLVM target archs
Patrick Williams (1):
shared-mime-info-native: handle old GCC for AlmaLinux8
Peter Marko (2):
cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
cve-update-nvd2-native: make number of fetch attemtps configurable
Richard Haar (1):
bitbake: bitbake: tests: Fix duplicate test_underscore_override test
Richard Purdie (2):
bitbake: ui/ncurses: Add missing function call to avoid traceback
bitbake: cooker: Avoid eventlog variable listing lockups
Robert Yang (2):
gnu-config: Update to latest revision
gettext: Upgrade 0.22 -> 0.22.3
Ross Burton (3):
core-image-minimal-initramfs: don't install a kernel into the initramfs
autoconf: upgrade to 2.72d
Revert "cve-check: Modify judgment processing using "=" in version comparison"
Sundeep KOKKONDA (3):
rust: Split rustdoc into a separate package
glibc: stable 2.38 branch updates
binutils: stable 2.41 branch updates
Tim Orling (8):
python3-sphinxcontrib-applehelp: 1.0.4 -> 1.0.7
python3-sphinxcontrib-devhelp: 1.0.2 -> 1.0.5
python3-sphinxcontrib-htmlhelp: 2.0.1 -> 2.0.4
python3-sphinxcontrib-qthelp: 1.0.3 -> 1.0.6
python3-sphinxcontrib-serializinghtml: 1.1.5 -> 1.1.9
vim: upgrade 9.0.2068 -> 9.0.2130
python3-cryptography-vectors: add RECIPE_NO_UPDATE_REASON
python3-cryptography{-vectors}: 41.0.5 -> 41.0.7
Trevor Gamblin (2):
python3-ptest: skip test_storlines
patchtest: shorten patch signed-off-by test output
Viswanath Kraleti (1):
systemd-boot: Fix build issues on armv7a-linux
Wang Mingyu (27):
bind: upgrade 9.18.19 -> 9.18.20
diffoscope: upgrade 251 -> 252
ell: upgrade 0.59 -> 0.60
git: upgrade 2.42.1 -> 2.43.0
gnutls: upgrade 3.8.1 -> 3.8.2
libdrm: upgrade 2.4.117 -> 2.4.118
libgcrypt: upgrade 1.10.2 -> 1.10.3
libksba: upgrade 1.6.4 -> 1.6.5
libxslt: upgrade 1.1.38 -> 1.1.39
log4cplus: upgrade 2.1.0 -> 2.1.1
python3-certifi: upgrade 2023.7.22 -> 2023.11.17
python3-setuptools: upgrade 68.2.2 -> 69.0.2
python3-wcwidth: upgrade 0.2.9 -> 0.2.11
python3-hypothesis: upgrade 6.89.0 -> 6.90.0
python3-pyasn1: upgrade 0.5.0 -> 0.5.1
python3-scons: upgrade 4.5.2 -> 4.6.0
python3-urllib3: upgrade 2.0.7 -> 2.1.0
ethtool: upgrade 6.5 -> 6.6
gi-docgen: upgrade 2023.1 -> 2023.3
init-system-helpers: upgrade 1.65.2 -> 1.66
libsolv: upgrade 0.7.26 -> 0.7.27
python3-idna: upgrade 3.4 -> 3.6
ofono: upgrade 2.1 -> 2.2
python3-sphinx-rtd-theme: upgrade 1.3.0 -> 2.0.0
python3-trove-classifiers: upgrade 2023.11.14 -> 2023.11.22
python3-wheel: upgrade 0.41.3 -> 0.42.0
resolvconf: upgrade 1.91 -> 1.92
Xiangyu Chen (2):
shadow: Fix for CVE-2023-4641
bash: changes to SIGINT handler while waiting for a child
Zahir Hussain (1):
cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES
meta-raspberrypi: 8231f97534..fde68b24f0:
Lorenzo Arena (1):
docs: fix syntax for overriding fs type for initramfs image
Change-Id: Idc6f6b1e913442bae03dfec9f207924c56f31056
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb b/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb
similarity index 70%
rename from poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb
rename to poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb
index 5a89e4b..a23cb33 100644
--- a/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.6.bb
+++ b/poky/meta/recipes-devtools/erofs-utils/erofs-utils_1.7.1.bb
@@ -5,11 +5,8 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=73001d804ea1e3d84365f652242cca20"
HOMEPAGE = "https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/tree/README"
-SRCREV = "21710612d35cd952490959bfa6ea9fe87aaa52dd"
-SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git;branch=master;protocol=https \
- file://0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch \
- file://0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch \
-"
+SRCREV = "83d94dc619075e71ca4d0f42941cfc18d269a2af"
+SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git;branch=master;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>(\d+(\.\d+)+))"
@@ -19,8 +16,9 @@
inherit pkgconfig autotools
-PACKAGECONFIG ??= "lz4"
+PACKAGECONFIG ??= "lz4 zlib"
PACKAGECONFIG[lz4] = "--enable-lz4,--disable-lz4,lz4"
+PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib"
EXTRA_OECONF = "${PACKAGECONFIG_CONFARGS} --disable-fuse"
diff --git a/poky/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch b/poky/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch
deleted file mode 100644
index 52f475d..0000000
--- a/poky/meta/recipes-devtools/erofs-utils/files/0001-erofs-utils-fsck-don-t-allocate-read-too-large-exten.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-From c769805c79d5acede65d96e5786aa5ebb46c01e0 Mon Sep 17 00:00:00 2001
-From: Gao Xiang <hsiangkao@linux.alibaba.com>
-Date: Fri, 2 Jun 2023 11:05:19 +0800
-Subject: [PATCH 1/2] erofs-utils: fsck: don't allocate/read too large extents
-
-Since some crafted EROFS filesystem images could have insane large
-extents, which causes unexpected bahaviors when extracting data.
-
-Fix it by extracting large extents with a buffer of a reasonable
-maximum size limit and reading multiple times instead.
-
-Note that only `--extract` option is impacted.
-
-CVE: CVE-2023-33552
-Closes: https://nvd.nist.gov/vuln/detail/CVE-2023-33552
-Reported-by: Chaoming Yang <lometsj@live.com>
-Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X")
-Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
-Link: https://lore.kernel.org/r/20230602030519.117071-1-hsiangkao@linux.alibaba.com
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- fsck/main.c | 63 +++++++++++++++++++++++++++++++++++++++++------------
- 1 file changed, 49 insertions(+), 14 deletions(-)
-
-diff --git a/fsck/main.c b/fsck/main.c
-index 6b42252..6689ad8 100644
---- a/fsck/main.c
-+++ b/fsck/main.c
-@@ -392,6 +392,8 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd)
- }
-
- while (pos < inode->i_size) {
-+ unsigned int alloc_rawsize;
-+
- map.m_la = pos;
- if (compressed)
- ret = z_erofs_map_blocks_iter(inode, &map,
-@@ -420,10 +422,28 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd)
- if (!(map.m_flags & EROFS_MAP_MAPPED) || !fsckcfg.check_decomp)
- continue;
-
-- if (map.m_plen > raw_size) {
-- raw_size = map.m_plen;
-- raw = realloc(raw, raw_size);
-- BUG_ON(!raw);
-+ if (map.m_plen > Z_EROFS_PCLUSTER_MAX_SIZE) {
-+ if (compressed) {
-+ erofs_err("invalid pcluster size %" PRIu64 " @ offset %" PRIu64 " of nid %" PRIu64,
-+ map.m_plen, map.m_la,
-+ inode->nid | 0ULL);
-+ ret = -EFSCORRUPTED;
-+ goto out;
-+ }
-+ alloc_rawsize = Z_EROFS_PCLUSTER_MAX_SIZE;
-+ } else {
-+ alloc_rawsize = map.m_plen;
-+ }
-+
-+ if (alloc_rawsize > raw_size) {
-+ char *newraw = realloc(raw, alloc_rawsize);
-+
-+ if (!newraw) {
-+ ret = -ENOMEM;
-+ goto out;
-+ }
-+ raw = newraw;
-+ raw_size = alloc_rawsize;
- }
-
- if (compressed) {
-@@ -434,18 +454,27 @@ static int erofs_verify_inode_data(struct erofs_inode *inode, int outfd)
- }
- ret = z_erofs_read_one_data(inode, &map, raw, buffer,
- 0, map.m_llen, false);
-+ if (ret)
-+ goto out;
-+
-+ if (outfd >= 0 && write(outfd, buffer, map.m_llen) < 0)
-+ goto fail_eio;
- } else {
-- ret = erofs_read_one_data(&map, raw, 0, map.m_plen);
-- }
-- if (ret)
-- goto out;
-+ u64 p = 0;
-
-- if (outfd >= 0 && write(outfd, compressed ? buffer : raw,
-- map.m_llen) < 0) {
-- erofs_err("I/O error occurred when verifying data chunk @ nid %llu",
-- inode->nid | 0ULL);
-- ret = -EIO;
-- goto out;
-+ do {
-+ u64 count = min_t(u64, alloc_rawsize,
-+ map.m_llen);
-+
-+ ret = erofs_read_one_data(&map, raw, p, count);
-+ if (ret)
-+ goto out;
-+
-+ if (outfd >= 0 && write(outfd, raw, count) < 0)
-+ goto fail_eio;
-+ map.m_llen -= count;
-+ p += count;
-+ } while (map.m_llen);
- }
- }
-
-@@ -460,6 +489,12 @@ out:
- if (buffer)
- free(buffer);
- return ret < 0 ? ret : 0;
-+
-+fail_eio:
-+ erofs_err("I/O error occurred when verifying data chunk @ nid %llu",
-+ inode->nid | 0ULL);
-+ ret = -EIO;
-+ goto out;
- }
-
- static inline int erofs_extract_dir(struct erofs_inode *inode)
---
-2.34.1
-
diff --git a/poky/meta/recipes-devtools/erofs-utils/files/0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch b/poky/meta/recipes-devtools/erofs-utils/files/0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch
deleted file mode 100644
index f2f1e34..0000000
--- a/poky/meta/recipes-devtools/erofs-utils/files/0002-erofs-utils-fsck-block-insane-long-paths-when-extrac.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From 6cebfbb79b1d5d8feb48801e1008eea5bfa8b599 Mon Sep 17 00:00:00 2001
-From: Gao Xiang <hsiangkao@linux.alibaba.com>
-Date: Fri, 2 Jun 2023 13:52:56 +0800
-Subject: [PATCH 2/2] erofs-utils: fsck: block insane long paths when
- extracting images
-
-Since some crafted EROFS filesystem images could have insane deep
-hierarchy (or may form directory loops) which triggers the
-PATH_MAX-sized path buffer OR stack overflow.
-
-Actually some crafted images cannot be deemed as real corrupted
-images but over-PATH_MAX paths are not something that we'd like to
-support for now.
-
-CVE: CVE-2023-33551
-Closes: https://nvd.nist.gov/vuln/detail/CVE-2023-33551
-Reported-by: Chaoming Yang <lometsj@live.com>
-Fixes: f44043561491 ("erofs-utils: introduce fsck.erofs")
-Fixes: b11f84f593f9 ("erofs-utils: fsck: convert to use erofs_iterate_dir()")
-Fixes: 412c8f908132 ("erofs-utils: fsck: add --extract=X support to extract to path X")
-Signeo-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
-Link: https://lore.kernel.org/r/20230602055256.18061-1-hsiangkao@linux.alibaba.com
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- fsck/main.c | 23 +++++++++++++++--------
- 1 file changed, 15 insertions(+), 8 deletions(-)
-
-diff --git a/fsck/main.c b/fsck/main.c
-index 6689ad8..28d95ec 100644
---- a/fsck/main.c
-+++ b/fsck/main.c
-@@ -680,28 +680,35 @@ again:
- static int erofsfsck_dirent_iter(struct erofs_dir_context *ctx)
- {
- int ret;
-- size_t prev_pos = fsckcfg.extract_pos;
-+ size_t prev_pos, curr_pos;
-
- if (ctx->dot_dotdot)
- return 0;
-
-- if (fsckcfg.extract_path) {
-- size_t curr_pos = prev_pos;
-+ prev_pos = fsckcfg.extract_pos;
-+ curr_pos = prev_pos;
-+
-+ if (prev_pos + ctx->de_namelen >= PATH_MAX) {
-+ erofs_err("unable to fsck since the path is too long (%u)",
-+ curr_pos + ctx->de_namelen);
-+ return -EOPNOTSUPP;
-+ }
-
-+ if (fsckcfg.extract_path) {
- fsckcfg.extract_path[curr_pos++] = '/';
- strncpy(fsckcfg.extract_path + curr_pos, ctx->dname,
- ctx->de_namelen);
- curr_pos += ctx->de_namelen;
- fsckcfg.extract_path[curr_pos] = '\0';
-- fsckcfg.extract_pos = curr_pos;
-+ } else {
-+ curr_pos += ctx->de_namelen;
- }
--
-+ fsckcfg.extract_pos = curr_pos;
- ret = erofsfsck_check_inode(ctx->dir->nid, ctx->de_nid);
-
-- if (fsckcfg.extract_path) {
-+ if (fsckcfg.extract_path)
- fsckcfg.extract_path[prev_pos] = '\0';
-- fsckcfg.extract_pos = prev_pos;
-- }
-+ fsckcfg.extract_pos = prev_pos;
- return ret;
- }
-
---
-2.34.1
-