subtree updates
meta-openembedded: 4dbbef7a39..9953ca1ac0:
Andreas Cord-Landwehr (1):
freerdp: provide cmake integration
BELOUARGA Mohamed (1):
Monocypher: Correct source URI and license
Clément Péron (2):
abseil-cpp: rename recipe to follow the version
protobuf: upgrade 4.23.4 -> 4.25.2
Fabio Estevam (1):
v4l-utils: Remove unneeded musl patch
Gassner, Tobias.ext (1):
softhsm_2.6.1.bb fixing p11-kit module path, adding softhsm2.module to FILES
Gianfranco Costamagna (1):
vbxguestdrivers: upgrade 7.0.12 -> 7.0.14
Khem Raj (4):
Revert "rng-tools: move from oe-core to meta-oe"
python3-pillow: Correct branch parameter in SRC_URI
python3-multidict: Make it work with python 3.12
python3-multidict: Fix running ptests
Markus Volk (6):
eog: update 45.1 -> 45.2
file-roller: update 43.0 -> 43.1
gvfs: update 1.52.1 -> 1.52.2
gjs: update 1.78.1 -> 1.78.2
mozjs: update 115.2.0 -> 115.6.0
pipewire: update 1.0.0 -> 1.0.1
Michael Haener (1):
nginx: add http sub module feature
Pablo Saavedra (1):
libbacktrace: fix sdk installation
Peter Marko (2):
protobuf-c: change branch to master
srecord: fix malformed patch upstream status
Ross Burton (1):
mozjs-115: fix the build on ARMv5
Yi Zhao (1):
samba: upgrade 4.19.3 -> 4.19.4
Yoann Congal (3):
packagegroup-meta-oe: remove mongodb
python3-coverage: add native and nativesdk BBCLASSEXTEND
python3-pytest-cov: Add missing python3-pytest RDEPENDS
alperak (8):
fmt: upgrade 10.1.1 -> 10.2.1
gerbera: upgrade 1.12.1 -> 2.0.0
spdlog: upgrade 1.12 -> 1.13
libebml: upgrade 1.4.4 -> 1.4.5
lcms: upgrade 2.15 -> 2.16
libkcapi: upgrade 1.4.0 -> 1.5.0
icewm: upgrade 3.4.4 -> 3.4.5
libreport: upgrade 2.17.8 -> 2.17.11
meta-raspberrypi: b859bc3eca..9c901bf170:
Damiano Ferrari (2):
rpi-config: Add CAN0_INTERRUPT_PIN and CAN1_INTERRUPT_PIN variable
docs: add info on how to set different CAN interrupt pins
Florin Sarbu (1):
Add Raspberry Pi 5
Leon Anavi (7):
rpi-base.inc: Add vc4-kms-v3d-pi5.dtbo
u-boot_%.bbappend: Skip for Raspberry Pi 5
rpi-config: Reduce config.txt size
linux-raspberrypi.inc: bcm2712_defconfig for rpi5
conf/machine/raspberrypi5.conf: kernel_2712.img
conf/machine/raspberrypi5.conf: ttyAMA10
conf/machine/raspberrypi5.conf: Use "Image"
poky: 7af374c90c..348d9aba33:
Alejandro Hernandez Samaniego (1):
newlib: Upgrade 4.3.0 -> 4.4.0
Alexander Kanavin (1):
shadow: replace static linking with dynamic libraries in a custom location and bundled with shadow
Anuj Mittal (4):
bluez5: upgrade 5.71 -> 5.72
cronie: upgrade 1.7.0 -> 1.7.1
libpsl: upgrade 0.21.2 -> 0.21.5
grub2: upgrade 2.06 -> 2.12
Bruce Ashfield (12):
linux-yocto/6.6: update to v6.6.11
linux-yocto/6.6: update CVE exclusions
linux-yocto/6.1: update to v6.1.72
linux-yocto/6.1: update CVE exclusions
linux-yocto/6.6: cfg: arm: introduce page size fragments
linux-yocto/6.6: security/cfg: add configs to harden protection
linux-yocto/6.1: security/cfg: add configs to harden protection
linux-yocto/6.6: update to v6.6.12
linux-yocto/6.6: update CVE exclusions
linux-yocto/6.1: update to v6.1.73
linux-yocto/6.1: update CVE exclusions
linux-yocto/6.1: drop recipes
Chen Qi (5):
oeqa/selftest: add test case to cover 'devtool modify -n' for a git recipe
systemd: refresh musl patches for v255.1
systemd: upgrade to 255.1
systemd-boot: upgrade to 255.1
rootfs-postcommands.bbclass: ignore comment mismatch in systemd_user_check
Etienne Cordonnier (1):
cmake.bbclass: add Darwin support
Fabio Estevam (2):
weston: Update to 13.0.0
pulseaudio: Update to 17.0
Jiang Kai (4):
debianutils: upgrade 5.15 -> 5.16
enchant2: upgrade 2.6.4 -> 2.6.5
libsecret: upgrade 0.21.1 -> 0.21.2
libxrandr: upgrade 1.5.3 -> 1.5.4
Joe Slater (1):
eudev: modify predictable network if name search
Jonathan GUILLOT (1):
udev-extraconf: fix unmount directories containing octal-escaped chars
Julien Stephan (3):
externalsrc: fix task dependency for do_populate_lic
devtool: modify: add support for multiple source in SRC_URI
oeqa/selftest/devtool: add test for recipes with multiple sources in SRC_URI
Kai Kang (2):
nativesdk-cairo: fix build error
p11-kit: fix parallel build failures
Kevin Hao (2):
yocto-bsp: Bump the default kernel to v6.6
yocto-bsp: Drop the support for v6.1 kernel
Khem Raj (4):
libgudev: Pass export-dynamic to linker directly.
coreutils: Fix build with clang
glibc: Do not enable CET on 32bit x86
rust: Re-write RPATHs in the copies llvm-config
Pavel Zhukov (1):
mdadm: Disable ptests
Peter Marko (1):
zlib: ignore CVE-2023-6992
Richard Purdie (7):
qemu: add PACKAGECONFIG for sndio
poky-altcfg: Update PREFERRED_VERSION for kerenl
xev: Drop diet libx11 related patch
libxcomposite: Drop obsolete patch
python3-subunit: Add missing module dependency
qemu: Upgrade 8.1.2 -> 8.2.0
qemu: Fix segfaults in webkitgtk:do_compile on debian11
Robert Yang (1):
autoconf: 2.72d -> 2.72e
Ross Burton (7):
cve_check: handle CVE_STATUS being set to the empty string
cve_check: cleanup logging
xserver-xorg: add PACKAGECONFIG for xvfb
xserver-xorg: disable xvfb by default
libssh2: backport fix for CVE-2023-48795
bitbake: bitbake: Version bump for inherit_defer addition
sanity: require bitbake 2.7.2 for the inherit_defer statement
Ryan Eatmon (1):
python3-yamllint: Add recipe
Simone Weiß (2):
tune-core2: Update qemu cpu to supported model
gcc: Update status of CVE-2023-4039
Thomas Perrot (1):
opensbi: bump to 1.4
Timotheus Giuliani (1):
linux-firmware: fix mediatek MT76x empty license package
Vincent Davis Jr (1):
shaderc: update commit hash to v2023.7
Wang Mingyu (2):
python3-subunit: upgrade 1.4.2 -> 1.4.4
libtest-warnings-perl: upgrade 0.031 -> 0.032
William Hauser (1):
native.bbclass: base_libdir unique from libdir
William Lyu (1):
perl: Fix perl-module-* being ignored via COMPLEMENTARY_GLOB
Yash Shinde (7):
rust: Fetch cargo from rust-snapshot dir.
rust: detect user-specified custom targets in compiletest
rust: Enable RUSTC_BOOTSTRAP to use nightly features during rust oe-selftest.
rust: Fix assertion failure error on oe-selftest
rust: Add new tests in the exclude list for rust oe-selftest
rust: Remove the test cases whose parent dir is also present in the exclude list
rust: Enable rust oe-selftest.
Yogita Urade (1):
tiff: fix CVE-2023-6228
meta-arm: 1cad3c3813..6bb1fc8d8c:
Harsimran Singh Tungal (1):
n1sdp:arm-bsp/optee: Update optee to v4.0
Ross Burton (1):
arm-bsp/linux-yocto: add 6.1 recipe
Change-Id: Ib4cc4e128e4d41f3329cf83a0d5e8539ef07ebe3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/poky/bitbake/bin/bitbake b/poky/bitbake/bin/bitbake
index abf7de2..1055635 100755
--- a/poky/bitbake/bin/bitbake
+++ b/poky/bitbake/bin/bitbake
@@ -27,7 +27,7 @@
bb.utils.check_system_locale()
-__version__ = "2.7.1"
+__version__ = "2.7.2"
if __name__ == "__main__":
if __version__ != bb.__version__:
diff --git a/poky/bitbake/lib/bb/__init__.py b/poky/bitbake/lib/bb/__init__.py
index 019ab19..5e22d34 100644
--- a/poky/bitbake/lib/bb/__init__.py
+++ b/poky/bitbake/lib/bb/__init__.py
@@ -9,7 +9,7 @@
# SPDX-License-Identifier: GPL-2.0-only
#
-__version__ = "2.7.1"
+__version__ = "2.7.2"
import sys
if sys.version_info < (3, 8, 0):
diff --git a/poky/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc b/poky/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
index 4c1eb55..3e10251 100644
--- a/poky/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
+++ b/poky/meta-poky/conf/distro/include/poky-distro-alt-test-config.inc
@@ -1,8 +1,8 @@
# Add extra DISTRO_FEATUREs
DISTRO_FEATURES:append = " pam usrmerge"
-# Use the LTSI Kernel
-PREFERRED_VERSION_linux-yocto = "6.1%"
+# Use our alternate kernel version
+PREFERRED_VERSION_linux-yocto = "6.6%"
# Ensure the kernel nfs server is enabled
KERNEL_FEATURES:append:pn-linux-yocto = " features/nfsd/nfsd-enable.scc"
diff --git a/poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf b/poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
index 06a49f4..459c83f 100644
--- a/poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
+++ b/poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
@@ -20,10 +20,11 @@
SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyO0 115200;ttyAMA0"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-PREFERRED_VERSION_linux-yocto ?= "6.1%"
+PREFERRED_VERSION_linux-yocto ?= "6.6%"
KERNEL_IMAGETYPE = "zImage"
-KERNEL_DEVICETREE = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
+DTB_FILES = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
+KERNEL_DEVICETREE = '${@' '.join('ti/omap/%s' % d for d in '${DTB_FILES}'.split())}'
PREFERRED_PROVIDER_virtual/bootloader ?= "u-boot"
@@ -33,7 +34,7 @@
MACHINE_FEATURES = "usbgadget usbhost vfat alsa"
-IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${KERNEL_DEVICETREE}"
+IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${DTB_FILES}"
# support runqemu
EXTRA_IMAGEDEPENDS += "qemu-native qemu-helper-native"
diff --git a/poky/meta-yocto-bsp/conf/machine/include/genericx86-common.inc b/poky/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
index 24d427a..50a233d 100644
--- a/poky/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
+++ b/poky/meta-yocto-bsp/conf/machine/include/genericx86-common.inc
@@ -2,7 +2,7 @@
require conf/machine/include/x86/qemuboot-x86.inc
MACHINE_FEATURES += "wifi efi pcbios"
-PREFERRED_VERSION_linux-yocto ?= "6.1%"
+PREFERRED_VERSION_linux-yocto ?= "6.6%"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg"
XSERVER ?= "${XSERVER_X86_BASE} \
diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.1.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.1.bbappend
deleted file mode 100644
index ed2b18a..0000000
--- a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.1.bbappend
+++ /dev/null
@@ -1,19 +0,0 @@
-KBRANCH:genericx86 = "v6.1/standard/base"
-KBRANCH:genericx86-64 = "v6.1/standard/base"
-KBRANCH:beaglebone-yocto = "v6.1/standard/beaglebone"
-
-KMACHINE:genericx86 ?= "common-pc"
-KMACHINE:genericx86-64 ?= "common-pc-64"
-KMACHINE:beaglebone-yocto ?= "beaglebone"
-
-SRCREV_machine:genericx86 ?= "6ec439b4b456ce929c4c07fe457b5d6a4b468e86"
-SRCREV_machine:genericx86-64 ?= "6ec439b4b456ce929c4c07fe457b5d6a4b468e86"
-SRCREV_machine:beaglebone-yocto ?= "423e1996694b61fbfc8ec3bf062fc6461d64fde1"
-
-COMPATIBLE_MACHINE:genericx86 = "genericx86"
-COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
-COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"
-
-LINUX_VERSION:genericx86 = "6.1.30"
-LINUX_VERSION:genericx86-64 = "6.1.30"
-LINUX_VERSION:beaglebone-yocto = "6.1.20"
diff --git a/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.6.bbappend b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.6.bbappend
new file mode 100644
index 0000000..49eed16
--- /dev/null
+++ b/poky/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_6.6.bbappend
@@ -0,0 +1,19 @@
+KBRANCH:genericx86 = "v6.6/standard/base"
+KBRANCH:genericx86-64 = "v6.6/standard/base"
+KBRANCH:beaglebone-yocto = "v6.6/standard/beaglebone"
+
+KMACHINE:genericx86 ?= "common-pc"
+KMACHINE:genericx86-64 ?= "common-pc-64"
+KMACHINE:beaglebone-yocto ?= "beaglebone"
+
+SRCREV_machine:genericx86 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:genericx86-64 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:beaglebone-yocto ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+
+COMPATIBLE_MACHINE:genericx86 = "genericx86"
+COMPATIBLE_MACHINE:genericx86-64 = "genericx86-64"
+COMPATIBLE_MACHINE:beaglebone-yocto = "beaglebone-yocto"
+
+LINUX_VERSION:genericx86 = "6.6.12"
+LINUX_VERSION:genericx86-64 = "6.6.12"
+LINUX_VERSION:beaglebone-yocto = "6.6.12"
diff --git a/poky/meta/classes-recipe/cmake.bbclass b/poky/meta/classes-recipe/cmake.bbclass
index d978b88..1e353f6 100644
--- a/poky/meta/classes-recipe/cmake.bbclass
+++ b/poky/meta/classes-recipe/cmake.bbclass
@@ -72,6 +72,8 @@
OECMAKE_TARGET_INSTALL ?= "install"
def map_host_os_to_system_name(host_os):
+ if host_os.startswith('darwin'):
+ return 'Darwin'
if host_os.startswith('mingw'):
return 'Windows'
if host_os.startswith('linux'):
diff --git a/poky/meta/classes-recipe/native.bbclass b/poky/meta/classes-recipe/native.bbclass
index cfd299d..84a3ec6 100644
--- a/poky/meta/classes-recipe/native.bbclass
+++ b/poky/meta/classes-recipe/native.bbclass
@@ -77,7 +77,7 @@
bindir = "${STAGING_BINDIR_NATIVE}"
sbindir = "${STAGING_SBINDIR_NATIVE}"
-base_libdir = "${STAGING_LIBDIR_NATIVE}"
+base_libdir = "${STAGING_BASE_LIBDIR_NATIVE}"
libdir = "${STAGING_LIBDIR_NATIVE}"
includedir = "${STAGING_INCDIR_NATIVE}"
sysconfdir = "${STAGING_ETCDIR_NATIVE}"
diff --git a/poky/meta/classes-recipe/rootfs-postcommands.bbclass b/poky/meta/classes-recipe/rootfs-postcommands.bbclass
index 163c7f4..3d05ff3 100644
--- a/poky/meta/classes-recipe/rootfs-postcommands.bbclass
+++ b/poky/meta/classes-recipe/rootfs-postcommands.bbclass
@@ -106,12 +106,11 @@
# user and e_user must not have None values. Unset values must be '-'.
(name, uid, gid, comment, homedir, ushell) = user
(e_name, e_uid, e_gid, e_comment, e_homedir, e_ushell) = e_user
- # Ignore 'uid', 'gid' or 'comment' if they are not set
+ # Ignore 'uid', 'gid' or 'homedir' if they are not set
# Ignore 'shell' and 'ushell' if one is not set
return name == e_name \
and (uid == '-' or uid == e_uid) \
and (gid == '-' or gid == e_gid) \
- and (comment == '-' or e_comment == '-' or comment.lower() == e_comment.lower()) \
and (homedir == '-' or e_homedir == '-' or homedir == e_homedir) \
and (ushell == '-' or e_ushell == '-' or ushell == e_ushell)
diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass
index a54f316..70e27a8 100644
--- a/poky/meta/classes/externalsrc.bbclass
+++ b/poky/meta/classes/externalsrc.bbclass
@@ -104,6 +104,7 @@
# If we deltask do_patch, there's no dependency to ensure do_unpack gets run, so add one
# Note that we cannot use d.appendVarFlag() here because deps is expected to be a list object, not a string
d.setVarFlag('do_configure', 'deps', (d.getVarFlag('do_configure', 'deps', False) or []) + ['do_unpack'])
+ d.setVarFlag('do_populate_lic', 'deps', (d.getVarFlag('do_populate_lic', 'deps', False) or []) + ['do_unpack'])
for task in d.getVar("SRCTREECOVEREDTASKS").split():
if local_srcuri and task in fetch_tasks:
diff --git a/poky/meta/conf/distro/include/init-manager-systemd.inc b/poky/meta/conf/distro/include/init-manager-systemd.inc
index 595d1f2..0a76647 100644
--- a/poky/meta/conf/distro/include/init-manager-systemd.inc
+++ b/poky/meta/conf/distro/include/init-manager-systemd.inc
@@ -5,3 +5,5 @@
VIRTUAL-RUNTIME_initscripts ??= "systemd-compat-units"
VIRTUAL-RUNTIME_login_manager ??= "shadow-base"
VIRTUAL-RUNTIME_dev_manager ??= "systemd"
+# systemd hardcodes /root in its source codes, other values are not offically supported
+ROOT_HOME ?= "/root"
diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc
index 8dc63b1..b0625a1 100644
--- a/poky/meta/conf/distro/include/maintainers.inc
+++ b/poky/meta/conf/distro/include/maintainers.inc
@@ -724,6 +724,7 @@
RECIPE_MAINTAINER:pn-python3-webcolors = "Bruce Ashfield <bruce.ashfield@gmail.com>"
RECIPE_MAINTAINER:pn-python3-wheel = "Tim Orling <tim.orling@konsulko.com>"
RECIPE_MAINTAINER:pn-python3-xmltodict = "Leon Anavi <leon.anavi@konsulko.com>"
+RECIPE_MAINTAINER:pn-python3-yamllint = "Tim Orling <tim.orling@konsulko.com>"
RECIPE_MAINTAINER:pn-python3-zipp = "Tim Orling <tim.orling@konsulko.com>"
RECIPE_MAINTAINER:pn-qemu = "Richard Purdie <richard.purdie@linuxfoundation.org>"
RECIPE_MAINTAINER:pn-qemu-helper-native = "Richard Purdie <richard.purdie@linuxfoundation.org>"
diff --git a/poky/meta/conf/distro/include/no-static-libs.inc b/poky/meta/conf/distro/include/no-static-libs.inc
index 8898d53..7535992 100644
--- a/poky/meta/conf/distro/include/no-static-libs.inc
+++ b/poky/meta/conf/distro/include/no-static-libs.inc
@@ -21,11 +21,6 @@
# needed by rust
DISABLE_STATIC:pn-musl = ""
-# needed by shadow-native to build static executables, particularly useradd
-DISABLE_STATIC:pn-attr-native = ""
-DISABLE_STATIC:pn-libbsd-native = ""
-DISABLE_STATIC:pn-libmd-native = ""
-
EXTRA_OECONF:append = "${DISABLE_STATIC}"
EXTRA_OECMAKE:append:pn-libical = " -DSHARED_ONLY=True"
diff --git a/poky/meta/conf/distro/include/ptest-packagelists.inc b/poky/meta/conf/distro/include/ptest-packagelists.inc
index ef6f471..a1643c5 100644
--- a/poky/meta/conf/distro/include/ptest-packagelists.inc
+++ b/poky/meta/conf/distro/include/ptest-packagelists.inc
@@ -104,7 +104,6 @@
libgcrypt \
libmodule-build-perl \
lttng-tools \
- mdadm \
openssh \
openssl \
parted \
@@ -135,6 +134,7 @@
# ifupdown \ # Tested separately in lib/oeqa/selftest/cases/imagefeatures.py
# libinput \ # Tests need an unloaded system to be reliable
# libpam \ # Needs pam DISTRO_FEATURE
+# mdadm \ # tests are flaky in AB.
# numactl \ # qemu not (yet) configured for numa; all tests are skipped
# libseccomp \ # tests failed: 38; add to slow tests once addressed
# python3-numpy \ # requires even more RAM and (possibly) disk space; multiple failures
@@ -147,6 +147,7 @@
libinput \
libpam \
libseccomp \
+ mdadm \
numactl \
python3-license-expression \
python3-numpy \
diff --git a/poky/meta/conf/distro/include/tcmode-default.inc b/poky/meta/conf/distro/include/tcmode-default.inc
index 3720a4c5..a12b202 100644
--- a/poky/meta/conf/distro/include/tcmode-default.inc
+++ b/poky/meta/conf/distro/include/tcmode-default.inc
@@ -22,7 +22,7 @@
GDBVERSION ?= "14.%"
GLIBCVERSION ?= "2.38%"
LINUXLIBCVERSION ?= "6.6%"
-QEMUVERSION ?= "8.1%"
+QEMUVERSION ?= "8.2%"
GOVERSION ?= "1.20%"
LLVMVERSION ?= "17.%"
RUSTVERSION ?= "1.74%"
diff --git a/poky/meta/conf/machine/include/x86/tune-core2.inc b/poky/meta/conf/machine/include/x86/tune-core2.inc
index 97b7c1b..082fd4e 100644
--- a/poky/meta/conf/machine/include/x86/tune-core2.inc
+++ b/poky/meta/conf/machine/include/x86/tune-core2.inc
@@ -21,18 +21,18 @@
BASE_LIB:tune-core2-32 = "lib"
TUNE_PKGARCH:tune-core2-32 = "core2-32"
PACKAGE_EXTRA_ARCHS:tune-core2-32 = "${PACKAGE_EXTRA_ARCHS:tune-i686} core2-32"
-QEMU_EXTRAOPTIONS_core2-32 = " -cpu n270"
+QEMU_EXTRAOPTIONS_core2-32 = " -cpu Nehalem,check=false"
AVAILTUNES += "core2-64"
TUNE_FEATURES:tune-core2-64 = "${TUNE_FEATURES:tune-x86-64} core2"
BASE_LIB:tune-core2-64 = "lib64"
TUNE_PKGARCH:tune-core2-64 = "core2-64"
PACKAGE_EXTRA_ARCHS:tune-core2-64 = "${PACKAGE_EXTRA_ARCHS:tune-x86-64} core2-64"
-QEMU_EXTRAOPTIONS_core2-64 = " -cpu core2duo"
+QEMU_EXTRAOPTIONS_core2-64 = " -cpu Nehalem,check=false"
AVAILTUNES += "core2-64-x32"
TUNE_FEATURES:tune-core2-64-x32 = "${TUNE_FEATURES:tune-x86-64-x32} core2"
BASE_LIB:tune-core2-64-x32 = "libx32"
TUNE_PKGARCH:tune-core2-64-x32 = "core2-64-x32"
PACKAGE_EXTRA_ARCHS:tune-core2-64-x32 = "${PACKAGE_EXTRA_ARCHS:tune-x86-64-x32} core2-64-x32"
-QEMU_EXTRAOPTIONS_core2-64-x32 = " -cpu core2duo"
+QEMU_EXTRAOPTIONS_core2-64-x32 = " -cpu Nehalem,check=false"
diff --git a/poky/meta/conf/sanity.conf b/poky/meta/conf/sanity.conf
index 435455d..c3e6c51 100644
--- a/poky/meta/conf/sanity.conf
+++ b/poky/meta/conf/sanity.conf
@@ -3,7 +3,7 @@
# See sanity.bbclass
#
# Expert users can confirm their sanity with "touch conf/sanity.conf"
-BB_MIN_VERSION = "2.7.1"
+BB_MIN_VERSION = "2.7.2"
SANITY_ABIFILE = "${TMPDIR}/abi_version"
diff --git a/poky/meta/lib/oe/cve_check.py b/poky/meta/lib/oe/cve_check.py
index 3fa77bf..ed5c714 100644
--- a/poky/meta/lib/oe/cve_check.py
+++ b/poky/meta/lib/oe/cve_check.py
@@ -79,20 +79,19 @@
import re
import oe.patch
- pn = d.getVar("PN")
- cve_match = re.compile("CVE:( CVE\-\d{4}\-\d+)+")
+ cve_match = re.compile(r"CVE:( CVE-\d{4}-\d+)+")
# Matches the last "CVE-YYYY-ID" in the file name, also if written
# in lowercase. Possible to have multiple CVE IDs in a single
# file name, but only the last one will be detected from the file name.
# However, patch files contents addressing multiple CVE IDs are supported
# (cve_match regular expression)
-
- cve_file_name_match = re.compile(".*([Cc][Vv][Ee]\-\d{4}\-\d+)")
+ cve_file_name_match = re.compile(r".*(CVE-\d{4}-\d+)", re.IGNORECASE)
patched_cves = set()
- bb.debug(2, "Looking for patches that solves CVEs for %s" % pn)
- for url in oe.patch.src_patches(d):
+ patches = oe.patch.src_patches(d)
+ bb.debug(2, "Scanning %d patches for CVEs" % len(patches))
+ for url in patches:
patch_file = bb.fetch.decodeurl(url)[2]
# Check patch file name for CVE ID
@@ -100,7 +99,7 @@
if fname_match:
cve = fname_match.group(1).upper()
patched_cves.add(cve)
- bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file))
+ bb.debug(2, "Found %s from patch file name %s" % (cve, patch_file))
# Remote patches won't be present and compressed patches won't be
# unpacked, so say we're not scanning them
@@ -231,7 +230,7 @@
Convert CVE_STATUS into status, detail and description.
"""
status = d.getVarFlag("CVE_STATUS", cve)
- if status is None:
+ if not status:
return ("", "", "")
status_split = status.split(':', 1)
@@ -240,7 +239,7 @@
status_mapping = d.getVarFlag("CVE_CHECK_STATUSMAP", detail)
if status_mapping is None:
- bb.warn('Invalid detail %s for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))
+ bb.warn('Invalid detail "%s" for CVE_STATUS[%s] = "%s", fallback to Unpatched' % (detail, cve, status))
status_mapping = "Unpatched"
return (status_mapping, detail, description)
diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py
index a877720..15249b7 100644
--- a/poky/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py
@@ -917,6 +917,28 @@
# Try building
bitbake(testrecipe)
+ def test_devtool_modify_git_no_extract(self):
+ # Check preconditions
+ testrecipe = 'psplash'
+ src_uri = get_bb_var('SRC_URI', testrecipe)
+ self.assertIn('git://', src_uri, 'This test expects the %s recipe to be a git recipe' % testrecipe)
+ # Clean up anything in the workdir/sysroot/sstate cache
+ bitbake('%s -c cleansstate' % testrecipe)
+ # Try modifying a recipe
+ tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+ self.track_for_cleanup(tempdir)
+ self.track_for_cleanup(self.workspacedir)
+ self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+ self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+ result = runCmd('git clone https://git.yoctoproject.org/psplash %s && devtool modify -n %s %s' % (tempdir, testrecipe, tempdir))
+ self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
+ matches = glob.glob(os.path.join(self.workspacedir, 'appends', 'psplash_*.bbappend'))
+ self.assertTrue(matches, 'bbappend not created')
+ # Test devtool status
+ result = runCmd('devtool status')
+ self.assertIn(testrecipe, result.output)
+ self.assertIn(tempdir, result.output)
+
def test_devtool_modify_git_crates_subpath(self):
# This tests two things in devtool context:
# - that we support local git dependencies for cargo based recipe
@@ -1086,6 +1108,32 @@
check('devtool-override-qemuarm', 'This is a test for qemuarm\n')
check('devtool-override-qemux86', 'This is a test for qemux86\n')
+ def test_devtool_modify_multiple_sources(self):
+ # This test check that recipes fetching several sources can be used with devtool modify/build
+ # Check preconditions
+ testrecipe = 'bzip2'
+ src_uri = get_bb_var('SRC_URI', testrecipe)
+ src1 = 'https://' in src_uri
+ src2 = 'git://' in src_uri
+ self.assertTrue(src1 and src2, 'This test expects the %s recipe to fetch both a git source and a tarball and it seems that it no longer does' % testrecipe)
+ # Clean up anything in the workdir/sysroot/sstate cache
+ bitbake('%s -c cleansstate' % testrecipe)
+ # Try modifying a recipe
+ tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+ self.track_for_cleanup(tempdir)
+ self.track_for_cleanup(self.workspacedir)
+ self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+ self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+ result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
+ self.assertEqual(result.status, 0, "Could not modify recipe %s. Output: %s" % (testrecipe, result.output))
+ # Test devtool status
+ result = runCmd('devtool status')
+ self.assertIn(testrecipe, result.output)
+ self.assertIn(tempdir, result.output)
+ # Try building
+ result = bitbake(testrecipe)
+ self.assertEqual(result.status, 0, "Bitbake failed, exit code %s, output %s" % (result.status, result.output))
+
class DevtoolUpdateTests(DevtoolBase):
def test_devtool_update_recipe(self):
diff --git a/poky/meta/lib/oeqa/selftest/cases/rust.py b/poky/meta/lib/oeqa/selftest/cases/rust.py
index 6dbc517..164ad11 100644
--- a/poky/meta/lib/oeqa/selftest/cases/rust.py
+++ b/poky/meta/lib/oeqa/selftest/cases/rust.py
@@ -40,7 +40,12 @@
class RustSelfTestSystemEmulated(OESelftestTestCase, OEPTestResultTestCase):
def test_rust(self, *args, **kwargs):
# Disable Rust Oe-selftest
- self.skipTest("The Rust Oe-selftest is disabled.")
+ #self.skipTest("The Rust Oe-selftest is disabled.")
+
+ # Skip mips32 target since it is unstable with rust tests
+ machine = get_bb_var('MACHINE')
+ if machine == "qemumips":
+ self.skipTest("The mips32 target is skipped for Rust Oe-selftest.")
# build remote-test-server before image build
recipe = "rust"
@@ -102,108 +107,10 @@
'tests/codegen/uninit-consts.rs',
'tests/pretty/raw-str-nonexpr.rs',
'tests/run-make',
- 'tests/run-make/cdylib-fewer-symbols/foo.rs',
- 'tests/run-make/doctests-keep-binaries/t.rs',
'tests/run-make-fulldeps',
- 'tests/run-make/issue-22131/foo.rs',
- 'tests/run-make/issue-36710/Makefile',
- 'tests/run-make/issue-47551',
- 'tests/run-make/pgo-branch-weights',
- 'tests/run-make/pgo-gen',
- 'tests/run-make/pgo-gen-lto',
- 'tests/run-make/pgo-indirect-call-promotion',
- 'tests/run-make/pgo-use',
- 'tests/run-make/pointer-auth-link-with-c/Makefile',
- 'tests/run-make/profile',
- 'tests/run-make/static-pie',
- 'tests/run-make/sysroot-crates-are-unstable',
- 'tests/run-make/target-specs',
'tests/rustdoc',
- 'tests/rustdoc/async-move-doctest.rs',
- 'tests/rustdoc/async-trait.rs',
- 'tests/rustdoc/auto-traits.rs',
- 'tests/rustdoc/check-source-code-urls-to-def.rs',
- 'tests/rustdoc/comment-in-doctest.rs',
- 'tests/rustdoc/const-generics/const-generics-docs.rs',
- 'tests/rustdoc/cross-crate-hidden-assoc-trait-items.rs',
- 'tests/rustdoc/cross-crate-hidden-impl-parameter.rs',
- 'tests/rustdoc/cross-crate-links.rs',
- 'tests/rustdoc/cross-crate-primitive-doc.rs',
- 'tests/rustdoc/doctest-manual-crate-name.rs',
- 'tests/rustdoc/edition-doctest.rs',
- 'tests/rustdoc/edition-flag.rs',
- 'tests/rustdoc/elided-lifetime.rs',
- 'tests/rustdoc/external-macro-src.rs',
- 'tests/rustdoc/extern-html-root-url.rs',
- 'tests/rustdoc/extern-impl-trait.rs',
- 'tests/rustdoc/hide-unstable-trait.rs',
- 'tests/rustdoc/inline_cross/add-docs.rs',
- 'tests/rustdoc/inline_cross/default-trait-method.rs',
- 'tests/rustdoc/inline_cross/dyn_trait.rs',
- 'tests/rustdoc/inline_cross/impl_trait.rs',
- 'tests/rustdoc/inline_cross/issue-24183.rs',
- 'tests/rustdoc/inline_cross/macros.rs',
- 'tests/rustdoc/inline_cross/trait-vis.rs',
- 'tests/rustdoc/inline_cross/use_crate.rs',
- 'tests/rustdoc/intra-doc-crate/self.rs',
- 'tests/rustdoc/intra-doc/cross-crate/additional_doc.rs',
- 'tests/rustdoc/intra-doc/cross-crate/basic.rs',
- 'tests/rustdoc/intra-doc/cross-crate/crate.rs',
- 'tests/rustdoc/intra-doc/cross-crate/hidden.rs',
- 'tests/rustdoc/intra-doc/cross-crate/macro.rs',
- 'tests/rustdoc/intra-doc/cross-crate/module.rs',
- 'tests/rustdoc/intra-doc/cross-crate/submodule-inner.rs',
- 'tests/rustdoc/intra-doc/cross-crate/submodule-outer.rs',
- 'tests/rustdoc/intra-doc/cross-crate/traits.rs',
- 'tests/rustdoc/intra-doc/extern-builtin-type-impl.rs',
- 'tests/rustdoc/intra-doc/extern-crate-only-used-in-link.rs',
- 'tests/rustdoc/intra-doc/extern-crate.rs',
- 'tests/rustdoc/intra-doc/extern-inherent-impl.rs',
- 'tests/rustdoc/intra-doc/extern-reference-link.rs',
- 'tests/rustdoc/intra-doc/issue-103463.rs',
- 'tests/rustdoc/intra-doc/issue-104145.rs',
- 'tests/rustdoc/intra-doc/issue-66159.rs',
- 'tests/rustdoc/intra-doc/pub-use.rs',
- 'tests/rustdoc/intra-doc/reexport-additional-docs.rs',
- 'tests/rustdoc/issue-18199.rs',
- 'tests/rustdoc/issue-23106.rs',
- 'tests/rustdoc/issue-23744.rs',
- 'tests/rustdoc/issue-25944.rs',
- 'tests/rustdoc/issue-30252.rs',
- 'tests/rustdoc/issue-38129.rs',
- 'tests/rustdoc/issue-40936.rs',
- 'tests/rustdoc/issue-43153.rs',
- 'tests/rustdoc/issue-46727.rs',
- 'tests/rustdoc/issue-48377.rs',
- 'tests/rustdoc/issue-48414.rs',
- 'tests/rustdoc/issue-53689.rs',
- 'tests/rustdoc/issue-54478-demo-allocator.rs',
- 'tests/rustdoc/issue-57180.rs',
- 'tests/rustdoc/issue-61592.rs',
- 'tests/rustdoc/issue-73061-cross-crate-opaque-assoc-type.rs',
- 'tests/rustdoc/issue-75588.rs',
- 'tests/rustdoc/issue-85454.rs',
- 'tests/rustdoc/issue-86620.rs',
'tests/rustdoc-json',
'tests/rustdoc-js-std',
- 'tests/rustdoc/macro_pub_in_module.rs',
- 'tests/rustdoc/masked.rs',
- 'tests/rustdoc/normalize-assoc-item.rs',
- 'tests/rustdoc/no-stack-overflow-25295.rs',
- 'tests/rustdoc/primitive-reexport.rs',
- 'tests/rustdoc/process-termination.rs',
- 'tests/rustdoc/pub-extern-crate.rs',
- 'tests/rustdoc/pub-use-extern-macros.rs',
- 'tests/rustdoc/reexport-check.rs',
- 'tests/rustdoc/reexport-dep-foreign-fn.rs',
- 'tests/rustdoc/reexport-doc.rs',
- 'tests/rustdoc/reexports-priv.rs',
- 'tests/rustdoc/reexports.rs',
- 'tests/rustdoc/rustc,-incoherent-impls.rs',
- 'tests/rustdoc/test_option_check/bar.rs',
- 'tests/rustdoc/test_option_check/test.rs',
- 'tests/rustdoc/trait-alias-mention.rs',
- 'tests/rustdoc/trait-visibility.rs',
'tests/rustdoc-ui/cfg-test.rs',
'tests/rustdoc-ui/check-cfg-test.rs',
'tests/rustdoc-ui/display-output.rs',
@@ -233,28 +140,6 @@
'tests/ui/debuginfo/debuginfo-emit-llvm-ir-and-split-debuginfo.rs',
'tests/ui/drop/dynamic-drop.rs',
'tests/ui/empty_global_asm.rs',
- 'tests/ui-fulldeps/deriving-encodable-decodable-box.rs',
- 'tests/ui-fulldeps/deriving-encodable-decodable-cell-refcell.rs',
- 'tests/ui-fulldeps/deriving-global.rs',
- 'tests/ui-fulldeps/deriving-hygiene.rs',
- 'tests/ui-fulldeps/dropck_tarena_sound_drop.rs',
- 'tests/ui-fulldeps/empty-struct-braces-derive.rs',
- 'tests/ui-fulldeps/internal-lints/bad_opt_access.rs',
- 'tests/ui-fulldeps/internal-lints/bad_opt_access.stderr',
- 'tests/ui-fulldeps/internal-lints/default_hash_types.rs',
- 'tests/ui-fulldeps/internal-lints/diagnostics.rs',
- 'tests/ui-fulldeps/internal-lints/lint_pass_impl_without_macro.rs',
- 'tests/ui-fulldeps/internal-lints/qualified_ty_ty_ctxt.rs',
- 'tests/ui-fulldeps/internal-lints/query_stability.rs',
- 'tests/ui-fulldeps/internal-lints/rustc_pass_by_value.rs',
- 'tests/ui-fulldeps/internal-lints/ty_tykind_usage.rs',
- 'tests/ui-fulldeps/issue-14021.rs',
- 'tests/ui-fulldeps/lint-group-denied-lint-allowed.rs',
- 'tests/ui-fulldeps/lint-group-forbid-always-trumps-cli.rs',
- 'tests/ui-fulldeps/lint-pass-macros.rs',
- 'tests/ui-fulldeps/regions-mock-tcx.rs',
- 'tests/ui-fulldeps/rustc_encodable_hygiene.rs',
- 'tests/ui-fulldeps/session-diagnostic/enforce_slug_naming.rs',
'tests/ui/functions-closures/fn-help-with-err.rs',
'tests/ui/linkage-attr/issue-10755.rs',
'tests/ui/macros/restricted-shadowing-legacy.rs',
@@ -262,7 +147,43 @@
'tests/ui/process/process-panic-after-fork.rs',
'tests/ui/process/process-sigpipe.rs',
'tests/ui/simd/target-feature-mixup.rs',
- 'tests/ui/structs-enums/multiple-reprs.rs'
+ 'tests/ui/structs-enums/multiple-reprs.rs',
+ 'src/tools/jsondoclint',
+ 'src/tools/replace-version-placeholder',
+ 'tests/codegen/abi-efiapi.rs',
+ 'tests/codegen/abi-sysv64.rs',
+ 'tests/codegen/align-byval.rs',
+ 'tests/codegen/align-fn.rs',
+ 'tests/codegen/asm-powerpc-clobbers.rs',
+ 'tests/codegen/async-fn-debug-awaitee-field.rs',
+ 'tests/codegen/binary-search-index-no-bound-check.rs',
+ 'tests/codegen/call-metadata.rs',
+ 'tests/codegen/debug-column.rs',
+ 'tests/codegen/debug-limited.rs',
+ 'tests/codegen/debuginfo-generic-closure-env-names.rs',
+ 'tests/codegen/drop.rs',
+ 'tests/codegen/dst-vtable-align-nonzero.rs',
+ 'tests/codegen/enable-lto-unit-splitting.rs',
+ 'tests/codegen/enum/enum-u128.rs',
+ 'tests/codegen/fn-impl-trait-self.rs',
+ 'tests/codegen/inherit_overflow.rs',
+ 'tests/codegen/inline-function-args-debug-info.rs',
+ 'tests/codegen/intrinsics/mask.rs',
+ 'tests/codegen/intrinsics/transmute-niched.rs',
+ 'tests/codegen/issues/issue-73258.rs',
+ 'tests/codegen/issues/issue-75546.rs',
+ 'tests/codegen/issues/issue-77812.rs',
+ 'tests/codegen/issues/issue-98156-const-arg-temp-lifetime.rs',
+ 'tests/codegen/llvm-ident.rs',
+ 'tests/codegen/mainsubprogram.rs',
+ 'tests/codegen/move-operands.rs',
+ 'tests/codegen/repr/transparent-mips64.rs',
+ 'tests/mir-opt/',
+ 'tests/rustdoc-json',
+ 'tests/rustdoc-ui/doc-test-rustdoc-feature.rs',
+ 'tests/rustdoc-ui/no-run-flag.rs',
+ 'tests/ui-fulldeps/',
+ 'tests/ui/numbers-arithmetic/u128.rs'
]
exclude_fail_tests = " ".join([" --exclude " + item for item in exclude_list])
diff --git a/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch b/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch
index 6b73878..05a4697 100644
--- a/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch
+++ b/poky/meta/recipes-bsp/grub/files/0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch
@@ -1,4 +1,4 @@
-From 96d9aa55d29b24e2490d5647a9efc66940fc400f Mon Sep 17 00:00:00 2001
+From 006799e9c4babe8a8340a24501b253e759614a2d Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 13 Jan 2016 19:17:31 +0000
Subject: [PATCH] Disable -mfpmath=sse as well when SSE is disabled
@@ -24,15 +24,16 @@
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upstream-Status: Pending
+
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
-index 7656f24..0868ea9 100644
+index cd667a2..8263876 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -824,7 +824,7 @@ fi
+@@ -846,7 +846,7 @@ fi
if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ) && test "x$platform" != xemu; then
# Some toolchains enable these features by default, but they need
# registers that aren't set up properly in GRUB.
@@ -40,4 +41,4 @@
+ TARGET_CFLAGS="$TARGET_CFLAGS -mno-mmx -mno-sse -mno-sse2 -mno-sse3 -mno-3dnow -mfpmath=387"
fi
- # GRUB doesn't use float or doubles at all. Yet some toolchains may decide
+ if ( test "x$target_cpu" = xi386 || test "x$target_cpu" = xx86_64 ); then
diff --git a/poky/meta/recipes-bsp/grub/files/0001-RISC-V-Restore-the-typcast-to-long.patch b/poky/meta/recipes-bsp/grub/files/0001-RISC-V-Restore-the-typcast-to-long.patch
index 2f15a91..cafa711 100644
--- a/poky/meta/recipes-bsp/grub/files/0001-RISC-V-Restore-the-typcast-to-long.patch
+++ b/poky/meta/recipes-bsp/grub/files/0001-RISC-V-Restore-the-typcast-to-long.patch
@@ -1,4 +1,4 @@
-From e4c41db74b8972285cbdfe614c95c1ffd97d70e1 Mon Sep 17 00:00:00 2001
+From b47029e8e582d17c6874d2622fe1a5b834377dbb Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 26 Mar 2021 11:59:43 -0700
Subject: [PATCH] RISC-V: Restore the typcast to 64bit type
@@ -17,15 +17,16 @@
Cc: Chester Lin <clin@suse.com>
Cc: Nikita Ermakov <arei@altlinux.org>
Cc: Alistair Francis <alistair.francis@wdc.com>
+
---
util/grub-mkimagexx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
-index 00f49ccaa..ac677d03d 100644
+index e50b295..2f09255 100644
--- a/util/grub-mkimagexx.c
+++ b/util/grub-mkimagexx.c
-@@ -1242,7 +1242,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd,
+@@ -1310,7 +1310,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, struct section_metadata *smd,
*/
sym_addr += addend;
@@ -34,6 +35,3 @@
switch (ELF_R_TYPE (info))
{
---
-2.31.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/0001-configure-Remove-obsoleted-malign-jumps-loops-functi.patch b/poky/meta/recipes-bsp/grub/files/0001-configure-Remove-obsoleted-malign-jumps-loops-functi.patch
deleted file mode 100644
index 98142a7..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-configure-Remove-obsoleted-malign-jumps-loops-functi.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From eb486898dac8cbc29b2cc39f911b657c3417ae34 Mon Sep 17 00:00:00 2001
-From: Fangrui Song via Grub-devel <grub-devel@gnu.org>
-Date: Thu, 26 Aug 2021 09:02:31 -0700
-Subject: [PATCH 1/2] configure: Remove obsoleted -malign-{jumps, loops,
- functions}
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The GCC warns "cc1: warning: ‘-malign-loops’ is obsolete, use ‘-falign-loops’".
-The Clang silently ignores -malign-{jumps,loops,functions}.
-
-The preferred -falign-* forms have been supported since GCC 3.2. So, just
-remove -malign-{jumps,loops,functions}.
-
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=eb486898dac8cbc29b2cc39f911b657c3417ae34]
-Signed-off-by: Fangrui Song <maskray@google.com>
-Acked-by: Paul Menzel <pmenzel@molgen.mpg.de>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
----
- configure.ac | 9 ---------
- 1 file changed, 9 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index bee28dbeb..9a12151bd 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -805,17 +805,8 @@ if test "x$target_cpu" = xi386; then
- [grub_cv_cc_falign_loop=no])
- ])
-
-- AC_CACHE_CHECK([whether -malign-loops works], [grub_cv_cc_malign_loop], [
-- CFLAGS="$TARGET_CFLAGS -malign-loops=1 -Werror"
-- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-- [grub_cv_cc_malign_loop=yes],
-- [grub_cv_cc_malign_loop=no])
-- ])
--
- if test "x$grub_cv_cc_falign_loop" = xyes; then
- TARGET_CFLAGS="$TARGET_CFLAGS -falign-jumps=1 -falign-loops=1 -falign-functions=1"
-- elif test "x$grub_cv_cc_malign_loop" = xyes; then
-- TARGET_CFLAGS="$TARGET_CFLAGS -malign-jumps=1 -malign-loops=1 -malign-functions=1"
- fi
- fi
-
---
-2.37.3
-
diff --git a/poky/meta/recipes-bsp/grub/files/0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch b/poky/meta/recipes-bsp/grub/files/0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch
deleted file mode 100644
index c575a31..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From f1217c803cec90813eb834dde7829f4961b2a2e4 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Thu, 17 Feb 2022 15:07:02 -0800
-Subject: [PATCH] configure.ac: Use _zicsr_zifencei extentions on riscv
-
-From version 2.38, binutils defaults to ISA spec version 20191213. This
-means that the csr read/write (csrr*/csrw*) instructions and fence.i
-instruction has separated from the `I` extension, become two standalone
-extensions: Zicsr and Zifencei.
-
-The fix is to specify those extensions explicitely in -march. Since we
-are now using binutils 2.38+ in OE this is ok, a more upstreamable fix for
-grub will be to detect these extentions, however thats not easy to
-implement
-
-Upstream-Status: Inappropriate [OE specific]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- configure.ac | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index c7fc55a..072f2c9 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -849,14 +849,14 @@ if test x"$platform" != xemu ; then
- [grub_cv_target_cc_soft_float="-mgeneral-regs-only"], [])
- fi
- if test "x$target_cpu" = xriscv32; then
-- CFLAGS="$TARGET_CFLAGS -march=rv32imac -mabi=ilp32 -Werror"
-+ CFLAGS="$TARGET_CFLAGS -march=rv32imac_zicsr_zifencei -mabi=ilp32 -Werror"
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-- [grub_cv_target_cc_soft_float="-march=rv32imac -mabi=ilp32"], [])
-+ [grub_cv_target_cc_soft_float="-march=rv32imac_zicsr_zifencei -mabi=ilp32"], [])
- fi
- if test "x$target_cpu" = xriscv64; then
-- CFLAGS="$TARGET_CFLAGS -march=rv64imac -mabi=lp64 -Werror"
-+ CFLAGS="$TARGET_CFLAGS -march=rv64imac_zicsr_zifencei -mabi=lp64 -Werror"
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-- [grub_cv_target_cc_soft_float="-march=rv64imac -mabi=lp64"], [])
-+ [grub_cv_target_cc_soft_float="-march=rv64imac_zicsr_zifencei -mabi=lp64"], [])
- fi
- if test "x$target_cpu" = xia64; then
- CFLAGS="$TARGET_CFLAGS -mno-inline-float-divide -mno-inline-sqrt -Werror"
---
-2.35.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch b/poky/meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
deleted file mode 100644
index efa00a3..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
+++ /dev/null
@@ -1,115 +0,0 @@
-From 1f511ae054fe42dce7aedfbfe0f234fa1e0a7a3e Mon Sep 17 00:00:00 2001
-From: Zhang Boyang <zhangboyang.id@gmail.com>
-Date: Fri, 5 Aug 2022 00:51:20 +0800
-Subject: [PATCH] font: Fix size overflow in grub_font_get_glyph_internal()
-
-The length of memory allocation and file read may overflow. This patch
-fixes the problem by using safemath macros.
-
-There is a lot of code repetition like "(x * y + 7) / 8". It is unsafe
-if overflow happens. This patch introduces grub_video_bitmap_calc_1bpp_bufsz().
-It is safe replacement for such code. It has safemath-like prototype.
-
-This patch also introduces grub_cast(value, pointer), it casts value to
-typeof(*pointer) then store the value to *pointer. It returns true when
-overflow occurs or false if there is no overflow. The semantics of arguments
-and return value are designed to be consistent with other safemath macros.
-
-Signed-off-by: Zhang Boyang <zhangboyang.id@gmail.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport from
-[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c76ec09ae08155df27cd237eaea150b4f02f532]
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
-
----
- grub-core/font/font.c | 17 +++++++++++++----
- include/grub/bitmap.h | 18 ++++++++++++++++++
- include/grub/safemath.h | 2 ++
- 3 files changed, 33 insertions(+), 4 deletions(-)
-
-diff --git a/grub-core/font/font.c b/grub-core/font/font.c
-index d09bb38..876b5b6 100644
---- a/grub-core/font/font.c
-+++ b/grub-core/font/font.c
-@@ -739,7 +739,8 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code)
- grub_int16_t xoff;
- grub_int16_t yoff;
- grub_int16_t dwidth;
-- int len;
-+ grub_ssize_t len;
-+ grub_size_t sz;
-
- if (index_entry->glyph)
- /* Return cached glyph. */
-@@ -766,9 +767,17 @@ grub_font_get_glyph_internal (grub_font_t font, grub_uint32_t code)
- return 0;
- }
-
-- len = (width * height + 7) / 8;
-- glyph = grub_malloc (sizeof (struct grub_font_glyph) + len);
-- if (!glyph)
-+ /* Calculate real struct size of current glyph. */
-+ if (grub_video_bitmap_calc_1bpp_bufsz (width, height, &len) ||
-+ grub_add (sizeof (struct grub_font_glyph), len, &sz))
-+ {
-+ remove_font (font);
-+ return 0;
-+ }
-+
-+ /* Allocate and initialize the glyph struct. */
-+ glyph = grub_malloc (sz);
-+ if (glyph == NULL)
- {
- remove_font (font);
- return 0;
-diff --git a/include/grub/bitmap.h b/include/grub/bitmap.h
-index 5728f8c..0d9603f 100644
---- a/include/grub/bitmap.h
-+++ b/include/grub/bitmap.h
-@@ -23,6 +23,7 @@
- #include <grub/symbol.h>
- #include <grub/types.h>
- #include <grub/video.h>
-+#include <grub/safemath.h>
-
- struct grub_video_bitmap
- {
-@@ -79,6 +80,23 @@ grub_video_bitmap_get_height (struct grub_video_bitmap *bitmap)
- return bitmap->mode_info.height;
- }
-
-+/*
-+ * Calculate and store the size of data buffer of 1bit bitmap in result.
-+ * Equivalent to "*result = (width * height + 7) / 8" if no overflow occurs.
-+ * Return true when overflow occurs or false if there is no overflow.
-+ * This function is intentionally implemented as a macro instead of
-+ * an inline function. Although a bit awkward, it preserves data types for
-+ * safemath macros and reduces macro side effects as much as possible.
-+ *
-+ * XXX: Will report false overflow if width * height > UINT64_MAX.
-+ */
-+#define grub_video_bitmap_calc_1bpp_bufsz(width, height, result) \
-+({ \
-+ grub_uint64_t _bitmap_pixels; \
-+ grub_mul ((width), (height), &_bitmap_pixels) ? 1 : \
-+ grub_cast (_bitmap_pixels / GRUB_CHAR_BIT + !!(_bitmap_pixels % GRUB_CHAR_BIT), (result)); \
-+})
-+
- void EXPORT_FUNC (grub_video_bitmap_get_mode_info) (struct grub_video_bitmap *bitmap,
- struct grub_video_mode_info *mode_info);
-
-diff --git a/include/grub/safemath.h b/include/grub/safemath.h
-index c17b89b..bb0f826 100644
---- a/include/grub/safemath.h
-+++ b/include/grub/safemath.h
-@@ -30,6 +30,8 @@
- #define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res)
- #define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res)
-
-+#define grub_cast(a, res) grub_add ((a), 0, (res))
-+
- #else
- #error gcc 5.1 or newer or clang 3.8 or newer is required
- #endif
diff --git a/poky/meta/recipes-bsp/grub/files/0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch b/poky/meta/recipes-bsp/grub/files/0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch
deleted file mode 100644
index a44d139..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-It enable the metadata_csum_seed feature by default in e2fsprogs 1.47.0 and
-causes grub doesn't work. Backport patch to make grub support this feature.
-
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=7fd5fef]
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
-
-From 7fd5feff97c4b1f446f8fcf6d37aca0c64e7c763 Mon Sep 17 00:00:00 2001
-From: Javier Martinez Canillas <javierm@redhat.com>
-Date: Fri, 11 Jun 2021 21:36:16 +0200
-Subject: [PATCH] fs/ext2: Ignore checksum seed incompat feature
-
-This incompat feature is used to denote that the filesystem stored its
-metadata checksum seed in the superblock. This is used to allow tune2fs
-changing the UUID on a mounted metdata_csum filesystem without having
-to rewrite all the disk metadata. However, the GRUB doesn't use the
-metadata checksum at all. So, it can just ignore this feature if it
-is enabled. This is consistent with the GRUB filesystem code in general
-which just does a best effort to access the filesystem's data.
-
-The checksum seed incompat feature has to be removed from the ignore
-list if the support for metadata checksum verification is added to the
-GRUB ext2 driver later.
-
-Suggested-by: Eric Sandeen <esandeen@redhat.com>
-Suggested-by: Lukas Czerner <lczerner@redhat.com>
-Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
-Reviewed-by: Lukas Czerner <lczerner@redhat.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
----
- grub-core/fs/ext2.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/grub-core/fs/ext2.c b/grub-core/fs/ext2.c
-index e7dd78e66..4953a1591 100644
---- a/grub-core/fs/ext2.c
-+++ b/grub-core/fs/ext2.c
-@@ -103,6 +103,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
- #define EXT4_FEATURE_INCOMPAT_64BIT 0x0080
- #define EXT4_FEATURE_INCOMPAT_MMP 0x0100
- #define EXT4_FEATURE_INCOMPAT_FLEX_BG 0x0200
-+#define EXT4_FEATURE_INCOMPAT_CSUM_SEED 0x2000
- #define EXT4_FEATURE_INCOMPAT_ENCRYPT 0x10000
-
- /* The set of back-incompatible features this driver DOES support. Add (OR)
-@@ -123,10 +124,15 @@ GRUB_MOD_LICENSE ("GPLv3+");
- * mmp: Not really back-incompatible - was added as such to
- * avoid multiple read-write mounts. Safe to ignore for this
- * RO driver.
-+ * checksum seed: Not really back-incompatible - was added to allow tools
-+ * such as tune2fs to change the UUID on a mounted metadata
-+ * checksummed filesystem. Safe to ignore for now since the
-+ * driver doesn't support checksum verification. However, it
-+ * has to be removed from this list if the support is added later.
- */
- #define EXT2_DRIVER_IGNORED_INCOMPAT ( EXT3_FEATURE_INCOMPAT_RECOVER \
-- | EXT4_FEATURE_INCOMPAT_MMP)
--
-+ | EXT4_FEATURE_INCOMPAT_MMP \
-+ | EXT4_FEATURE_INCOMPAT_CSUM_SEED)
-
- #define EXT3_JOURNAL_MAGIC_NUMBER 0xc03b3998U
-
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch b/poky/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch
deleted file mode 100644
index a5fbd58..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From e43f3d93b28cce852c110c7a8e40d8311bcd8bb1 Mon Sep 17 00:00:00 2001
-From: Robbie Harwood <rharwood@redhat.com>
-Date: Fri, 15 Jul 2022 16:13:02 -0400
-Subject: [PATCH] fs/fat: Don't error when mtime is 0
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-In the wild, we occasionally see valid ESPs where some file modification
-times are 0. For instance:
-
- ├── [Dec 31 1979] EFI
- │ ├── [Dec 31 1979] BOOT
- │ │ ├── [Dec 31 1979] BOOTX64.EFI
- │ │ └── [Dec 31 1979] fbx64.efi
- │ └── [Jun 27 02:41] fedora
- │ ├── [Dec 31 1979] BOOTX64.CSV
- │ ├── [Dec 31 1979] fonts
- │ ├── [Mar 14 03:35] fw
- │ │ ├── [Mar 14 03:35] fwupd-359c1169-abd6-4a0d-8bce-e4d4713335c1.cap
- │ │ ├── [Mar 14 03:34] fwupd-9d255c4b-2d88-4861-860d-7ee52ade9463.cap
- │ │ └── [Mar 14 03:34] fwupd-b36438d8-9128-49d2-b280-487be02d948b.cap
- │ ├── [Dec 31 1979] fwupdx64.efi
- │ ├── [May 10 10:47] grub.cfg
- │ ├── [Jun 3 12:38] grub.cfg.new.new
- │ ├── [May 10 10:41] grub.cfg.old
- │ ├── [Jun 27 02:41] grubenv
- │ ├── [Dec 31 1979] grubx64.efi
- │ ├── [Dec 31 1979] mmx64.efi
- │ ├── [Dec 31 1979] shim.efi
- │ ├── [Dec 31 1979] shimx64.efi
- │ └── [Dec 31 1979] shimx64-fedora.efi
- └── [Dec 31 1979] FSCK0000.REC
-
- 5 directories, 17 files
-
-This causes grub-probe failure, which in turn causes grub-mkconfig
-failure. They are valid filesystems that appear intact, and the Linux
-FAT stack is able to mount and manipulate them without complaint.
-
-The check for mtime of 0 has been present since
-20def1a3c3952982395cd7c3ea7e78638527962b (fat: support file
-modification times).
-
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e43f3d93b28cce852c110c7a8e40d8311bcd8bb1]
-
-Signed-off-by: Robbie Harwood <rharwood@redhat.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-Signed-off-by: Ming Liu <liu.ming50@gmail.com>
----
- grub-core/fs/fat.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/grub-core/fs/fat.c b/grub-core/fs/fat.c
-index 0951b2e63..c5efed724 100644
---- a/grub-core/fs/fat.c
-+++ b/grub-core/fs/fat.c
-@@ -1027,9 +1027,6 @@ grub_fat_dir (grub_device_t device, const char *path, grub_fs_dir_hook_t hook,
- grub_le_to_cpu16 (ctxt.dir.w_date),
- &info.mtime);
- #endif
-- if (info.mtimeset == 0)
-- grub_error (GRUB_ERR_OUT_OF_RANGE,
-- "invalid modification timestamp for %s", path);
-
- if (hook (ctxt.filename, &info, hook_data))
- break;
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch b/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch
index 69b04aa..69dec76 100644
--- a/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch
+++ b/poky/meta/recipes-bsp/grub/files/0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch
@@ -1,4 +1,4 @@
-From 8f47ed4aaefba087b6ca76e59c9f832b6a0702bc Mon Sep 17 00:00:00 2001
+From a80592e20f6c4b928a22862f52f268ab9d9908b2 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 13 Jan 2016 19:28:00 +0000
Subject: [PATCH] grub.d/10_linux.in: add oe's kernel name
@@ -20,10 +20,10 @@
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
-index 4532266..cba2617 100644
+index cc393be..8545cb6 100644
--- a/util/grub.d/10_linux.in
+++ b/util/grub.d/10_linux.in
-@@ -164,12 +164,12 @@ machine=`uname -m`
+@@ -166,12 +166,12 @@ machine=`uname -m`
case "x$machine" in
xi?86 | xx86_64)
list=
@@ -40,10 +40,10 @@
done ;;
esac
diff --git a/util/grub.d/20_linux_xen.in b/util/grub.d/20_linux_xen.in
-index 96179ea..98d16ae 100644
+index 94dd8be..36cd554 100644
--- a/util/grub.d/20_linux_xen.in
+++ b/util/grub.d/20_linux_xen.in
-@@ -154,7 +154,7 @@ EOF
+@@ -181,7 +181,7 @@ EOF
}
linux_list=
diff --git a/poky/meta/recipes-bsp/grub/files/0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch b/poky/meta/recipes-bsp/grub/files/0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch
deleted file mode 100644
index f3f12b6..0000000
--- a/poky/meta/recipes-bsp/grub/files/0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 64be669638e198bc0c7c1a344547265dfacd2470 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Mon, 23 Jan 2023 15:29:02 -0800
-Subject: [PATCH] risc-v: Handle R_RISCV_CALL_PLT reloc
-
-GNU assembler starting 2.40 release always generates R_RISCV_CALL_PLT
-reloc for call in assembler [1], similarly llvm does not make
-distinction between R_RISCV_CALL_PLT and R_RISCV_CALL [2]
-
-Upstream-Status: Submitted [https://lists.gnu.org/archive/html/grub-devel/2023-02/msg00143.html]
-
-[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=70f35d72ef04cd23771875c1661c9975044a749c
-[2] https://reviews.llvm.org/D132530
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- grub-core/kern/riscv/dl.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/grub-core/kern/riscv/dl.c
-+++ b/grub-core/kern/riscv/dl.c
-@@ -188,6 +188,7 @@ grub_arch_dl_relocate_symbols (grub_dl_t
- break;
-
- case R_RISCV_CALL:
-+ case R_RISCV_CALL_PLT:
- {
- grub_uint32_t *abs_place = place;
- grub_ssize_t off = sym_addr - (grub_addr_t) place;
---- a/util/grub-mkimagexx.c
-+++ b/util/grub-mkimagexx.c
-@@ -1294,6 +1294,7 @@ SUFFIX (relocate_addrs) (Elf_Ehdr *e, st
- }
- break;
- case R_RISCV_CALL:
-+ case R_RISCV_CALL_PLT:
- {
- grub_uint32_t hi20, lo12;
-
-@@ -1725,6 +1726,7 @@ translate_relocation_pe (struct translat
- case R_RISCV_BRANCH:
- case R_RISCV_JAL:
- case R_RISCV_CALL:
-+ case R_RISCV_CALL_PLT:
- case R_RISCV_PCREL_HI20:
- case R_RISCV_PCREL_LO12_I:
- case R_RISCV_PCREL_LO12_S:
diff --git a/poky/meta/recipes-bsp/grub/files/0002-configure-Check-for-falign-jumps-1-beside-falign-loo.patch b/poky/meta/recipes-bsp/grub/files/0002-configure-Check-for-falign-jumps-1-beside-falign-loo.patch
deleted file mode 100644
index 437e5b2..0000000
--- a/poky/meta/recipes-bsp/grub/files/0002-configure-Check-for-falign-jumps-1-beside-falign-loo.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From e372dcb0d4541ee9b9682cde088ec87a7b238ca2 Mon Sep 17 00:00:00 2001
-From: Fangrui Song via Grub-devel <grub-devel@gnu.org>
-Date: Thu, 26 Aug 2021 09:02:32 -0700
-Subject: [PATCH 2/2] configure: Check for -falign-jumps=1 beside
- -falign-loops=1
-
-The Clang does not support -falign-jumps and only recently gained support
-for -falign-loops. The -falign-jumps=1 should be tested beside
--fliang-loops=1 to avoid passing unrecognized options to the Clang:
-
- clang-14: error: optimization flag '-falign-jumps=1' is not supported [-Werror,-Wignored-optimization-argument]
-
-The -falign-functions=1 is supported by GCC 5.1.0/Clang 3.8.0. So, just
-add the option unconditionally.
-
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e372dcb0d4541ee9b9682cde088ec87a7b238ca2]
-Signed-off-by: Fangrui Song <maskray@google.com>
-Acked-by: Paul Menzel <pmenzel@molgen.mpg.de>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
----
- configure.ac | 15 ++++++++++++++-
- 1 file changed, 14 insertions(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index 9a12151bd..eeb5d2211 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -798,6 +798,8 @@ fi
-
- # Force no alignment to save space on i386.
- if test "x$target_cpu" = xi386; then
-+ TARGET_CFLAGS="$TARGET_CFLAGS -falign-functions=1"
-+
- AC_CACHE_CHECK([whether -falign-loops works], [grub_cv_cc_falign_loop], [
- CFLAGS="$TARGET_CFLAGS -falign-loops=1 -Werror"
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-@@ -806,7 +808,18 @@ if test "x$target_cpu" = xi386; then
- ])
-
- if test "x$grub_cv_cc_falign_loop" = xyes; then
-- TARGET_CFLAGS="$TARGET_CFLAGS -falign-jumps=1 -falign-loops=1 -falign-functions=1"
-+ TARGET_CFLAGS="$TARGET_CFLAGS -falign-loops=1"
-+ fi
-+
-+ AC_CACHE_CHECK([whether -falign-jumps works], [grub_cv_cc_falign_jumps], [
-+ CFLAGS="$TARGET_CFLAGS -falign-jumps=1 -Werror"
-+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-+ [grub_cv_cc_falign_jumps=yes],
-+ [grub_cv_cc_falign_jumps=no])
-+ ])
-+
-+ if test "x$grub_cv_cc_falign_jumps" = xyes; then
-+ TARGET_CFLAGS="$TARGET_CFLAGS -falign-jumps=1"
- fi
- fi
-
---
-2.37.3
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
deleted file mode 100644
index 7f7bb1a..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-From e623866d9286410156e8b9d2c82d6253a1b22d08 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 6 Jul 2021 18:51:35 +1000
-Subject: [PATCH] video/readers/png: Drop greyscale support to fix heap
- out-of-bounds write
-
-A 16-bit greyscale PNG without alpha is processed in the following loop:
-
- for (i = 0; i < (data->image_width * data->image_height);
- i++, d1 += 4, d2 += 2)
- {
- d1[R3] = d2[1];
- d1[G3] = d2[1];
- d1[B3] = d2[1];
- }
-
-The increment of d1 is wrong. d1 is incremented by 4 bytes per iteration,
-but there are only 3 bytes allocated for storage. This means that image
-data will overwrite somewhat-attacker-controlled parts of memory - 3 bytes
-out of every 4 following the end of the image.
-
-This has existed since greyscale support was added in 2013 in commit
-3ccf16dff98f (grub-core/video/readers/png.c: Support grayscale).
-
-Saving starfield.png as a 16-bit greyscale image without alpha in the gimp
-and attempting to load it causes grub-emu to crash - I don't think this code
-has ever worked.
-
-Delete all PNG greyscale support.
-
-Fixes: CVE-2021-3695
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2021-3695
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e623866d9286410156e8b9d2c82d6253a1b22d08
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/readers/png.c | 87 +++--------------------------------
- 1 file changed, 7 insertions(+), 80 deletions(-)
-
-diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c
-index 35ae553c8..a3161e25b 100644
---- a/grub-core/video/readers/png.c
-+++ b/grub-core/video/readers/png.c
-@@ -100,7 +100,7 @@ struct grub_png_data
-
- unsigned image_width, image_height;
- int bpp, is_16bit;
-- int raw_bytes, is_gray, is_alpha, is_palette;
-+ int raw_bytes, is_alpha, is_palette;
- int row_bytes, color_bits;
- grub_uint8_t *image_data;
-
-@@ -296,13 +296,13 @@ grub_png_decode_image_header (struct grub_png_data *data)
- data->bpp = 3;
- else
- {
-- data->is_gray = 1;
-- data->bpp = 1;
-+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "png: color type not supported");
- }
-
- if ((color_bits != 8) && (color_bits != 16)
- && (color_bits != 4
-- || !(data->is_gray || data->is_palette)))
-+ || !data->is_palette))
- return grub_error (GRUB_ERR_BAD_FILE_TYPE,
- "png: bit depth must be 8 or 16");
-
-@@ -331,7 +331,7 @@ grub_png_decode_image_header (struct grub_png_data *data)
- }
-
- #ifndef GRUB_CPU_WORDS_BIGENDIAN
-- if (data->is_16bit || data->is_gray || data->is_palette)
-+ if (data->is_16bit || data->is_palette)
- #endif
- {
- data->image_data = grub_calloc (data->image_height, data->row_bytes);
-@@ -899,27 +899,8 @@ grub_png_convert_image (struct grub_png_data *data)
- int shift;
- int mask = (1 << data->color_bits) - 1;
- unsigned j;
-- if (data->is_gray)
-- {
-- /* Generic formula is
-- (0xff * i) / ((1U << data->color_bits) - 1)
-- but for allowed bit depth of 1, 2 and for it's
-- equivalent to
-- (0xff / ((1U << data->color_bits) - 1)) * i
-- Precompute the multipliers to avoid division.
-- */
--
-- const grub_uint8_t multipliers[5] = { 0xff, 0xff, 0x55, 0x24, 0x11 };
-- for (i = 0; i < (1U << data->color_bits); i++)
-- {
-- grub_uint8_t col = multipliers[data->color_bits] * i;
-- palette[i][0] = col;
-- palette[i][1] = col;
-- palette[i][2] = col;
-- }
-- }
-- else
-- grub_memcpy (palette, data->palette, 3 << data->color_bits);
-+
-+ grub_memcpy (palette, data->palette, 3 << data->color_bits);
- d1c = d1;
- d2c = d2;
- for (j = 0; j < data->image_height; j++, d1c += data->image_width * 3,
-@@ -957,60 +938,6 @@ grub_png_convert_image (struct grub_png_data *data)
- return;
- }
-
-- if (data->is_gray)
-- {
-- switch (data->bpp)
-- {
-- case 4:
-- /* 16-bit gray with alpha. */
-- for (i = 0; i < (data->image_width * data->image_height);
-- i++, d1 += 4, d2 += 4)
-- {
-- d1[R4] = d2[3];
-- d1[G4] = d2[3];
-- d1[B4] = d2[3];
-- d1[A4] = d2[1];
-- }
-- break;
-- case 2:
-- if (data->is_16bit)
-- /* 16-bit gray without alpha. */
-- {
-- for (i = 0; i < (data->image_width * data->image_height);
-- i++, d1 += 4, d2 += 2)
-- {
-- d1[R3] = d2[1];
-- d1[G3] = d2[1];
-- d1[B3] = d2[1];
-- }
-- }
-- else
-- /* 8-bit gray with alpha. */
-- {
-- for (i = 0; i < (data->image_width * data->image_height);
-- i++, d1 += 4, d2 += 2)
-- {
-- d1[R4] = d2[1];
-- d1[G4] = d2[1];
-- d1[B4] = d2[1];
-- d1[A4] = d2[0];
-- }
-- }
-- break;
-- /* 8-bit gray without alpha. */
-- case 1:
-- for (i = 0; i < (data->image_width * data->image_height);
-- i++, d1 += 3, d2++)
-- {
-- d1[R3] = d2[0];
-- d1[G3] = d2[0];
-- d1[B3] = d2[0];
-- }
-- break;
-- }
-- return;
-- }
--
- {
- /* Only copy the upper 8 bit. */
- #ifndef GRUB_CPU_WORDS_BIGENDIAN
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch
deleted file mode 100644
index f06514e..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 210245129c932dc9e1c2748d9d35524fb95b5042 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 6 Jul 2021 23:25:07 +1000
-Subject: [PATCH] video/readers/png: Avoid heap OOB R/W inserting huff table
- items
-
-In fuzzing we observed crashes where a code would attempt to be inserted
-into a huffman table before the start, leading to a set of heap OOB reads
-and writes as table entries with negative indices were shifted around and
-the new code written in.
-
-Catch the case where we would underflow the array and bail.
-
-Fixes: CVE-2021-3696
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2021-3696
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=210245129c932dc9e1c2748d9d35524fb95b5042
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/readers/png.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c
-index a3161e25b..d7ed5aa6c 100644
---- a/grub-core/video/readers/png.c
-+++ b/grub-core/video/readers/png.c
-@@ -438,6 +438,13 @@ grub_png_insert_huff_item (struct huff_table *ht, int code, int len)
- for (i = len; i < ht->max_length; i++)
- n += ht->maxval[i];
-
-+ if (n > ht->num_values)
-+ {
-+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "png: out of range inserting huffman table item");
-+ return;
-+ }
-+
- for (i = 0; i < n; i++)
- ht->values[ht->num_values - i] = ht->values[ht->num_values - i - 1];
-
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch
deleted file mode 100644
index e9fc52d..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-From 22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Wed, 7 Jul 2021 15:38:19 +1000
-Subject: [PATCH] video/readers/jpeg: Block int underflow -> wild pointer write
-
-Certain 1 px wide images caused a wild pointer write in
-grub_jpeg_ycrcb_to_rgb(). This was caused because in grub_jpeg_decode_data(),
-we have the following loop:
-
-for (; data->r1 < nr1 && (!data->dri || rst);
- data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3)
-
-We did not check if vb * width >= hb * nc1.
-
-On a 64-bit platform, if that turns out to be negative, it will underflow,
-be interpreted as unsigned 64-bit, then be added to the 64-bit pointer, so
-we see data->bitmap_ptr jump, e.g.:
-
-0x6180_0000_0480 to
-0x6181_0000_0498
- ^
- ~--- carry has occurred and this pointer is now far away from
- any object.
-
-On a 32-bit platform, it will decrement the pointer, creating a pointer
-that won't crash but will overwrite random data.
-
-Catch the underflow and error out.
-
-Fixes: CVE-2021-3697
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2021-3697
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=22a3f97d39f6a10b08ad7fd1cc47c4dcd10413f6
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/readers/jpeg.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c
-index 579bbe8a4..09596fbf5 100644
---- a/grub-core/video/readers/jpeg.c
-+++ b/grub-core/video/readers/jpeg.c
-@@ -23,6 +23,7 @@
- #include <grub/mm.h>
- #include <grub/misc.h>
- #include <grub/bufio.h>
-+#include <grub/safemath.h>
-
- GRUB_MOD_LICENSE ("GPLv3+");
-
-@@ -699,6 +700,7 @@ static grub_err_t
- grub_jpeg_decode_data (struct grub_jpeg_data *data)
- {
- unsigned c1, vb, hb, nr1, nc1;
-+ unsigned stride_a, stride_b, stride;
- int rst = data->dri;
- grub_err_t err = GRUB_ERR_NONE;
-
-@@ -711,8 +713,14 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE,
- "jpeg: attempted to decode data before start of stream");
-
-+ if (grub_mul(vb, data->image_width, &stride_a) ||
-+ grub_mul(hb, nc1, &stride_b) ||
-+ grub_sub(stride_a, stride_b, &stride))
-+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: cannot decode image with these dimensions");
-+
- for (; data->r1 < nr1 && (!data->dri || rst);
-- data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3)
-+ data->r1++, data->bitmap_ptr += stride * 3)
- for (c1 = 0; c1 < nc1 && (!data->dri || rst);
- c1++, rst--, data->bitmap_ptr += hb * 3)
- {
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch b/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch
deleted file mode 100644
index dae26fd..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
-From: Michael Chang <mchang@suse.com>
-Date: Fri, 3 Dec 2021 16:13:28 +0800
-Subject: [PATCH] grub-mkconfig: Restore umask for the grub.cfg
-
-The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
-configuration by grub-mkconfig) has inadvertently discarded umask for
-creating grub.cfg in the process of running grub-mkconfig. The resulting
-wrong permission (0644) would allow unprivileged users to read GRUB
-configuration file content. This presents a low confidentiality risk
-as grub.cfg may contain non-secured plain-text passwords.
-
-This patch restores the missing umask and sets the creation file mode
-to 0600 preventing unprivileged access.
-
-Fixes: CVE-2021-3981
-
-Signed-off-by: Michael Chang <mchang@suse.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2021-3981
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0adec29674561034771c13e446069b41ef41e4d4
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- util/grub-mkconfig.in | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
-index c3ea7612e..62335d027 100644
---- a/util/grub-mkconfig.in
-+++ b/util/grub-mkconfig.in
-@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
- exit 1
- else
- # none of the children aborted with error, install the new grub.cfg
-+ oldumask=$(umask)
-+ umask 077
- cat ${grub_cfg}.new > ${grub_cfg}
-+ umask $oldumask
- rm -f ${grub_cfg}.new
- fi
- fi
---
-2.31.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-2601.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-2601.patch
deleted file mode 100644
index 727c509..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-2601.patch
+++ /dev/null
@@ -1,85 +0,0 @@
-From e8060722acf0bcca037982d7fb29472363ccdfd4 Mon Sep 17 00:00:00 2001
-From: Zhang Boyang <zhangboyang.id@gmail.com>
-Date: Fri, 5 Aug 2022 01:58:27 +0800
-Subject: [PATCH] font: Fix several integer overflows in
- grub_font_construct_glyph()
-
-This patch fixes several integer overflows in grub_font_construct_glyph().
-Glyphs of invalid size, zero or leading to an overflow, are rejected.
-The inconsistency between "glyph" and "max_glyph_size" when grub_malloc()
-returns NULL is fixed too.
-
-Fixes: CVE-2022-2601
-
-Reported-by: Zhang Boyang <zhangboyang.id@gmail.com>
-Signed-off-by: Zhang Boyang <zhangboyang.id@gmail.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport from
-[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=768e1ef2fc159f6e14e7246e4be09363708ac39e]
-CVE: CVE-2022-2601
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
-
----
- grub-core/font/font.c | 29 +++++++++++++++++------------
- 1 file changed, 17 insertions(+), 12 deletions(-)
-
-diff --git a/grub-core/font/font.c b/grub-core/font/font.c
-index 876b5b6..0ff5525 100644
---- a/grub-core/font/font.c
-+++ b/grub-core/font/font.c
-@@ -1515,6 +1515,7 @@ grub_font_construct_glyph (grub_font_t hinted_font,
- struct grub_video_signed_rect bounds;
- static struct grub_font_glyph *glyph = 0;
- static grub_size_t max_glyph_size = 0;
-+ grub_size_t cur_glyph_size;
-
- ensure_comb_space (glyph_id);
-
-@@ -1531,29 +1532,33 @@ grub_font_construct_glyph (grub_font_t hinted_font,
- if (!glyph_id->ncomb && !glyph_id->attributes)
- return main_glyph;
-
-- if (max_glyph_size < sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT)
-+ if (grub_video_bitmap_calc_1bpp_bufsz (bounds.width, bounds.height, &cur_glyph_size) ||
-+ grub_add (sizeof (*glyph), cur_glyph_size, &cur_glyph_size))
-+ return main_glyph;
-+
-+ if (max_glyph_size < cur_glyph_size)
- {
- grub_free (glyph);
-- max_glyph_size = (sizeof (*glyph) + (bounds.width * bounds.height + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT) * 2;
-- if (max_glyph_size < 8)
-- max_glyph_size = 8;
-- glyph = grub_malloc (max_glyph_size);
-+ if (grub_mul (cur_glyph_size, 2, &max_glyph_size))
-+ max_glyph_size = 0;
-+ glyph = max_glyph_size > 0 ? grub_malloc (max_glyph_size) : NULL;
- }
- if (!glyph)
- {
-+ max_glyph_size = 0;
- grub_errno = GRUB_ERR_NONE;
- return main_glyph;
- }
-
-- grub_memset (glyph, 0, sizeof (*glyph)
-- + (bounds.width * bounds.height
-- + GRUB_CHAR_BIT - 1) / GRUB_CHAR_BIT);
-+ grub_memset (glyph, 0, cur_glyph_size);
-
- glyph->font = main_glyph->font;
-- glyph->width = bounds.width;
-- glyph->height = bounds.height;
-- glyph->offset_x = bounds.x;
-- glyph->offset_y = bounds.y;
-+ if (bounds.width == 0 || bounds.height == 0 ||
-+ grub_cast (bounds.width, &glyph->width) ||
-+ grub_cast (bounds.height, &glyph->height) ||
-+ grub_cast (bounds.x, &glyph->offset_x) ||
-+ grub_cast (bounds.y, &glyph->offset_y))
-+ return main_glyph;
-
- if (glyph_id->attributes & GRUB_UNICODE_GLYPH_ATTRIBUTE_MIRROR)
- grub_font_blit_glyph_mirror (glyph, main_glyph,
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch
deleted file mode 100644
index 8bf9090..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 3e4817538de828319ba6d59ced2fbb9b5ca13287 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Mon, 20 Dec 2021 19:41:21 +1100
-Subject: [PATCH] net/ip: Do IP fragment maths safely
-
-We can receive packets with invalid IP fragmentation information. This
-can lead to rsm->total_len underflowing and becoming very large.
-
-Then, in grub_netbuff_alloc(), we add to this very large number, which can
-cause it to overflow and wrap back around to a small positive number.
-The allocation then succeeds, but the resulting buffer is too small and
-subsequent operations can write past the end of the buffer.
-
-Catch the underflow here.
-
-Fixes: CVE-2022-28733
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2022-28733
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3e4817538de828319ba6d59ced2fbb9b5ca13287
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
-
----
- grub-core/net/ip.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/net/ip.c b/grub-core/net/ip.c
-index e3d62e97f..3c3d0be0e 100644
---- a/grub-core/net/ip.c
-+++ b/grub-core/net/ip.c
-@@ -25,6 +25,7 @@
- #include <grub/net/netbuff.h>
- #include <grub/mm.h>
- #include <grub/priority_queue.h>
-+#include <grub/safemath.h>
- #include <grub/time.h>
-
- struct iphdr {
-@@ -512,7 +513,14 @@ grub_net_recv_ip4_packets (struct grub_net_buff *nb,
- {
- rsm->total_len = (8 * (grub_be_to_cpu16 (iph->frags) & OFFSET_MASK)
- + (nb->tail - nb->data));
-- rsm->total_len -= ((iph->verhdrlen & 0xf) * sizeof (grub_uint32_t));
-+
-+ if (grub_sub (rsm->total_len, (iph->verhdrlen & 0xf) * sizeof (grub_uint32_t),
-+ &rsm->total_len))
-+ {
-+ grub_dprintf ("net", "IP reassembly size underflow\n");
-+ return GRUB_ERR_NONE;
-+ }
-+
- rsm->asm_netbuff = grub_netbuff_alloc (rsm->total_len);
- if (!rsm->asm_netbuff)
- {
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch
deleted file mode 100644
index f31167d..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4 Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 8 Mar 2022 19:04:40 +1100
-Subject: [PATCH] net/http: Error out on headers with LF without CR
-
-In a similar vein to the previous patch, parse_line() would write
-a NUL byte past the end of the buffer if there was an HTTP header
-with a LF rather than a CRLF.
-
-RFC-2616 says:
-
- Many HTTP/1.1 header field values consist of words separated by LWS
- or special characters. These special characters MUST be in a quoted
- string to be used within a parameter value (as defined in section 3.6).
-
-We don't support quoted sections or continuation lines, etc.
-
-If we see an LF that's not part of a CRLF, bail out.
-
-Fixes: CVE-2022-28734
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2022-28734
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b26b4c08e7119281ff30d0fb4a6169bd2afa8fe4
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/net/http.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/grub-core/net/http.c b/grub-core/net/http.c
-index 33a0a28c4..9291a13e2 100644
---- a/grub-core/net/http.c
-+++ b/grub-core/net/http.c
-@@ -68,7 +68,15 @@ parse_line (grub_file_t file, http_data_t data, char *ptr, grub_size_t len)
- char *end = ptr + len;
- while (end > ptr && *(end - 1) == '\r')
- end--;
-+
-+ /* LF without CR. */
-+ if (end == ptr + len)
-+ {
-+ data->errmsg = grub_strdup (_("invalid HTTP header - LF without CR"));
-+ return GRUB_ERR_NONE;
-+ }
- *end = 0;
-+
- /* Trailing CRLF. */
- if (data->in_chunk_len == 1)
- {
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch
deleted file mode 100644
index e0ca1ee..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From ec6bfd3237394c1c7dbf2fd73417173318d22f4b Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Tue, 8 Mar 2022 18:17:03 +1100
-Subject: [PATCH] net/http: Fix OOB write for split http headers
-
-GRUB has special code for handling an http header that is split
-across two packets.
-
-The code tracks the end of line by looking for a "\n" byte. The
-code for split headers has always advanced the pointer just past the
-end of the line, whereas the code that handles unsplit headers does
-not advance the pointer. This extra advance causes the length to be
-one greater, which breaks an assumption in parse_line(), leading to
-it writing a NUL byte one byte past the end of the buffer where we
-reconstruct the line from the two packets.
-
-It's conceivable that an attacker controlled set of packets could
-cause this to zero out the first byte of the "next" pointer of the
-grub_mm_region structure following the current_line buffer.
-
-Do not advance the pointer in the split header case.
-
-Fixes: CVE-2022-28734
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2022-28734
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=ec6bfd3237394c1c7dbf2fd73417173318d22f4b
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/net/http.c | 4 +---
- 1 file changed, 1 insertion(+), 3 deletions(-)
-
-diff --git a/grub-core/net/http.c b/grub-core/net/http.c
-index f8d7bf0cd..33a0a28c4 100644
---- a/grub-core/net/http.c
-+++ b/grub-core/net/http.c
-@@ -190,9 +190,7 @@ http_receive (grub_net_tcp_socket_t sock __attribute__ ((unused)),
- int have_line = 1;
- char *t;
- ptr = grub_memchr (nb->data, '\n', nb->tail - nb->data);
-- if (ptr)
-- ptr++;
-- else
-+ if (ptr == NULL)
- {
- have_line = 0;
- ptr = (char *) nb->tail;
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch
deleted file mode 100644
index 7a59f10..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-From 6fe755c5c07bb386fda58306bfd19e4a1c974c53 Mon Sep 17 00:00:00 2001
-From: Julian Andres Klode <julian.klode@canonical.com>
-Date: Thu, 2 Dec 2021 15:03:53 +0100
-Subject: [PATCH] kern/efi/sb: Reject non-kernel files in the shim_lock
- verifier
-
-We must not allow other verifiers to pass things like the GRUB modules.
-Instead of maintaining a blocklist, maintain an allowlist of things
-that we do not care about.
-
-This allowlist really should be made reusable, and shared by the
-lockdown verifier, but this is the minimal patch addressing
-security concerns where the TPM verifier was able to mark modules
-as verified (or the OpenPGP verifier for that matter), when it
-should not do so on shim-powered secure boot systems.
-
-Fixes: CVE-2022-28735
-
-Signed-off-by: Julian Andres Klode <julian.klode@canonical.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE:CVE-2022-28735
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6fe755c5c07bb386fda58306bfd19e4a1c974c53
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/kern/efi/sb.c | 39 ++++++++++++++++++++++++++++++++++++---
- include/grub/verify.h | 1 +
- 2 files changed, 37 insertions(+), 3 deletions(-)
-
-diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
-index c52ec6226..89c4bb3fd 100644
---- a/grub-core/kern/efi/sb.c
-+++ b/grub-core/kern/efi/sb.c
-@@ -119,10 +119,11 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
- void **context __attribute__ ((unused)),
- enum grub_verify_flags *flags)
- {
-- *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
-+ *flags = GRUB_VERIFY_FLAGS_NONE;
-
- switch (type & GRUB_FILE_TYPE_MASK)
- {
-+ /* Files we check. */
- case GRUB_FILE_TYPE_LINUX_KERNEL:
- case GRUB_FILE_TYPE_MULTIBOOT_KERNEL:
- case GRUB_FILE_TYPE_BSD_KERNEL:
-@@ -130,11 +131,43 @@ shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
- case GRUB_FILE_TYPE_PLAN9_KERNEL:
- case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE:
- *flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK;
-+ return GRUB_ERR_NONE;
-
-- /* Fall through. */
-+ /* Files that do not affect secureboot state. */
-+ case GRUB_FILE_TYPE_NONE:
-+ case GRUB_FILE_TYPE_LOOPBACK:
-+ case GRUB_FILE_TYPE_LINUX_INITRD:
-+ case GRUB_FILE_TYPE_OPENBSD_RAMDISK:
-+ case GRUB_FILE_TYPE_XNU_RAMDISK:
-+ case GRUB_FILE_TYPE_SIGNATURE:
-+ case GRUB_FILE_TYPE_PUBLIC_KEY:
-+ case GRUB_FILE_TYPE_PUBLIC_KEY_TRUST:
-+ case GRUB_FILE_TYPE_PRINT_BLOCKLIST:
-+ case GRUB_FILE_TYPE_TESTLOAD:
-+ case GRUB_FILE_TYPE_GET_SIZE:
-+ case GRUB_FILE_TYPE_FONT:
-+ case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY:
-+ case GRUB_FILE_TYPE_CAT:
-+ case GRUB_FILE_TYPE_HEXCAT:
-+ case GRUB_FILE_TYPE_CMP:
-+ case GRUB_FILE_TYPE_HASHLIST:
-+ case GRUB_FILE_TYPE_TO_HASH:
-+ case GRUB_FILE_TYPE_KEYBOARD_LAYOUT:
-+ case GRUB_FILE_TYPE_PIXMAP:
-+ case GRUB_FILE_TYPE_GRUB_MODULE_LIST:
-+ case GRUB_FILE_TYPE_CONFIG:
-+ case GRUB_FILE_TYPE_THEME:
-+ case GRUB_FILE_TYPE_GETTEXT_CATALOG:
-+ case GRUB_FILE_TYPE_FS_SEARCH:
-+ case GRUB_FILE_TYPE_LOADENV:
-+ case GRUB_FILE_TYPE_SAVEENV:
-+ case GRUB_FILE_TYPE_VERIFY_SIGNATURE:
-+ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
-+ return GRUB_ERR_NONE;
-
-+ /* Other files. */
- default:
-- return GRUB_ERR_NONE;
-+ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("prohibited by secure boot policy"));
- }
- }
-
-diff --git a/include/grub/verify.h b/include/grub/verify.h
-index cd129c398..672ae1692 100644
---- a/include/grub/verify.h
-+++ b/include/grub/verify.h
-@@ -24,6 +24,7 @@
-
- enum grub_verify_flags
- {
-+ GRUB_VERIFY_FLAGS_NONE = 0,
- GRUB_VERIFY_FLAGS_SKIP_VERIFICATION = 1,
- GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2,
- /* Defer verification to another authority. */
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch
deleted file mode 100644
index 5741e53..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-From 04c86e0bb7b58fc2f913f798cdb18934933e532d Mon Sep 17 00:00:00 2001
-From: Chris Coulson <chris.coulson@canonical.com>
-Date: Tue, 5 Apr 2022 11:48:58 +0100
-Subject: [PATCH] loader/efi/chainloader: Use grub_loader_set_ex()
-
-This ports the EFI chainloader to use grub_loader_set_ex() in order to fix
-a use-after-free bug that occurs when grub_cmd_chainloader() is executed
-more than once before a boot attempt is performed.
-
-Fixes: CVE-2022-28736
-
-Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-CVE: CVE-2022-28736
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=04c86e0bb7b58fc2f913f798cdb18934933e532d
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
----
- grub-core/loader/efi/chainloader.c | 16 +++++++---------
- 1 file changed, 7 insertions(+), 9 deletions(-)
-
-diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
-index d1602c89b..7557eb269 100644
---- a/grub-core/loader/efi/chainloader.c
-+++ b/grub-core/loader/efi/chainloader.c
-@@ -44,11 +44,10 @@ GRUB_MOD_LICENSE ("GPLv3+");
-
- static grub_dl_t my_mod;
-
--static grub_efi_handle_t image_handle;
--
- static grub_err_t
--grub_chainloader_unload (void)
-+grub_chainloader_unload (void *context)
- {
-+ grub_efi_handle_t image_handle = (grub_efi_handle_t) context;
- grub_efi_loaded_image_t *loaded_image;
- grub_efi_boot_services_t *b;
-
-@@ -64,8 +63,9 @@ grub_chainloader_unload (void)
- }
-
- static grub_err_t
--grub_chainloader_boot (void)
-+grub_chainloader_boot (void *context)
- {
-+ grub_efi_handle_t image_handle = (grub_efi_handle_t) context;
- grub_efi_boot_services_t *b;
- grub_efi_status_t status;
- grub_efi_uintn_t exit_data_size;
-@@ -225,6 +225,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- grub_efi_physical_address_t address = 0;
- grub_efi_uintn_t pages = 0;
- grub_efi_char16_t *cmdline = NULL;
-+ grub_efi_handle_t image_handle = NULL;
-
- if (argc == 0)
- return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
-@@ -405,7 +406,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- efi_call_2 (b->free_pages, address, pages);
- grub_free (file_path);
-
-- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
-+ grub_loader_set_ex (grub_chainloader_boot, grub_chainloader_unload, image_handle, 0);
- return 0;
-
- fail:
-@@ -423,10 +424,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- efi_call_2 (b->free_pages, address, pages);
-
- if (image_handle != NULL)
-- {
-- efi_call_1 (b->unload_image, image_handle);
-- image_handle = NULL;
-- }
-+ efi_call_1 (b->unload_image, image_handle);
-
- grub_dl_unref (my_mod);
-
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2022-3775.patch b/poky/meta/recipes-bsp/grub/files/CVE-2022-3775.patch
deleted file mode 100644
index 853efd0..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2022-3775.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-From fdbe7209152ad6f09a1166f64f162017f2145ba3 Mon Sep 17 00:00:00 2001
-From: Zhang Boyang <zhangboyang.id@gmail.com>
-Date: Mon, 24 Oct 2022 08:05:35 +0800
-Subject: [PATCH] font: Fix an integer underflow in blit_comb()
-
-The expression (ctx.bounds.height - combining_glyphs[i]->height) / 2 may
-evaluate to a very big invalid value even if both ctx.bounds.height and
-combining_glyphs[i]->height are small integers. For example, if
-ctx.bounds.height is 10 and combining_glyphs[i]->height is 12, this
-expression evaluates to 2147483647 (expected -1). This is because
-coordinates are allowed to be negative but ctx.bounds.height is an
-unsigned int. So, the subtraction operates on unsigned ints and
-underflows to a very big value. The division makes things even worse.
-The quotient is still an invalid value even if converted back to int.
-
-This patch fixes the problem by casting ctx.bounds.height to int. As
-a result the subtraction will operate on int and grub_uint16_t which
-will be promoted to an int. So, the underflow will no longer happen. Other
-uses of ctx.bounds.height (and ctx.bounds.width) are also casted to int,
-to ensure coordinates are always calculated on signed integers.
-
-Fixes: CVE-2022-3775
-
-Reported-by: Daniel Axtens <dja@axtens.net>
-Signed-off-by: Zhang Boyang <zhangboyang.id@gmail.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport from
-[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=992c06191babc1e109caf40d6a07ec6fdef427af]
-CVE: CVE-2022-3775
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
-
----
- grub-core/font/font.c | 16 ++++++++--------
- 1 file changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/grub-core/font/font.c b/grub-core/font/font.c
-index 0ff5525..7b1cbde 100644
---- a/grub-core/font/font.c
-+++ b/grub-core/font/font.c
-@@ -1206,12 +1206,12 @@ blit_comb (const struct grub_unicode_glyph *glyph_id,
- ctx.bounds.height = main_glyph->height;
-
- above_rightx = main_glyph->offset_x + main_glyph->width;
-- above_righty = ctx.bounds.y + ctx.bounds.height;
-+ above_righty = ctx.bounds.y + (int) ctx.bounds.height;
-
- above_leftx = main_glyph->offset_x;
-- above_lefty = ctx.bounds.y + ctx.bounds.height;
-+ above_lefty = ctx.bounds.y + (int) ctx.bounds.height;
-
-- below_rightx = ctx.bounds.x + ctx.bounds.width;
-+ below_rightx = ctx.bounds.x + (int) ctx.bounds.width;
- below_righty = ctx.bounds.y;
-
- comb = grub_unicode_get_comb (glyph_id);
-@@ -1224,7 +1224,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id,
-
- if (!combining_glyphs[i])
- continue;
-- targetx = (ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x;
-+ targetx = ((int) ctx.bounds.width - combining_glyphs[i]->width) / 2 + ctx.bounds.x;
- /* CGJ is to avoid diacritics reordering. */
- if (comb[i].code
- == GRUB_UNICODE_COMBINING_GRAPHEME_JOINER)
-@@ -1234,8 +1234,8 @@ blit_comb (const struct grub_unicode_glyph *glyph_id,
- case GRUB_UNICODE_COMB_OVERLAY:
- do_blit (combining_glyphs[i],
- targetx,
-- (ctx.bounds.height - combining_glyphs[i]->height) / 2
-- - (ctx.bounds.height + ctx.bounds.y), &ctx);
-+ ((int) ctx.bounds.height - combining_glyphs[i]->height) / 2
-+ - ((int) ctx.bounds.height + ctx.bounds.y), &ctx);
- if (min_devwidth < combining_glyphs[i]->width)
- min_devwidth = combining_glyphs[i]->width;
- break;
-@@ -1308,7 +1308,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id,
- /* Fallthrough. */
- case GRUB_UNICODE_STACK_ATTACHED_ABOVE:
- do_blit (combining_glyphs[i], targetx,
-- -(ctx.bounds.height + ctx.bounds.y + space
-+ -((int) ctx.bounds.height + ctx.bounds.y + space
- + combining_glyphs[i]->height), &ctx);
- if (min_devwidth < combining_glyphs[i]->width)
- min_devwidth = combining_glyphs[i]->width;
-@@ -1316,7 +1316,7 @@ blit_comb (const struct grub_unicode_glyph *glyph_id,
-
- case GRUB_UNICODE_COMB_HEBREW_DAGESH:
- do_blit (combining_glyphs[i], targetx,
-- -(ctx.bounds.height / 2 + ctx.bounds.y
-+ -((int) ctx.bounds.height / 2 + ctx.bounds.y
- + combining_glyphs[i]->height / 2), &ctx);
- if (min_devwidth < combining_glyphs[i]->width)
- min_devwidth = combining_glyphs[i]->width;
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2023-4692.patch b/poky/meta/recipes-bsp/grub/files/CVE-2023-4692.patch
deleted file mode 100644
index 305fcc9..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2023-4692.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001
-From: Maxim Suhanov <dfirblog@gmail.com>
-Date: Mon, 28 Aug 2023 16:31:57 +0300
-Subject: [PATCH] fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute
- for the $MFT file
-
-When parsing an extremely fragmented $MFT file, i.e., the file described
-using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer
-containing bytes read from the underlying drive to store sector numbers,
-which are consumed later to read data from these sectors into another buffer.
-
-These sectors numbers, two 32-bit integers, are always stored at predefined
-offsets, 0x10 and 0x14, relative to first byte of the selected entry within
-the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem.
-
-However, when parsing a specially-crafted file system image, this may cause
-the NTFS code to write these integers beyond the buffer boundary, likely
-causing the GRUB memory allocator to misbehave or fail. These integers contain
-values which are controlled by on-disk structures of the NTFS file system.
-
-Such modification and resulting misbehavior may touch a memory range not
-assigned to the GRUB and owned by firmware or another EFI application/driver.
-
-This fix introduces checks to ensure that these sector numbers are never
-written beyond the boundary.
-
-Fixes: CVE-2023-4692
-
-Upstream-Status: Backport from
-[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea]
-CVE: CVE-2023-4692
-
-Reported-by: Maxim Suhanov <dfirblog@gmail.com>
-Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
----
- grub-core/fs/ntfs.c | 18 +++++++++++++++++-
- 1 file changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
-index bbdbe24..c3c4db1 100644
---- a/grub-core/fs/ntfs.c
-+++ b/grub-core/fs/ntfs.c
-@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
- }
- if (at->attr_end)
- {
-- grub_uint8_t *pa;
-+ grub_uint8_t *pa, *pa_end;
-
- at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
- if (at->emft_buf == NULL)
-@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
- }
- at->attr_nxt = at->edat_buf;
- at->attr_end = at->edat_buf + u32at (pa, 0x30);
-+ pa_end = at->edat_buf + n;
- }
- else
- {
- at->attr_nxt = at->attr_end + u16at (pa, 0x14);
- at->attr_end = at->attr_end + u32at (pa, 4);
-+ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
- }
- at->flags |= GRUB_NTFS_AF_ALST;
- while (at->attr_nxt < at->attr_end)
-@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
- at->flags |= GRUB_NTFS_AF_GPOS;
- at->attr_cur = at->attr_nxt;
- pa = at->attr_cur;
-+
-+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
-+ {
-+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
-+ return NULL;
-+ }
-+
- grub_set_unaligned32 ((char *) pa + 0x10,
- grub_cpu_to_le32 (at->mft->data->mft_start));
- grub_set_unaligned32 ((char *) pa + 0x14,
-@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
- {
- if (*pa != attr)
- break;
-+
-+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
-+ {
-+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
-+ return NULL;
-+ }
-+
- if (read_attr
- (at, pa + 0x10,
- u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
---
-cgit v1.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/CVE-2023-4693.patch b/poky/meta/recipes-bsp/grub/files/CVE-2023-4693.patch
deleted file mode 100644
index 420fe92..0000000
--- a/poky/meta/recipes-bsp/grub/files/CVE-2023-4693.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon Sep 17 00:00:00 2001
-From: Maxim Suhanov <dfirblog@...>
-Date: Mon, 28 Aug 2023 16:32:33 +0300
-Subject: fs/ntfs: Fix an OOB read when reading data from the resident $DATA
- attribute
-
-When reading a file containing resident data, i.e., the file data is stored in
-the $DATA attribute within the NTFS file record, not in external clusters,
-there are no checks that this resident data actually fits the corresponding
-file record segment.
-
-When parsing a specially-crafted file system image, the current NTFS code will
-read the file data from an arbitrary, attacker-chosen memory offset and of
-arbitrary, attacker-chosen length.
-
-This allows an attacker to display arbitrary chunks of memory, which could
-contain sensitive information like password hashes or even plain-text,
-obfuscated passwords from BS EFI variables.
-
-This fix implements a check to ensure that resident data is read from the
-corresponding file record segment only.
-
-Fixes: CVE-2023-4693
-
-Upstream-Status: Backport from
-[https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94]
-CVE: CVE-2023-4693
-
-Reported-by: Maxim Suhanov <dfirblog@...>
-Signed-off-by: Maxim Suhanov <dfirblog@...>
-Reviewed-by: Daniel Kiper <daniel.kiper@...>
-Signed-off-by: Xiangyu Chen <xiangyu.chen@...>
----
- grub-core/fs/ntfs.c | 13 ++++++++++++-
- 1 file changed, 12 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
-index c3c4db1..a68e173 100644
---- a/grub-core/fs/ntfs.c
-+++ b/grub-core/fs/ntfs.c
-@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
- {
- if (ofs + len > u32at (pa, 0x10))
- return grub_error (GRUB_ERR_BAD_FS, "read out of range");
-- grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len);
-+
-+ if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
-+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
-+
-+ if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
-+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
-+
-+ if (u16at (pa, 0x14) + u32at (pa, 0x10) >
-+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
-+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
-+
-+ grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
- return 0;
- }
-
---
-cgit v1.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch b/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch
index 1323a54..f8dfda9 100644
--- a/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch
+++ b/poky/meta/recipes-bsp/grub/files/autogen.sh-exclude-pc.patch
@@ -1,4 +1,4 @@
-From 8790aa8bea736f52341a0430ff3e317d3be0f99b Mon Sep 17 00:00:00 2001
+From 14c1d0459fb3561e627d3a5f6e91a0d2f7b4aa45 Mon Sep 17 00:00:00 2001
From: Naveen Saini <naveen.kumar.saini@intel.com>
Date: Mon, 15 Mar 2021 14:44:15 +0800
Subject: [PATCH] autogen.sh: exclude .pc from po/POTFILES.in
@@ -14,15 +14,16 @@
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
+
---
autogen.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/autogen.sh b/autogen.sh
-index 31b0ced7e..c63ae766c 100755
+index 195daa5..773b7b4 100755
--- a/autogen.sh
+++ b/autogen.sh
-@@ -13,7 +13,7 @@ fi
+@@ -26,7 +26,7 @@ fi
export LC_COLLATE=C
unset LC_ALL
@@ -31,6 +32,3 @@
find util -iname '*.in' ! -name Makefile.in |sort > po/POTFILES-shell.in
echo "Importing unicode..."
---
-2.17.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/commands-boot-Add-API-to-pass-context-to-loader.patch b/poky/meta/recipes-bsp/grub/files/commands-boot-Add-API-to-pass-context-to-loader.patch
deleted file mode 100644
index a2c0530..0000000
--- a/poky/meta/recipes-bsp/grub/files/commands-boot-Add-API-to-pass-context-to-loader.patch
+++ /dev/null
@@ -1,168 +0,0 @@
-From 14ceb3b3ff6db664649138442b6562c114dcf56e Mon Sep 17 00:00:00 2001
-From: Chris Coulson <chris.coulson@canonical.com>
-Date: Tue, 5 Apr 2022 10:58:28 +0100
-Subject: [PATCH] commands/boot: Add API to pass context to loader
-
-Loaders rely on global variables for saving context which is consumed
-in the boot hook and freed in the unload hook. In the case where a loader
-command is executed twice, calling grub_loader_set() a second time executes
-the unload hook, but in some cases this runs when the loader's global
-context has already been updated, resulting in the updated context being
-freed and potential use-after-free bugs when the boot hook is subsequently
-called.
-
-This adds a new API, grub_loader_set_ex(), which allows a loader to specify
-context that is passed to its boot and unload hooks. This is an alternative
-to requiring that loaders call grub_loader_unset() before mutating their
-global context.
-
-Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=14ceb3b3ff6db664649138442b6562c114dcf56e
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
----
- grub-core/commands/boot.c | 66 ++++++++++++++++++++++++++++++++++-----
- include/grub/loader.h | 5 +++
- 2 files changed, 63 insertions(+), 8 deletions(-)
-
-diff --git a/grub-core/commands/boot.c b/grub-core/commands/boot.c
-index bbca81e94..61514788e 100644
---- a/grub-core/commands/boot.c
-+++ b/grub-core/commands/boot.c
-@@ -27,10 +27,20 @@
-
- GRUB_MOD_LICENSE ("GPLv3+");
-
--static grub_err_t (*grub_loader_boot_func) (void);
--static grub_err_t (*grub_loader_unload_func) (void);
-+static grub_err_t (*grub_loader_boot_func) (void *context);
-+static grub_err_t (*grub_loader_unload_func) (void *context);
-+static void *grub_loader_context;
- static int grub_loader_flags;
-
-+struct grub_simple_loader_hooks
-+{
-+ grub_err_t (*boot) (void);
-+ grub_err_t (*unload) (void);
-+};
-+
-+/* Don't heap allocate this to avoid making grub_loader_set() fallible. */
-+static struct grub_simple_loader_hooks simple_loader_hooks;
-+
- struct grub_preboot
- {
- grub_err_t (*preboot_func) (int);
-@@ -44,6 +54,29 @@ static int grub_loader_loaded;
- static struct grub_preboot *preboots_head = 0,
- *preboots_tail = 0;
-
-+static grub_err_t
-+grub_simple_boot_hook (void *context)
-+{
-+ struct grub_simple_loader_hooks *hooks;
-+
-+ hooks = (struct grub_simple_loader_hooks *) context;
-+ return hooks->boot ();
-+}
-+
-+static grub_err_t
-+grub_simple_unload_hook (void *context)
-+{
-+ struct grub_simple_loader_hooks *hooks;
-+ grub_err_t ret;
-+
-+ hooks = (struct grub_simple_loader_hooks *) context;
-+
-+ ret = hooks->unload ();
-+ grub_memset (hooks, 0, sizeof (*hooks));
-+
-+ return ret;
-+}
-+
- int
- grub_loader_is_loaded (void)
- {
-@@ -110,28 +143,45 @@ grub_loader_unregister_preboot_hook (struct grub_preboot *hnd)
- }
-
- void
--grub_loader_set (grub_err_t (*boot) (void),
-- grub_err_t (*unload) (void),
-- int flags)
-+grub_loader_set_ex (grub_err_t (*boot) (void *context),
-+ grub_err_t (*unload) (void *context),
-+ void *context,
-+ int flags)
- {
- if (grub_loader_loaded && grub_loader_unload_func)
-- grub_loader_unload_func ();
-+ grub_loader_unload_func (grub_loader_context);
-
- grub_loader_boot_func = boot;
- grub_loader_unload_func = unload;
-+ grub_loader_context = context;
- grub_loader_flags = flags;
-
- grub_loader_loaded = 1;
- }
-
-+void
-+grub_loader_set (grub_err_t (*boot) (void),
-+ grub_err_t (*unload) (void),
-+ int flags)
-+{
-+ grub_loader_set_ex (grub_simple_boot_hook,
-+ grub_simple_unload_hook,
-+ &simple_loader_hooks,
-+ flags);
-+
-+ simple_loader_hooks.boot = boot;
-+ simple_loader_hooks.unload = unload;
-+}
-+
- void
- grub_loader_unset(void)
- {
- if (grub_loader_loaded && grub_loader_unload_func)
-- grub_loader_unload_func ();
-+ grub_loader_unload_func (grub_loader_context);
-
- grub_loader_boot_func = 0;
- grub_loader_unload_func = 0;
-+ grub_loader_context = 0;
-
- grub_loader_loaded = 0;
- }
-@@ -158,7 +208,7 @@ grub_loader_boot (void)
- return err;
- }
- }
-- err = (grub_loader_boot_func) ();
-+ err = (grub_loader_boot_func) (grub_loader_context);
-
- for (cur = preboots_tail; cur; cur = cur->prev)
- if (! err)
-diff --git a/include/grub/loader.h b/include/grub/loader.h
-index b20864282..97f231054 100644
---- a/include/grub/loader.h
-+++ b/include/grub/loader.h
-@@ -40,6 +40,11 @@ void EXPORT_FUNC (grub_loader_set) (grub_err_t (*boot) (void),
- grub_err_t (*unload) (void),
- int flags);
-
-+void EXPORT_FUNC (grub_loader_set_ex) (grub_err_t (*boot) (void *context),
-+ grub_err_t (*unload) (void *context),
-+ void *context,
-+ int flags);
-+
- /* Unset current loader, if any. */
- void EXPORT_FUNC (grub_loader_unset) (void);
-
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/determinism.patch b/poky/meta/recipes-bsp/grub/files/determinism.patch
deleted file mode 100644
index 852b95a..0000000
--- a/poky/meta/recipes-bsp/grub/files/determinism.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From b6f9b3f6fa782807c4a7ec16ee8ef868cdfbf468 Mon Sep 17 00:00:00 2001
-From: Naveen Saini <naveen.kumar.saini@intel.com>
-Date: Mon, 15 Mar 2021 14:56:18 +0800
-Subject: [PATCH] The output in moddep.lst generated from syminfo.lst using
- genmoddep.awk is not deterministic since the order of the dependencies on
- each line can vary depending on how awk sorts the values in the array.
-
-Be deterministic in the output by sorting the dependencies on each line.
-
-Also, the output of the SOURCES lines in grub-core/Makefile.core.am, generated
-from grub-core/Makefile.core.def with gentpl.py is not deterministic due to
-missing sorting of the list used to generate it. Add such a sort.
-
-Also ensure the generated unidata.c file is deterministic by sorting the
-keys of the dict.
-
-Upstream-Status: Submitted [https://lists.gnu.org/archive/html/grub-devel/2023-06/index.html]
-Richard Purdie <richard.purdie@linuxfoundation.org>
-Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
----
- gentpl.py | 1 +
- grub-core/genmoddep.awk | 4 +++-
- util/import_unicode.py | 2 +-
- 3 files changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/gentpl.py b/gentpl.py
-index c86550d4f..589285192 100644
---- a/gentpl.py
-+++ b/gentpl.py
-@@ -568,6 +568,7 @@ def foreach_platform_value(defn, platform, suffix, closure):
- for group in RMAP[platform]:
- for value in defn.find_all(group + suffix):
- r.append(closure(value))
-+ r.sort()
- return ''.join(r)
-
- def platform_conditional(platform, closure):
-diff --git a/grub-core/genmoddep.awk b/grub-core/genmoddep.awk
-index 04c2863e5..247436392 100644
---- a/grub-core/genmoddep.awk
-+++ b/grub-core/genmoddep.awk
-@@ -59,7 +59,9 @@ END {
- }
- modlist = ""
- depcount[mod] = 0
-- for (depmod in uniqmods) {
-+ n = asorti(uniqmods, w)
-+ for (i = 1; i <= n; i++) {
-+ depmod = w[i]
- modlist = modlist " " depmod;
- inverse_dependencies[depmod] = inverse_dependencies[depmod] " " mod
- depcount[mod]++
-diff --git a/util/import_unicode.py b/util/import_unicode.py
-index 08f80591e..1f434a069 100644
---- a/util/import_unicode.py
-+++ b/util/import_unicode.py
-@@ -174,7 +174,7 @@ infile.close ()
-
- outfile.write ("struct grub_unicode_arabic_shape grub_unicode_arabic_shapes[] = {\n ")
-
--for x in arabicsubst:
-+for x in sorted(arabicsubst):
- try:
- if arabicsubst[x]['join'] == "DUAL":
- outfile.write ("{0x%x, 0x%x, 0x%x, 0x%x, 0x%x},\n " % (arabicsubst[x][0], arabicsubst[x][1], arabicsubst[x][2], arabicsubst[x][3], arabicsubst[x][4]))
---
-2.17.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch b/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch
index 2689026..d9012d1 100644
--- a/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch
+++ b/poky/meta/recipes-bsp/grub/files/grub-module-explicitly-keeps-symbole-.module_license.patch
@@ -1,4 +1,4 @@
-From 917133acc701dbc4636165d3b08d15dc5829a06f Mon Sep 17 00:00:00 2001
+From b316ed326bd492106006d78f5bfcd767b49a4f2e Mon Sep 17 00:00:00 2001
From: Hongxu Jia <hongxu.jia@windriver.com>
Date: Wed, 17 Aug 2016 04:06:34 -0400
Subject: [PATCH] grub module explicitly keeps symbole .module_license
@@ -8,7 +8,7 @@
---------------
root@localhost:~# objdump -t all_video.mod
-
+
all_video.mod: file format elf64-x86-64
SYMBOL TABLE:
@@ -40,12 +40,13 @@
Upstream-Status: Pending
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+
---
grub-core/genmod.sh.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/genmod.sh.in b/grub-core/genmod.sh.in
-index 1250589..dd14308 100644
+index e57c4d9..42bb1ba 100644
--- a/grub-core/genmod.sh.in
+++ b/grub-core/genmod.sh.in
@@ -56,7 +56,7 @@ if test x@TARGET_APPLE_LINKER@ != x1; then
diff --git a/poky/meta/recipes-bsp/grub/files/loader-efi-chainloader-Simplify-the-loader-state.patch b/poky/meta/recipes-bsp/grub/files/loader-efi-chainloader-Simplify-the-loader-state.patch
deleted file mode 100644
index a43025d..0000000
--- a/poky/meta/recipes-bsp/grub/files/loader-efi-chainloader-Simplify-the-loader-state.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From 1469983ebb9674753ad333d37087fb8cb20e1dce Mon Sep 17 00:00:00 2001
-From: Chris Coulson <chris.coulson@canonical.com>
-Date: Tue, 5 Apr 2022 10:02:04 +0100
-Subject: [PATCH] loader/efi/chainloader: Simplify the loader state
-
-The chainloader command retains the source buffer and device path passed
-to LoadImage(), requiring the unload hook passed to grub_loader_set() to
-free them. It isn't required to retain this state though - they aren't
-required by StartImage() or anything else in the boot hook, so clean them
-up before grub_cmd_chainloader() finishes.
-
-Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=1469983ebb9674753ad333d37087fb8cb20e1dce
-
-Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
----
- grub-core/loader/efi/chainloader.c | 38 +++++++++++++++++-------------
- 1 file changed, 21 insertions(+), 17 deletions(-)
-
-diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
-index 2bd80f4db..d1602c89b 100644
---- a/grub-core/loader/efi/chainloader.c
-+++ b/grub-core/loader/efi/chainloader.c
-@@ -44,25 +44,20 @@ GRUB_MOD_LICENSE ("GPLv3+");
-
- static grub_dl_t my_mod;
-
--static grub_efi_physical_address_t address;
--static grub_efi_uintn_t pages;
--static grub_efi_device_path_t *file_path;
- static grub_efi_handle_t image_handle;
--static grub_efi_char16_t *cmdline;
-
- static grub_err_t
- grub_chainloader_unload (void)
- {
-+ grub_efi_loaded_image_t *loaded_image;
- grub_efi_boot_services_t *b;
-
-+ loaded_image = grub_efi_get_loaded_image (image_handle);
-+ if (loaded_image != NULL)
-+ grub_free (loaded_image->load_options);
-+
- b = grub_efi_system_table->boot_services;
- efi_call_1 (b->unload_image, image_handle);
-- efi_call_2 (b->free_pages, address, pages);
--
-- grub_free (file_path);
-- grub_free (cmdline);
-- cmdline = 0;
-- file_path = 0;
-
- grub_dl_unref (my_mod);
- return GRUB_ERR_NONE;
-@@ -140,7 +135,7 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
- char *dir_start;
- char *dir_end;
- grub_size_t size;
-- grub_efi_device_path_t *d;
-+ grub_efi_device_path_t *d, *file_path;
-
- dir_start = grub_strchr (filename, ')');
- if (! dir_start)
-@@ -222,11 +217,14 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- grub_efi_status_t status;
- grub_efi_boot_services_t *b;
- grub_device_t dev = 0;
-- grub_efi_device_path_t *dp = 0;
-+ grub_efi_device_path_t *dp = NULL, *file_path = NULL;
- grub_efi_loaded_image_t *loaded_image;
- char *filename;
- void *boot_image = 0;
- grub_efi_handle_t dev_handle = 0;
-+ grub_efi_physical_address_t address = 0;
-+ grub_efi_uintn_t pages = 0;
-+ grub_efi_char16_t *cmdline = NULL;
-
- if (argc == 0)
- return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
-@@ -234,11 +232,6 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
-
- grub_dl_ref (my_mod);
-
-- /* Initialize some global variables. */
-- address = 0;
-- image_handle = 0;
-- file_path = 0;
--
- b = grub_efi_system_table->boot_services;
-
- file = grub_file_open (filename, GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE);
-@@ -408,6 +401,10 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- grub_file_close (file);
- grub_device_close (dev);
-
-+ /* We're finished with the source image buffer and file path now. */
-+ efi_call_2 (b->free_pages, address, pages);
-+ grub_free (file_path);
-+
- grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);
- return 0;
-
-@@ -419,11 +416,18 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
- if (file)
- grub_file_close (file);
-
-+ grub_free (cmdline);
- grub_free (file_path);
-
- if (address)
- efi_call_2 (b->free_pages, address, pages);
-
-+ if (image_handle != NULL)
-+ {
-+ efi_call_1 (b->unload_image, image_handle);
-+ image_handle = NULL;
-+ }
-+
- grub_dl_unref (my_mod);
-
- return grub_errno;
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch b/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch
deleted file mode 100644
index 2db9bcb..0000000
--- a/poky/meta/recipes-bsp/grub/files/video-Remove-trailing-whitespaces.patch
+++ /dev/null
@@ -1,693 +0,0 @@
-From 1f48917d8ddb490dcdc70176e0f58136b7f7811a Mon Sep 17 00:00:00 2001
-From: Elyes Haouas <ehaouas@noos.fr>
-Date: Fri, 4 Mar 2022 07:42:13 +0100
-Subject: [PATCH] video: Remove trailing whitespaces
-
-Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=1f48917d8ddb490dcdc70176e0f58136b7f7811a
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/bochs.c | 2 +-
- grub-core/video/capture.c | 2 +-
- grub-core/video/cirrus.c | 4 ++--
- grub-core/video/coreboot/cbfb.c | 2 +-
- grub-core/video/efi_gop.c | 22 +++++++++----------
- grub-core/video/fb/fbblit.c | 8 +++----
- grub-core/video/fb/video_fb.c | 10 ++++-----
- grub-core/video/i386/pc/vbe.c | 34 ++++++++++++++---------------
- grub-core/video/i386/pc/vga.c | 6 ++---
- grub-core/video/ieee1275.c | 4 ++--
- grub-core/video/radeon_fuloong2e.c | 6 ++---
- grub-core/video/radeon_yeeloong3a.c | 6 ++---
- grub-core/video/readers/png.c | 2 +-
- grub-core/video/readers/tga.c | 2 +-
- grub-core/video/sis315_init.c | 2 +-
- grub-core/video/sis315pro.c | 8 +++----
- grub-core/video/sm712.c | 10 ++++-----
- grub-core/video/video.c | 8 +++----
- 18 files changed, 69 insertions(+), 69 deletions(-)
-
-diff --git a/grub-core/video/bochs.c b/grub-core/video/bochs.c
-index 30ea1bd82..edc651697 100644
---- a/grub-core/video/bochs.c
-+++ b/grub-core/video/bochs.c
-@@ -212,7 +212,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data)
-
- if (((class >> 16) & 0xffff) != 0x0300 || pciid != 0x11111234)
- return 0;
--
-+
- addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0);
- framebuffer.base = grub_pci_read (addr) & GRUB_PCI_ADDR_MEM_MASK;
- if (!framebuffer.base)
-diff --git a/grub-core/video/capture.c b/grub-core/video/capture.c
-index 4d3195e01..c653d89f9 100644
---- a/grub-core/video/capture.c
-+++ b/grub-core/video/capture.c
-@@ -92,7 +92,7 @@ grub_video_capture_start (const struct grub_video_mode_info *mode_info,
- framebuffer.ptr = grub_calloc (framebuffer.mode_info.height, framebuffer.mode_info.pitch);
- if (!framebuffer.ptr)
- return grub_errno;
--
-+
- err = grub_video_fb_create_render_target_from_pointer (&framebuffer.render_target,
- &framebuffer.mode_info,
- framebuffer.ptr);
-diff --git a/grub-core/video/cirrus.c b/grub-core/video/cirrus.c
-index e2149e8ce..f5542ccdc 100644
---- a/grub-core/video/cirrus.c
-+++ b/grub-core/video/cirrus.c
-@@ -354,11 +354,11 @@ grub_video_cirrus_setup (unsigned int width, unsigned int height,
- grub_uint8_t sr_ext = 0, hidden_dac = 0;
-
- grub_vga_set_geometry (&config, grub_vga_cr_write);
--
-+
- grub_vga_gr_write (GRUB_VGA_GR_MODE_256_COLOR | GRUB_VGA_GR_MODE_READ_MODE1,
- GRUB_VGA_GR_MODE);
- grub_vga_gr_write (GRUB_VGA_GR_GR6_GRAPHICS_MODE, GRUB_VGA_GR_GR6);
--
-+
- grub_vga_sr_write (GRUB_VGA_SR_MEMORY_MODE_NORMAL, GRUB_VGA_SR_MEMORY_MODE);
-
- grub_vga_cr_write ((config.pitch >> CIRRUS_CR_EXTENDED_DISPLAY_PITCH_SHIFT)
-diff --git a/grub-core/video/coreboot/cbfb.c b/grub-core/video/coreboot/cbfb.c
-index 9af81fa5b..986003c51 100644
---- a/grub-core/video/coreboot/cbfb.c
-+++ b/grub-core/video/coreboot/cbfb.c
-@@ -106,7 +106,7 @@ grub_video_cbfb_setup (unsigned int width, unsigned int height,
-
- grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS,
- grub_video_fbstd_colors);
--
-+
- return err;
- }
-
-diff --git a/grub-core/video/efi_gop.c b/grub-core/video/efi_gop.c
-index b7590dc6c..7a5054631 100644
---- a/grub-core/video/efi_gop.c
-+++ b/grub-core/video/efi_gop.c
-@@ -273,7 +273,7 @@ grub_video_gop_iterate (int (*hook) (const struct grub_video_mode_info *info, vo
- grub_efi_status_t status;
- struct grub_efi_gop_mode_info *info = NULL;
- struct grub_video_mode_info mode_info;
--
-+
- status = efi_call_4 (gop->query_mode, gop, mode, &size, &info);
-
- if (status)
-@@ -390,7 +390,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- found = 1;
- }
- }
--
-+
- if (!found)
- {
- unsigned mode;
-@@ -399,7 +399,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- {
- grub_efi_uintn_t size;
- grub_efi_status_t status;
--
-+
- status = efi_call_4 (gop->query_mode, gop, mode, &size, &info);
- if (status)
- {
-@@ -472,11 +472,11 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- framebuffer.ptr = (void *) (grub_addr_t) gop->mode->fb_base;
- framebuffer.offscreen
- = grub_malloc (framebuffer.mode_info.height
-- * framebuffer.mode_info.width
-+ * framebuffer.mode_info.width
- * sizeof (struct grub_efi_gop_blt_pixel));
-
- buffer = framebuffer.offscreen;
--
-+
- if (!buffer)
- {
- grub_dprintf ("video", "GOP: couldn't allocate shadow\n");
-@@ -485,11 +485,11 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- &framebuffer.mode_info);
- buffer = framebuffer.ptr;
- }
--
-+
- grub_dprintf ("video", "GOP: initialising FB @ %p %dx%dx%d\n",
- framebuffer.ptr, framebuffer.mode_info.width,
- framebuffer.mode_info.height, framebuffer.mode_info.bpp);
--
-+
- err = grub_video_fb_create_render_target_from_pointer
- (&framebuffer.render_target, &framebuffer.mode_info, buffer);
-
-@@ -498,15 +498,15 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- grub_dprintf ("video", "GOP: Couldn't create FB target\n");
- return err;
- }
--
-+
- err = grub_video_fb_set_active_render_target (framebuffer.render_target);
--
-+
- if (err)
- {
- grub_dprintf ("video", "GOP: Couldn't set FB target\n");
- return err;
- }
--
-+
- err = grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS,
- grub_video_fbstd_colors);
-
-@@ -514,7 +514,7 @@ grub_video_gop_setup (unsigned int width, unsigned int height,
- grub_dprintf ("video", "GOP: Couldn't set palette\n");
- else
- grub_dprintf ("video", "GOP: Success\n");
--
-+
- return err;
- }
-
-diff --git a/grub-core/video/fb/fbblit.c b/grub-core/video/fb/fbblit.c
-index d55924837..1010ef393 100644
---- a/grub-core/video/fb/fbblit.c
-+++ b/grub-core/video/fb/fbblit.c
-@@ -466,7 +466,7 @@ grub_video_fbblit_replace_24bit_indexa (struct grub_video_fbblit_info *dst,
- for (i = 0; i < width; i++)
- {
- register grub_uint32_t col;
-- if (*srcptr == 0xf0)
-+ if (*srcptr == 0xf0)
- col = palette[16];
- else
- col = palette[*srcptr & 0xf];
-@@ -478,7 +478,7 @@ grub_video_fbblit_replace_24bit_indexa (struct grub_video_fbblit_info *dst,
- *dstptr++ = col >> 0;
- *dstptr++ = col >> 8;
- *dstptr++ = col >> 16;
--#endif
-+#endif
- srcptr++;
- }
-
-@@ -651,7 +651,7 @@ grub_video_fbblit_blend_24bit_indexa (struct grub_video_fbblit_info *dst,
- for (i = 0; i < width; i++)
- {
- register grub_uint32_t col;
-- if (*srcptr != 0xf0)
-+ if (*srcptr != 0xf0)
- {
- col = palette[*srcptr & 0xf];
- #ifdef GRUB_CPU_WORDS_BIGENDIAN
-@@ -662,7 +662,7 @@ grub_video_fbblit_blend_24bit_indexa (struct grub_video_fbblit_info *dst,
- *dstptr++ = col >> 0;
- *dstptr++ = col >> 8;
- *dstptr++ = col >> 16;
--#endif
-+#endif
- }
- else
- dstptr += 3;
-diff --git a/grub-core/video/fb/video_fb.c b/grub-core/video/fb/video_fb.c
-index ae6b89f9a..fa4ebde26 100644
---- a/grub-core/video/fb/video_fb.c
-+++ b/grub-core/video/fb/video_fb.c
-@@ -754,7 +754,7 @@ grub_video_fb_unmap_color_int (struct grub_video_fbblit_info * source,
- *alpha = 0;
- return;
- }
--
-+
- /* If we have an out-of-bounds color, return transparent black. */
- if (color > 255)
- {
-@@ -1141,7 +1141,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy)
- /* If everything is aligned on 32-bit use 32-bit copy. */
- if ((grub_addr_t) grub_video_fb_get_video_ptr (&target, src_x, src_y)
- % sizeof (grub_uint32_t) == 0
-- && (grub_addr_t) grub_video_fb_get_video_ptr (&target, dst_x, dst_y)
-+ && (grub_addr_t) grub_video_fb_get_video_ptr (&target, dst_x, dst_y)
- % sizeof (grub_uint32_t) == 0
- && linelen % sizeof (grub_uint32_t) == 0
- && linedelta % sizeof (grub_uint32_t) == 0)
-@@ -1155,7 +1155,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy)
- else if ((grub_addr_t) grub_video_fb_get_video_ptr (&target, src_x, src_y)
- % sizeof (grub_uint16_t) == 0
- && (grub_addr_t) grub_video_fb_get_video_ptr (&target,
-- dst_x, dst_y)
-+ dst_x, dst_y)
- % sizeof (grub_uint16_t) == 0
- && linelen % sizeof (grub_uint16_t) == 0
- && linedelta % sizeof (grub_uint16_t) == 0)
-@@ -1170,7 +1170,7 @@ grub_video_fb_scroll (grub_video_color_t color, int dx, int dy)
- {
- grub_uint8_t *src, *dst;
- DO_SCROLL
-- }
-+ }
- }
-
- /* 4. Fill empty space with specified color. In this implementation
-@@ -1615,7 +1615,7 @@ grub_video_fb_setup (unsigned int mode_type, unsigned int mode_mask,
- framebuffer.render_target = framebuffer.back_target;
- return GRUB_ERR_NONE;
- }
--
-+
- mode_info->mode_type &= ~(GRUB_VIDEO_MODE_TYPE_DOUBLE_BUFFERED
- | GRUB_VIDEO_MODE_TYPE_UPDATING_SWAP);
-
-diff --git a/grub-core/video/i386/pc/vbe.c b/grub-core/video/i386/pc/vbe.c
-index b7f911926..0e65b5206 100644
---- a/grub-core/video/i386/pc/vbe.c
-+++ b/grub-core/video/i386/pc/vbe.c
-@@ -219,7 +219,7 @@ grub_vbe_disable_mtrr (int mtrr)
- }
-
- /* Call VESA BIOS 0x4f09 to set palette data, return status. */
--static grub_vbe_status_t
-+static grub_vbe_status_t
- grub_vbe_bios_set_palette_data (grub_uint32_t color_count,
- grub_uint32_t start_index,
- struct grub_vbe_palette_data *palette_data)
-@@ -237,7 +237,7 @@ grub_vbe_bios_set_palette_data (grub_uint32_t color_count,
- }
-
- /* Call VESA BIOS 0x4f00 to get VBE Controller Information, return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_controller_info (struct grub_vbe_info_block *ci)
- {
- struct grub_bios_int_registers regs;
-@@ -251,7 +251,7 @@ grub_vbe_bios_get_controller_info (struct grub_vbe_info_block *ci)
- }
-
- /* Call VESA BIOS 0x4f01 to get VBE Mode Information, return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_mode_info (grub_uint32_t mode,
- struct grub_vbe_mode_info_block *mode_info)
- {
-@@ -285,7 +285,7 @@ grub_vbe_bios_set_mode (grub_uint32_t mode,
- }
-
- /* Call VESA BIOS 0x4f03 to return current VBE Mode, return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_mode (grub_uint32_t *mode)
- {
- struct grub_bios_int_registers regs;
-@@ -298,7 +298,7 @@ grub_vbe_bios_get_mode (grub_uint32_t *mode)
- return regs.eax & 0xffff;
- }
-
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_getset_dac_palette_width (int set, int *dac_mask_size)
- {
- struct grub_bios_int_registers regs;
-@@ -346,7 +346,7 @@ grub_vbe_bios_get_memory_window (grub_uint32_t window,
- }
-
- /* Call VESA BIOS 0x4f06 to set scanline length (in bytes), return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_set_scanline_length (grub_uint32_t length)
- {
- struct grub_bios_int_registers regs;
-@@ -354,14 +354,14 @@ grub_vbe_bios_set_scanline_length (grub_uint32_t length)
- regs.ecx = length;
- regs.eax = 0x4f06;
- /* BL = 2, Set Scan Line in Bytes. */
-- regs.ebx = 0x0002;
-+ regs.ebx = 0x0002;
- regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
- grub_bios_interrupt (0x10, ®s);
- return regs.eax & 0xffff;
- }
-
- /* Call VESA BIOS 0x4f06 to return scanline length (in bytes), return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_scanline_length (grub_uint32_t *length)
- {
- struct grub_bios_int_registers regs;
-@@ -377,7 +377,7 @@ grub_vbe_bios_get_scanline_length (grub_uint32_t *length)
- }
-
- /* Call VESA BIOS 0x4f07 to set display start, return status. */
--static grub_vbe_status_t
-+static grub_vbe_status_t
- grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y)
- {
- struct grub_bios_int_registers regs;
-@@ -390,7 +390,7 @@ grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y)
- regs.edx = y;
- regs.eax = 0x4f07;
- /* BL = 80h, Set Display Start during Vertical Retrace. */
-- regs.ebx = 0x0080;
-+ regs.ebx = 0x0080;
- regs.flags = GRUB_CPU_INT_FLAGS_DEFAULT;
- grub_bios_interrupt (0x10, ®s);
-
-@@ -401,7 +401,7 @@ grub_vbe_bios_set_display_start (grub_uint32_t x, grub_uint32_t y)
- }
-
- /* Call VESA BIOS 0x4f07 to get display start, return status. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_display_start (grub_uint32_t *x,
- grub_uint32_t *y)
- {
-@@ -419,7 +419,7 @@ grub_vbe_bios_get_display_start (grub_uint32_t *x,
- }
-
- /* Call VESA BIOS 0x4f0a. */
--grub_vbe_status_t
-+grub_vbe_status_t
- grub_vbe_bios_get_pm_interface (grub_uint16_t *segment, grub_uint16_t *offset,
- grub_uint16_t *length)
- {
-@@ -896,7 +896,7 @@ vbe2videoinfo (grub_uint32_t mode,
- case GRUB_VBE_MEMORY_MODEL_YUV:
- mode_info->mode_type |= GRUB_VIDEO_MODE_TYPE_YUV;
- break;
--
-+
- case GRUB_VBE_MEMORY_MODEL_DIRECT_COLOR:
- mode_info->mode_type |= GRUB_VIDEO_MODE_TYPE_RGB;
- break;
-@@ -923,10 +923,10 @@ vbe2videoinfo (grub_uint32_t mode,
- break;
- case 8:
- mode_info->bytes_per_pixel = 1;
-- break;
-+ break;
- case 4:
- mode_info->bytes_per_pixel = 0;
-- break;
-+ break;
- }
-
- if (controller_info.version >= 0x300)
-@@ -976,7 +976,7 @@ grub_video_vbe_iterate (int (*hook) (const struct grub_video_mode_info *info, vo
-
- static grub_err_t
- grub_video_vbe_setup (unsigned int width, unsigned int height,
-- grub_video_mode_type_t mode_type,
-+ grub_video_mode_type_t mode_type,
- grub_video_mode_type_t mode_mask)
- {
- grub_uint16_t *p;
-@@ -1193,7 +1193,7 @@ grub_video_vbe_print_adapter_specific_info (void)
- controller_info.version & 0xFF,
- controller_info.oem_software_rev >> 8,
- controller_info.oem_software_rev & 0xFF);
--
-+
- /* The total_memory field is in 64 KiB units. */
- grub_printf_ (N_(" total memory: %d KiB\n"),
- (controller_info.total_memory << 6));
-diff --git a/grub-core/video/i386/pc/vga.c b/grub-core/video/i386/pc/vga.c
-index b2f776c99..50d0b5e02 100644
---- a/grub-core/video/i386/pc/vga.c
-+++ b/grub-core/video/i386/pc/vga.c
-@@ -48,7 +48,7 @@ static struct
- int back_page;
- } framebuffer;
-
--static unsigned char
-+static unsigned char
- grub_vga_set_mode (unsigned char mode)
- {
- struct grub_bios_int_registers regs;
-@@ -182,10 +182,10 @@ grub_video_vga_setup (unsigned int width, unsigned int height,
-
- is_target = 1;
- err = grub_video_fb_set_active_render_target (framebuffer.render_target);
--
-+
- if (err)
- return err;
--
-+
- err = grub_video_fb_set_palette (0, GRUB_VIDEO_FBSTD_NUMCOLORS,
- grub_video_fbstd_colors);
-
-diff --git a/grub-core/video/ieee1275.c b/grub-core/video/ieee1275.c
-index f437fb0df..ca3d3c3b2 100644
---- a/grub-core/video/ieee1275.c
-+++ b/grub-core/video/ieee1275.c
-@@ -233,7 +233,7 @@ grub_video_ieee1275_setup (unsigned int width, unsigned int height,
- /* TODO. */
- return grub_error (GRUB_ERR_IO, "can't set mode %dx%d", width, height);
- }
--
-+
- err = grub_video_ieee1275_fill_mode_info (dev, &framebuffer.mode_info);
- if (err)
- {
-@@ -260,7 +260,7 @@ grub_video_ieee1275_setup (unsigned int width, unsigned int height,
-
- grub_video_ieee1275_set_palette (0, framebuffer.mode_info.number_of_colors,
- grub_video_fbstd_colors);
--
-+
- return err;
- }
-
-diff --git a/grub-core/video/radeon_fuloong2e.c b/grub-core/video/radeon_fuloong2e.c
-index b4da34b5e..40917acb7 100644
---- a/grub-core/video/radeon_fuloong2e.c
-+++ b/grub-core/video/radeon_fuloong2e.c
-@@ -75,7 +75,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data)
- if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA
- || pciid != 0x515a1002)
- return 0;
--
-+
- *found = 1;
-
- addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0);
-@@ -139,7 +139,7 @@ grub_video_radeon_fuloong2e_setup (unsigned int width, unsigned int height,
- framebuffer.mapped = 1;
-
- /* Prevent garbage from appearing on the screen. */
-- grub_memset (framebuffer.ptr, 0x55,
-+ grub_memset (framebuffer.ptr, 0x55,
- framebuffer.mode_info.height * framebuffer.mode_info.pitch);
-
- #ifndef TEST
-@@ -152,7 +152,7 @@ grub_video_radeon_fuloong2e_setup (unsigned int width, unsigned int height,
- return err;
-
- err = grub_video_fb_set_active_render_target (framebuffer.render_target);
--
-+
- if (err)
- return err;
-
-diff --git a/grub-core/video/radeon_yeeloong3a.c b/grub-core/video/radeon_yeeloong3a.c
-index 52614feb6..48631c181 100644
---- a/grub-core/video/radeon_yeeloong3a.c
-+++ b/grub-core/video/radeon_yeeloong3a.c
-@@ -74,7 +74,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data)
- if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA
- || pciid != 0x96151002)
- return 0;
--
-+
- *found = 1;
-
- addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0);
-@@ -137,7 +137,7 @@ grub_video_radeon_yeeloong3a_setup (unsigned int width, unsigned int height,
- #endif
-
- /* Prevent garbage from appearing on the screen. */
-- grub_memset (framebuffer.ptr, 0,
-+ grub_memset (framebuffer.ptr, 0,
- framebuffer.mode_info.height * framebuffer.mode_info.pitch);
-
- #ifndef TEST
-@@ -150,7 +150,7 @@ grub_video_radeon_yeeloong3a_setup (unsigned int width, unsigned int height,
- return err;
-
- err = grub_video_fb_set_active_render_target (framebuffer.render_target);
--
-+
- if (err)
- return err;
-
-diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c
-index 0157ff742..54dfedf43 100644
---- a/grub-core/video/readers/png.c
-+++ b/grub-core/video/readers/png.c
-@@ -916,7 +916,7 @@ grub_png_convert_image (struct grub_png_data *data)
- }
- return;
- }
--
-+
- if (data->is_gray)
- {
- switch (data->bpp)
-diff --git a/grub-core/video/readers/tga.c b/grub-core/video/readers/tga.c
-index 7cb9d1d2a..a9ec3a1b6 100644
---- a/grub-core/video/readers/tga.c
-+++ b/grub-core/video/readers/tga.c
-@@ -127,7 +127,7 @@ tga_load_palette (struct tga_data *data)
-
- if (len > sizeof (data->palette))
- len = sizeof (data->palette);
--
-+
- if (grub_file_read (data->file, &data->palette, len)
- != (grub_ssize_t) len)
- return grub_errno;
-diff --git a/grub-core/video/sis315_init.c b/grub-core/video/sis315_init.c
-index ae5c1419c..09c3c7bbe 100644
---- a/grub-core/video/sis315_init.c
-+++ b/grub-core/video/sis315_init.c
-@@ -1,4 +1,4 @@
--static const struct { grub_uint8_t reg; grub_uint8_t val; } sr_dump [] =
-+static const struct { grub_uint8_t reg; grub_uint8_t val; } sr_dump [] =
- {
- { 0x28, 0x81 },
- { 0x2a, 0x00 },
-diff --git a/grub-core/video/sis315pro.c b/grub-core/video/sis315pro.c
-index 22a0c85a6..4d2f9999a 100644
---- a/grub-core/video/sis315pro.c
-+++ b/grub-core/video/sis315pro.c
-@@ -103,7 +103,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data)
- if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA
- || pciid != GRUB_SIS315PRO_PCIID)
- return 0;
--
-+
- *found = 1;
-
- addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0);
-@@ -218,7 +218,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height,
-
- #ifndef TEST
- /* Prevent garbage from appearing on the screen. */
-- grub_memset (framebuffer.ptr, 0,
-+ grub_memset (framebuffer.ptr, 0,
- framebuffer.mode_info.height * framebuffer.mode_info.pitch);
- grub_arch_sync_dma_caches (framebuffer.ptr,
- framebuffer.mode_info.height
-@@ -231,7 +231,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height,
- | GRUB_VGA_IO_MISC_EXTERNAL_CLOCK_0
- | GRUB_VGA_IO_MISC_28MHZ
- | GRUB_VGA_IO_MISC_ENABLE_VRAM_ACCESS
-- | GRUB_VGA_IO_MISC_COLOR,
-+ | GRUB_VGA_IO_MISC_COLOR,
- GRUB_VGA_IO_MISC_WRITE + GRUB_MACHINE_PCI_IO_BASE);
-
- grub_vga_sr_write (0x86, 5);
-@@ -335,7 +335,7 @@ grub_video_sis315pro_setup (unsigned int width, unsigned int height,
- {
- if (read_sis_cmd (0x5) != 0xa1)
- write_sis_cmd (0x86, 0x5);
--
-+
- write_sis_cmd (read_sis_cmd (0x20) | 0xa1, 0x20);
- write_sis_cmd (read_sis_cmd (0x1e) | 0xda, 0x1e);
-
-diff --git a/grub-core/video/sm712.c b/grub-core/video/sm712.c
-index 10c46eb65..65f59f84b 100644
---- a/grub-core/video/sm712.c
-+++ b/grub-core/video/sm712.c
-@@ -167,7 +167,7 @@ enum
- GRUB_SM712_CR_SHADOW_VGA_VBLANK_START = 0x46,
- GRUB_SM712_CR_SHADOW_VGA_VBLANK_END = 0x47,
- GRUB_SM712_CR_SHADOW_VGA_VRETRACE_START = 0x48,
-- GRUB_SM712_CR_SHADOW_VGA_VRETRACE_END = 0x49,
-+ GRUB_SM712_CR_SHADOW_VGA_VRETRACE_END = 0x49,
- GRUB_SM712_CR_SHADOW_VGA_OVERFLOW = 0x4a,
- GRUB_SM712_CR_SHADOW_VGA_CELL_HEIGHT = 0x4b,
- GRUB_SM712_CR_SHADOW_VGA_HDISPLAY_END = 0x4c,
-@@ -375,7 +375,7 @@ find_card (grub_pci_device_t dev, grub_pci_id_t pciid, void *data)
- if (((class >> 16) & 0xffff) != GRUB_PCI_CLASS_SUBCLASS_VGA
- || pciid != GRUB_SM712_PCIID)
- return 0;
--
-+
- *found = 1;
-
- addr = grub_pci_make_address (dev, GRUB_PCI_REG_ADDRESS_REG0);
-@@ -471,7 +471,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height,
-
- #if !defined (TEST) && !defined(GENINIT)
- /* Prevent garbage from appearing on the screen. */
-- grub_memset ((void *) framebuffer.cached_ptr, 0,
-+ grub_memset ((void *) framebuffer.cached_ptr, 0,
- framebuffer.mode_info.height * framebuffer.mode_info.pitch);
- #endif
-
-@@ -482,7 +482,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height,
- grub_sm712_sr_write (0x2, 0x6b);
- grub_sm712_write_reg (0, GRUB_VGA_IO_PIXEL_MASK);
- grub_sm712_sr_write (GRUB_VGA_SR_RESET_ASYNC, GRUB_VGA_SR_RESET);
-- grub_sm712_write_reg (GRUB_VGA_IO_MISC_NEGATIVE_VERT_POLARITY
-+ grub_sm712_write_reg (GRUB_VGA_IO_MISC_NEGATIVE_VERT_POLARITY
- | GRUB_VGA_IO_MISC_NEGATIVE_HORIZ_POLARITY
- | GRUB_VGA_IO_MISC_UPPER_64K
- | GRUB_VGA_IO_MISC_EXTERNAL_CLOCK_0
-@@ -694,7 +694,7 @@ grub_video_sm712_setup (unsigned int width, unsigned int height,
- for (i = 0; i < ARRAY_SIZE (dda_lookups); i++)
- grub_sm712_write_dda_lookup (i, dda_lookups[i].compare, dda_lookups[i].dda,
- dda_lookups[i].vcentering);
--
-+
- /* Undocumented */
- grub_sm712_cr_write (0, 0x9c);
- grub_sm712_cr_write (0, 0x9d);
-diff --git a/grub-core/video/video.c b/grub-core/video/video.c
-index 983424107..8937da745 100644
---- a/grub-core/video/video.c
-+++ b/grub-core/video/video.c
-@@ -491,13 +491,13 @@ parse_modespec (const char *current_mode, int *width, int *height, int *depth)
- current_mode);
-
- param++;
--
-+
- *width = grub_strtoul (value, 0, 0);
- if (grub_errno != GRUB_ERR_NONE)
- return grub_error (GRUB_ERR_BAD_ARGUMENT,
- N_("invalid video mode specification `%s'"),
- current_mode);
--
-+
- /* Find height value. */
- value = param;
- param = grub_strchr(param, 'x');
-@@ -513,13 +513,13 @@ parse_modespec (const char *current_mode, int *width, int *height, int *depth)
- {
- /* We have optional color depth value. */
- param++;
--
-+
- *height = grub_strtoul (value, 0, 0);
- if (grub_errno != GRUB_ERR_NONE)
- return grub_error (GRUB_ERR_BAD_ARGUMENT,
- N_("invalid video mode specification `%s'"),
- current_mode);
--
-+
- /* Convert color depth value. */
- value = param;
- *depth = grub_strtoul (value, 0, 0);
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
deleted file mode 100644
index 0c7deae..0000000
--- a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
+++ /dev/null
@@ -1,264 +0,0 @@
-From d5caac8ab79d068ad9a41030c772d03a4d4fbd7b Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Mon, 28 Jun 2021 14:16:14 +1000
-Subject: [PATCH] video/readers/jpeg: Abort sooner if a read operation fails
-
-Fuzzing revealed some inputs that were taking a long time, potentially
-forever, because they did not bail quickly upon encountering an I/O error.
-
-Try to catch I/O errors sooner and bail out.
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=d5caac8ab79d068ad9a41030c772d03a4d4fbd7b
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/readers/jpeg.c | 86 +++++++++++++++++++++++++++-------
- 1 file changed, 70 insertions(+), 16 deletions(-)
-
-diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c
-index c47ffd651..806c56c78 100644
---- a/grub-core/video/readers/jpeg.c
-+++ b/grub-core/video/readers/jpeg.c
-@@ -109,9 +109,17 @@ static grub_uint8_t
- grub_jpeg_get_byte (struct grub_jpeg_data *data)
- {
- grub_uint8_t r;
-+ grub_ssize_t bytes_read;
-
- r = 0;
-- grub_file_read (data->file, &r, 1);
-+ bytes_read = grub_file_read (data->file, &r, 1);
-+
-+ if (bytes_read != 1)
-+ {
-+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: unexpected end of data");
-+ return 0;
-+ }
-
- return r;
- }
-@@ -120,9 +128,17 @@ static grub_uint16_t
- grub_jpeg_get_word (struct grub_jpeg_data *data)
- {
- grub_uint16_t r;
-+ grub_ssize_t bytes_read;
-
- r = 0;
-- grub_file_read (data->file, &r, sizeof (grub_uint16_t));
-+ bytes_read = grub_file_read (data->file, &r, sizeof (grub_uint16_t));
-+
-+ if (bytes_read != sizeof (grub_uint16_t))
-+ {
-+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: unexpected end of data");
-+ return 0;
-+ }
-
- return grub_be_to_cpu16 (r);
- }
-@@ -135,6 +151,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data)
- if (data->bit_mask == 0)
- {
- data->bit_save = grub_jpeg_get_byte (data);
-+ if (grub_errno != GRUB_ERR_NONE) {
-+ grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: file read error");
-+ return 0;
-+ }
- if (data->bit_save == JPEG_ESC_CHAR)
- {
- if (grub_jpeg_get_byte (data) != 0)
-@@ -143,6 +164,11 @@ grub_jpeg_get_bit (struct grub_jpeg_data *data)
- "jpeg: invalid 0xFF in data stream");
- return 0;
- }
-+ if (grub_errno != GRUB_ERR_NONE)
-+ {
-+ grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: file read error");
-+ return 0;
-+ }
- }
- data->bit_mask = 0x80;
- }
-@@ -161,7 +187,7 @@ grub_jpeg_get_number (struct grub_jpeg_data *data, int num)
- return 0;
-
- msb = value = grub_jpeg_get_bit (data);
-- for (i = 1; i < num; i++)
-+ for (i = 1; i < num && grub_errno == GRUB_ERR_NONE; i++)
- value = (value << 1) + (grub_jpeg_get_bit (data) != 0);
- if (!msb)
- value += 1 - (1 << num);
-@@ -208,6 +234,8 @@ grub_jpeg_decode_huff_table (struct grub_jpeg_data *data)
- while (data->file->offset + sizeof (count) + 1 <= next_marker)
- {
- id = grub_jpeg_get_byte (data);
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- ac = (id >> 4) & 1;
- id &= 0xF;
- if (id > 1)
-@@ -258,6 +286,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data)
-
- next_marker = data->file->offset;
- next_marker += grub_jpeg_get_word (data);
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
-
- if (next_marker > data->file->size)
- {
-@@ -269,6 +299,8 @@ grub_jpeg_decode_quan_table (struct grub_jpeg_data *data)
- <= next_marker)
- {
- id = grub_jpeg_get_byte (data);
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- if (id >= 0x10) /* Upper 4-bit is precision. */
- return grub_error (GRUB_ERR_BAD_FILE_TYPE,
- "jpeg: only 8-bit precision is supported");
-@@ -300,6 +332,9 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data)
- next_marker = data->file->offset;
- next_marker += grub_jpeg_get_word (data);
-
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
-+
- if (grub_jpeg_get_byte (data) != 8)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE,
- "jpeg: only 8-bit precision is supported");
-@@ -325,6 +360,8 @@ grub_jpeg_decode_sof (struct grub_jpeg_data *data)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index");
-
- ss = grub_jpeg_get_byte (data); /* Sampling factor. */
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- if (!id)
- {
- grub_uint8_t vs, hs;
-@@ -504,7 +541,7 @@ grub_jpeg_idct_transform (jpeg_data_unit_t du)
- }
- }
-
--static void
-+static grub_err_t
- grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du)
- {
- int h1, h2, qt;
-@@ -519,6 +556,9 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du)
- data->dc_value[id] +=
- grub_jpeg_get_number (data, grub_jpeg_get_huff_code (data, h1));
-
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
-+
- du[0] = data->dc_value[id] * (int) data->quan_table[qt][0];
- pos = 1;
- while (pos < ARRAY_SIZE (data->quan_table[qt]))
-@@ -533,11 +573,13 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du)
- num >>= 4;
- pos += num;
-
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
-+
- if (pos >= ARRAY_SIZE (jpeg_zigzag_order))
- {
-- grub_error (GRUB_ERR_BAD_FILE_TYPE,
-- "jpeg: invalid position in zigzag order!?");
-- return;
-+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: invalid position in zigzag order!?");
- }
-
- du[jpeg_zigzag_order[pos]] = val * (int) data->quan_table[qt][pos];
-@@ -545,6 +587,7 @@ grub_jpeg_decode_du (struct grub_jpeg_data *data, int id, jpeg_data_unit_t du)
- }
-
- grub_jpeg_idct_transform (du);
-+ return GRUB_ERR_NONE;
- }
-
- static void
-@@ -603,7 +646,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data)
- data_offset += grub_jpeg_get_word (data);
-
- cc = grub_jpeg_get_byte (data);
--
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- if (cc != 3 && cc != 1)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE,
- "jpeg: component count must be 1 or 3");
-@@ -616,7 +660,8 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data)
- id = grub_jpeg_get_byte (data) - 1;
- if ((id < 0) || (id >= 3))
- return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid index");
--
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- ht = grub_jpeg_get_byte (data);
- data->comp_index[id][1] = (ht >> 4);
- data->comp_index[id][2] = (ht & 0xF) + 2;
-@@ -624,11 +669,14 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data)
- if ((data->comp_index[id][1] < 0) || (data->comp_index[id][1] > 3) ||
- (data->comp_index[id][2] < 0) || (data->comp_index[id][2] > 3))
- return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: invalid hufftable index");
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- }
-
- grub_jpeg_get_byte (data); /* Skip 3 unused bytes. */
- grub_jpeg_get_word (data);
--
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
- if (data->file->offset != data_offset)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos");
-
-@@ -646,6 +694,7 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data)
- {
- unsigned c1, vb, hb, nr1, nc1;
- int rst = data->dri;
-+ grub_err_t err = GRUB_ERR_NONE;
-
- vb = 8 << data->log_vs;
- hb = 8 << data->log_hs;
-@@ -666,17 +715,22 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data)
-
- for (r2 = 0; r2 < (1U << data->log_vs); r2++)
- for (c2 = 0; c2 < (1U << data->log_hs); c2++)
-- grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]);
-+ {
-+ err = grub_jpeg_decode_du (data, 0, data->ydu[r2 * 2 + c2]);
-+ if (err != GRUB_ERR_NONE)
-+ return err;
-+ }
-
- if (data->color_components >= 3)
- {
-- grub_jpeg_decode_du (data, 1, data->cbdu);
-- grub_jpeg_decode_du (data, 2, data->crdu);
-+ err = grub_jpeg_decode_du (data, 1, data->cbdu);
-+ if (err != GRUB_ERR_NONE)
-+ return err;
-+ err = grub_jpeg_decode_du (data, 2, data->crdu);
-+ if (err != GRUB_ERR_NONE)
-+ return err;
- }
-
-- if (grub_errno)
-- return grub_errno;
--
- nr2 = (data->r1 == nr1 - 1) ? (data->image_height - data->r1 * vb) : vb;
- nc2 = (c1 == nc1 - 1) ? (data->image_width - c1 * hb) : hb;
-
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch b/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
deleted file mode 100644
index 91ecaad..0000000
--- a/poky/meta/recipes-bsp/grub/files/video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 166a4d61448f74745afe1dac2f2cfb85d04909bf Mon Sep 17 00:00:00 2001
-From: Daniel Axtens <dja@axtens.net>
-Date: Mon, 28 Jun 2021 14:25:17 +1000
-Subject: [PATCH] video/readers/jpeg: Refuse to handle multiple start of
- streams
-
-An invalid file could contain multiple start of stream blocks, which
-would cause us to reallocate and leak our bitmap. Refuse to handle
-multiple start of streams.
-
-Additionally, fix a grub_error() call formatting.
-
-Signed-off-by: Daniel Axtens <dja@axtens.net>
-Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
-
-Upstream-Status: Backport
-
-Reference to upstream patch:
-https://git.savannah.gnu.org/cgit/grub.git/commit/?id=166a4d61448f74745afe1dac2f2cfb85d04909bf
-
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
----
- grub-core/video/readers/jpeg.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/grub-core/video/readers/jpeg.c b/grub-core/video/readers/jpeg.c
-index 2284a6c06..579bbe8a4 100644
---- a/grub-core/video/readers/jpeg.c
-+++ b/grub-core/video/readers/jpeg.c
-@@ -683,6 +683,9 @@ grub_jpeg_decode_sos (struct grub_jpeg_data *data)
- if (data->file->offset != data_offset)
- return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: extra byte in sos");
-
-+ if (*data->bitmap)
-+ return grub_error (GRUB_ERR_BAD_FILE_TYPE, "jpeg: too many start of scan blocks");
-+
- if (grub_video_bitmap_create (data->bitmap, data->image_width,
- data->image_height,
- GRUB_VIDEO_BLIT_FORMAT_RGB_888))
-@@ -705,8 +708,8 @@ grub_jpeg_decode_data (struct grub_jpeg_data *data)
- nc1 = (data->image_width + hb - 1) >> (3 + data->log_hs);
-
- if (data->bitmap_ptr == NULL)
-- return grub_error(GRUB_ERR_BAD_FILE_TYPE,
-- "jpeg: attempted to decode data before start of stream");
-+ return grub_error (GRUB_ERR_BAD_FILE_TYPE,
-+ "jpeg: attempted to decode data before start of stream");
-
- for (; data->r1 < nr1 && (!data->dri || rst);
- data->r1++, data->bitmap_ptr += (vb * data->image_width - hb * nc1) * 3)
---
-2.34.1
-
diff --git a/poky/meta/recipes-bsp/grub/grub-efi_2.06.bb b/poky/meta/recipes-bsp/grub/grub-efi_2.12.bb
similarity index 100%
rename from poky/meta/recipes-bsp/grub/grub-efi_2.06.bb
rename to poky/meta/recipes-bsp/grub/grub-efi_2.12.bb
diff --git a/poky/meta/recipes-bsp/grub/grub2.inc b/poky/meta/recipes-bsp/grub/grub2.inc
index 1215b24..5685cae 100644
--- a/poky/meta/recipes-bsp/grub/grub2.inc
+++ b/poky/meta/recipes-bsp/grub/grub2.inc
@@ -18,36 +18,10 @@
file://autogen.sh-exclude-pc.patch \
file://grub-module-explicitly-keeps-symbole-.module_license.patch \
file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
- file://determinism.patch \
file://0001-RISC-V-Restore-the-typcast-to-long.patch \
- file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \
- file://0001-configure.ac-Use-_zicsr_zifencei-extentions-on-riscv.patch \
- file://video-Remove-trailing-whitespaces.patch \
- file://CVE-2021-3695-video-readers-png-Drop-greyscale-support-to-fix-heap.patch \
- file://CVE-2021-3696-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff.patch \
- file://video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch \
- file://video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch \
- file://CVE-2021-3697-video-readers-jpeg-Block-int-underflow-wild-pointer.patch \
- file://CVE-2022-28733-net-ip-Do-IP-fragment-maths-safely.patch \
- file://CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch \
- file://CVE-2022-28734-net-http-Error-out-on-headers-with-LF-without-CR.patch \
- file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \
- file://0001-configure-Remove-obsoleted-malign-jumps-loops-functi.patch \
- file://0002-configure-Check-for-falign-jumps-1-beside-falign-loo.patch \
- file://loader-efi-chainloader-Simplify-the-loader-state.patch \
- file://commands-boot-Add-API-to-pass-context-to-loader.patch \
- file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch\
- file://0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch \
- file://CVE-2022-2601.patch \
- file://CVE-2022-3775.patch \
- file://0001-risc-v-Handle-R_RISCV_CALL_PLT-reloc.patch \
- file://0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch \
- file://CVE-2023-4692.patch \
- file://CVE-2023-4693.patch \
- file://0001-fs-fat-Don-t-error-when-mtime-is-0.patch \
"
-SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f"
+SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91"
CVE_STATUS[CVE-2019-14865] = "not-applicable-platform: applies only to RHEL"
CVE_STATUS[CVE-2021-46705] = "not-applicable-platform: Applies only to SUSE"
@@ -101,6 +75,11 @@
do_configure:prepend() {
cd ${S}
+
+ # Remove in next version.
+ # See: https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b835601c7639ed1890f2d3db91900a8506011a8e
+ echo "depends bli part_gpt" > ${S}/grub-core/extra_deps.lst
+
FROM_BOOTSTRAP=1 ${S}/autogen.sh
cd ${B}
}
diff --git a/poky/meta/recipes-bsp/grub/grub_2.06.bb b/poky/meta/recipes-bsp/grub/grub_2.12.bb
similarity index 100%
rename from poky/meta/recipes-bsp/grub/grub_2.06.bb
rename to poky/meta/recipes-bsp/grub/grub_2.12.bb
diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_1.3.bb b/poky/meta/recipes-bsp/opensbi/opensbi_1.4.bb
similarity index 89%
rename from poky/meta/recipes-bsp/opensbi/opensbi_1.3.bb
rename to poky/meta/recipes-bsp/opensbi/opensbi_1.4.bb
index f01cae3..fd18c03 100644
--- a/poky/meta/recipes-bsp/opensbi/opensbi_1.3.bb
+++ b/poky/meta/recipes-bsp/opensbi/opensbi_1.4.bb
@@ -8,12 +8,12 @@
inherit autotools-brokensep deploy
-SRCREV = "057eb10b6d523540012e6947d5c9f63e95244e94"
-SRC_URI = "git://github.com/riscv/opensbi.git;branch=release-1.3.x;protocol=https"
+SRCREV = "a2b255b88918715173942f2c5e1f97ac9e90c877"
+SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https"
S = "${WORKDIR}/git"
-EXTRA_OEMAKE += "PLATFORM=${RISCV_SBI_PLAT} I=${D} FW_PIC=n CLANG_TARGET= "
+EXTRA_OEMAKE += "PLATFORM=${RISCV_SBI_PLAT} I=${D} FW_PIC=y CLANG_TARGET= "
# If RISCV_SBI_PAYLOAD is set then include it as a payload
EXTRA_OEMAKE:append = " ${@riscv_get_extra_oemake_image(d)}"
EXTRA_OEMAKE:append = " ${@riscv_get_extra_oemake_fdt(d)}"
@@ -43,5 +43,3 @@
COMPATIBLE_HOST = "(riscv64|riscv32).*"
INHIBIT_PACKAGE_STRIP = "1"
-
-SECURITY_CFLAGS = ""
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch
index 3546c7c..b1e93db 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch
@@ -1,4 +1,4 @@
-From e8808a2f5e17d375411c7409eaffb17e72f65022 Mon Sep 17 00:00:00 2001
+From fb583a57f9f4ab956a09e9bb96d89aa13553bf21 Mon Sep 17 00:00:00 2001
From: Mingli Yu <Mingli.Yu@windriver.com>
Date: Fri, 24 Aug 2018 12:04:03 +0800
Subject: [PATCH] test-gatt: Fix hung issue
@@ -27,10 +27,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/unit/test-gatt.c b/unit/test-gatt.c
-index f92d860..a5f7117 100644
+index 5e06d4e..4864d36 100644
--- a/unit/test-gatt.c
+++ b/unit/test-gatt.c
-@@ -4479,7 +4479,7 @@ int main(int argc, char *argv[])
+@@ -4546,7 +4546,7 @@ int main(int argc, char *argv[])
test_server, service_db_1, NULL,
raw_pdu(0x03, 0x00, 0x02),
raw_pdu(0xbf, 0x00),
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch
index be05093..881494a 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch
@@ -1,4 +1,4 @@
-From 3724958858b0ee430f37fb83388c3737d2039a3a Mon Sep 17 00:00:00 2001
+From 738e73b386352fd90f1f26cc1ee75427cf4dc23b Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Fri, 1 Apr 2016 17:07:34 +0300
Subject: [PATCH] tests: add a target for building tests without running them
@@ -11,7 +11,7 @@
1 file changed, 3 insertions(+)
diff --git a/Makefile.am b/Makefile.am
-index e7221bd..9595fd1 100644
+index e738eb3..dab17dd 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -710,6 +710,9 @@ endif
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0004-src-shared-util.c-include-linux-limits.h.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0004-src-shared-util.c-include-linux-limits.h.patch
index 6ef1353..516d859 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5/0004-src-shared-util.c-include-linux-limits.h.patch
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0004-src-shared-util.c-include-linux-limits.h.patch
@@ -1,4 +1,4 @@
-From ad069fadfcce2cf70f45b1c4a42665448675297e Mon Sep 17 00:00:00 2001
+From b53df61b41088b68c127ac76cc71683ac3453b9d Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex@linutronix.de>
Date: Mon, 12 Dec 2022 13:10:19 +0100
Subject: [PATCH] src/shared/util.c: include linux/limits.h
@@ -14,7 +14,7 @@
1 file changed, 1 insertion(+)
diff --git a/src/shared/util.c b/src/shared/util.c
-index 34491f4..412f3ad 100644
+index c0c2c4a..036dc0d 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -23,6 +23,7 @@
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.71.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.72.bb
similarity index 94%
rename from poky/meta/recipes-connectivity/bluez5/bluez5_5.71.bb
rename to poky/meta/recipes-connectivity/bluez5/bluez5_5.72.bb
index b9bc3dd..9fda960 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.71.bb
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.72.bb
@@ -1,6 +1,6 @@
require bluez5.inc
-SRC_URI[sha256sum] = "b828d418c93ced1f55b616fb5482cf01537440bfb34fbda1a564f3ece94735d8"
+SRC_URI[sha256sum] = "499d7fa345a996c1bb650f5c6749e1d929111fa6ece0be0e98687fee6124536e"
CVE_STATUS[CVE-2020-24490] = "cpe-incorrect: This issue has kernel fixes rather than bluez fixes"
diff --git a/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch b/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch
new file mode 100644
index 0000000..e6c84be
--- /dev/null
+++ b/poky/meta/recipes-core/coreutils/coreutils/0001-posixtm-pacify-clang-18.patch
@@ -0,0 +1,38 @@
+From 67c298c36f69b6906840b7584be06b7b5f33f829 Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Tue, 16 Jan 2024 17:21:08 -0800
+Subject: [PATCH] posixtm: pacify clang 18
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Problem reported by Khem Raj in:
+https://lists.gnu.org/r/bug-gnulib/2024-01/msg00045.html
+* lib/posixtm.c (posixtime): Pacify clang 18 by converting bool to int.
+Arguably this is a bug in draft C2x, since the non-pointer args to
+ckd_add should promote just like any other expressions do;
+but that’s not clang’s fault.
+
+Upstream-Status: Submitted [https://lists.gnu.org/archive/html/bug-gnulib/2024-01/msg00046.html]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ ChangeLog | 10 ++++++++++
+ lib/posixtm.c | 2 +-
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/lib/posixtm.c b/lib/posixtm.c
+index ef9f55f873..a072c7cad0 100644
+--- a/lib/posixtm.c
++++ b/lib/posixtm.c
+@@ -191,7 +191,7 @@ posixtime (time_t *p, const char *s, unsigned int syntax_bits)
+ | (tm0.tm_min ^ tm1.tm_min)
+ | (tm0.tm_sec ^ tm1.tm_sec)))
+ {
+- if (ckd_add (&t, t, leapsec))
++ if (ckd_add (&t, t, +leapsec))
+ return false;
+ *p = t;
+ return true;
+--
+2.43.0
+
diff --git a/poky/meta/recipes-core/coreutils/coreutils_9.4.bb b/poky/meta/recipes-core/coreutils/coreutils_9.4.bb
index 367b011..a79cabd 100644
--- a/poky/meta/recipes-core/coreutils/coreutils_9.4.bb
+++ b/poky/meta/recipes-core/coreutils/coreutils_9.4.bb
@@ -16,6 +16,7 @@
SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
file://remove-usr-local-lib-from-m4.patch \
file://0001-local.mk-fix-cross-compiling-problem.patch \
+ file://0001-posixtm-pacify-clang-18.patch \
file://run-ptest \
"
SRC_URI[sha256sum] = "ea613a4cf44612326e917201bbbcdfbd301de21ffc3b59b6e5c07e040b275e52"
diff --git a/poky/meta/recipes-core/glibc/glibc_2.38.bb b/poky/meta/recipes-core/glibc/glibc_2.38.bb
index 32ccb88..417f0c8 100644
--- a/poky/meta/recipes-core/glibc/glibc_2.38.bb
+++ b/poky/meta/recipes-core/glibc/glibc_2.38.bb
@@ -83,7 +83,6 @@
EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}"
-EXTRA_OECONF:append:x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}"
EXTRA_OECONF:append:x86-64 = " --enable-cet"
PACKAGECONFIG ??= "nscd memory-tagging"
diff --git a/poky/meta/recipes-core/newlib/libgloss_4.3.0.bb b/poky/meta/recipes-core/newlib/libgloss_git.bb
similarity index 100%
rename from poky/meta/recipes-core/newlib/libgloss_4.3.0.bb
rename to poky/meta/recipes-core/newlib/libgloss_git.bb
diff --git a/poky/meta/recipes-core/newlib/newlib.inc b/poky/meta/recipes-core/newlib/newlib.inc
index da753f1..6113f5e 100644
--- a/poky/meta/recipes-core/newlib/newlib.inc
+++ b/poky/meta/recipes-core/newlib/newlib.inc
@@ -3,21 +3,21 @@
DESCRIPTION = "C library intended for use on embedded systems. It is a conglomeration of several library parts, all under free software licenses that make them easily usable on embedded products."
SECTION = "libs"
-LICENSE = "GPL-2.0-only & LGPL-3.0-only & GPL-3.0-only & LGPL-2.0-only & BSD-2-Clause & BSD-3-Clause & TCL"
+LICENSE = "GPL-2.0-only & LGPL-3.0-only & GPL-3.0-only & LGPL-2.0-only & BSD-2-Clause & BSD-3-Clause & TCL & Apache-2.0-with-LLVM-exception"
LIC_FILES_CHKSUM = " \
file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \
file://COPYING3.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \
file://COPYING3;md5=d32239bcb673463ab874e80d47fae504 \
file://COPYING.LIBGLOSS;md5=c0469b6ebb847a75781066be515f032d \
file://COPYING.LIB;md5=2d5025d4aa3495befef8f17206a5b0a1 \
- file://COPYING.NEWLIB;md5=5a9d477b5f4eab20dccf655a77107a6e \
+ file://COPYING.NEWLIB;md5=4f1a15846ffee91e352418563e1bce27 \
file://newlib/libc/posix/COPYRIGHT;md5=103468ff1982be840fdf4ee9f8b51bbf \
"
-BASEVER = "4.3.0"
+BASEVER = "4.4.0"
PV = "${BASEVER}+git"
SRC_URI = "git://sourceware.org/git/newlib-cygwin.git;protocol=https;branch=main"
-SRCREV="9e09d6ed83cce4777a5950412647ccc603040409"
+SRCREV="ad11e2587f83d61357a32c61c36d72ea4f39315e"
INHIBIT_DEFAULT_DEPS = "1"
DEPENDS = "virtual/${TARGET_PREFIX}gcc"
diff --git a/poky/meta/recipes-core/systemd/systemd-boot_254.4.bb b/poky/meta/recipes-core/systemd/systemd-boot_255.1.bb
similarity index 94%
rename from poky/meta/recipes-core/systemd/systemd-boot_254.4.bb
rename to poky/meta/recipes-core/systemd/systemd-boot_255.1.bb
index 2b43ccf..4ee25ee 100644
--- a/poky/meta/recipes-core/systemd/systemd-boot_254.4.bb
+++ b/poky/meta/recipes-core/systemd/systemd-boot_255.1.bb
@@ -8,10 +8,6 @@
inherit meson pkgconfig gettext
inherit deploy
-SRC_URI += " \
- file://0030-meson-Pass-all-static-pie-args-to-linker.patch \
- "
-
LDFLAGS:prepend = "${@ " ".join(d.getVar('LD').split()[1:])} "
EFI_LD = "bfd"
diff --git a/poky/meta/recipes-core/systemd/systemd.inc b/poky/meta/recipes-core/systemd/systemd.inc
index ccc3236..1417e01 100644
--- a/poky/meta/recipes-core/systemd/systemd.inc
+++ b/poky/meta/recipes-core/systemd/systemd.inc
@@ -15,8 +15,8 @@
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
-SRCREV = "2e7504449a51fb38db9cd2da391c6434f82def51"
-SRCBRANCH = "v254-stable"
+SRCREV = "2018ccef6645ce00c784369a22dc4e98f6d7061d"
+SRCBRANCH = "v255-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}"
S = "${WORKDIR}/git"
diff --git a/poky/meta/recipes-core/systemd/systemd/0009-missing_type.h-add-comparison_fn_t.patch b/poky/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch
similarity index 89%
rename from poky/meta/recipes-core/systemd/systemd/0009-missing_type.h-add-comparison_fn_t.patch
rename to poky/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch
index e50b47a..2aa5dee 100644
--- a/poky/meta/recipes-core/systemd/systemd/0009-missing_type.h-add-comparison_fn_t.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch
@@ -1,7 +1,7 @@
-From 542f999a846dfd49d9373d30fffb2a44168d7b5e Mon Sep 17 00:00:00 2001
+From 01195eb9f7d59139fb45df506ac6b3968c14a57f Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 13:55:12 +0800
-Subject: [PATCH] missing_type.h: add comparison_fn_t
+Subject: [PATCH 01/22] missing_type.h: add comparison_fn_t
Make it work with musl where comparison_fn_t and is not provided.
@@ -33,7 +33,7 @@
+typedef int (*comparison_fn_t)(const void *, const void *);
+#endif
diff --git a/src/basic/sort-util.h b/src/basic/sort-util.h
-index f0bf246aa3..33669c7a75 100644
+index 9c818bd747..ef10c8be2c 100644
--- a/src/basic/sort-util.h
+++ b/src/basic/sort-util.h
@@ -4,6 +4,7 @@
@@ -45,7 +45,7 @@
/* This is the same as glibc's internal __compar_d_fn_t type. glibc exports a public comparison_fn_t, for the
* external type __compar_fn_t, but doesn't do anything similar for __compar_d_fn_t. Let's hence do that
diff --git a/src/libsystemd/sd-journal/catalog.c b/src/libsystemd/sd-journal/catalog.c
-index 7527abf636..f33383e57f 100644
+index ae91534198..7f67eea38b 100644
--- a/src/libsystemd/sd-journal/catalog.c
+++ b/src/libsystemd/sd-journal/catalog.c
@@ -28,6 +28,7 @@
@@ -57,5 +57,5 @@
const char * const catalog_file_dirs[] = {
"/usr/local/lib/systemd/catalog/",
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch b/poky/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch
similarity index 93%
rename from poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch
rename to poky/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch
index 4143ab4..900a931 100644
--- a/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch
@@ -1,7 +1,7 @@
-From 383e85e15f16a46aac925aa439b8b60f58b40aa6 Mon Sep 17 00:00:00 2001
+From 872b72739e62123867ce6c4f82aa37de24cc3f75 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Sat, 22 May 2021 20:26:24 +0200
-Subject: [PATCH] add fallback parse_printf_format implementation
+Subject: [PATCH 02/22] add fallback parse_printf_format implementation
Upstream-Status: Inappropriate [musl specific]
@@ -21,9 +21,11 @@
create mode 100644 src/basic/parse-printf-format.c
create mode 100644 src/basic/parse-printf-format.h
+diff --git a/meson.build b/meson.build
+index 7419e2b0b0..01fd3ffc19 100644
--- a/meson.build
+++ b/meson.build
-@@ -781,6 +781,7 @@ endif
+@@ -725,6 +725,7 @@ endif
foreach header : ['crypt.h',
'linux/memfd.h',
'linux/vm_sockets.h',
@@ -31,9 +33,11 @@
'sys/auxv.h',
'threads.h',
'valgrind/memcheck.h',
+diff --git a/src/basic/meson.build b/src/basic/meson.build
+index d7450d8b44..c3e3daf4bd 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
-@@ -179,6 +179,11 @@ endforeach
+@@ -183,6 +183,11 @@ endforeach
basic_sources += generated_gperf_headers
@@ -45,6 +49,9 @@
############################################################
arch_list = [
+diff --git a/src/basic/parse-printf-format.c b/src/basic/parse-printf-format.c
+new file mode 100644
+index 0000000000..49437e5445
--- /dev/null
+++ b/src/basic/parse-printf-format.c
@@ -0,0 +1,273 @@
@@ -321,6 +328,9 @@
+
+ return last;
+}
+diff --git a/src/basic/parse-printf-format.h b/src/basic/parse-printf-format.h
+new file mode 100644
+index 0000000000..47be7522d7
--- /dev/null
+++ b/src/basic/parse-printf-format.h
@@ -0,0 +1,57 @@
@@ -381,6 +391,8 @@
+size_t parse_printf_format(const char *fmt, size_t n, int *types);
+
+#endif /* HAVE_PRINTF_H */
+diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h
+index 4e93ac90c9..f9deb6f662 100644
--- a/src/basic/stdio-util.h
+++ b/src/basic/stdio-util.h
@@ -1,12 +1,12 @@
@@ -397,6 +409,8 @@
_printf_(3, 4)
static inline char *snprintf_ok(char *buf, size_t len, const char *format, ...) {
+diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
+index be23b2fe75..69a2eb6404 100644
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
@@ -2,7 +2,6 @@
@@ -407,7 +421,7 @@
#include <stddef.h>
#include <sys/un.h>
#include <unistd.h>
-@@ -27,6 +26,7 @@
+@@ -28,6 +27,7 @@
#include "stdio-util.h"
#include "string-util.h"
#include "tmpfile-util.h"
@@ -415,3 +429,6 @@
#define SNDBUF_SIZE (8*1024*1024)
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch b/poky/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch
index 085f1e9..be231cf 100644
--- a/poky/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch
@@ -1,8 +1,8 @@
-From ca7d9a8d9c81702af9c599bb79706f12b1a465cf Mon Sep 17 00:00:00 2001
+From 29a58009a172e369ad7166e16dab2f4945c6b0d2 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Thu, 21 Feb 2019 16:23:24 +0800
-Subject: [PATCH] binfmt: Don't install dependency links at install time for
- the binfmt services
+Subject: [PATCH 1/2] binfmt: Don't install dependency links at install time
+ for the binfmt services
use [Install] blocks so that they get created when the service is enabled
like a traditional service.
@@ -25,10 +25,10 @@
3 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/units/meson.build b/units/meson.build
-index c7939a10f8..219570ab19 100644
+index e7bfb7f838..1d5ec4b178 100644
--- a/units/meson.build
+++ b/units/meson.build
-@@ -149,7 +149,6 @@ units = [
+@@ -154,7 +154,6 @@ units = [
{
'file' : 'proc-sys-fs-binfmt_misc.automount',
'conditions' : ['ENABLE_BINFMT'],
@@ -36,7 +36,7 @@
},
{
'file' : 'proc-sys-fs-binfmt_misc.mount',
-@@ -246,7 +245,6 @@ units = [
+@@ -251,7 +250,6 @@ units = [
{
'file' : 'systemd-binfmt.service.in',
'conditions' : ['ENABLE_BINFMT'],
@@ -45,7 +45,7 @@
{
'file' : 'systemd-bless-boot.service.in',
diff --git a/units/proc-sys-fs-binfmt_misc.automount b/units/proc-sys-fs-binfmt_misc.automount
-index 6b1bbdc91e..5ec5b8670a 100644
+index 5d212015a5..6c2900ca77 100644
--- a/units/proc-sys-fs-binfmt_misc.automount
+++ b/units/proc-sys-fs-binfmt_misc.automount
@@ -22,3 +22,6 @@ Before=shutdown.target
@@ -56,7 +56,7 @@
+[Install]
+WantedBy=sysinit.target
diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in
-index b04412e037..63f116e4fa 100644
+index 6861c76674..531e9fbd90 100644
--- a/units/systemd-binfmt.service.in
+++ b/units/systemd-binfmt.service.in
@@ -14,6 +14,7 @@ Documentation=https://docs.kernel.org/admin-guide/binfmt-misc.html
@@ -68,12 +68,12 @@
After=proc-sys-fs-binfmt_misc.mount
After=local-fs.target
@@ -31,3 +32,6 @@ RemainAfterExit=yes
- ExecStart={{ROOTLIBEXECDIR}}/systemd-binfmt
- ExecStop={{ROOTLIBEXECDIR}}/systemd-binfmt --unregister
+ ExecStart={{LIBEXECDIR}}/systemd-binfmt
+ ExecStop={{LIBEXECDIR}}/systemd-binfmt --unregister
TimeoutSec=90s
+
+[Install]
+WantedBy=sysinit.target
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-strndupa.patch b/poky/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch
similarity index 86%
rename from poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-strndupa.patch
rename to poky/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch
index ec451cd..5595b5b 100644
--- a/poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-strndupa.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch
@@ -1,7 +1,7 @@
-From ee5c8b494a3269edd154a0b799a03b39dba2ceb0 Mon Sep 17 00:00:00 2001
+From 87f1d38f40c5fe9cadf2b2de442473e4e5605788 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 14:18:21 +0800
-Subject: [PATCH] src/basic/missing.h: check for missing strndupa
+Subject: [PATCH 03/22] src/basic/missing.h: check for missing strndupa
include missing.h for definition of strndupa
@@ -18,6 +18,8 @@
[Rebased for v247]
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
[Rebased for v254]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+[Rebased for v255.1]
---
meson.build | 1 +
src/backlight/backlight.c | 1 +
@@ -66,16 +68,17 @@
src/shared/pager.c | 1 +
src/socket-proxy/socket-proxyd.c | 1 +
src/test/test-hexdecoct.c | 1 +
+ src/udev/udev-builtin-net_id.c | 1 +
src/udev/udev-builtin-path_id.c | 1 +
src/udev/udev-event.c | 1 +
src/udev/udev-rules.c | 1 +
- 50 files changed, 61 insertions(+)
+ 51 files changed, 62 insertions(+)
diff --git a/meson.build b/meson.build
-index fb96143c37..739b2f7f72 100644
+index 01fd3ffc19..61a872b753 100644
--- a/meson.build
+++ b/meson.build
-@@ -595,6 +595,7 @@ foreach ident : ['secure_getenv', '__secure_getenv']
+@@ -567,6 +567,7 @@ foreach ident : ['secure_getenv', '__secure_getenv']
endforeach
foreach ident : [
@@ -84,10 +87,10 @@
['gettid', '''#include <sys/types.h>
#include <unistd.h>'''],
diff --git a/src/backlight/backlight.c b/src/backlight/backlight.c
-index e66477f328..2613d1e3f9 100644
+index 5ac9f904a9..99d5122dd7 100644
--- a/src/backlight/backlight.c
+++ b/src/backlight/backlight.c
-@@ -19,6 +19,7 @@
+@@ -20,6 +20,7 @@
#include "string-util.h"
#include "strv.h"
#include "terminal-util.h"
@@ -96,7 +99,7 @@
#define PCI_CLASS_GRAPHICS_CARD 0x30000
diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
-index feda596939..11b4375ed5 100644
+index 18b16ecc0e..d2be79622f 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
@@ -38,6 +38,7 @@
@@ -105,10 +108,10 @@
#include "xattr-util.h"
+#include "missing_stdlib.h"
- static int cg_enumerate_items(const char *controller, const char *path, FILE **_f, const char *item) {
+ static int cg_enumerate_items(const char *controller, const char *path, FILE **ret, const char *item) {
_cleanup_free_ char *fs = NULL;
diff --git a/src/basic/env-util.c b/src/basic/env-util.c
-index 55ac11a512..7ccb1d7887 100644
+index d3bf73385f..16b17358ca 100644
--- a/src/basic/env-util.c
+++ b/src/basic/env-util.c
@@ -19,6 +19,7 @@
@@ -120,7 +123,7 @@
/* We follow bash for the character set. Different shells have different rules. */
#define VALID_BASH_ENV_NAME_CHARS \
diff --git a/src/basic/log.c b/src/basic/log.c
-index fc5793139e..515218fca8 100644
+index 1470611a75..9924ec2b9a 100644
--- a/src/basic/log.c
+++ b/src/basic/log.c
@@ -40,6 +40,7 @@
@@ -152,10 +155,10 @@
+ })
+#endif
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
-index 7ad19ee33b..cc1d5e1e5b 100644
+index c770e5ed32..1fd8816cd0 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
-@@ -15,6 +15,7 @@
+@@ -16,6 +16,7 @@
#include "stat-util.h"
#include "stdio-util.h"
#include "user-util.h"
@@ -164,7 +167,7 @@
int mkdirat_safe_internal(
int dir_fd,
diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c
-index bc74fbef8f..cdb609bb84 100644
+index bf67f7e01a..409f8d8a73 100644
--- a/src/basic/mountpoint-util.c
+++ b/src/basic/mountpoint-util.c
@@ -18,6 +18,7 @@
@@ -176,7 +179,7 @@
#include "nulstr-util.h"
#include "parse-util.h"
diff --git a/src/basic/parse-util.c b/src/basic/parse-util.c
-index 3445d31307..d82b4415d9 100644
+index 0430e33e40..f3728de026 100644
--- a/src/basic/parse-util.c
+++ b/src/basic/parse-util.c
@@ -18,6 +18,7 @@
@@ -188,7 +191,7 @@
int parse_boolean(const char *v) {
if (!v)
diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
-index c99e9d8786..71a917a0b0 100644
+index 4e3d59fc56..726e240df0 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -16,6 +16,7 @@
@@ -212,7 +215,7 @@
static int parse_parts_value_whole(const char *p, const char *symbol) {
const char *pc, *n;
diff --git a/src/basic/proc-cmdline.c b/src/basic/proc-cmdline.c
-index eea70d8606..ae3abd8402 100644
+index 522d8de1f4..7c129dc0fc 100644
--- a/src/basic/proc-cmdline.c
+++ b/src/basic/proc-cmdline.c
@@ -16,6 +16,7 @@
@@ -224,7 +227,7 @@
int proc_cmdline_filter_pid1_args(char **argv, char ***ret) {
enum {
diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c
-index bcba5a5208..64a95dd866 100644
+index d7cfcd9105..6cb0ddf575 100644
--- a/src/basic/procfs-util.c
+++ b/src/basic/procfs-util.c
@@ -12,6 +12,7 @@
@@ -236,7 +239,7 @@
int procfs_get_pid_max(uint64_t *ret) {
_cleanup_free_ char *value = NULL;
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
-index b700f364ef..48a26bcec9 100644
+index f9014dc560..1d7840a5b5 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -27,6 +27,7 @@
@@ -248,7 +251,7 @@
static clockid_t map_clock_id(clockid_t c) {
diff --git a/src/boot/bless-boot.c b/src/boot/bless-boot.c
-index 59f02b761a..7496646350 100644
+index 0c0b4f23c7..68fe5ca509 100644
--- a/src/boot/bless-boot.c
+++ b/src/boot/bless-boot.c
@@ -22,6 +22,7 @@
@@ -260,22 +263,22 @@
static char **arg_path = NULL;
diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c
-index b5484eda78..54ed62c790 100644
+index 4237e694c0..05f9d9d9a9 100644
--- a/src/core/dbus-cgroup.c
+++ b/src/core/dbus-cgroup.c
-@@ -23,6 +23,7 @@
+@@ -25,6 +25,7 @@
#include "parse-util.h"
#include "path-util.h"
#include "percent-util.h"
+#include "missing_stdlib.h"
#include "socket-util.h"
- BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", TasksMax, tasks_max_resolve);
+ BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", CGroupTasksMax, cgroup_tasks_max_resolve);
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
-index f514b8fd12..4febd0d496 100644
+index 4daa1cefd3..2c77901471 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
-@@ -48,6 +48,7 @@
+@@ -42,6 +42,7 @@
#include "unit-printf.h"
#include "user-util.h"
#include "utf8.h"
@@ -284,7 +287,7 @@
BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutput);
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
diff --git a/src/core/dbus-util.c b/src/core/dbus-util.c
-index edfa0eb69a..6fd2ec9062 100644
+index d680a64268..e59f48103e 100644
--- a/src/core/dbus-util.c
+++ b/src/core/dbus-util.c
@@ -9,6 +9,7 @@
@@ -296,19 +299,19 @@
int bus_property_get_triggered_unit(
sd_bus *bus,
diff --git a/src/core/execute.c b/src/core/execute.c
-index 853e87450f..8ef76de9ab 100644
+index ef0bf88687..bd3da0c401 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
-@@ -113,6 +113,7 @@
+@@ -72,6 +72,7 @@
#include "unit-serialize.h"
#include "user-util.h"
#include "utmp-wtmp.h"
+#include "missing_stdlib.h"
- #define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
- #define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
+ static bool is_terminal_input(ExecInput i) {
+ return IN_SET(i,
diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c
-index e843743777..e149807492 100644
+index b8e3f7aadd..8ce8ca68d8 100644
--- a/src/core/kmod-setup.c
+++ b/src/core/kmod-setup.c
@@ -13,6 +13,7 @@
@@ -320,7 +323,7 @@
#if HAVE_KMOD
#include "module-util.h"
diff --git a/src/core/service.c b/src/core/service.c
-index 9ad3c3d995..b112d64919 100644
+index b9eb40c555..268fe7573b 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -45,6 +45,7 @@
@@ -332,7 +335,7 @@
#define service_spawn(...) service_spawn_internal(__func__, __VA_ARGS__)
diff --git a/src/coredump/coredump-vacuum.c b/src/coredump/coredump-vacuum.c
-index c6e201ecf2..ab034475e2 100644
+index 7e0c98cb7d..978a7f5874 100644
--- a/src/coredump/coredump-vacuum.c
+++ b/src/coredump/coredump-vacuum.c
@@ -17,6 +17,7 @@
@@ -344,7 +347,7 @@
#define DEFAULT_MAX_USE_LOWER (uint64_t) (1ULL*1024ULL*1024ULL) /* 1 MiB */
#define DEFAULT_MAX_USE_UPPER (uint64_t) (4ULL*1024ULL*1024ULL*1024ULL) /* 4 GiB */
diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
-index efc553b698..acea922311 100644
+index 016f3baa7f..b1def81313 100644
--- a/src/fstab-generator/fstab-generator.c
+++ b/src/fstab-generator/fstab-generator.c
@@ -37,6 +37,7 @@
@@ -356,10 +359,10 @@
typedef enum MountPointFlags {
MOUNT_NOAUTO = 1 << 0,
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
-index 7df264fb53..9463a0e9fb 100644
+index da0f20d3ce..f22ce41908 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
-@@ -26,6 +26,7 @@
+@@ -27,6 +27,7 @@
#include "stat-util.h"
#include "string-table.h"
#include "strv.h"
@@ -368,7 +371,7 @@
#define PRIV_KEY_FILE CERTIFICATE_ROOT "/private/journal-remote.pem"
#define CERT_FILE CERTIFICATE_ROOT "/certs/journal-remote.pem"
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
-index da0fac548e..c1c043e0e0 100644
+index 7f3dcd56a4..41b7cbaaf1 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -77,6 +77,7 @@
@@ -380,7 +383,7 @@
#define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c
-index 9719f97c02..75decd9834 100644
+index ff0228081f..9066fcb133 100644
--- a/src/libsystemd/sd-bus/bus-message.c
+++ b/src/libsystemd/sd-bus/bus-message.c
@@ -19,6 +19,7 @@
@@ -392,7 +395,7 @@
static int message_append_basic(sd_bus_message *m, char type, const void *p, const void **stored);
static int message_parse_fields(sd_bus_message *m);
diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
-index 2ad7a9993d..bba72f99f4 100644
+index c25c40ff37..57a5da704f 100644
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
@@ -11,6 +11,7 @@
@@ -404,10 +407,10 @@
static int node_vtable_get_userdata(
sd_bus *bus,
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
-index 64037e4fe0..9b9ce0aaa9 100644
+index 3c59d0d615..746922d46f 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
-@@ -28,6 +28,7 @@
+@@ -29,6 +29,7 @@
#include "string-util.h"
#include "user-util.h"
#include "utf8.h"
@@ -416,7 +419,7 @@
#define SNDBUF_SIZE (8*1024*1024)
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
-index f6a5e4aa06..b36faa79a3 100644
+index 4a0259f8bb..aaa90d2223 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -46,6 +46,7 @@
@@ -428,19 +431,19 @@
#define log_debug_bus_message(m) \
do { \
diff --git a/src/libsystemd/sd-bus/test-bus-benchmark.c b/src/libsystemd/sd-bus/test-bus-benchmark.c
-index 1eb6edd329..d434a3c178 100644
+index d988588de0..458df8df9a 100644
--- a/src/libsystemd/sd-bus/test-bus-benchmark.c
+++ b/src/libsystemd/sd-bus/test-bus-benchmark.c
-@@ -13,6 +13,7 @@
- #include "missing_resource.h"
+@@ -14,6 +14,7 @@
#include "string-util.h"
+ #include "tests.h"
#include "time-util.h"
+#include "missing_stdlib.h"
#define MAX_SIZE (2*1024*1024)
diff --git a/src/libsystemd/sd-journal/sd-journal.c b/src/libsystemd/sd-journal/sd-journal.c
-index 9947947ef2..8dc6f93159 100644
+index 6b9ff0a4ed..4a5027ad0f 100644
--- a/src/libsystemd/sd-journal/sd-journal.c
+++ b/src/libsystemd/sd-journal/sd-journal.c
@@ -44,6 +44,7 @@
@@ -452,19 +455,19 @@
#define JOURNAL_FILES_RECHECK_USEC (2 * USEC_PER_SEC)
diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c
-index ba2fca32c6..e1f9caa13b 100644
+index b8da266e27..4bb8dd9496 100644
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
-@@ -34,6 +34,7 @@
- #include "locale-util.h"
+@@ -35,6 +35,7 @@
#include "login-util.h"
#include "macro.h"
+ #include "missing_syscall.h"
+#include "missing_stdlib.h"
#include "pam-util.h"
#include "parse-util.h"
#include "path-util.h"
diff --git a/src/network/generator/network-generator.c b/src/network/generator/network-generator.c
-index 1090934bfc..69a77f66e2 100644
+index 48527a2c73..9777fe0561 100644
--- a/src/network/generator/network-generator.c
+++ b/src/network/generator/network-generator.c
@@ -14,6 +14,7 @@
@@ -476,7 +479,7 @@
/*
# .network
diff --git a/src/nspawn/nspawn-settings.c b/src/nspawn/nspawn-settings.c
-index 05bde1c756..aa29587868 100644
+index 161b1c1c70..ba1c459f78 100644
--- a/src/nspawn/nspawn-settings.c
+++ b/src/nspawn/nspawn-settings.c
@@ -16,6 +16,7 @@
@@ -500,7 +503,7 @@
static void setup_logging_once(void) {
static pthread_once_t once = PTHREAD_ONCE_INIT;
diff --git a/src/portable/portable.c b/src/portable/portable.c
-index 7811833fac..c6414da91c 100644
+index d4b448a627..bb26623565 100644
--- a/src/portable/portable.c
+++ b/src/portable/portable.c
@@ -40,6 +40,7 @@
@@ -512,7 +515,7 @@
/* Markers used in the first line of our 20-portable.conf unit file drop-in to determine, that a) the unit file was
* dropped there by the portable service logic and b) for which image it was dropped there. */
diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c
-index 2638e985fb..82c903fd66 100644
+index afa537f160..32ccee4ae5 100644
--- a/src/resolve/resolvectl.c
+++ b/src/resolve/resolvectl.c
@@ -48,6 +48,7 @@
@@ -524,7 +527,7 @@
static int arg_family = AF_UNSPEC;
static int arg_ifindex = 0;
diff --git a/src/shared/bus-get-properties.c b/src/shared/bus-get-properties.c
-index 8b4f66b22e..5926e4c61b 100644
+index 53e5d6b99f..851ecd5644 100644
--- a/src/shared/bus-get-properties.c
+++ b/src/shared/bus-get-properties.c
@@ -4,6 +4,7 @@
@@ -548,10 +551,10 @@
struct CGroupInfo {
char *cgroup_path;
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
-index 1e95e36678..640ee031d5 100644
+index 4ee9706847..30c8084847 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
-@@ -51,6 +51,7 @@
+@@ -50,6 +50,7 @@
#include "unit-def.h"
#include "user-util.h"
#include "utf8.h"
@@ -560,7 +563,7 @@
int bus_parse_unit_info(sd_bus_message *message, UnitInfo *u) {
assert(message);
diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
-index d09ec5148d..f38a8f7cc1 100644
+index 4123152d93..74f148c8b4 100644
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
@@ -24,6 +24,7 @@
@@ -572,7 +575,7 @@
static int name_owner_change_callback(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
sd_event *e = ASSERT_PTR(userdata);
diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c
-index 620b156563..5ee5b09186 100644
+index b41c9b06ca..e69050a507 100644
--- a/src/shared/dns-domain.c
+++ b/src/shared/dns-domain.c
@@ -18,6 +18,7 @@
@@ -584,7 +587,7 @@
int dns_label_unescape(const char **name, char *dest, size_t sz, DNSLabelFlags flags) {
const char *n;
diff --git a/src/shared/journal-importer.c b/src/shared/journal-importer.c
-index d9eabec886..534c6cf7e3 100644
+index 83e9834bbf..74eaae6f5e 100644
--- a/src/shared/journal-importer.c
+++ b/src/shared/journal-importer.c
@@ -16,6 +16,7 @@
@@ -596,7 +599,7 @@
enum {
IMPORTER_STATE_LINE = 0, /* waiting to read, or reading line */
diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
-index b72e516c8d..6e832b74c3 100644
+index a5d04003bd..10392c132d 100644
--- a/src/shared/logs-show.c
+++ b/src/shared/logs-show.c
@@ -41,6 +41,7 @@
@@ -608,7 +611,7 @@
/* up to three lines (each up to 100 characters) or 300 characters, whichever is less */
#define PRINT_LINE_THRESHOLD 3
diff --git a/src/shared/pager.c b/src/shared/pager.c
-index 6ed35a3ca9..99d9d36140 100644
+index 19deefab56..6b6d0af1a0 100644
--- a/src/shared/pager.c
+++ b/src/shared/pager.c
@@ -25,6 +25,7 @@
@@ -620,7 +623,7 @@
static pid_t pager_pid = 0;
diff --git a/src/socket-proxy/socket-proxyd.c b/src/socket-proxy/socket-proxyd.c
-index 821049e667..08a5bdae3d 100644
+index 287fd6c181..8f8d5493da 100644
--- a/src/socket-proxy/socket-proxyd.c
+++ b/src/socket-proxy/socket-proxyd.c
@@ -27,6 +27,7 @@
@@ -632,7 +635,7 @@
#define BUFFER_SIZE (256 * 1024)
diff --git a/src/test/test-hexdecoct.c b/src/test/test-hexdecoct.c
-index 9d71db6ae1..a9938c1e6e 100644
+index f884008660..987e180697 100644
--- a/src/test/test-hexdecoct.c
+++ b/src/test/test-hexdecoct.c
@@ -7,6 +7,7 @@
@@ -643,8 +646,20 @@
#include "tests.h"
TEST(hexchar) {
+diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
+index 91b40088f4..f528a46b8e 100644
+--- a/src/udev/udev-builtin-net_id.c
++++ b/src/udev/udev-builtin-net_id.c
+@@ -39,6 +39,7 @@
+ #include "strv.h"
+ #include "strxcpyx.h"
+ #include "udev-builtin.h"
++#include "missing_stdlib.h"
+
+ #define ONBOARD_14BIT_INDEX_MAX ((1U << 14) - 1)
+ #define ONBOARD_16BIT_INDEX_MAX ((1U << 16) - 1)
diff --git a/src/udev/udev-builtin-path_id.c b/src/udev/udev-builtin-path_id.c
-index 8e4d57ee72..6b4555b4d5 100644
+index 467c9a6ad3..f74dae60af 100644
--- a/src/udev/udev-builtin-path_id.c
+++ b/src/udev/udev-builtin-path_id.c
@@ -24,6 +24,7 @@
@@ -656,22 +671,22 @@
_printf_(2,3)
static void path_prepend(char **path, const char *fmt, ...) {
diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
-index ec4ad30824..bc40303a46 100644
+index ed22c8b679..19ebe20237 100644
--- a/src/udev/udev-event.c
+++ b/src/udev/udev-event.c
-@@ -34,6 +34,7 @@
+@@ -16,6 +16,7 @@
#include "udev-util.h"
#include "udev-watch.h"
#include "user-util.h"
+#include "missing_stdlib.h"
- typedef struct Spawn {
- sd_device *device;
+ UdevEvent *udev_event_new(sd_device *dev, usec_t exec_delay_usec, sd_netlink *rtnl, int log_level) {
+ UdevEvent *event;
diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
-index 5bd09a64d1..0ce79f815c 100644
+index 5f12002394..febe345b4c 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
-@@ -35,6 +35,7 @@
+@@ -41,6 +41,7 @@
#include "udev-util.h"
#include "user-util.h"
#include "virt.h"
@@ -680,5 +695,5 @@
#define RULES_DIRS ((const char* const*) CONF_PATHS_STRV("udev/rules.d"))
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0004-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch b/poky/meta/recipes-core/systemd/systemd/0004-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
deleted file mode 100644
index 98914ae..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0004-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From f75f03ef6bc3554068e456bed227f333d5cb8c34 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 29 Sep 2020 18:01:41 -0700
-Subject: [PATCH] Move sysusers.d/sysctl.d/binfmt.d/modules-load.d to /usr
-
-These directories are moved to /lib since systemd v246, commit
-4a56315a990b ("path: use ROOTPREFIX properly"), but in oe-core/yocto,
-the old /usr/lib is still being used.
-
-Upstream-Status: Inappropriate (OE-specific)
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
----
- src/core/systemd.pc.in | 8 ++++----
- src/libsystemd/sd-path/sd-path.c | 8 ++++----
- 2 files changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
-index 693433b34b..8368a3ff02 100644
---- a/src/core/systemd.pc.in
-+++ b/src/core/systemd.pc.in
-@@ -67,16 +67,16 @@ tmpfilesdir=${tmpfiles_dir}
-
- user_tmpfiles_dir=${prefix}/share/user-tmpfiles.d
-
--sysusers_dir=${rootprefix}/lib/sysusers.d
-+sysusers_dir=${prefix}/lib/sysusers.d
- sysusersdir=${sysusers_dir}
-
--sysctl_dir=${rootprefix}/lib/sysctl.d
-+sysctl_dir=${prefix}/lib/sysctl.d
- sysctldir=${sysctl_dir}
-
--binfmt_dir=${rootprefix}/lib/binfmt.d
-+binfmt_dir=${prefix}/lib/binfmt.d
- binfmtdir=${binfmt_dir}
-
--modules_load_dir=${rootprefix}/lib/modules-load.d
-+modules_load_dir=${prefix}/lib/modules-load.d
- modulesloaddir=${modules_load_dir}
-
- catalog_dir=${prefix}/lib/systemd/catalog
-diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
-index 1af3a36d1d..def502b717 100644
---- a/src/libsystemd/sd-path/sd-path.c
-+++ b/src/libsystemd/sd-path/sd-path.c
-@@ -365,19 +365,19 @@ static int get_path(uint64_t type, char **buffer, const char **ret) {
- return 0;
-
- case SD_PATH_SYSUSERS:
-- *ret = ROOTPREFIX_NOSLASH "/lib/sysusers.d";
-+ *ret = "/usr/lib/sysusers.d";
- return 0;
-
- case SD_PATH_SYSCTL:
-- *ret = ROOTPREFIX_NOSLASH "/lib/sysctl.d";
-+ *ret = "/usr/lib/sysctl.d";
- return 0;
-
- case SD_PATH_BINFMT:
-- *ret = ROOTPREFIX_NOSLASH "/lib/binfmt.d";
-+ *ret = "/usr/lib/binfmt.d";
- return 0;
-
- case SD_PATH_MODULES_LOAD:
-- *ret = ROOTPREFIX_NOSLASH "/lib/modules-load.d";
-+ *ret = "/usr/lib/modules-load.d";
- return 0;
-
- case SD_PATH_CATALOG:
---
-2.39.2
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0012-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch b/poky/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
similarity index 90%
rename from poky/meta/recipes-core/systemd/systemd/0012-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
rename to poky/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
index 0d69e8e..15877be 100644
--- a/poky/meta/recipes-core/systemd/systemd/0012-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
@@ -1,7 +1,8 @@
-From 747ff78ecda6afe01c7eab4d7c27aea6af810c86 Mon Sep 17 00:00:00 2001
+From 5325ab5813617f35f03806ec420829dde7104387 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 14:56:21 +0800
-Subject: [PATCH] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not defined
+Subject: [PATCH 04/22] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not
+ defined
If the standard library doesn't provide brace
expansion users just won't get it.
@@ -23,7 +24,7 @@
3 files changed, 38 insertions(+)
diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c
-index fd60a6eda2..c73edc41ea 100644
+index 802ca8c655..23818a67c6 100644
--- a/src/basic/glob-util.c
+++ b/src/basic/glob-util.c
@@ -12,6 +12,12 @@
@@ -114,7 +115,7 @@
(void) rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL);
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
-index 458aed7054..2cf24b38c0 100644
+index 230ec09b97..2cc5f391d7 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -73,6 +73,12 @@
@@ -130,9 +131,9 @@
/* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates
* them in the file system. This is intended to be used to create
* properly owned directories beneath /tmp, /var/tmp, /run, which are
-@@ -2355,7 +2361,9 @@ finish:
+@@ -2434,7 +2440,9 @@ finish:
- static int glob_item(Item *i, action_t action) {
+ static int glob_item(Context *c, Item *i, action_t action) {
_cleanup_globfree_ glob_t g = {
+#ifdef GLOB_ALTDIRFUNC
.gl_opendir = (void *(*)(const char *)) opendir_nomod,
@@ -140,9 +141,9 @@
};
int r = 0, k;
-@@ -2375,7 +2383,9 @@ static int glob_item(Item *i, action_t action) {
+@@ -2461,7 +2469,9 @@ static int glob_item_recursively(
+ fdaction_t action) {
- static int glob_item_recursively(Item *i, fdaction_t action) {
_cleanup_globfree_ glob_t g = {
+#ifdef GLOB_ALTDIRFUNC
.gl_opendir = (void *(*)(const char *)) opendir_nomod,
@@ -151,5 +152,5 @@
int r = 0, k;
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0013-add-missing-FTW_-macros-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch
similarity index 84%
rename from poky/meta/recipes-core/systemd/systemd/0013-add-missing-FTW_-macros-for-musl.patch
rename to poky/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch
index d6aaadc..a1dfca2 100644
--- a/poky/meta/recipes-core/systemd/systemd/0013-add-missing-FTW_-macros-for-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch
@@ -1,7 +1,7 @@
-From efd7b41cf270c7b07ee3b9aec0fedd8e52dd422f Mon Sep 17 00:00:00 2001
+From dad7f897c0de654fa5592fda3e90f874639849f9 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:00:06 +0800
-Subject: [PATCH] add missing FTW_ macros for musl
+Subject: [PATCH 05/22] add missing FTW_ macros for musl
This is to avoid build failures like below for musl.
@@ -28,10 +28,10 @@
+#define FTW_CONTINUE 0
+#endif
diff --git a/src/test/test-recurse-dir.c b/src/test/test-recurse-dir.c
-index 2c2120b136..bc60a178a2 100644
+index 8684d064ec..70fc2b5376 100644
--- a/src/test/test-recurse-dir.c
+++ b/src/test/test-recurse-dir.c
-@@ -6,6 +6,7 @@
+@@ -8,6 +8,7 @@
#include "recurse-dir.h"
#include "strv.h"
#include "tests.h"
@@ -40,5 +40,5 @@
static char **list_nftw = NULL;
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch b/poky/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch
similarity index 83%
rename from poky/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
rename to poky/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch
index 2071f4f..4be14b7 100644
--- a/poky/meta/recipes-core/systemd/systemd/0014-Use-uintmax_t-for-handling-rlim_t.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch
@@ -1,7 +1,7 @@
-From 60f7d2c62bc3718023df93c01688d3ee1625d64d Mon Sep 17 00:00:00 2001
+From 96e975a2412a20e5f80bd3ab144057d275eb8597 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:12:41 +0800
-Subject: [PATCH] Use uintmax_t for handling rlim_t
+Subject: [PATCH 06/22] Use uintmax_t for handling rlim_t
PRIu{32,64} is not right format to represent rlim_t type
therefore use %ju and typecast the rlim_t variables to
@@ -26,9 +26,11 @@
src/core/execute.c | 4 ++--
3 files changed, 9 insertions(+), 15 deletions(-)
+diff --git a/src/basic/format-util.h b/src/basic/format-util.h
+index 8719df3e29..9becc96066 100644
--- a/src/basic/format-util.h
+++ b/src/basic/format-util.h
-@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32
+@@ -34,13 +34,7 @@ assert_cc(sizeof(gid_t) == sizeof(uint32_t));
# error Unknown timex member size
#endif
@@ -43,9 +45,11 @@
#if SIZEOF_DEV_T == 8
# define DEV_FMT "%" PRIu64
+diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c
+index c1f0b2b974..61c5412582 100644
--- a/src/basic/rlimit-util.c
+++ b/src/basic/rlimit-util.c
-@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, cons
+@@ -44,7 +44,7 @@ int setrlimit_closest(int resource, const struct rlimit *rlim) {
fixed.rlim_max == highest.rlim_max)
return 0;
@@ -54,7 +58,7 @@
return RET_NERRNO(setrlimit(resource, &fixed));
}
-@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *r
+@@ -307,13 +307,13 @@ int rlimit_format(const struct rlimit *rl, char **ret) {
if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
r = free_and_strdup(&s, "infinity");
else if (rl->rlim_cur >= RLIM_INFINITY)
@@ -72,7 +76,7 @@
if (r < 0)
return -ENOMEM;
-@@ -407,7 +407,7 @@ int rlimit_nofile_safe(void) {
+@@ -422,7 +422,7 @@ int rlimit_nofile_safe(void) {
rl.rlim_max = MIN(rl.rlim_max, (rlim_t) read_nr_open());
rl.rlim_cur = MIN((rlim_t) FD_SETSIZE, rl.rlim_max);
if (setrlimit(RLIMIT_NOFILE, &rl) < 0)
@@ -81,9 +85,11 @@
return 1;
}
+diff --git a/src/core/execute.c b/src/core/execute.c
+index bd3da0c401..df1870fd2f 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
-@@ -6707,9 +6707,9 @@ void exec_context_dump(const ExecContext
+@@ -1045,9 +1045,9 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) {
for (unsigned i = 0; i < RLIM_NLIMITS; i++)
if (c->rlimit[i]) {
fprintf(f, "%sLimit%s: " RLIM_FMT "\n",
@@ -95,3 +101,6 @@
}
if (c->ioprio_set) {
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0016-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/poky/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
similarity index 95%
rename from poky/meta/recipes-core/systemd/systemd/0016-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
rename to poky/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
index 543fba7..8d60842 100644
--- a/poky/meta/recipes-core/systemd/systemd/0016-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
@@ -1,7 +1,7 @@
-From 26b02348e39fe72b73dd61bba8a0cefb0352717d Mon Sep 17 00:00:00 2001
+From 4842cff4f1329f0b5034b529d56f8ad1f234ac4c Mon Sep 17 00:00:00 2001
From: Andre McCurdy <armccurdy@gmail.com>
Date: Tue, 10 Oct 2017 14:33:30 -0700
-Subject: [PATCH] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat()
+Subject: [PATCH 07/22] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat()
Avoid using AT_SYMLINK_NOFOLLOW flag. It doesn't seem like the right
thing to do and it's not portable (not supported by musl). See:
@@ -31,7 +31,7 @@
2 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h
-index 932d003f19..33215dbf5f 100644
+index 1023ab73ca..c78ff6f27f 100644
--- a/src/basic/fs-util.h
+++ b/src/basic/fs-util.h
@@ -49,8 +49,27 @@ int futimens_opath(int fd, const struct timespec ts[2]);
@@ -64,7 +64,7 @@
int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode);
diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
-index be6dd1654a..2726dc946a 100644
+index 569ef466c3..7ae921a113 100644
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
@@ -145,7 +145,7 @@ int base_filesystem_create_fd(int fd, const char *root, uid_t uid, gid_t gid) {
@@ -95,5 +95,5 @@
}
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0017-Define-glibc-compatible-basename-for-non-glibc-syste.patch b/poky/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch
similarity index 70%
rename from poky/meta/recipes-core/systemd/systemd/0017-Define-glibc-compatible-basename-for-non-glibc-syste.patch
rename to poky/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch
index 24dd6b0..c1a8bb1 100644
--- a/poky/meta/recipes-core/systemd/systemd/0017-Define-glibc-compatible-basename-for-non-glibc-syste.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch
@@ -1,7 +1,8 @@
-From fdc7fb940bb41020271b9db41d5608004efdbde5 Mon Sep 17 00:00:00 2001
+From bab07e779ff23d5593bb118efaaa31b60a6dce87 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sun, 27 May 2018 08:36:44 -0700
-Subject: [PATCH] Define glibc compatible basename() for non-glibc systems
+Subject: [PATCH 08/22] Define glibc compatible basename() for non-glibc
+ systems
Fixes builds with musl, even though systemd is adamant about
using non-posix basename implementation, we have a way out
@@ -10,9 +11,11 @@
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- src/machine/machine-dbus.c | 5 +++++
- 1 file changed, 5 insertions(+)
+ src/basic/string-util.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/src/basic/string-util.h b/src/basic/string-util.h
+index b6d8be3083..0a29036c4c 100644
--- a/src/basic/string-util.h
+++ b/src/basic/string-util.h
@@ -26,6 +26,10 @@
@@ -26,3 +29,6 @@
static inline char* strstr_ptr(const char *haystack, const char *needle) {
if (!haystack || !needle)
return NULL;
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0018-Do-not-disable-buffering-when-writing-to-oom_score_a.patch b/poky/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
similarity index 82%
rename from poky/meta/recipes-core/systemd/systemd/0018-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
rename to poky/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
index 8162bc2..3ff0177 100644
--- a/poky/meta/recipes-core/systemd/systemd/0018-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch
@@ -1,7 +1,7 @@
-From 32fd0dc67b6df531f0769dbb099dbe8f30c28514 Mon Sep 17 00:00:00 2001
+From 25093c5017725b8577c444dfea0f42ad85b43522 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 4 Jul 2018 15:00:44 +0800
-Subject: [PATCH] Do not disable buffering when writing to oom_score_adj
+Subject: [PATCH 09/22] Do not disable buffering when writing to oom_score_adj
On musl, disabling buffering when writing to oom_score_adj will
cause the following error.
@@ -24,10 +24,10 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
-index 0747c14c1c..8d0c5aae92 100644
+index 201c5596ae..ea51595b6c 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
-@@ -1516,7 +1516,7 @@ int set_oom_score_adjust(int value) {
+@@ -1716,7 +1716,7 @@ int set_oom_score_adjust(int value) {
xsprintf(t, "%i", value);
return write_string_file("/proc/self/oom_score_adj", t,
@@ -37,5 +37,5 @@
int get_oom_score_adjust(int *ret) {
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0019-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch b/poky/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
similarity index 89%
rename from poky/meta/recipes-core/systemd/systemd/0019-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
rename to poky/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
index f6d908f..cf59ac7 100644
--- a/poky/meta/recipes-core/systemd/systemd/0019-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch
@@ -1,7 +1,7 @@
-From ed46afcbc6bc1f6277a0a54c3db8cf1b056bca1e Mon Sep 17 00:00:00 2001
+From 2adbe9773cd65c48eec9df96868d4a738927c8d9 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Tue, 10 Jul 2018 15:40:17 +0800
-Subject: [PATCH] distinguish XSI-compliant strerror_r from GNU-specifi
+Subject: [PATCH 10/22] distinguish XSI-compliant strerror_r from GNU-specifi
strerror_r
XSI-compliant strerror_r and GNU-specifi strerror_r are different.
@@ -24,7 +24,7 @@
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c
-index 413e2dd43f..805e5da0c0 100644
+index 77b2e1a0fd..fdba0e0142 100644
--- a/src/libsystemd/sd-bus/bus-error.c
+++ b/src/libsystemd/sd-bus/bus-error.c
@@ -408,7 +408,12 @@ static void bus_error_strerror(sd_bus_error *e, int error) {
@@ -55,10 +55,10 @@
static bool map_ok(const sd_bus_error_map *map) {
diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
-index 136ebcb153..8a75ba4ecd 100644
+index 69a2eb6404..1561859650 100644
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
-@@ -360,7 +360,12 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove
+@@ -361,7 +361,12 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove
char* j;
errno = 0;
@@ -72,5 +72,5 @@
char error[STRLEN("ERRNO=") + DECIMAL_STR_MAX(int) + 1];
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0020-avoid-redefinition-of-prctl_mm_map-structure.patch b/poky/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch
similarity index 79%
rename from poky/meta/recipes-core/systemd/systemd/0020-avoid-redefinition-of-prctl_mm_map-structure.patch
rename to poky/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch
index e5f0173..e481b2e 100644
--- a/poky/meta/recipes-core/systemd/systemd/0020-avoid-redefinition-of-prctl_mm_map-structure.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch
@@ -1,7 +1,7 @@
-From 277b680d07a178b8278862b60417052d05c1376f Mon Sep 17 00:00:00 2001
+From 49c446cfb78cf74a909bed8c3798b77a5469866a Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 25 Feb 2019 15:44:54 +0800
-Subject: [PATCH] avoid redefinition of prctl_mm_map structure
+Subject: [PATCH 11/22] avoid redefinition of prctl_mm_map structure
Fix the following compile failure:
error: redefinition of 'struct prctl_mm_map'
@@ -14,7 +14,7 @@
1 file changed, 2 insertions(+)
diff --git a/src/basic/missing_prctl.h b/src/basic/missing_prctl.h
-index ab851306ba..5547cad875 100644
+index 7d9e395c92..88c2d7dfac 100644
--- a/src/basic/missing_prctl.h
+++ b/src/basic/missing_prctl.h
@@ -1,7 +1,9 @@
@@ -28,5 +28,5 @@
/* 58319057b7847667f0c9585b9de0e8932b0fdb08 (4.3) */
#ifndef PR_CAP_AMBIENT
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch b/poky/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch
new file mode 100644
index 0000000..66be790
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch
@@ -0,0 +1,562 @@
+From e4885a8e60f883d9217e26e1db3754c2906aca31 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Fri, 1 Mar 2019 15:22:15 +0800
+Subject: [PATCH 12/22] do not disable buffer in writing files
+
+Do not disable buffer in writing files, otherwise we get
+failure at boot for musl like below.
+
+ [!!!!!!] Failed to allocate manager object.
+
+And there will be other failures, critical or not critical.
+This is specific to musl.
+
+Upstream-Status: Inappropriate [musl]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+[Rebased for v242]
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+[rebased for systemd 243]
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+[rebased for systemd 254]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+[rebased for systemd 255.1]
+---
+ src/basic/cgroup-util.c | 12 ++++++------
+ src/basic/namespace-util.c | 4 ++--
+ src/basic/procfs-util.c | 4 ++--
+ src/basic/sysctl-util.c | 2 +-
+ src/binfmt/binfmt.c | 6 +++---
+ src/core/cgroup.c | 2 +-
+ src/core/main.c | 2 +-
+ src/core/smack-setup.c | 8 ++++----
+ src/home/homework.c | 2 +-
+ src/libsystemd/sd-device/sd-device.c | 2 +-
+ src/nspawn/nspawn-cgroup.c | 2 +-
+ src/nspawn/nspawn.c | 6 +++---
+ src/shared/binfmt-util.c | 2 +-
+ src/shared/cgroup-setup.c | 4 ++--
+ src/shared/coredump-util.c | 4 ++--
+ src/shared/hibernate-util.c | 4 ++--
+ src/shared/smack-util.c | 2 +-
+ src/shared/watchdog.c | 2 +-
+ src/sleep/sleep.c | 4 ++--
+ src/storagetm/storagetm.c | 24 ++++++++++++------------
+ src/udev/udev-rules.c | 1 -
+ src/vconsole/vconsole-setup.c | 2 +-
+ 22 files changed, 50 insertions(+), 51 deletions(-)
+
+diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
+index d2be79622f..e65fecb68d 100644
+--- a/src/basic/cgroup-util.c
++++ b/src/basic/cgroup-util.c
+@@ -417,7 +417,7 @@ int cg_kill_kernel_sigkill(const char *path) {
+ if (r < 0)
+ return r;
+
+- r = write_string_file(killfile, "1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(killfile, "1", 0);
+ if (r < 0)
+ return r;
+
+@@ -843,7 +843,7 @@ int cg_install_release_agent(const char *controller, const char *agent) {
+
+ sc = strstrip(contents);
+ if (isempty(sc)) {
+- r = write_string_file(fs, agent, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(fs, agent, 0);
+ if (r < 0)
+ return r;
+ } else if (!path_equal(sc, agent))
+@@ -861,7 +861,7 @@ int cg_install_release_agent(const char *controller, const char *agent) {
+
+ sc = strstrip(contents);
+ if (streq(sc, "0")) {
+- r = write_string_file(fs, "1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(fs, "1", 0);
+ if (r < 0)
+ return r;
+
+@@ -888,7 +888,7 @@ int cg_uninstall_release_agent(const char *controller) {
+ if (r < 0)
+ return r;
+
+- r = write_string_file(fs, "0", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(fs, "0", 0);
+ if (r < 0)
+ return r;
+
+@@ -898,7 +898,7 @@ int cg_uninstall_release_agent(const char *controller) {
+ if (r < 0)
+ return r;
+
+- r = write_string_file(fs, "", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(fs, "", 0);
+ if (r < 0)
+ return r;
+
+@@ -1814,7 +1814,7 @@ int cg_set_attribute(const char *controller, const char *path, const char *attri
+ if (r < 0)
+ return r;
+
+- return write_string_file(p, value, WRITE_STRING_FILE_DISABLE_BUFFER);
++ return write_string_file(p, value, 0);
+ }
+
+ int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
+diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c
+index 2101f617ad..63817bae17 100644
+--- a/src/basic/namespace-util.c
++++ b/src/basic/namespace-util.c
+@@ -227,12 +227,12 @@ int userns_acquire(const char *uid_map, const char *gid_map) {
+ freeze();
+
+ xsprintf(path, "/proc/" PID_FMT "/uid_map", pid);
+- r = write_string_file(path, uid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, uid_map, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write UID map: %m");
+
+ xsprintf(path, "/proc/" PID_FMT "/gid_map", pid);
+- r = write_string_file(path, gid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, gid_map, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write GID map: %m");
+
+diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c
+index 6cb0ddf575..247cf9e1d1 100644
+--- a/src/basic/procfs-util.c
++++ b/src/basic/procfs-util.c
+@@ -64,13 +64,13 @@ int procfs_tasks_set_limit(uint64_t limit) {
+ * decrease it, as threads-max is the much more relevant sysctl. */
+ if (limit > pid_max-1) {
+ sprintf(buffer, "%" PRIu64, limit+1); /* Add one, since PID 0 is not a valid PID */
+- r = write_string_file("/proc/sys/kernel/pid_max", buffer, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/kernel/pid_max", buffer, 0);
+ if (r < 0)
+ return r;
+ }
+
+ sprintf(buffer, "%" PRIu64, limit);
+- r = write_string_file("/proc/sys/kernel/threads-max", buffer, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/kernel/threads-max", buffer, 0);
+ if (r < 0) {
+ uint64_t threads_max;
+
+diff --git a/src/basic/sysctl-util.c b/src/basic/sysctl-util.c
+index b66a6622ae..8d1c93008a 100644
+--- a/src/basic/sysctl-util.c
++++ b/src/basic/sysctl-util.c
+@@ -58,7 +58,7 @@ int sysctl_write(const char *property, const char *value) {
+
+ log_debug("Setting '%s' to '%s'", p, value);
+
+- return write_string_file(p, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_SUPPRESS_REDUNDANT_VIRTUAL);
++ return write_string_file(p, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_SUPPRESS_REDUNDANT_VIRTUAL);
+ }
+
+ int sysctl_writef(const char *property, const char *format, ...) {
+diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
+index d21f3f79ff..258607cc7e 100644
+--- a/src/binfmt/binfmt.c
++++ b/src/binfmt/binfmt.c
+@@ -30,7 +30,7 @@ static bool arg_unregister = false;
+
+ static int delete_rule(const char *rulename) {
+ const char *fn = strjoina("/proc/sys/fs/binfmt_misc/", rulename);
+- return write_string_file(fn, "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ return write_string_file(fn, "-1", 0);
+ }
+
+ static int apply_rule(const char *filename, unsigned line, const char *rule) {
+@@ -58,7 +58,7 @@ static int apply_rule(const char *filename, unsigned line, const char *rule) {
+ if (r >= 0)
+ log_debug("%s:%u: Rule '%s' deleted.", filename, line, rulename);
+
+- r = write_string_file("/proc/sys/fs/binfmt_misc/register", rule, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/fs/binfmt_misc/register", rule, 0);
+ if (r < 0)
+ return log_error_errno(r, "%s:%u: Failed to add binary format '%s': %m",
+ filename, line, rulename);
+@@ -248,7 +248,7 @@ static int run(int argc, char *argv[]) {
+ return r;
+
+ /* Flush out all rules */
+- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to flush binfmt_misc rules, ignoring: %m");
+ else
+diff --git a/src/core/cgroup.c b/src/core/cgroup.c
+index 61ac4df1a6..ea18970196 100644
+--- a/src/core/cgroup.c
++++ b/src/core/cgroup.c
+@@ -4578,7 +4578,7 @@ int unit_cgroup_freezer_action(Unit *u, FreezerAction action) {
+ u->freezer_state = FREEZER_THAWING;
+ }
+
+- r = write_string_file(path, one_zero(action == FREEZER_FREEZE), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(path, one_zero(action == FREEZER_FREEZE), 0);
+ if (r < 0)
+ return r;
+
+diff --git a/src/core/main.c b/src/core/main.c
+index 3f71cc0947..0e5aec3e9e 100644
+--- a/src/core/main.c
++++ b/src/core/main.c
+@@ -1678,7 +1678,7 @@ static void initialize_core_pattern(bool skip_setup) {
+ if (getpid_cached() != 1)
+ return;
+
+- r = write_string_file("/proc/sys/kernel/core_pattern", arg_early_core_pattern, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/kernel/core_pattern", arg_early_core_pattern, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to write '%s' to /proc/sys/kernel/core_pattern, ignoring: %m",
+ arg_early_core_pattern);
+diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
+index 7ea902b6f9..1aef2988d0 100644
+--- a/src/core/smack-setup.c
++++ b/src/core/smack-setup.c
+@@ -321,17 +321,17 @@ int mac_smack_setup(bool *loaded_policy) {
+ }
+
+ #if HAVE_SMACK_RUN_LABEL
+- r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set SMACK label \"" SMACK_RUN_LABEL "\" on self: %m");
+- r = write_string_file("/sys/fs/smackfs/ambient", SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/sys/fs/smackfs/ambient", SMACK_RUN_LABEL, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set SMACK ambient label \"" SMACK_RUN_LABEL "\": %m");
+ r = write_string_file("/sys/fs/smackfs/netlabel",
+- "0.0.0.0/0 " SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
++ "0.0.0.0/0 " SMACK_RUN_LABEL, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set SMACK netlabel rule \"0.0.0.0/0 " SMACK_RUN_LABEL "\": %m");
+- r = write_string_file("/sys/fs/smackfs/netlabel", "127.0.0.1 -CIPSO", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/sys/fs/smackfs/netlabel", "127.0.0.1 -CIPSO", 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set SMACK netlabel rule \"127.0.0.1 -CIPSO\": %m");
+ #endif
+diff --git a/src/home/homework.c b/src/home/homework.c
+index 066483e342..5f92dd7064 100644
+--- a/src/home/homework.c
++++ b/src/home/homework.c
+@@ -278,7 +278,7 @@ static void drop_caches_now(void) {
+ * for details. We write "2" into /proc/sys/vm/drop_caches to ensure dentries/inodes are flushed, but
+ * not more. */
+
+- r = write_string_file("/proc/sys/vm/drop_caches", "2\n", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/vm/drop_caches", "2\n", 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to drop caches, ignoring: %m");
+ else
+diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c
+index 2fbc619a34..09d9591e37 100644
+--- a/src/libsystemd/sd-device/sd-device.c
++++ b/src/libsystemd/sd-device/sd-device.c
+@@ -2516,7 +2516,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
+ if (!value)
+ return -ENOMEM;
+
+- r = write_string_file(path, value, WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_NOFOLLOW);
++ r = write_string_file(path, value, 0 | WRITE_STRING_FILE_NOFOLLOW);
+ if (r < 0) {
+ /* On failure, clear cache entry, as we do not know how it fails. */
+ device_remove_cached_sysattr_value(device, sysattr);
+diff --git a/src/nspawn/nspawn-cgroup.c b/src/nspawn/nspawn-cgroup.c
+index a5002437c6..b12e6cd9c9 100644
+--- a/src/nspawn/nspawn-cgroup.c
++++ b/src/nspawn/nspawn-cgroup.c
+@@ -124,7 +124,7 @@ int sync_cgroup(pid_t pid, CGroupUnified unified_requested, uid_t uid_shift) {
+ fn = strjoina(tree, cgroup, "/cgroup.procs");
+
+ sprintf(pid_string, PID_FMT, pid);
+- r = write_string_file(fn, pid_string, WRITE_STRING_FILE_DISABLE_BUFFER|WRITE_STRING_FILE_MKDIR_0755);
++ r = write_string_file(fn, pid_string, WRITE_STRING_FILE_MKDIR_0755);
+ if (r < 0) {
+ log_error_errno(r, "Failed to move process: %m");
+ goto finish;
+diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
+index 6ab604d3dc..bbec6b686c 100644
+--- a/src/nspawn/nspawn.c
++++ b/src/nspawn/nspawn.c
+@@ -2688,7 +2688,7 @@ static int reset_audit_loginuid(void) {
+ if (streq(p, "4294967295"))
+ return 0;
+
+- r = write_string_file("/proc/self/loginuid", "4294967295", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/self/loginuid", "4294967295", 0);
+ if (r < 0) {
+ log_error_errno(r,
+ "Failed to reset audit login UID. This probably means that your kernel is too\n"
+@@ -4141,7 +4141,7 @@ static int setup_uid_map(
+ return log_oom();
+
+ xsprintf(uid_map, "/proc/" PID_FMT "/uid_map", pid);
+- r = write_string_file(uid_map, s, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(uid_map, s, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write UID map: %m");
+
+@@ -4151,7 +4151,7 @@ static int setup_uid_map(
+ return log_oom();
+
+ xsprintf(uid_map, "/proc/" PID_FMT "/gid_map", pid);
+- r = write_string_file(uid_map, s, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(uid_map, s, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write GID map: %m");
+
+diff --git a/src/shared/binfmt-util.c b/src/shared/binfmt-util.c
+index a26175474b..1413a9c72c 100644
+--- a/src/shared/binfmt-util.c
++++ b/src/shared/binfmt-util.c
+@@ -46,7 +46,7 @@ int disable_binfmt(void) {
+ return 0;
+ }
+
+- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to unregister binfmt_misc entries: %m");
+
+diff --git a/src/shared/cgroup-setup.c b/src/shared/cgroup-setup.c
+index 934a16eaf3..c921ced861 100644
+--- a/src/shared/cgroup-setup.c
++++ b/src/shared/cgroup-setup.c
+@@ -351,7 +351,7 @@ int cg_attach(const char *controller, const char *path, pid_t pid) {
+
+ xsprintf(c, PID_FMT "\n", pid);
+
+- r = write_string_file(fs, c, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(fs, c, 0);
+ if (r == -EOPNOTSUPP && cg_is_threaded(path) > 0)
+ /* When the threaded mode is used, we cannot read/write the file. Let's return recognizable error. */
+ return -EUCLEAN;
+@@ -966,7 +966,7 @@ int cg_enable_everywhere(
+ return log_debug_errno(errno, "Failed to open cgroup.subtree_control file of %s: %m", p);
+ }
+
+- r = write_string_stream(f, s, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_stream(f, s, 0);
+ if (r < 0) {
+ log_debug_errno(r, "Failed to %s controller %s for %s (%s): %m",
+ FLAGS_SET(mask, bit) ? "enable" : "disable", n, p, fs);
+diff --git a/src/shared/coredump-util.c b/src/shared/coredump-util.c
+index 805503f366..01a7ccb291 100644
+--- a/src/shared/coredump-util.c
++++ b/src/shared/coredump-util.c
+@@ -163,7 +163,7 @@ int set_coredump_filter(uint64_t value) {
+ xsprintf(t, "0x%"PRIx64, value);
+
+ return write_string_file("/proc/self/coredump_filter", t,
+- WRITE_STRING_FILE_VERIFY_ON_FAILURE|WRITE_STRING_FILE_DISABLE_BUFFER);
++ 0);
+ }
+
+ /* Turn off core dumps but only if we're running outside of a container. */
+@@ -173,7 +173,7 @@ void disable_coredumps(void) {
+ if (detect_container() > 0)
+ return;
+
+- r = write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+ if (r < 0)
+ log_debug_errno(r, "Failed to turn off coredumps, ignoring: %m");
+ }
+diff --git a/src/shared/hibernate-util.c b/src/shared/hibernate-util.c
+index 3eb13d48f6..d09b901be1 100644
+--- a/src/shared/hibernate-util.c
++++ b/src/shared/hibernate-util.c
+@@ -481,7 +481,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
+
+ /* We write the offset first since it's safer. Note that this file is only available in 4.17+, so
+ * fail gracefully if it doesn't exist and we're only overwriting it with 0. */
+- r = write_string_file("/sys/power/resume_offset", offset_str, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/sys/power/resume_offset", offset_str, 0);
+ if (r == -ENOENT) {
+ if (offset != 0)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+@@ -497,7 +497,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
+ log_debug("Wrote resume_offset=%s for device '%s' to /sys/power/resume_offset.",
+ offset_str, device);
+
+- r = write_string_file("/sys/power/resume", devno_str, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/sys/power/resume", devno_str, 0);
+ if (r < 0)
+ return log_error_errno(r,
+ "Failed to write device '%s' (%s) to /sys/power/resume: %m",
+diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
+index 1f88e724d0..feb18b320a 100644
+--- a/src/shared/smack-util.c
++++ b/src/shared/smack-util.c
+@@ -113,7 +113,7 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
+ return 0;
+
+ p = procfs_file_alloca(pid, "attr/current");
+- r = write_string_file(p, label, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file(p, label, 0);
+ if (r < 0)
+ return r;
+
+diff --git a/src/shared/watchdog.c b/src/shared/watchdog.c
+index 4c1a968718..6faf6806a5 100644
+--- a/src/shared/watchdog.c
++++ b/src/shared/watchdog.c
+@@ -93,7 +93,7 @@ static int set_pretimeout_governor(const char *governor) {
+
+ r = write_string_file(sys_fn,
+ governor,
+- WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
++ WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set pretimeout_governor to '%s': %m", governor);
+
+diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
+index 21af3e9e52..6d4b84b5d5 100644
+--- a/src/sleep/sleep.c
++++ b/src/sleep/sleep.c
+@@ -137,7 +137,7 @@ static int write_state(int fd, char * const *states) {
+ if (k < 0)
+ return RET_GATHER(r, k);
+
+- k = write_string_stream(f, *state, WRITE_STRING_FILE_DISABLE_BUFFER);
++ k = write_string_stream(f, *state, 0);
+ if (k >= 0) {
+ log_debug("Using sleep state '%s'.", *state);
+ return 0;
+@@ -155,7 +155,7 @@ static int write_mode(char * const *modes) {
+ STRV_FOREACH(mode, modes) {
+ int k;
+
+- k = write_string_file("/sys/power/disk", *mode, WRITE_STRING_FILE_DISABLE_BUFFER);
++ k = write_string_file("/sys/power/disk", *mode, 0);
+ if (k >= 0) {
+ log_debug("Using sleep disk mode '%s'.", *mode);
+ return 0;
+diff --git a/src/storagetm/storagetm.c b/src/storagetm/storagetm.c
+index ae63baaf79..82eeca479a 100644
+--- a/src/storagetm/storagetm.c
++++ b/src/storagetm/storagetm.c
+@@ -186,7 +186,7 @@ static int nvme_subsystem_unlink(NvmeSubsystem *s) {
+ if (!enable_fn)
+ return log_oom();
+
+- r = write_string_file_at(namespaces_fd, enable_fn, "0", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(namespaces_fd, enable_fn, "0", 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to disable namespace '%s' of NVME subsystem '%s', ignoring: %m", e->d_name, s->name);
+
+@@ -254,7 +254,7 @@ static int nvme_subsystem_write_metadata(int subsystem_fd, sd_device *device) {
+ _cleanup_free_ char *truncated = strndup(w, 40); /* kernel refuses more than 40 chars (as per nvme spec) */
+
+ /* The default string stored in 'attr_model' is "Linux" btw. */
+- r = write_string_file_at(subsystem_fd, "attr_model", truncated, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(subsystem_fd, "attr_model", truncated, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set model of subsystem to '%s', ignoring: %m", w);
+ }
+@@ -268,7 +268,7 @@ static int nvme_subsystem_write_metadata(int subsystem_fd, sd_device *device) {
+ return log_oom();
+
+ /* The default string stored in 'attr_firmware' is `uname -r` btw, but truncated to 8 chars. */
+- r = write_string_file_at(subsystem_fd, "attr_firmware", truncated, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(subsystem_fd, "attr_firmware", truncated, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set model of subsystem to '%s', ignoring: %m", truncated);
+ }
+@@ -295,7 +295,7 @@ static int nvme_subsystem_write_metadata(int subsystem_fd, sd_device *device) {
+ if (!truncated)
+ return log_oom();
+
+- r = write_string_file_at(subsystem_fd, "attr_serial", truncated, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(subsystem_fd, "attr_serial", truncated, 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set serial of subsystem to '%s', ignoring: %m", truncated);
+ }
+@@ -345,7 +345,7 @@ static int nvme_namespace_write_metadata(int namespace_fd, sd_device *device, co
+ id = id128_digest(j, l);
+ }
+
+- r = write_string_file_at(namespace_fd, "device_uuid", SD_ID128_TO_UUID_STRING(id), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(namespace_fd, "device_uuid", SD_ID128_TO_UUID_STRING(id), 0);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set uuid of namespace to '%s', ignoring: %m", SD_ID128_TO_UUID_STRING(id));
+
+@@ -408,7 +408,7 @@ static int nvme_subsystem_add(const char *node, int consumed_fd, sd_device *devi
+ if (subsystem_fd < 0)
+ return log_error_errno(subsystem_fd, "Failed to create NVME subsystem '%s': %m", j);
+
+- r = write_string_file_at(subsystem_fd, "attr_allow_any_host", "1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(subsystem_fd, "attr_allow_any_host", "1", 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set 'attr_allow_any_host' flag: %m");
+
+@@ -423,11 +423,11 @@ static int nvme_subsystem_add(const char *node, int consumed_fd, sd_device *devi
+
+ /* We use /proc/$PID/fd/$FD rather than /proc/self/fd/$FD, because this string is visible to others
+ * via configfs, and by including the PID it's clear to who the stuff belongs. */
+- r = write_string_file_at(namespace_fd, "device_path", FORMAT_PROC_PID_FD_PATH(0, fd), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(namespace_fd, "device_path", FORMAT_PROC_PID_FD_PATH(0, fd), 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write 'device_path' attribute: %m");
+
+- r = write_string_file_at(namespace_fd, "enable", "1", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(namespace_fd, "enable", "1", 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write 'enable' attribute: %m");
+
+@@ -557,19 +557,19 @@ static int nvme_port_add_portnr(
+ return 0;
+ }
+
+- r = write_string_file_at(port_fd, "addr_adrfam", af_to_ipv4_ipv6(ip_family), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(port_fd, "addr_adrfam", af_to_ipv4_ipv6(ip_family), 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set address family on NVME port %" PRIu16 ": %m", portnr);
+
+- r = write_string_file_at(port_fd, "addr_trtype", "tcp", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(port_fd, "addr_trtype", "tcp", 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set transport type on NVME port %" PRIu16 ": %m", portnr);
+
+- r = write_string_file_at(port_fd, "addr_trsvcid", fname, WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(port_fd, "addr_trsvcid", fname, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set IP port on NVME port %" PRIu16 ": %m", portnr);
+
+- r = write_string_file_at(port_fd, "addr_traddr", ip_family == AF_INET6 ? "::" : "0.0.0.0", WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file_at(port_fd, "addr_traddr", ip_family == AF_INET6 ? "::" : "0.0.0.0", 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set IP address on NVME port %" PRIu16 ": %m", portnr);
+
+diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
+index febe345b4c..a90b610ba1 100644
+--- a/src/udev/udev-rules.c
++++ b/src/udev/udev-rules.c
+@@ -2711,7 +2711,6 @@ static int udev_rule_apply_token_to_event(
+ log_event_debug(dev, token, "ATTR '%s' writing '%s'", buf, value);
+ r = write_string_file(buf, value,
+ WRITE_STRING_FILE_VERIFY_ON_FAILURE |
+- WRITE_STRING_FILE_DISABLE_BUFFER |
+ WRITE_STRING_FILE_AVOID_NEWLINE |
+ WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
+ if (r < 0)
+diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c
+index 4d82c65f0a..3a3d861b83 100644
+--- a/src/vconsole/vconsole-setup.c
++++ b/src/vconsole/vconsole-setup.c
+@@ -261,7 +261,7 @@ static int toggle_utf8_vc(const char *name, int fd, bool utf8) {
+ static int toggle_utf8_sysfs(bool utf8) {
+ int r;
+
+- r = write_string_file("/sys/module/vt/parameters/default_utf8", one_zero(utf8), WRITE_STRING_FILE_DISABLE_BUFFER);
++ r = write_string_file("/sys/module/vt/parameters/default_utf8", one_zero(utf8), 0);
+ if (r < 0)
+ return log_warning_errno(r, "Failed to %s sysfs UTF-8 flag: %m", enable_disable(utf8));
+
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0022-Handle-__cpu_mask-usage.patch b/poky/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch
similarity index 83%
rename from poky/meta/recipes-core/systemd/systemd/0022-Handle-__cpu_mask-usage.patch
rename to poky/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch
index 580aff3..43f7537 100644
--- a/poky/meta/recipes-core/systemd/systemd/0022-Handle-__cpu_mask-usage.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch
@@ -1,7 +1,7 @@
-From a50ec65dbe660421052656dda7499c925005f486 Mon Sep 17 00:00:00 2001
+From 2f90f8463423cfbb7e83fcef42f1071018c3b56e Mon Sep 17 00:00:00 2001
From: Scott Murray <scott.murray@konsulko.com>
Date: Fri, 13 Sep 2019 19:26:27 -0400
-Subject: [PATCH] Handle __cpu_mask usage
+Subject: [PATCH 13/22] Handle __cpu_mask usage
Fixes errors:
@@ -23,6 +23,8 @@
src/test/test-sizeof.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
+diff --git a/src/shared/cpu-set-util.h b/src/shared/cpu-set-util.h
+index 3c63a58826..4c2d4347fc 100644
--- a/src/shared/cpu-set-util.h
+++ b/src/shared/cpu-set-util.h
@@ -6,6 +6,8 @@
@@ -34,6 +36,8 @@
/* This wraps the libc interface with a variable to keep the allocated size. */
typedef struct CPUSet {
cpu_set_t *set;
+diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c
+index ea0c58770e..b65c0bd370 100644
--- a/src/test/test-sizeof.c
+++ b/src/test/test-sizeof.c
@@ -1,6 +1,5 @@
@@ -51,3 +55,6 @@
/* Print information about various types. Useful when diagnosing
* gcc diagnostics on an unfamiliar architecture. */
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0023-Handle-missing-gshadow.patch b/poky/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch
similarity index 96%
rename from poky/meta/recipes-core/systemd/systemd/0023-Handle-missing-gshadow.patch
rename to poky/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch
index 19ee3ff..a751e1b 100644
--- a/poky/meta/recipes-core/systemd/systemd/0023-Handle-missing-gshadow.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch
@@ -1,7 +1,7 @@
-From ebf0f69d8614b8d86a971b97ff0d847d1e5d47c9 Mon Sep 17 00:00:00 2001
+From b7c827bb44edbb6251c9fcdb80aa03982c0e7bf3 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Tue, 10 Mar 2020 11:05:20 +0000
-Subject: [PATCH] Handle missing gshadow
+Subject: [PATCH 14/22] Handle missing gshadow
gshadow usage is now present in the userdb code. Mask all uses of it to
allow compilation on musl
@@ -17,7 +17,7 @@
3 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/src/shared/user-record-nss.c b/src/shared/user-record-nss.c
-index 88b8fc2f8f..a819d41bac 100644
+index 414a49331b..1a4e1b628c 100644
--- a/src/shared/user-record-nss.c
+++ b/src/shared/user-record-nss.c
@@ -329,8 +329,10 @@ int nss_group_to_group_record(
@@ -138,7 +138,7 @@
#include <shadow.h>
diff --git a/src/shared/userdb.c b/src/shared/userdb.c
-index a77eff4407..955e361d3a 100644
+index f60d48ace4..e878199a28 100644
--- a/src/shared/userdb.c
+++ b/src/shared/userdb.c
@@ -1038,13 +1038,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
@@ -169,5 +169,5 @@
return r;
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
similarity index 84%
rename from poky/meta/recipes-core/systemd/systemd/0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
rename to poky/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
index d64cec1..e112766 100644
--- a/poky/meta/recipes-core/systemd/systemd/0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch
@@ -1,7 +1,7 @@
-From a2f56a2a6cdd5137bb1e680aa9f6c40540107166 Mon Sep 17 00:00:00 2001
+From 3dc9d9d410bcce54fddfd94f43f7f77f3aa8e281 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 12 Apr 2021 23:44:53 -0700
-Subject: [PATCH] missing_syscall.h: Define MIPS ABI defines for musl
+Subject: [PATCH 15/22] missing_syscall.h: Define MIPS ABI defines for musl
musl does not define _MIPS_SIM_ABI32, _MIPS_SIM_NABI32, _MIPS_SIM_ABI64
unlike glibc where these are provided by libc headers, therefore define
@@ -16,7 +16,7 @@
2 files changed, 7 insertions(+)
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
-index 98cd037962..ea6a76c2e2 100644
+index d795efd8f2..d6729d3c1d 100644
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@@ -20,6 +20,12 @@
@@ -33,7 +33,7 @@
#include "missing_keyctl.h"
#include "missing_stat.h"
diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
-index 2726dc946a..484f63e0b4 100644
+index 7ae921a113..0ef9d1fd39 100644
--- a/src/shared/base-filesystem.c
+++ b/src/shared/base-filesystem.c
@@ -20,6 +20,7 @@
@@ -45,5 +45,5 @@
typedef struct BaseFilesystem {
const char *dir; /* directory or symlink to create */
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0005-pass-correct-parameters-to-getdents64.patch b/poky/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch
similarity index 92%
rename from poky/meta/recipes-core/systemd/systemd/0005-pass-correct-parameters-to-getdents64.patch
rename to poky/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch
index c634d8e..0be817e 100644
--- a/poky/meta/recipes-core/systemd/systemd/0005-pass-correct-parameters-to-getdents64.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch
@@ -1,7 +1,7 @@
-From 17766c64ecc7dedf09ed2d361690fc4eda77bf42 Mon Sep 17 00:00:00 2001
+From 0994b59dba9f248ad31cb7087046dc00b72cb4ea Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 21 Jan 2022 15:15:11 -0800
-Subject: [PATCH] pass correct parameters to getdents64
+Subject: [PATCH 16/22] pass correct parameters to getdents64
Fixes
../git/src/basic/recurse-dir.c:57:40: error: incompatible pointer types passing 'uint8_t *' (aka 'unsigned char *') to parameter of type 'struct dirent *' [-Werror,-Wincompatible-pointer-types]
@@ -33,5 +33,5 @@
return -errno;
if (n == 0)
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch b/poky/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch
similarity index 89%
rename from poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch
rename to poky/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch
index 5e9646c..4176522 100644
--- a/poky/meta/recipes-core/systemd/systemd/0001-Adjust-for-musl-headers.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch
@@ -1,11 +1,14 @@
-From e5f067cb3dc845dd865e450f4e64077b28feb4c0 Mon Sep 17 00:00:00 2001
+From 3c094d443ca30f19114392fd8ef274af6eabc12d Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 21 Jan 2022 22:19:37 -0800
-Subject: [PATCH] Adjust for musl headers
+Subject: [PATCH 17/22] Adjust for musl headers
Upstream-Status: Inappropriate [musl specific]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+[Rebased for v255.1]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
src/libsystemd-network/sd-dhcp6-client.c | 2 +-
src/network/netdev/bareudp.c | 2 +-
@@ -33,7 +36,7 @@
src/network/netdev/xfrm.c | 2 +-
src/network/networkd-bridge-mdb.c | 4 ++--
src/network/networkd-dhcp-common.c | 3 ++-
- src/network/networkd-dhcp-prefix-delegation.c | 4 ++--
+ src/network/networkd-dhcp-prefix-delegation.c | 3 ++-
src/network/networkd-dhcp-server.c | 2 +-
src/network/networkd-dhcp4.c | 2 +-
src/network/networkd-ipv6ll.c | 2 +-
@@ -41,13 +44,14 @@
src/network/networkd-ndisc.c | 2 +-
src/network/networkd-route.c | 8 ++++----
src/network/networkd-setlink.c | 2 +-
+ src/network/networkd-sysctl.c | 2 +-
src/shared/linux/ethtool.h | 3 ++-
src/shared/netif-util.c | 2 +-
src/udev/udev-builtin-net_id.c | 2 +-
- 37 files changed, 44 insertions(+), 42 deletions(-)
+ 38 files changed, 45 insertions(+), 42 deletions(-)
diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c
-index 57dd91f81f..2b7f4fa3a7 100644
+index c20367dfc9..b8d4cd8c2a 100644
--- a/src/libsystemd-network/sd-dhcp6-client.c
+++ b/src/libsystemd-network/sd-dhcp6-client.c
@@ -5,7 +5,7 @@
@@ -60,7 +64,7 @@
#include "sd-dhcp6-client.h"
diff --git a/src/network/netdev/bareudp.c b/src/network/netdev/bareudp.c
-index 24d3afb877..f6241b41ee 100644
+index 1df886573b..c8b6714726 100644
--- a/src/network/netdev/bareudp.c
+++ b/src/network/netdev/bareudp.c
@@ -2,7 +2,7 @@
@@ -73,7 +77,7 @@
#include "bareudp.h"
#include "netlink-util.h"
diff --git a/src/network/netdev/batadv.c b/src/network/netdev/batadv.c
-index 7e97619657..50fcffcfdf 100644
+index 26da0231d4..2e8002af8c 100644
--- a/src/network/netdev/batadv.c
+++ b/src/network/netdev/batadv.c
@@ -3,7 +3,7 @@
@@ -86,7 +90,7 @@
#include "batadv.h"
#include "fileio.h"
diff --git a/src/network/netdev/bond.c b/src/network/netdev/bond.c
-index 601bff0a9c..dfed8d9e54 100644
+index 4d75a0d6bf..985b3197e0 100644
--- a/src/network/netdev/bond.c
+++ b/src/network/netdev/bond.c
@@ -1,7 +1,7 @@
@@ -99,7 +103,7 @@
#include "alloc-util.h"
#include "bond.h"
diff --git a/src/network/netdev/bridge.c b/src/network/netdev/bridge.c
-index b65c3b49fc..6875b4fbdb 100644
+index 3e394edadf..f12f667687 100644
--- a/src/network/netdev/bridge.c
+++ b/src/network/netdev/bridge.c
@@ -2,7 +2,7 @@
@@ -124,7 +128,7 @@
#include "dummy.h"
diff --git a/src/network/netdev/geneve.c b/src/network/netdev/geneve.c
-index 777a32d75c..73bfa2b5c1 100644
+index bc655ec7ff..a77e8e17e4 100644
--- a/src/network/netdev/geneve.c
+++ b/src/network/netdev/geneve.c
@@ -2,7 +2,7 @@
@@ -150,7 +154,7 @@
#include "ifb.h"
diff --git a/src/network/netdev/ipoib.c b/src/network/netdev/ipoib.c
-index 5dd9286d57..4036d66dad 100644
+index d5fe299b7b..c9c8002eac 100644
--- a/src/network/netdev/ipoib.c
+++ b/src/network/netdev/ipoib.c
@@ -1,6 +1,6 @@
@@ -162,7 +166,7 @@
#include "ipoib.h"
diff --git a/src/network/netdev/ipvlan.c b/src/network/netdev/ipvlan.c
-index 058eadebd7..c470ebb6d7 100644
+index 05d5d010f6..d440f49537 100644
--- a/src/network/netdev/ipvlan.c
+++ b/src/network/netdev/ipvlan.c
@@ -2,7 +2,7 @@
@@ -175,7 +179,7 @@
#include "conf-parser.h"
#include "ipvlan.h"
diff --git a/src/network/netdev/macsec.c b/src/network/netdev/macsec.c
-index 0da3dd4bd2..eb20f04469 100644
+index 17d6acefb6..679d0984f9 100644
--- a/src/network/netdev/macsec.c
+++ b/src/network/netdev/macsec.c
@@ -1,7 +1,7 @@
@@ -188,7 +192,7 @@
#include <linux/if_macsec.h>
#include <linux/genetlink.h>
diff --git a/src/network/netdev/macvlan.c b/src/network/netdev/macvlan.c
-index 1114bb0cb1..6c79a219a4 100644
+index 203807e3a5..8ab09a387e 100644
--- a/src/network/netdev/macvlan.c
+++ b/src/network/netdev/macvlan.c
@@ -2,7 +2,7 @@
@@ -201,7 +205,7 @@
#include "conf-parser.h"
#include "macvlan.h"
diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c
-index 038a27c118..67155f0db7 100644
+index 57127a861a..7f787d0b9f 100644
--- a/src/network/netdev/netdev.c
+++ b/src/network/netdev/netdev.c
@@ -2,7 +2,7 @@
@@ -238,7 +242,7 @@
#include "nlmon.h"
diff --git a/src/network/netdev/tunnel.c b/src/network/netdev/tunnel.c
-index 2addfeecaa..954987f26d 100644
+index db84e7cf6e..93d5642962 100644
--- a/src/network/netdev/tunnel.c
+++ b/src/network/netdev/tunnel.c
@@ -2,7 +2,7 @@
@@ -263,7 +267,7 @@
#include "vcan.h"
diff --git a/src/network/netdev/veth.c b/src/network/netdev/veth.c
-index fb00e6667f..f52d9ee89a 100644
+index e0f5b4ebb1..8a424ed03d 100644
--- a/src/network/netdev/veth.c
+++ b/src/network/netdev/veth.c
@@ -3,7 +3,7 @@
@@ -276,7 +280,7 @@
#include "netlink-util.h"
diff --git a/src/network/netdev/vlan.c b/src/network/netdev/vlan.c
-index a3d961dac3..386b567a42 100644
+index 2390206993..efec630e30 100644
--- a/src/network/netdev/vlan.c
+++ b/src/network/netdev/vlan.c
@@ -2,7 +2,7 @@
@@ -289,7 +293,7 @@
#include "parse-util.h"
diff --git a/src/network/netdev/vrf.c b/src/network/netdev/vrf.c
-index 05ef3ff13d..825fc4a398 100644
+index b75ec2bcc6..6aeeea640b 100644
--- a/src/network/netdev/vrf.c
+++ b/src/network/netdev/vrf.c
@@ -2,7 +2,7 @@
@@ -302,7 +306,7 @@
#include "vrf.h"
diff --git a/src/network/netdev/vxcan.c b/src/network/netdev/vxcan.c
-index 83269b0707..39c6dbe29c 100644
+index c0343f45b6..f9e718f40b 100644
--- a/src/network/netdev/vxcan.c
+++ b/src/network/netdev/vxcan.c
@@ -1,7 +1,7 @@
@@ -315,7 +319,7 @@
#include "vxcan.h"
diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c
-index 589161938a..0ec9625b7a 100644
+index b11fdbbd0d..a971a917f0 100644
--- a/src/network/netdev/vxlan.c
+++ b/src/network/netdev/vxlan.c
@@ -2,7 +2,7 @@
@@ -328,7 +332,7 @@
#include "conf-parser.h"
#include "alloc-util.h"
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
-index 51e7e02990..fc36c0623a 100644
+index 4c7d837c41..6df6dfb816 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -6,7 +6,7 @@
@@ -341,7 +345,7 @@
#include "sd-resolve.h"
diff --git a/src/network/netdev/xfrm.c b/src/network/netdev/xfrm.c
-index a961d8fef2..6c1815b257 100644
+index 905bfc0bdf..39e34dbb3b 100644
--- a/src/network/netdev/xfrm.c
+++ b/src/network/netdev/xfrm.c
@@ -1,6 +1,6 @@
@@ -374,7 +378,7 @@
#define STATIC_BRIDGE_MDB_ENTRIES_PER_NETWORK_MAX 1024U
diff --git a/src/network/networkd-dhcp-common.c b/src/network/networkd-dhcp-common.c
-index ca9a825e7b..8735e261ad 100644
+index 080b15387c..efe8283957 100644
--- a/src/network/networkd-dhcp-common.c
+++ b/src/network/networkd-dhcp-common.c
@@ -1,7 +1,8 @@
@@ -388,18 +392,17 @@
#include "bus-error.h"
#include "bus-locator.h"
diff --git a/src/network/networkd-dhcp-prefix-delegation.c b/src/network/networkd-dhcp-prefix-delegation.c
-index 66c5e979d9..581b6b8c29 100644
+index af2fe9efcd..511565700f 100644
--- a/src/network/networkd-dhcp-prefix-delegation.c
+++ b/src/network/networkd-dhcp-prefix-delegation.c
-@@ -1,7 +1,5 @@
+@@ -1,6 +1,5 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
-#include <linux/ipv6_route.h>
--
- #include "sd-dhcp6-client.h"
+ #include "dhcp6-lease-internal.h"
#include "hashmap.h"
-@@ -21,6 +19,8 @@
+@@ -20,6 +19,8 @@
#include "strv.h"
#include "tunnel.h"
@@ -409,7 +412,7 @@
assert(link);
diff --git a/src/network/networkd-dhcp-server.c b/src/network/networkd-dhcp-server.c
-index 620fbbddc7..c8af20fb34 100644
+index 607fe0053c..9ce4005874 100644
--- a/src/network/networkd-dhcp-server.c
+++ b/src/network/networkd-dhcp-server.c
@@ -1,7 +1,7 @@
@@ -422,7 +425,7 @@
#include "sd-dhcp-server.h"
diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
-index d4b4942173..3d78da5609 100644
+index efbae6d868..1ea2151d50 100644
--- a/src/network/networkd-dhcp4.c
+++ b/src/network/networkd-dhcp4.c
@@ -3,7 +3,7 @@
@@ -448,7 +451,7 @@
#include "in-addr-util.h"
#include "networkd-address.h"
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
-index 019bef0590..657fc41ae6 100644
+index ee5f0f2c0a..ea5269a2de 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -3,7 +3,7 @@
@@ -461,7 +464,7 @@
#include <linux/netdevice.h>
#include <sys/socket.h>
diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
-index 99a07e16fc..e51cd81d96 100644
+index ab9eeb13a5..dd96fe7483 100644
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -6,7 +6,7 @@
@@ -474,7 +477,7 @@
#include "sd-ndisc.h"
diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c
-index 5214a8ad2c..9dd758daae 100644
+index 7218d799fc..30d5574eae 100644
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@@ -1,9 +1,5 @@
@@ -499,7 +502,7 @@
_cleanup_(route_freep) Route *route = NULL;
diff --git a/src/network/networkd-setlink.c b/src/network/networkd-setlink.c
-index 541c4b8a72..06ebda8f0f 100644
+index 2298f9ea3a..7d5f87de53 100644
--- a/src/network/networkd-setlink.c
+++ b/src/network/networkd-setlink.c
@@ -2,7 +2,7 @@
@@ -511,8 +514,21 @@
#include <linux/if_bridge.h>
#include "missing_network.h"
+diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c
+index 2b226b2e2a..f12a474e2f 100644
+--- a/src/network/networkd-sysctl.c
++++ b/src/network/networkd-sysctl.c
+@@ -2,7 +2,7 @@
+
+ #include <netinet/in.h>
+ #include <linux/if.h>
+-#include <linux/if_arp.h>
++//#include <linux/if_arp.h>
+
+ #include "missing_network.h"
+ #include "networkd-link.h"
diff --git a/src/shared/linux/ethtool.h b/src/shared/linux/ethtool.h
-index 1458de3627..d5c2d2e0ac 100644
+index 3d1da515c0..3fca9a4faf 100644
--- a/src/shared/linux/ethtool.h
+++ b/src/shared/linux/ethtool.h
@@ -16,7 +16,8 @@
@@ -539,7 +555,7 @@
#include "arphrd-util.h"
#include "device-util.h"
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
-index a48d5dedf8..31a8bc1b3c 100644
+index f528a46b8e..830318cda5 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -18,7 +18,7 @@
@@ -552,5 +568,5 @@
#include <linux/pci_regs.h>
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch b/poky/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch
similarity index 89%
rename from poky/meta/recipes-core/systemd/systemd/0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch
rename to poky/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch
index 96322e5..75f6b90 100644
--- a/poky/meta/recipes-core/systemd/systemd/0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch
@@ -1,8 +1,8 @@
-From fa598869cca684c001f3dc23ce2198f5a6169e2a Mon Sep 17 00:00:00 2001
+From be02bd0876a061728661535a709d313e39fe1ac3 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 8 Nov 2022 13:31:34 -0800
-Subject: [PATCH] test-bus-error: strerror() is assumed to be GNU specific
- version mark it so
+Subject: [PATCH 18/22] test-bus-error: strerror() is assumed to be GNU
+ specific version mark it so
Upstream-Status: Inappropriate [Upstream systemd only supports glibc]
@@ -27,7 +27,7 @@
assert_se(sd_bus_error_get_errno(&error) == EBUSY);
assert_se(sd_bus_error_is_set(&error));
diff --git a/src/test/test-errno-util.c b/src/test/test-errno-util.c
-index d3d022c33f..74e95c804d 100644
+index 376d532281..967cfd4d67 100644
--- a/src/test/test-errno-util.c
+++ b/src/test/test-errno-util.c
@@ -4,7 +4,7 @@
@@ -48,5 +48,5 @@
TEST(PROTECT_ERRNO) {
errno = 12;
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0003-errno-util-Make-STRERROR-portable-for-musl.patch b/poky/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch
similarity index 81%
rename from poky/meta/recipes-core/systemd/systemd/0003-errno-util-Make-STRERROR-portable-for-musl.patch
rename to poky/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch
index fcc56a2..e038b73 100644
--- a/poky/meta/recipes-core/systemd/systemd/0003-errno-util-Make-STRERROR-portable-for-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch
@@ -1,7 +1,7 @@
-From f629a76e0fba300a9d511614160fee38dd4a5e57 Mon Sep 17 00:00:00 2001
+From 46d80840bfe37e67d4f18c37a77751ea1fe63a07 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 23 Jan 2023 23:39:46 -0800
-Subject: [PATCH] errno-util: Make STRERROR portable for musl
+Subject: [PATCH 19/22] errno-util: Make STRERROR portable for musl
Sadly, systemd has decided to use yet another GNU extention in a macro
lets make this such that we can use XSI compliant strerror_r() for
@@ -11,20 +11,21 @@
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- src/basic/errno-util.h | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
+ src/basic/errno-util.h | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h
-index 091f99c590..eb5c1f9961 100644
+index 27804e6382..274c1c6ef1 100644
--- a/src/basic/errno-util.h
+++ b/src/basic/errno-util.h
-@@ -14,8 +14,16 @@
+@@ -15,8 +15,16 @@
* https://stackoverflow.com/questions/34880638/compound-literal-lifetime-and-if-blocks
*
* Note that we use the GNU variant of strerror_r() here. */
-#define STRERROR(errnum) strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN)
+-
+static inline const char * STRERROR(int errnum);
-
++
+static inline const char * STRERROR(int errnum) {
+#ifdef __GLIBC__
+ return strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN);
@@ -37,5 +38,5 @@
* Note that we can't use ({ … }) to define a temporary variable, so errnum is
* evaluated twice. */
--
-2.39.2
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0028-sd-event-Make-malloc_trim-conditional-on-glibc.patch b/poky/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch
similarity index 85%
rename from poky/meta/recipes-core/systemd/systemd/0028-sd-event-Make-malloc_trim-conditional-on-glibc.patch
rename to poky/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch
index c9ec000..b83fffe 100644
--- a/poky/meta/recipes-core/systemd/systemd/0028-sd-event-Make-malloc_trim-conditional-on-glibc.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch
@@ -1,7 +1,7 @@
-From 148645ba8b62f04c7c5ff5907378663f97880f22 Mon Sep 17 00:00:00 2001
+From 9eb4867b4e2dbdb2484ae854022aff97e2f0feb3 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 2 Aug 2023 12:06:27 -0700
-Subject: [PATCH 1/4] sd-event: Make malloc_trim() conditional on glibc
+Subject: [PATCH 20/22] sd-event: Make malloc_trim() conditional on glibc
musl does not have this API
@@ -12,28 +12,28 @@
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
-index aba458185b..48c94a7672 100644
+index 288798a0dc..6419a7f216 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -1874,7 +1874,7 @@ _public_ int sd_event_add_exit(
}
-
+
_public_ int sd_event_trim_memory(void) {
- int r;
+ int r = 0;
-
+
/* A default implementation of a memory pressure callback. Simply releases our own allocation caches
* and glibc's. This is automatically used when people call sd_event_add_memory_pressure() with a
@@ -1888,7 +1888,9 @@ _public_ int sd_event_trim_memory(void) {
-
+
usec_t before_timestamp = now(CLOCK_MONOTONIC);
hashmap_trim_pools();
+#ifdef __GLIBC__
r = malloc_trim(0);
+#endif
usec_t after_timestamp = now(CLOCK_MONOTONIC);
-
+
if (r > 0)
---
-2.41.0
+--
+2.34.1
diff --git a/poky/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch b/poky/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
deleted file mode 100644
index c850872..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0021-do-not-disable-buffer-in-writing-files.patch
+++ /dev/null
@@ -1,397 +0,0 @@
-From aa6e5588e6d01c12e2f101d140cc710ab199df16 Mon Sep 17 00:00:00 2001
-From: Chen Qi <Qi.Chen@windriver.com>
-Date: Fri, 1 Mar 2019 15:22:15 +0800
-Subject: [PATCH] do not disable buffer in writing files
-
-Do not disable buffer in writing files, otherwise we get
-failure at boot for musl like below.
-
- [!!!!!!] Failed to allocate manager object.
-
-And there will be other failures, critical or not critical.
-This is specific to musl.
-
-Upstream-Status: Inappropriate [musl]
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-[Rebased for v242]
-Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
-[rebased for systemd 243]
-Signed-off-by: Scott Murray <scott.murray@konsulko.com>
-[rebased for systemd 254]
----
- src/basic/cgroup-util.c | 12 ++++++------
- src/basic/namespace-util.c | 4 ++--
- src/basic/procfs-util.c | 4 ++--
- src/basic/sysctl-util.c | 2 +-
- src/binfmt/binfmt.c | 6 +++---
- src/core/cgroup.c | 2 +-
- src/core/main.c | 2 +-
- src/core/smack-setup.c | 8 ++++----
- src/home/homework.c | 2 +-
- src/libsystemd/sd-device/sd-device.c | 2 +-
- src/nspawn/nspawn-cgroup.c | 2 +-
- src/nspawn/nspawn.c | 6 +++---
- src/shared/binfmt-util.c | 2 +-
- src/shared/cgroup-setup.c | 4 ++--
- src/shared/coredump-util.c | 2 +-
- src/shared/sleep-util.c | 4 ++--
- src/shared/smack-util.c | 2 +-
- src/sleep/sleep.c | 4 ++--
- src/udev/udev-rules.c | 1 -
- src/vconsole/vconsole-setup.c | 2 +-
- 20 files changed, 36 insertions(+), 37 deletions(-)
-
---- a/src/basic/cgroup-util.c
-+++ b/src/basic/cgroup-util.c
-@@ -400,7 +400,7 @@ int cg_kill_kernel_sigkill(const char *c
- if (r < 0)
- return r;
-
-- r = write_string_file(killfile, "1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(killfile, "1", 0);
- if (r < 0)
- return r;
-
-@@ -806,7 +806,7 @@ int cg_install_release_agent(const char
-
- sc = strstrip(contents);
- if (isempty(sc)) {
-- r = write_string_file(fs, agent, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(fs, agent, 0);
- if (r < 0)
- return r;
- } else if (!path_equal(sc, agent))
-@@ -824,7 +824,7 @@ int cg_install_release_agent(const char
-
- sc = strstrip(contents);
- if (streq(sc, "0")) {
-- r = write_string_file(fs, "1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(fs, "1", 0);
- if (r < 0)
- return r;
-
-@@ -851,7 +851,7 @@ int cg_uninstall_release_agent(const cha
- if (r < 0)
- return r;
-
-- r = write_string_file(fs, "0", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(fs, "0", 0);
- if (r < 0)
- return r;
-
-@@ -861,7 +861,7 @@ int cg_uninstall_release_agent(const cha
- if (r < 0)
- return r;
-
-- r = write_string_file(fs, "", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(fs, "", 0);
- if (r < 0)
- return r;
-
-@@ -1764,7 +1764,7 @@ int cg_set_attribute(const char *control
- if (r < 0)
- return r;
-
-- return write_string_file(p, value, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ return write_string_file(p, value, 0);
- }
-
- int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
---- a/src/basic/namespace-util.c
-+++ b/src/basic/namespace-util.c
-@@ -227,12 +227,12 @@ int userns_acquire(const char *uid_map,
- freeze();
-
- xsprintf(path, "/proc/" PID_FMT "/uid_map", pid);
-- r = write_string_file(path, uid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, uid_map, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write UID map: %m");
-
- xsprintf(path, "/proc/" PID_FMT "/gid_map", pid);
-- r = write_string_file(path, gid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, gid_map, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write GID map: %m");
-
---- a/src/basic/procfs-util.c
-+++ b/src/basic/procfs-util.c
-@@ -64,13 +64,13 @@ int procfs_tasks_set_limit(uint64_t limi
- * decrease it, as threads-max is the much more relevant sysctl. */
- if (limit > pid_max-1) {
- sprintf(buffer, "%" PRIu64, limit+1); /* Add one, since PID 0 is not a valid PID */
-- r = write_string_file("/proc/sys/kernel/pid_max", buffer, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/kernel/pid_max", buffer, 0);
- if (r < 0)
- return r;
- }
-
- sprintf(buffer, "%" PRIu64, limit);
-- r = write_string_file("/proc/sys/kernel/threads-max", buffer, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/kernel/threads-max", buffer, 0);
- if (r < 0) {
- uint64_t threads_max;
-
---- a/src/basic/sysctl-util.c
-+++ b/src/basic/sysctl-util.c
-@@ -58,7 +58,7 @@ int sysctl_write(const char *property, c
-
- log_debug("Setting '%s' to '%s'", p, value);
-
-- return write_string_file(p, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_SUPPRESS_REDUNDANT_VIRTUAL);
-+ return write_string_file(p, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_SUPPRESS_REDUNDANT_VIRTUAL);
- }
-
- int sysctl_writef(const char *property, const char *format, ...) {
---- a/src/binfmt/binfmt.c
-+++ b/src/binfmt/binfmt.c
-@@ -30,7 +30,7 @@ static bool arg_unregister = false;
-
- static int delete_rule(const char *rulename) {
- const char *fn = strjoina("/proc/sys/fs/binfmt_misc/", rulename);
-- return write_string_file(fn, "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ return write_string_file(fn, "-1", 0);
- }
-
- static int apply_rule(const char *filename, unsigned line, const char *rule) {
-@@ -58,7 +58,7 @@ static int apply_rule(const char *filena
- if (r >= 0)
- log_debug("%s:%u: Rule '%s' deleted.", filename, line, rulename);
-
-- r = write_string_file("/proc/sys/fs/binfmt_misc/register", rule, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/fs/binfmt_misc/register", rule, 0);
- if (r < 0)
- return log_error_errno(r, "%s:%u: Failed to add binary format '%s': %m",
- filename, line, rulename);
-@@ -244,7 +244,7 @@ static int run(int argc, char *argv[]) {
- return r;
-
- /* Flush out all rules */
-- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
- if (r < 0)
- log_warning_errno(r, "Failed to flush binfmt_misc rules, ignoring: %m");
- else
---- a/src/core/cgroup.c
-+++ b/src/core/cgroup.c
-@@ -4349,7 +4349,7 @@ int unit_cgroup_freezer_action(Unit *u,
- u->freezer_state = FREEZER_THAWING;
- }
-
-- r = write_string_file(path, one_zero(action == FREEZER_FREEZE), WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(path, one_zero(action == FREEZER_FREEZE), 0);
- if (r < 0)
- return r;
-
---- a/src/core/main.c
-+++ b/src/core/main.c
-@@ -1737,7 +1737,7 @@ static void initialize_core_pattern(bool
- if (getpid_cached() != 1)
- return;
-
-- r = write_string_file("/proc/sys/kernel/core_pattern", arg_early_core_pattern, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/kernel/core_pattern", arg_early_core_pattern, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to write '%s' to /proc/sys/kernel/core_pattern, ignoring: %m",
- arg_early_core_pattern);
---- a/src/core/smack-setup.c
-+++ b/src/core/smack-setup.c
-@@ -319,17 +319,17 @@ int mac_smack_setup(bool *loaded_policy)
- }
-
- #if HAVE_SMACK_RUN_LABEL
-- r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK label \"" SMACK_RUN_LABEL "\" on self: %m");
-- r = write_string_file("/sys/fs/smackfs/ambient", SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/sys/fs/smackfs/ambient", SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK ambient label \"" SMACK_RUN_LABEL "\": %m");
- r = write_string_file("/sys/fs/smackfs/netlabel",
-- "0.0.0.0/0 " SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ "0.0.0.0/0 " SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK netlabel rule \"0.0.0.0/0 " SMACK_RUN_LABEL "\": %m");
-- r = write_string_file("/sys/fs/smackfs/netlabel", "127.0.0.1 -CIPSO", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/sys/fs/smackfs/netlabel", "127.0.0.1 -CIPSO", 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK netlabel rule \"127.0.0.1 -CIPSO\": %m");
- #endif
---- a/src/home/homework.c
-+++ b/src/home/homework.c
-@@ -278,7 +278,7 @@ static void drop_caches_now(void) {
- * for details. We write "2" into /proc/sys/vm/drop_caches to ensure dentries/inodes are flushed, but
- * not more. */
-
-- r = write_string_file("/proc/sys/vm/drop_caches", "2\n", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/vm/drop_caches", "2\n", 0);
- if (r < 0)
- log_warning_errno(r, "Failed to drop caches, ignoring: %m");
- else
---- a/src/libsystemd/sd-device/sd-device.c
-+++ b/src/libsystemd/sd-device/sd-device.c
-@@ -2515,7 +2515,7 @@ _public_ int sd_device_set_sysattr_value
- if (!value)
- return -ENOMEM;
-
-- r = write_string_file(path, value, WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_NOFOLLOW);
-+ r = write_string_file(path, value, 0 | WRITE_STRING_FILE_NOFOLLOW);
- if (r < 0) {
- /* On failure, clear cache entry, as we do not know how it fails. */
- device_remove_cached_sysattr_value(device, sysattr);
---- a/src/nspawn/nspawn-cgroup.c
-+++ b/src/nspawn/nspawn-cgroup.c
-@@ -122,7 +122,7 @@ int sync_cgroup(pid_t pid, CGroupUnified
- fn = strjoina(tree, cgroup, "/cgroup.procs");
-
- sprintf(pid_string, PID_FMT, pid);
-- r = write_string_file(fn, pid_string, WRITE_STRING_FILE_DISABLE_BUFFER|WRITE_STRING_FILE_MKDIR_0755);
-+ r = write_string_file(fn, pid_string, WRITE_STRING_FILE_MKDIR_0755);
- if (r < 0) {
- log_error_errno(r, "Failed to move process: %m");
- goto finish;
---- a/src/nspawn/nspawn.c
-+++ b/src/nspawn/nspawn.c
-@@ -2774,7 +2774,7 @@ static int reset_audit_loginuid(void) {
- if (streq(p, "4294967295"))
- return 0;
-
-- r = write_string_file("/proc/self/loginuid", "4294967295", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/self/loginuid", "4294967295", 0);
- if (r < 0) {
- log_error_errno(r,
- "Failed to reset audit login UID. This probably means that your kernel is too\n"
-@@ -4214,7 +4214,7 @@ static int setup_uid_map(
- return log_oom();
-
- xsprintf(uid_map, "/proc/" PID_FMT "/uid_map", pid);
-- r = write_string_file(uid_map, s, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(uid_map, s, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write UID map: %m");
-
-@@ -4224,7 +4224,7 @@ static int setup_uid_map(
- return log_oom();
-
- xsprintf(uid_map, "/proc/" PID_FMT "/gid_map", pid);
-- r = write_string_file(uid_map, s, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(uid_map, s, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to write GID map: %m");
-
---- a/src/shared/binfmt-util.c
-+++ b/src/shared/binfmt-util.c
-@@ -46,7 +46,7 @@ int disable_binfmt(void) {
- return 0;
- }
-
-- r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/proc/sys/fs/binfmt_misc/status", "-1", 0);
- if (r < 0)
- return log_warning_errno(r, "Failed to unregister binfmt_misc entries: %m");
-
---- a/src/shared/cgroup-setup.c
-+++ b/src/shared/cgroup-setup.c
-@@ -351,7 +351,7 @@ int cg_attach(const char *controller, co
-
- xsprintf(c, PID_FMT "\n", pid);
-
-- r = write_string_file(fs, c, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(fs, c, 0);
- if (r == -EOPNOTSUPP && cg_is_threaded(controller, path) > 0)
- /* When the threaded mode is used, we cannot read/write the file. Let's return recognizable error. */
- return -EUCLEAN;
-@@ -964,7 +964,7 @@ int cg_enable_everywhere(
- return log_debug_errno(errno, "Failed to open cgroup.subtree_control file of %s: %m", p);
- }
-
-- r = write_string_stream(f, s, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_stream(f, s, 0);
- if (r < 0) {
- log_debug_errno(r, "Failed to %s controller %s for %s (%s): %m",
- FLAGS_SET(mask, bit) ? "enable" : "disable", n, p, fs);
---- a/src/shared/coredump-util.c
-+++ b/src/shared/coredump-util.c
-@@ -163,7 +163,7 @@ int set_coredump_filter(uint64_t value)
- xsprintf(t, "0x%"PRIx64, value);
-
- return write_string_file("/proc/self/coredump_filter", t,
-- WRITE_STRING_FILE_VERIFY_ON_FAILURE|WRITE_STRING_FILE_DISABLE_BUFFER);
-+ 0);
- }
-
- /* Turn off core dumps but only if we're running outside of a container. */
---- a/src/shared/sleep-util.c
-+++ b/src/shared/sleep-util.c
-@@ -1044,7 +1044,7 @@ int write_resume_config(dev_t devno, uin
-
- /* We write the offset first since it's safer. Note that this file is only available in 4.17+, so
- * fail gracefully if it doesn't exist and we're only overwriting it with 0. */
-- r = write_string_file("/sys/power/resume_offset", offset_str, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/sys/power/resume_offset", offset_str, 0);
- if (r == -ENOENT) {
- if (offset != 0)
- return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
-@@ -1060,7 +1060,7 @@ int write_resume_config(dev_t devno, uin
- log_debug("Wrote resume_offset=%s for device '%s' to /sys/power/resume_offset.",
- offset_str, device);
-
-- r = write_string_file("/sys/power/resume", devno_str, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/sys/power/resume", devno_str, 0);
- if (r < 0)
- return log_error_errno(r,
- "Failed to write device '%s' (%s) to /sys/power/resume: %m",
---- a/src/shared/smack-util.c
-+++ b/src/shared/smack-util.c
-@@ -113,7 +113,7 @@ int mac_smack_apply_pid(pid_t pid, const
- return 0;
-
- p = procfs_file_alloca(pid, "attr/current");
-- r = write_string_file(p, label, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file(p, label, 0);
- if (r < 0)
- return r;
-
---- a/src/sleep/sleep.c
-+++ b/src/sleep/sleep.c
-@@ -139,7 +139,7 @@ static int write_mode(char **modes) {
- STRV_FOREACH(mode, modes) {
- int k;
-
-- k = write_string_file("/sys/power/disk", *mode, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ k = write_string_file("/sys/power/disk", *mode, 0);
- if (k >= 0)
- return 0;
-
-@@ -160,7 +160,7 @@ static int write_state(FILE **f, char **
- STRV_FOREACH(state, states) {
- int k;
-
-- k = write_string_stream(*f, *state, WRITE_STRING_FILE_DISABLE_BUFFER);
-+ k = write_string_stream(*f, *state, 0);
- if (k >= 0)
- return 0;
- log_debug_errno(k, "Failed to write '%s' to /sys/power/state: %m", *state);
---- a/src/udev/udev-rules.c
-+++ b/src/udev/udev-rules.c
-@@ -2634,7 +2634,6 @@ static int udev_rule_apply_token_to_even
- log_event_debug(dev, token, "ATTR '%s' writing '%s'", buf, value);
- r = write_string_file(buf, value,
- WRITE_STRING_FILE_VERIFY_ON_FAILURE |
-- WRITE_STRING_FILE_DISABLE_BUFFER |
- WRITE_STRING_FILE_AVOID_NEWLINE |
- WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
- if (r < 0)
---- a/src/vconsole/vconsole-setup.c
-+++ b/src/vconsole/vconsole-setup.c
-@@ -260,7 +260,7 @@ static int toggle_utf8_vc(const char *na
- static int toggle_utf8_sysfs(bool utf8) {
- int r;
-
-- r = write_string_file("/sys/module/vt/parameters/default_utf8", one_zero(utf8), WRITE_STRING_FILE_DISABLE_BUFFER);
-+ r = write_string_file("/sys/module/vt/parameters/default_utf8", one_zero(utf8), 0);
- if (r < 0)
- return log_warning_errno(r, "Failed to %s sysfs UTF-8 flag: %m", enable_disable(utf8));
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0029-shared-Do-not-use-malloc_info-on-musl.patch b/poky/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch
similarity index 68%
rename from poky/meta/recipes-core/systemd/systemd/0029-shared-Do-not-use-malloc_info-on-musl.patch
rename to poky/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch
index 8e38655..7eff069 100644
--- a/poky/meta/recipes-core/systemd/systemd/0029-shared-Do-not-use-malloc_info-on-musl.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch
@@ -1,7 +1,7 @@
-From 9430646e72ea5d260ade300038a6d976fecf7da5 Mon Sep 17 00:00:00 2001
+From 502597b9ddd6b145541b23fadca0b1d3ca9f6367 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 2 Aug 2023 12:20:40 -0700
-Subject: [PATCH 4/4] shared: Do not use malloc_info on musl
+Subject: [PATCH 21/22] shared: Do not use malloc_info on musl
Upstream-Status: Inappropriate [musl-specific]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
@@ -10,9 +10,11 @@
src/shared/common-signal.c | 4 ++--
2 files changed, 5 insertions(+), 4 deletions(-)
+diff --git a/src/shared/bus-util.c b/src/shared/bus-util.c
+index 74f148c8b4..2d862a123d 100644
--- a/src/shared/bus-util.c
+++ b/src/shared/bus-util.c
-@@ -617,15 +617,16 @@ static int method_dump_memory_state_by_f
+@@ -611,15 +611,16 @@ static int method_dump_memory_state_by_fd(sd_bus_message *message, void *userdat
_cleanup_close_ int fd = -EBADF;
size_t dump_size;
FILE *f;
@@ -31,9 +33,11 @@
if (r < 0)
return r;
+diff --git a/src/shared/common-signal.c b/src/shared/common-signal.c
+index 8e70e365dd..9e782caec9 100644
--- a/src/shared/common-signal.c
+++ b/src/shared/common-signal.c
-@@ -65,12 +65,12 @@ int sigrtmin18_handler(sd_event_source *
+@@ -65,12 +65,12 @@ int sigrtmin18_handler(sd_event_source *s, const struct signalfd_siginfo *si, vo
log_oom();
break;
}
@@ -48,3 +52,6 @@
(void) memstream_dump(LOG_INFO, &m);
break;
}
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch b/poky/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch
new file mode 100644
index 0000000..24f3bf7
--- /dev/null
+++ b/poky/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch
@@ -0,0 +1,43 @@
+From fd52f1764647e03a35e8f0ed0ef952049073ccbd Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Tue, 2 Jan 2024 11:03:27 +0800
+Subject: [PATCH 22/22] avoid missing LOCK_EX declaration
+
+This only happens on MUSL. Include sys/file.h to avoid compilation
+error about missing LOCK_EX declaration.
+
+Upstream-Status: Inappropriate [musl specific]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ src/core/exec-invoke.c | 1 +
+ src/shared/dev-setup.h | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c
+index 70d963e269..7084811439 100644
+--- a/src/core/exec-invoke.c
++++ b/src/core/exec-invoke.c
+@@ -4,6 +4,7 @@
+ #include <sys/ioctl.h>
+ #include <sys/mount.h>
+ #include <sys/prctl.h>
++#include <sys/file.h>
+
+ #if HAVE_PAM
+ #include <security/pam_appl.h>
+diff --git a/src/shared/dev-setup.h b/src/shared/dev-setup.h
+index 5339bc4e5e..0697495f23 100644
+--- a/src/shared/dev-setup.h
++++ b/src/shared/dev-setup.h
+@@ -2,6 +2,7 @@
+ #pragma once
+
+ #include <sys/types.h>
++#include <sys/file.h>
+
+ int lock_dev_console(void);
+
+--
+2.34.1
+
diff --git a/poky/meta/recipes-core/systemd/systemd/0030-meson-Pass-all-static-pie-args-to-linker.patch b/poky/meta/recipes-core/systemd/systemd/0030-meson-Pass-all-static-pie-args-to-linker.patch
deleted file mode 100644
index 8e56323..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0030-meson-Pass-all-static-pie-args-to-linker.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From f85a387a67900b02c69abccb88c2ef7191c67277 Mon Sep 17 00:00:00 2001
-From: Jan Janssen <medhefgo@web.de>
-Date: Sun, 1 Oct 2023 09:55:48 +0200
-Subject: [PATCH] meson: Pass all -static-pie args to linker
-
-Fixes: #29381
-
-Upstream-Status: Backport [https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef]
-Signed-off-by: Viswanath Kraleti <quic_vkraleti@quicinc.com>
----
- src/boot/efi/meson.build | 11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
-index 2773eaf286..9a60a57329 100644
---- a/src/boot/efi/meson.build
-+++ b/src/boot/efi/meson.build
-@@ -161,9 +161,14 @@ efi_c_ld_args = [
- '-Wl,--entry=efi_main',
- '-Wl,--fatal-warnings',
-
-- # These flags should be passed by -static-pie, but seem to be missing sometimes.
-- '-Wl,--no-dynamic-linker',
-- '-z', 'text',
-+ # These flags should be passed by -static-pie, but for whatever reason the flag translation
-+ # is not enabled on all architectures. Not passing `-static` would just allow the linker to
-+ # use dynamic libraries, (which we can't/don't use anyway). But if `-pie` is missing and the
-+ # gcc build does not default to `-pie` we get a regular (no-pie) binary that will be
-+ # rightfully rejected by elf2efi. Note that meson also passes `-pie` to the linker driver,
-+ # but it is overridden by our `-static-pie`. We also need to pass these directly to the
-+ # linker as `-static`+`-pie` seem to get translated differently.
-+ '-Wl,-static,-pie,--no-dynamic-linker,-z,text',
-
- # EFI has 4KiB pages.
- '-z', 'common-page-size=4096',
diff --git a/poky/meta/recipes-core/systemd/systemd/basic.conf.in b/poky/meta/recipes-core/systemd/systemd/basic.conf.in
deleted file mode 100644
index fac288f..0000000
--- a/poky/meta/recipes-core/systemd/systemd/basic.conf.in
+++ /dev/null
@@ -1,40 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-
-# The superuser
-u root 0 "root" :ROOT_HOME:
-
-# The nobody user/group for NFS file systems
-g {{NOBODY_GROUP_NAME}} 65534 - -
-u {{NOBODY_USER_NAME }} 65534:65534 "Nobody" -
-
-# Administrator group: can *see* more than normal users
-g adm {{ADM_GID }} - -
-
-# Administrator group: can *do* more than normal users
-g wheel {{WHEEL_GID }} - -
-
-# Access to shared database of users on the system
-g utmp {{UTMP_GID }} - -
-
-# Physical and virtual hardware access groups
-g audio {{AUDIO_GID }} - -
-g cdrom {{CDROM_GID }} - -
-g dialout {{DIALOUT_GID}} - -
-g disk {{DISK_GID }} - -
-g input {{INPUT_GID }} - -
-g kmem {{KMEM_GID }} - -
-g kvm {{KVM_GID }} - -
-g lp {{LP_GID }} - -
-g render {{RENDER_GID }} - -
-g sgx {{SGX_GID }} - -
-g tape {{TAPE_GID }} - -
-g tty {{TTY_GID }} - -
-g video {{VIDEO_GID }} - -
-
-# Default group for normal users
-g users {{USERS_GID }} - -
diff --git a/poky/meta/recipes-core/systemd/systemd_254.4.bb b/poky/meta/recipes-core/systemd/systemd_255.1.bb
similarity index 95%
rename from poky/meta/recipes-core/systemd/systemd_254.4.bb
rename to poky/meta/recipes-core/systemd/systemd_255.1.bb
index 05cfc73..c0de440 100644
--- a/poky/meta/recipes-core/systemd/systemd_254.4.bb
+++ b/poky/meta/recipes-core/systemd/systemd_255.1.bb
@@ -21,7 +21,6 @@
SRC_URI += " \
file://touchscreen.rules \
file://00-create-volatile.conf \
- file://basic.conf.in \
${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://org.freedesktop.hostname1_no_polkit.conf', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'polkit_hostnamed_fallback', 'file://00-hostnamed-network-user.conf', '', d)} \
file://init \
@@ -29,33 +28,33 @@
file://systemd-pager.sh \
file://0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch \
file://0008-implment-systemd-sysv-install-for-OE.patch \
- file://0004-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch \
"
# patches needed by musl
SRC_URI:append:libc-musl = " ${SRC_URI_MUSL}"
SRC_URI_MUSL = "\
- file://0009-missing_type.h-add-comparison_fn_t.patch \
- file://0010-add-fallback-parse_printf_format-implementation.patch \
- file://0011-src-basic-missing.h-check-for-missing-strndupa.patch \
- file://0012-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \
- file://0013-add-missing-FTW_-macros-for-musl.patch \
- file://0014-Use-uintmax_t-for-handling-rlim_t.patch \
- file://0016-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \
- file://0017-Define-glibc-compatible-basename-for-non-glibc-syste.patch \
- file://0018-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \
- file://0019-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \
- file://0020-avoid-redefinition-of-prctl_mm_map-structure.patch \
- file://0021-do-not-disable-buffer-in-writing-files.patch \
- file://0022-Handle-__cpu_mask-usage.patch \
- file://0023-Handle-missing-gshadow.patch \
- file://0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch \
- file://0005-pass-correct-parameters-to-getdents64.patch \
- file://0001-Adjust-for-musl-headers.patch \
- file://0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch \
- file://0003-errno-util-Make-STRERROR-portable-for-musl.patch \
- file://0028-sd-event-Make-malloc_trim-conditional-on-glibc.patch \
- file://0029-shared-Do-not-use-malloc_info-on-musl.patch \
+ file://0001-missing_type.h-add-comparison_fn_t.patch \
+ file://0002-add-fallback-parse_printf_format-implementation.patch \
+ file://0003-src-basic-missing.h-check-for-missing-strndupa.patch \
+ file://0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \
+ file://0005-add-missing-FTW_-macros-for-musl.patch \
+ file://0006-Use-uintmax_t-for-handling-rlim_t.patch \
+ file://0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \
+ file://0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch \
+ file://0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \
+ file://0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \
+ file://0011-avoid-redefinition-of-prctl_mm_map-structure.patch \
+ file://0012-do-not-disable-buffer-in-writing-files.patch \
+ file://0013-Handle-__cpu_mask-usage.patch \
+ file://0014-Handle-missing-gshadow.patch \
+ file://0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch \
+ file://0016-pass-correct-parameters-to-getdents64.patch \
+ file://0017-Adjust-for-musl-headers.patch \
+ file://0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch \
+ file://0019-errno-util-Make-STRERROR-portable-for-musl.patch \
+ file://0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch \
+ file://0021-shared-Do-not-use-malloc_info-on-musl.patch \
+ file://0022-avoid-missing-LOCK_EX-declaration.patch \
"
PAM_PLUGINS = " \
@@ -73,6 +72,7 @@
${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', '', 'link-udev-shared', d)} \
backlight \
binfmt \
+ cgroupv2 \
gshadow \
hibernate \
hostnamed \
@@ -266,12 +266,16 @@
# The 60 seconds is watchdog's default vaule.
WATCHDOG_TIMEOUT ??= "60"
-do_configure:prepend() {
- sed s@:ROOT_HOME:@${ROOT_HOME}@g ${WORKDIR}/basic.conf.in > ${S}/sysusers.d/basic.conf.in
-}
-
do_install() {
meson_do_install
+ # Change the root user's home directory in /lib/sysusers.d/basic.conf.
+ # This is done merely for backward compatibility with previous systemd recipes.
+ # systemd hardcodes root user's HOME to be "/root". Changing to use other values
+ # may have unexpected runtime behaviors.
+ if [ "${ROOT_HOME}" != "/root" ]; then
+ bbwarn "Using ${ROOT_HOME} as root user's home directory is not fully supported by systemd"
+ sed -i -e 's#/root#${ROOT_HOME}#g' ${D}${exec_prefix}/lib/sysusers.d/basic.conf
+ fi
install -d ${D}/${base_sbindir}
if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then
# Provided by a separate recipe
@@ -756,6 +760,7 @@
${rootlibexecdir}/udev/rules.d/60-persistent-alsa.rules \
${rootlibexecdir}/udev/rules.d/60-persistent-input.rules \
${rootlibexecdir}/udev/rules.d/60-persistent-storage.rules \
+ ${rootlibexecdir}/udev/rules.d/60-persistent-storage-mtd.rules \
${rootlibexecdir}/udev/rules.d/60-persistent-storage-tape.rules \
${rootlibexecdir}/udev/rules.d/60-persistent-v4l.rules \
${rootlibexecdir}/udev/rules.d/60-sensor.rules \
diff --git a/poky/meta/recipes-core/udev/eudev/netifnames.patch b/poky/meta/recipes-core/udev/eudev/netifnames.patch
new file mode 100644
index 0000000..8f6e9a1
--- /dev/null
+++ b/poky/meta/recipes-core/udev/eudev/netifnames.patch
@@ -0,0 +1,17 @@
+eudev: consider ID_NET_NAME_MAC as an interface name
+
+eudev might not create names based on slot or path.
+
+Upstream-Status: Submitted [github.com/eudev-project/eudev/pull/274]
+
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+--- a/rules/80-net-name-slot.rules
++++ b/rules/80-net-name-slot.rules
+@@ -10,5 +10,6 @@ ENV{net.ifnames}=="0", GOTO="net_name_sl
+ NAME=="", ENV{ID_NET_NAME_ONBOARD}!="", NAME="$env{ID_NET_NAME_ONBOARD}"
+ NAME=="", ENV{ID_NET_NAME_SLOT}!="", NAME="$env{ID_NET_NAME_SLOT}"
+ NAME=="", ENV{ID_NET_NAME_PATH}!="", NAME="$env{ID_NET_NAME_PATH}"
++NAME=="", ENV{ID_NET_NAME_MAC}!="", NAME="$env{ID_NET_NAME_MAC}"
+
+ LABEL="net_name_slot_end"
diff --git a/poky/meta/recipes-core/udev/eudev_3.2.14.bb b/poky/meta/recipes-core/udev/eudev_3.2.14.bb
index d075869..ddb3c33 100644
--- a/poky/meta/recipes-core/udev/eudev_3.2.14.bb
+++ b/poky/meta/recipes-core/udev/eudev_3.2.14.bb
@@ -10,6 +10,7 @@
PROVIDES = "udev"
SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/${BP}.tar.gz \
+ file://netifnames.patch \
file://init \
file://local.rules \
"
@@ -50,6 +51,7 @@
# Use classic network interface naming scheme
touch ${D}${sysconfdir}/udev/rules.d/80-net-name-slot.rules
+
}
do_install:prepend:class-target () {
diff --git a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
index 0cd51fc..c19e2aa 100644
--- a/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
+++ b/poky/meta/recipes-core/udev/udev-extraconf/mount.sh
@@ -211,7 +211,7 @@
logger "mount.sh/remove" "cleaning up $DEVNAME, was mounted by the auto-mounter"
for mnt in `cat /proc/mounts | grep "$DEVNAME" | cut -f 2 -d " " `
do
- $UMOUNT $mnt
+ $UMOUNT "`printf $mnt`"
done
# Remove mount directory created by the auto-mounter
# and clean up our tmp cache file
diff --git a/poky/meta/recipes-core/zlib/zlib_1.3.bb b/poky/meta/recipes-core/zlib/zlib_1.3.bb
index 1ed1817..ede75f9 100644
--- a/poky/meta/recipes-core/zlib/zlib_1.3.bb
+++ b/poky/meta/recipes-core/zlib/zlib_1.3.bb
@@ -47,3 +47,4 @@
BBCLASSEXTEND = "native nativesdk"
CVE_STATUS[CVE-2023-45853] = "not-applicable-config: we don't build minizip"
+CVE_STATUS[CVE-2023-6992] = "cpe-incorrect: this CVE is for cloudflare zlib"
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/autoreconf-exclude.patch b/poky/meta/recipes-devtools/autoconf/autoconf/autoreconf-exclude.patch
index c73aca4..2814196 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/autoreconf-exclude.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/autoreconf-exclude.patch
@@ -1,25 +1,26 @@
-From 0071d28e304745a16871561f23117fdb00dd2559 Mon Sep 17 00:00:00 2001
+From 1a50157aa11da48921200a0d8d4308863716eab0 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 12 Mar 2020 17:25:23 +0000
-Subject: [PATCH 4/7] autoreconf-exclude.patch
+Subject: [PATCH] autoreconf-exclude.patch
Upstream-Status: Inappropriate [oe specific]
+
---
bin/autoreconf.in | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/bin/autoreconf.in b/bin/autoreconf.in
-index bb9f316d..7da3005b 100644
+index 98ebab6..937f758 100644
--- a/bin/autoreconf.in
+++ b/bin/autoreconf.in
-@@ -82,6 +82,7 @@ Operation modes:
+@@ -83,6 +83,7 @@ Operation modes:
-i, --install copy missing standard auxiliary files
--no-recursive don't rebuild sub-packages
-s, --symlink with -i, install symbolic links instead of copies
+ -x, --exclude=STEPS steps we should not run
-m, --make when applicable, re-run ./configure && make
- -W, --warnings=CATEGORY report the warnings falling in CATEGORY [syntax]
-
+ -W, --warnings=CATEGORY report the warnings falling in CATEGORY
+ (comma-separated list accepted)
@@ -141,6 +142,10 @@ my $run_make = 0;
# Recurse into subpackages
my $recursive = 1;
@@ -60,7 +61,7 @@
}
-@@ -687,9 +698,12 @@ sub autoreconf_current_directory ($)
+@@ -691,9 +702,12 @@ sub autoreconf_current_directory ($)
{
$libtoolize .= " --ltdl";
}
@@ -73,7 +74,7 @@
}
else
{
-@@ -726,8 +740,11 @@ sub autoreconf_current_directory ($)
+@@ -730,8 +744,11 @@ sub autoreconf_current_directory ($)
}
elsif ($install)
{
@@ -85,7 +86,7 @@
}
else
{
-@@ -765,7 +782,10 @@ sub autoreconf_current_directory ($)
+@@ -769,7 +786,10 @@ sub autoreconf_current_directory ($)
# latter runs the former, and (ii) autoconf is stricter than
# autoheader. So all in all, autoconf should give better error
# messages.
@@ -96,7 +97,7 @@
# -------------------- #
-@@ -786,7 +806,10 @@ sub autoreconf_current_directory ($)
+@@ -790,7 +810,10 @@ sub autoreconf_current_directory ($)
}
else
{
@@ -107,7 +108,7 @@
}
-@@ -803,7 +826,10 @@ sub autoreconf_current_directory ($)
+@@ -807,7 +830,10 @@ sub autoreconf_current_directory ($)
# We should always run automake, and let it decide whether it shall
# update the file or not. In fact, the effect of '$force' is already
# included in '$automake' via '--no-force'.
@@ -118,6 +119,3 @@
}
# ---------------------------------------------------- #
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/autotest-automake-result-format.patch b/poky/meta/recipes-devtools/autoconf/autoconf/autotest-automake-result-format.patch
index 23329f7..3872557 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/autotest-automake-result-format.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/autotest-automake-result-format.patch
@@ -1,18 +1,19 @@
-From 8c0f24404bebffdaf3132d81e2b9560d34ff1677 Mon Sep 17 00:00:00 2001
+From b28bd61e4716e744617bd681a5b0d5472f62bd67 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 12 Mar 2020 17:25:45 +0000
-Subject: [PATCH 6/7] autotest-automake-result-format.patch
+Subject: [PATCH] autotest-automake-result-format.patch
Upstream-Status: Inappropriate [oe specific]
+
---
lib/autotest/general.m4 | 39 +++++++++++++++++++++++++++++----------
1 file changed, 29 insertions(+), 10 deletions(-)
diff --git a/lib/autotest/general.m4 b/lib/autotest/general.m4
-index 0c0e3c5b..17590e96 100644
+index bf18866..8097523 100644
--- a/lib/autotest/general.m4
+++ b/lib/autotest/general.m4
-@@ -412,6 +412,9 @@ at_recheck=
+@@ -427,6 +427,9 @@ at_recheck=
# Whether a write failure occurred
at_write_fail=0
@@ -22,7 +23,7 @@
# The directory we run the suite in. Default to . if no -C option.
at_dir=`pwd`
# An absolute reference to this testsuite script.
-@@ -525,6 +528,10 @@ do
+@@ -540,6 +543,10 @@ do
at_check_filter_trace=at_fn_filter_trace
;;
@@ -33,7 +34,7 @@
[[0-9] | [0-9][0-9] | [0-9][0-9][0-9] | [0-9][0-9][0-9][0-9]])
at_fn_validate_ranges at_option
AS_VAR_APPEND([at_groups], ["$at_option$as_nl"])
-@@ -713,10 +720,10 @@ m4_divert_push([HELP_MODES])dnl
+@@ -728,10 +735,10 @@ m4_divert_push([HELP_MODES])dnl
cat <<_ATEOF || at_write_fail=1
Operation modes:
@@ -48,7 +49,7 @@
_ATEOF
m4_divert_pop([HELP_MODES])dnl
m4_wrap([m4_divert_push([HELP_TUNING_BEGIN])dnl
-@@ -742,6 +749,7 @@ Execution tuning:
+@@ -757,6 +764,7 @@ Execution tuning:
-d, --debug inhibit clean up and top-level logging
[ default for debugging scripts]
-x, --trace enable tests shell tracing
@@ -56,7 +57,7 @@
_ATEOF
m4_divert_pop([HELP_TUNING_BEGIN])])dnl
m4_divert_push([HELP_END])dnl
-@@ -1129,7 +1137,9 @@ at_fn_group_banner ()
+@@ -1139,7 +1147,9 @@ at_fn_group_banner ()
[*]) at_desc_line="$[1]: " ;;
esac
AS_VAR_APPEND([at_desc_line], ["$[3]$[4]"])
@@ -67,7 +68,7 @@
echo "# -*- compilation -*-" >> "$at_group_log"
}
-@@ -1155,42 +1165,51 @@ _ATEOF
+@@ -1165,42 +1175,51 @@ _ATEOF
case $at_xfail:$at_status in
yes:0)
at_msg="UNEXPECTED PASS"
@@ -124,6 +125,3 @@
fi
at_log_msg="$at_group. $at_desc ($at_setup_line): $at_msg"
case $at_status in
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/man-host-perl.patch b/poky/meta/recipes-devtools/autoconf/autoconf/man-host-perl.patch
index c6c1356..0f49583 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/man-host-perl.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/man-host-perl.patch
@@ -1,13 +1,20 @@
-Don't use the target perl when regenerating the man pages.
+From 1c033f2a23941c46d88b9ac279f87bf2c6e99499 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Wed, 15 Jul 2020 16:03:21 +0100
+Subject: [PATCH] Don't use the target perl when regenerating the man pages.
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ man/local.mk | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
diff --git a/man/local.mk b/man/local.mk
-index e69858b1..78c68ab5 100644
+index 775c131..ba94753 100644
--- a/man/local.mk
+++ b/man/local.mk
-@@ -67,13 +67,12 @@ SUFFIXES += .w .1
+@@ -77,13 +77,12 @@ SUFFIXES += .w .1
@echo "Updating man page $@"
$(MKDIR_P) $(@D)
PATH="$(top_srcdir)/man$(PATH_SEPARATOR)$$PATH"; \
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/no-man.patch b/poky/meta/recipes-devtools/autoconf/autoconf/no-man.patch
index 2c44375..3e741ed 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/no-man.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/no-man.patch
@@ -1,14 +1,26 @@
+From 8bcaf677e41f1f5d3fa0a746e35958e7b303ac71 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Wed, 15 Jul 2020 16:03:21 +0100
+Subject: [PATCH] autoconf: upgrade to 2.71
+
For native builds we don't care about the documentation, and this would
otherwise pull in a dependency on help2man.
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ Makefile.in | 10 ----------
+ 1 file changed, 10 deletions(-)
+
diff --git a/Makefile.in b/Makefile.in
-index 146e8e3..a1827c1 100644
+index c8d6425..72d6d05 100644
--- a/Makefile.in
+++ b/Makefile.in
-@@ -763,10 +762,0 @@ dist_buildaux_SCRIPTS = \
+@@ -771,16 +771,6 @@ buildauxdir = $(pkgdatadir)/build-aux
+ dist_buildaux_DATA = \
+ $(AUXSCRIPTS)
+
-dist_man_MANS = \
- man/autoconf.1 \
- man/autoheader.1 \
@@ -19,3 +31,6 @@
- man/ifnames.1
-
-
+ # Each manpage depends on:
+ # - its .w and .x files and its source script in bin/
+ # - common.x for the SEE ALSO list
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/preferbash.patch b/poky/meta/recipes-devtools/autoconf/autoconf/preferbash.patch
index cfb145a..64fed1f 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/preferbash.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/preferbash.patch
@@ -1,7 +1,7 @@
-From 0aac3047cd7681d610b22d79501c297fa3433148 Mon Sep 17 00:00:00 2001
+From a877ff979349d3bf6f5f0d92fe4e741be0ad98b4 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 12 Mar 2020 17:25:41 +0000
-Subject: [PATCH 2/7] m4sh: prefer bash over sh
+Subject: [PATCH] m4sh: prefer bash over sh
_AS_DETECT_BETTER_SHELL looks for a good shell to use, and tries to look for
'sh' before 'bash'. Whilst for many systems sh is a symlink to bash,
@@ -16,15 +16,16 @@
is used if available over something which is merely POSIX compliant.
Upstream-Status: Inappropriate [oe specific]
+
---
lib/m4sugar/m4sh.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/m4sugar/m4sh.m4 b/lib/m4sugar/m4sh.m4
-index 9d543952..84ef84a9 100644
+index 368487f..cc70f51 100644
--- a/lib/m4sugar/m4sh.m4
+++ b/lib/m4sugar/m4sh.m4
-@@ -230,7 +230,7 @@ dnl Remove any tests from suggested that are also required
+@@ -233,7 +233,7 @@ dnl Remove any tests from suggested that are also required
[_AS_PATH_WALK([/bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH],
[case $as_dir in @%:@(
/*)
@@ -33,6 +34,3 @@
# Try only shells that exist, to save several forks.
as_shell=$as_dir$as_base
AS_IF([{ test -f "$as_shell" || test -f "$as_shell.exe"; } &&
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/program_prefix.patch b/poky/meta/recipes-devtools/autoconf/autoconf/program_prefix.patch
index 657cbb3..f647f2a 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/program_prefix.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/program_prefix.patch
@@ -1,19 +1,20 @@
-From f4f19a5c03e8ae3b9cc93d24b76694f4b7b2eb76 Mon Sep 17 00:00:00 2001
+From 7949496ff3834dcd98407cc3f3ea022ee2471d52 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 12 Mar 2020 17:28:38 +0000
-Subject: [PATCH 3/7] program_prefix.patch
+Subject: [PATCH] program_prefix.patch
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Ross Burton <ross.burton@intel.com>
+
---
lib/autoconf/general.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/autoconf/general.m4 b/lib/autoconf/general.m4
-index 16f0d074..4c5e0b36 100644
+index 47d896d..3deaa46 100644
--- a/lib/autoconf/general.m4
+++ b/lib/autoconf/general.m4
-@@ -2070,7 +2070,7 @@ _AC_CANONICAL_SPLIT([target])
+@@ -2071,7 +2071,7 @@ _AC_CANONICAL_SPLIT([target])
# The aliases save the names the user supplied, while $host etc.
# will get canonicalized.
@@ -22,6 +23,3 @@
test "$program_prefix$program_suffix$program_transform_name" = \
NONENONEs,x,x, &&
program_prefix=${target_alias}-[]dnl
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf/remove-usr-local-lib-from-m4.patch b/poky/meta/recipes-devtools/autoconf/autoconf/remove-usr-local-lib-from-m4.patch
index f387801..ca1534b 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf/remove-usr-local-lib-from-m4.patch
+++ b/poky/meta/recipes-devtools/autoconf/autoconf/remove-usr-local-lib-from-m4.patch
@@ -1,19 +1,20 @@
-From a08643ac3fef884900d6cfa161f0acec3ef104d1 Mon Sep 17 00:00:00 2001
+From 294a8d47a70db077691624615c5cb6d331a3299b Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Thu, 12 Mar 2020 17:25:37 +0000
-Subject: [PATCH 1/7] remove-usr-local-lib-from-m4.patch
+Subject: [PATCH] remove-usr-local-lib-from-m4.patch
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Ross Burton <ross.burton@intel.com>
+
---
lib/autoconf/functions.m4 | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/lib/autoconf/functions.m4 b/lib/autoconf/functions.m4
-index 12f60b99..07da7941 100644
+index 9b3f3c0..1faa99b 100644
--- a/lib/autoconf/functions.m4
+++ b/lib/autoconf/functions.m4
-@@ -801,15 +801,6 @@ if test $ac_have_func = no; then
+@@ -825,15 +825,6 @@ if test $ac_have_func = no; then
[LIBS="-lutil $LIBS" ac_have_func=yes ac_cv_func_getloadavg_setgid=yes])
fi
@@ -29,6 +30,3 @@
# Make sure it is really in the library, if we think we found it,
# otherwise set up the replacement function.
AC_CHECK_FUNCS(getloadavg, [],
---
-2.25.1
-
diff --git a/poky/meta/recipes-devtools/autoconf/autoconf_2.72d.bb b/poky/meta/recipes-devtools/autoconf/autoconf_2.72e.bb
similarity index 96%
rename from poky/meta/recipes-devtools/autoconf/autoconf_2.72d.bb
rename to poky/meta/recipes-devtools/autoconf/autoconf_2.72e.bb
index 6741746..db37437 100644
--- a/poky/meta/recipes-devtools/autoconf/autoconf_2.72d.bb
+++ b/poky/meta/recipes-devtools/autoconf/autoconf_2.72e.bb
@@ -22,7 +22,7 @@
"
SRC_URI:append:class-native = " file://no-man.patch"
-SRC_URI[sha256sum] = "c09dcba3d051507459df2fcd58d6f19e5b342568fa910e3bb3a74b4402cde3a6"
+SRC_URI[sha256sum] = "f3478d3b597d51f5d61596fb2f6f6aba49cdd974b4b05ff0bac57f56b5cfdb39"
RDEPENDS:${PN} = "m4 gnu-config \
perl \
diff --git a/poky/meta/recipes-devtools/gcc/gcc-13.2.inc b/poky/meta/recipes-devtools/gcc/gcc-13.2.inc
index 359db1e..32fddd1 100644
--- a/poky/meta/recipes-devtools/gcc/gcc-13.2.inc
+++ b/poky/meta/recipes-devtools/gcc/gcc-13.2.inc
@@ -115,3 +115,4 @@
"
CVE_STATUS[CVE-2021-37322] = "cpe-incorrect: Is a binutils 2.26 issue, not gcc"
+CVE_STATUS[CVE-2023-4039] = "fixed-version: Fixed via CVE-2023-4039.patch included here. Set the status explictly to deal with all recipes that share the gcc-source"
diff --git a/poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.031.bb b/poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.032.bb
similarity index 78%
rename from poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.031.bb
rename to poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.032.bb
index e03deaf..5876e8a 100644
--- a/poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.031.bb
+++ b/poky/meta/recipes-devtools/perl/libtest-warnings-perl_0.032.bb
@@ -1,6 +1,3 @@
-# Copyright (C) 2020 Jens Rehsack <sno@netbsd.org>
-# Released under the MIT license (see COPYING.MIT for the terms)
-
SUMMARY = "Test::Warnings - Test for warnings and the lack of them"
DESCRIPTION = "If you've ever tried to use Test::NoWarnings to confirm there are no \
warnings generated by your tests, combined with the convenience of \
@@ -12,13 +9,13 @@
HOMEPAGE = "https://github.com/karenetheridge/Test-Warnings"
BUGTRACKER = "https://rt.cpan.org/Public/Dist/Display.html?Name=Test-Warnings"
SECTION = "libs"
-LICENSE = "Artistic-1.0 | GPL-1.0-or-later"
+LICENSE = "Artistic-1.0-Perl | GPL-1.0-or-later"
-LIC_FILES_CHKSUM = "file://LICENCE;md5=6f2b02f39e7d359efd9525fbc56c84a1"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=f98106ac3cc05d9cbebcdb8fbf7b7815"
SRC_URI = "${CPAN_MIRROR}/authors/id/E/ET/ETHER/Test-Warnings-${PV}.tar.gz"
-SRC_URI[sha256sum] = "1e542909fef305e45563e9878ea1c3b0c7cef1b28bb7ae07eba2e1efabec477b"
+SRC_URI[sha256sum] = "4727dae2416e9f07e41e2dc3a9143ba6affc1ec57652117c99d50038e313e9d9"
S = "${WORKDIR}/Test-Warnings-${PV}"
diff --git a/poky/meta/recipes-devtools/perl/perl_5.38.2.bb b/poky/meta/recipes-devtools/perl/perl_5.38.2.bb
index a9d684cf..b6c9cda 100644
--- a/poky/meta/recipes-devtools/perl/perl_5.38.2.bb
+++ b/poky/meta/recipes-devtools/perl/perl_5.38.2.bb
@@ -273,7 +273,7 @@
${libdir}/perl5/${PV}/ExtUtils/typemap \
"
RPROVIDES:${PN} += "perl-module-strict perl-module-vars perl-module-config perl-module-warnings \
- perl-module-warnings-register"
+ perl-module-warnings-register perl-module-config-git"
FILES:${PN}-staticdev:append = " ${libdir}/perl5/${PV}/*/CORE/libperl.a"
@@ -306,8 +306,8 @@
ALTERNATIVE:${PN}-doc = "Thread.3"
ALTERNATIVE_LINK_NAME[Thread.3] = "${mandir}/man3/Thread.3"
-# Create a perl-modules package recommending all the other perl
-# packages (actually the non modules packages and not created too)
+# Create a perl-modules package that represents the collection of all the
+# other perl packages (actually the non modules packages and not created too).
ALLOW_EMPTY:${PN}-modules = "1"
PACKAGES += "${PN}-modules "
@@ -322,11 +322,13 @@
do_split_packages(d, libdir, r'.*linux/([^\/].*)\.(pm|pl|e2x)', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
do_split_packages(d, libdir, r'(^(?!(CPAN\/|CPANPLUS\/|Module\/|unicore\/|.*linux\/)[^\/]).*)\.(pm|pl|e2x)', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
- # perl-modules should recommend every perl module, and only the
+ # perl-modules should runtime-depend on every perl module, and only the
# modules. Don't attempt to use the result of do_split_packages() as some
- # modules are manually split (eg. perl-module-unicore).
- packages = filter(lambda p: 'perl-module-' in p, d.getVar('PACKAGES').split())
- d.setVar(d.expand("RRECOMMENDS:${PN}-modules"), ' '.join(packages))
+ # modules are manually split (eg. perl-module-unicore). Also, the split
+ # packages should not include packages defined in RPROVIDES:${PN}.
+ perl_sub_pkgs = d.getVar(d.expand("RPROVIDES:${PN}")).split()
+ packages = filter(lambda p: 'perl-module-' in p and p not in perl_sub_pkgs, d.getVar('PACKAGES').split())
+ d.setVar(d.expand("RDEPENDS:${PN}-modules"), ' '.join(packages))
# Read the pre-generated dependency file, and use it to set module dependecies
for line in open(d.expand("${WORKDIR}") + '/perl-rdepends.txt').readlines():
@@ -352,7 +354,8 @@
d.setVar("PACKAGES_DYNAMIC", "^nativesdk-perl-module-.*")
}
-RDEPENDS:${PN}-misc += "perl perl-modules"
+RDEPENDS:${PN}-misc += "perl"
+RRECOMMENDS:${PN}-misc += "perl-modules"
RDEPENDS:${PN}-pod += "perl"
BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-devtools/python/python3-subunit_1.4.2.bb b/poky/meta/recipes-devtools/python/python3-subunit_1.4.2.bb
deleted file mode 100644
index a018ef1..0000000
--- a/poky/meta/recipes-devtools/python/python3-subunit_1.4.2.bb
+++ /dev/null
@@ -1,15 +0,0 @@
-SUMMARY = "Python implementation of subunit test streaming protocol"
-HOMEPAGE = "https://pypi.org/project/python-subunit/"
-SECTION = "devel/python"
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://README.rst;beginline=1;endline=20;md5=909c08e291647fd985fbe5d9836d51b6"
-
-PYPI_PACKAGE = "python-subunit"
-
-SRC_URI[sha256sum] = "2988d324d55ec35dd037e502e3f74ac38f4e457bd44ee0edf5e898f7ee1134d4"
-
-inherit pypi setuptools3
-
-RDEPENDS:${PN} = " python3-testtools"
-
-BBCLASSEXTEND = "nativesdk"
diff --git a/poky/meta/recipes-devtools/python/python3-subunit_1.4.4.bb b/poky/meta/recipes-devtools/python/python3-subunit_1.4.4.bb
new file mode 100644
index 0000000..11be10b
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-subunit_1.4.4.bb
@@ -0,0 +1,15 @@
+SUMMARY = "Python implementation of subunit test streaming protocol"
+HOMEPAGE = "https://pypi.org/project/python-subunit/"
+SECTION = "devel/python"
+LICENSE = "Apache-2.0 | BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;beginline=1;endline=20;md5=b1121e68d06c8d9ea544fcd895df0d39"
+
+PYPI_PACKAGE = "python-subunit"
+
+SRC_URI[sha256sum] = "1079363131aa1d3f45259237265bc2e61a77e35f20edfb6e3d1d2558a2cdea34"
+
+inherit pypi setuptools3
+
+RDEPENDS:${PN} = " python3-testtools python3-iso8601"
+
+BBCLASSEXTEND = "nativesdk"
diff --git a/poky/meta/recipes-devtools/python/python3-yamllint_1.33.0.bb b/poky/meta/recipes-devtools/python/python3-yamllint_1.33.0.bb
new file mode 100644
index 0000000..4b7bd06
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-yamllint_1.33.0.bb
@@ -0,0 +1,15 @@
+SUMMARY = "A linter for YAML files."
+HOMEPAGE = "https://github.com/adrienverge/yamllint"
+LICENSE = "GPL-3.0-only"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=1ebbd3e34237af26da5dc08a4e440464"
+
+inherit pypi setuptools3
+
+PYPI_PACKAGE = "yamllint"
+
+SRC_URI[sha256sum] = "2dceab9ef2d99518a2fcf4ffc964d44250ac4459be1ba3ca315118e4a1a81f7d"
+
+DEPENDS += "${PYTHON_PN}-setuptools-scm-native"
+RDEPENDS:${PN} += "${PYTHON_PN}-pyyaml"
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-devtools/qemu/qemu-native_8.1.2.bb b/poky/meta/recipes-devtools/qemu/qemu-native_8.2.0.bb
similarity index 100%
rename from poky/meta/recipes-devtools/qemu/qemu-native_8.1.2.bb
rename to poky/meta/recipes-devtools/qemu/qemu-native_8.2.0.bb
diff --git a/poky/meta/recipes-devtools/qemu/qemu-system-native_8.1.2.bb b/poky/meta/recipes-devtools/qemu/qemu-system-native_8.2.0.bb
similarity index 100%
rename from poky/meta/recipes-devtools/qemu/qemu-system-native_8.1.2.bb
rename to poky/meta/recipes-devtools/qemu/qemu-system-native_8.2.0.bb
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 70515d9..bc14402 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -32,19 +32,16 @@
file://0010-hw-pvrdma-Protect-against-buggy-or-malicious-guest-d.patch \
file://0002-linux-user-Replace-use-of-lfs64-related-functions-an.patch \
file://fixedmeson.patch \
- file://fixmips.patch \
file://0001-vfio-Include-libgen.h-for-basename-API.patch \
file://no-pip.patch \
+ file://fix_segv.patch \
file://qemu-guest-agent.init \
file://qemu-guest-agent.udev \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
-SRC_URI[sha256sum] = "541526a764576eb494d2ff5ec46aeb253e62ea29035d1c23c0a8af4e6cd4f087"
-
-SRC_URI:append:class-target = " file://cross.patch"
-SRC_URI:append:class-nativesdk = " file://cross.patch"
+SRC_URI[sha256sum] = "bf00d2fa12010df8b0ade93371def58e632cb32a6bfdc5f5a0ff8e6a1fb1bf32"
CVE_STATUS[CVE-2017-5957] = "cpe-incorrect: Applies against virglrender < 0.6.0 and not qemu itself"
@@ -117,9 +114,13 @@
--extra-ldflags='${LDFLAGS}' \
--disable-download \
--disable-docs \
+ --host-cc=${BUILD_CC} \
${PACKAGECONFIG_CONFARGS} \
"
+EXTRA_OECONF:append:class-target = " --cross-prefix=${HOST_PREFIX}"
+EXTRA_OECONF:append:class-nativesdk = " --cross-prefix=${HOST_PREFIX}"
+
B = "${WORKDIR}/build"
#EXTRA_OECONF:append = " --python=${HOSTTOOLS_DIR}/python3"
@@ -133,6 +134,7 @@
}
do_configure() {
+ export PKG_CONFIG=pkg-config
${S}/configure ${EXTRA_OECONF}
}
do_configure[cleandirs] += "${B}"
@@ -176,7 +178,7 @@
# Disable kvm/virgl/mesa on targets that do not support it
PACKAGECONFIG:remove:darwin = "kvm virglrenderer epoxy gtk+"
-PACKAGECONFIG:remove:mingw32 = "kvm virglrenderer epoxy gtk+"
+PACKAGECONFIG:remove:mingw32 = "kvm virglrenderer epoxy gtk+ pie"
PACKAGECONFIG[sdl] = "--enable-sdl,--disable-sdl,libsdl2"
PACKAGECONFIG[png] = "--enable-png,--disable-png,libpng"
@@ -237,6 +239,7 @@
PACKAGECONFIG[jack] = "--enable-jack,--disable-jack,jack,"
PACKAGECONFIG[debuginfo] = "--enable-libdw,--disable-libdw,elfutils"
PACKAGECONFIG[pipewire] = "--enable-pipewire,--disable-pipewire,pipewire"
+PACKAGECONFIG[sndio] = "--enable-sndio,--disable-sndio,sndio"
INSANE_SKIP:${PN}-common = "arch"
diff --git a/poky/meta/recipes-devtools/qemu/qemu/cross.patch b/poky/meta/recipes-devtools/qemu/qemu/cross.patch
deleted file mode 100644
index 112eb92..0000000
--- a/poky/meta/recipes-devtools/qemu/qemu/cross.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 76c3fc4c87231bed32974ebbbdb5079cff45a6b7 Mon Sep 17 00:00:00 2001
-From: Richard Purdie <richard.purdie@linuxfoundation.org>
-Date: Tue, 5 Jan 2021 23:00:14 +0000
-Subject: [PATCH 12/12] qemu: Upgrade 5.1.0->5.2.0
-
-We need to be able to trigger configure's cross code but we don't want
-to set cross_prefix as it does other things we don't want. Patch things
-so we can do what we need in the target config case.
-
-Upstream-Status: Inappropriate [may be rewritten in a way upstream may accept?]
-Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-
----
- configure | 4 ----
- 1 file changed, 4 deletions(-)
-
-Index: qemu-8.0.0/configure
-===================================================================
---- qemu-8.0.0.orig/configure
-+++ qemu-8.0.0/configure
-@@ -2590,7 +2590,6 @@ if test "$skip_meson" = no; then
- echo "widl = [$(meson_quote $widl)]" >> $cross
- echo "windres = [$(meson_quote $windres)]" >> $cross
- echo "windmc = [$(meson_quote $windmc)]" >> $cross
-- if test "$cross_compile" = "yes"; then
- cross_arg="--cross-file config-meson.cross"
- echo "[host_machine]" >> $cross
- echo "system = '$targetos'" >> $cross
-@@ -2608,9 +2607,6 @@ if test "$skip_meson" = no; then
- else
- echo "endian = 'little'" >> $cross
- fi
-- else
-- cross_arg="--native-file config-meson.cross"
-- fi
- mv $cross config-meson.cross
-
- rm -rf meson-private meson-info meson-logs
diff --git a/poky/meta/recipes-devtools/qemu/qemu/fix_segv.patch b/poky/meta/recipes-devtools/qemu/qemu/fix_segv.patch
new file mode 100644
index 0000000..da5ae87
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/fix_segv.patch
@@ -0,0 +1,47 @@
+With qemu 8.2.0 we started seeing SEGV errors when compiling webkitgtk from
+usermode qemu:
+
+qemu-x86_64: QEMU internal SIGSEGV {code=MAPERR, addr=0x20}
+Segmentation fault
+
+By bisection, this was tracked down to:
+
+commit 7b7a3366e142d3baeb3fd1d3660a50e7956c19eb
+Author: Richard Henderson <richard.henderson@linaro.org>
+Date: Tue Aug 8 20:02:19 2023 -0700
+
+ linux-user: Use walk_memory_regions for open_self_maps
+
+ Replace the by-hand method of region identification with
+ the official user-exec interface. Cross-check the region
+ provided to the callback with the interval tree from
+ read_self_maps().
+
+ Tested-by: Helge Deller <deller@gmx.de>
+ Reviewed-by: Ilya Leoshkevich <iii@linux.ibm.com>
+ Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+
+and specifically to 'n' being NULL. For now, just skip in that case
+until a proper fix can be identified.
+
+Reported upstream: https://www.mail-archive.com/qemu-devel@nongnu.org/msg1018813.html
+
+YOCTO #15367
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Pending
+
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index e384e14248..2577fb770d 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -8085,6 +8085,9 @@ static int open_self_maps_2(void *opaque, target_ulong guest_start,
+ while (1) {
+ IntervalTreeNode *n =
+ interval_tree_iter_first(d->host_maps, host_start, host_start);
++ if (!n) {
++ return 0;
++ }
+ MapInfo *mi = container_of(n, MapInfo, itree);
+ uintptr_t this_hlast = MIN(host_last, n->last);
+ target_ulong this_gend = h2g(this_hlast) + 1;
diff --git a/poky/meta/recipes-devtools/qemu/qemu/fixedmeson.patch b/poky/meta/recipes-devtools/qemu/qemu/fixedmeson.patch
index 0cbaea0..9047f66 100644
--- a/poky/meta/recipes-devtools/qemu/qemu/fixedmeson.patch
+++ b/poky/meta/recipes-devtools/qemu/qemu/fixedmeson.patch
@@ -1,12 +1,12 @@
Upstream-Status: Inappropriate [workaround, would need a real fix for upstream]
-Index: qemu-8.1.0/configure
+Index: qemu-8.2.0/configure
===================================================================
---- qemu-8.1.0.orig/configure
-+++ qemu-8.1.0/configure
-@@ -1032,12 +1032,7 @@ then
- exit 1
- fi
+--- qemu-8.2.0.orig/configure
++++ qemu-8.2.0/configure
+@@ -955,12 +955,7 @@ fi
+ $mkvenv ensuregroup --dir "${source_path}/python/wheels" \
+ ${source_path}/pythondeps.toml meson || exit 1
-# At this point, we expect Meson to be installed and available.
-# We expect mkvenv or pip to have created pyvenv/bin/meson for us.
diff --git a/poky/meta/recipes-devtools/qemu/qemu/fixmips.patch b/poky/meta/recipes-devtools/qemu/qemu/fixmips.patch
deleted file mode 100644
index 01546d1..0000000
--- a/poky/meta/recipes-devtools/qemu/qemu/fixmips.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Patch to fix mips boot hangs where virtio appears broken. Patch under discussion upstream.
-Regression is introduced by other fixes to 8.1.0 to get x86 boots working.
-
-Upstream-Status: Pending [https://lore.kernel.org/qemu-devel/6c956b90-5a13-db96-9c02-9834a512fe6f@linaro.org/]
-
-Index: qemu-8.1.0/softmmu/physmem.c
-===================================================================
---- qemu-8.1.0.orig/softmmu/physmem.c
-+++ qemu-8.1.0/softmmu/physmem.c
-@@ -2517,7 +2517,7 @@ static void tcg_commit(MemoryListener *l
- * That said, the listener is also called during realize, before
- * all of the tcg machinery for run-on is initialized: thus halt_cond.
- */
-- if (cpu->halt_cond) {
-+ if (cpu->halt_cond && !qemu_cpu_is_self(cpu)) {
- async_run_on_cpu(cpu, tcg_commit_cpu, RUN_ON_CPU_HOST_PTR(cpuas));
- } else {
- tcg_commit_cpu(cpu, RUN_ON_CPU_HOST_PTR(cpuas));
diff --git a/poky/meta/recipes-devtools/qemu/qemu/no-pip.patch b/poky/meta/recipes-devtools/qemu/qemu/no-pip.patch
index f52b4e4..92b2edb 100644
--- a/poky/meta/recipes-devtools/qemu/qemu/no-pip.patch
+++ b/poky/meta/recipes-devtools/qemu/qemu/no-pip.patch
@@ -22,11 +22,11 @@
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-diff --git a/configure b/configure
-index 133f4e3235..e4c144b4e2 100755
---- a/configure
-+++ b/configure
-@@ -1009,7 +1009,7 @@ python="$(command -v "$python")"
+Index: qemu-8.2.0/configure
+===================================================================
+--- qemu-8.2.0.orig/configure
++++ qemu-8.2.0/configure
+@@ -937,7 +937,7 @@ python="$(command -v "$python")"
echo "python determined to be '$python'"
echo "python version: $($python --version)"
@@ -35,11 +35,11 @@
if test "$?" -ne 0 ; then
error_exit "python venv creation failed"
fi
-@@ -1017,6 +1017,7 @@ fi
+@@ -945,6 +945,7 @@ fi
# Suppress writing compiled files
python="$python -B"
mkvenv="$python ${source_path}/python/scripts/mkvenv.py"
+mkvenv=true
- mkvenv_flags=""
- if test "$download" = "enabled" ; then
+ # Finish preparing the virtual environment using vendored .whl files
+
diff --git a/poky/meta/recipes-devtools/qemu/qemu_8.1.2.bb b/poky/meta/recipes-devtools/qemu/qemu_8.2.0.bb
similarity index 100%
rename from poky/meta/recipes-devtools/qemu/qemu_8.1.2.bb
rename to poky/meta/recipes-devtools/qemu/qemu_8.2.0.bb
diff --git a/poky/meta/recipes-devtools/rust/files/cargo-path.patch b/poky/meta/recipes-devtools/rust/files/cargo-path.patch
new file mode 100644
index 0000000..84bd580
--- /dev/null
+++ b/poky/meta/recipes-devtools/rust/files/cargo-path.patch
@@ -0,0 +1,37 @@
+Fix the cargo binary path error and ensure that it is fetched
+during rustc bootstrap in rust oe-selftest.
+
+======================================================================
+ERROR: test_cargoflags (bootstrap_test.BuildBootstrap)
+----------------------------------------------------------------------
+Traceback (most recent call last):
+ File "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py", line 157, in test_cargoflags
+ args, _ = self.build_args(env={"CARGOFLAGS": "--timings"})
+ File "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap_test.py", line 154, in build_args
+ return build.build_bootstrap_cmd(env), env
+ File "/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/src/bootstrap/bootstrap.py", line 960, in build_bootstrap_cmd
+ raise Exception("no cargo executable found at `{}`".format(
+Exception: no cargo executable found at `/home/build-st/tmp/work/cortexa57-poky-linux/rust/1.74.1/rustc-1.74.1-src/build/x86_64-unknown-linux-gnu/stage0/bin/cargo`
+
+Upstream-Status: Submitted [https://github.com/rust-lang/rust/pull/120125]
+
+Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
+---
+diff --git a/src/bootstrap/bootstrap.py b/src/bootstrap/bootstrap.py
+--- a/src/bootstrap/bootstrap.py
++++ b/src/bootstrap/bootstrap.py
+@@ -954,9 +954,11 @@
+ if deny_warnings:
+ env["RUSTFLAGS"] += " -Dwarnings"
+
+- env["PATH"] = os.path.join(self.bin_root(), "bin") + \
+- os.pathsep + env["PATH"]
+- if not os.path.isfile(self.cargo()):
++ cargo_bin_path = os.path.join(self.bin_root(), "bin", "cargo")
++ if not os.path.isfile(cargo_bin_path):
++ cargo_bin_path = os.getenv("RUST_TARGET_PATH") + "rust-snapshot/bin/cargo"
++ env["PATH"] = os.path.dirname(cargo_bin_path) + os.pathsep + env["PATH"]
++ else:
+ raise Exception("no cargo executable found at `{}`".format(
+ self.cargo()))
+ args = [self.cargo(), "build", "--manifest-path",
diff --git a/poky/meta/recipes-devtools/rust/files/custom-target-cfg.patch b/poky/meta/recipes-devtools/rust/files/custom-target-cfg.patch
new file mode 100644
index 0000000..15a7f25
--- /dev/null
+++ b/poky/meta/recipes-devtools/rust/files/custom-target-cfg.patch
@@ -0,0 +1,90 @@
+Detect and fetch custom target configurations when rustc is
+bootstrapped in rust oe-selftest.
+
+Upstream-Status: Backport [https://github.com/rust-lang/rust/pull/119619/commits/26c71cbcf1a9bce6ceb962d753c467d098f63cf6]
+
+Signed-off-by: onur-ozkan <work@onurozkan.dev>
+Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
+---
+diff --git a/src/tools/compiletest/src/common.rs b/src/tools/compiletest/src/common.rs
+index e85f6319936..c45c0b3c652 100644
+--- a/src/tools/compiletest/src/common.rs
++++ b/src/tools/compiletest/src/common.rs
+@@ -479,6 +479,7 @@ fn new(config: &Config) -> TargetCfgs {
+ let mut targets: HashMap<String, TargetCfg> = serde_json::from_str(&rustc_output(
+ config,
+ &["--print=all-target-specs-json", "-Zunstable-options"],
++ Default::default(),
+ ))
+ .unwrap();
+
+@@ -491,16 +492,33 @@ fn new(config: &Config) -> TargetCfgs {
+ let mut all_families = HashSet::new();
+ let mut all_pointer_widths = HashSet::new();
+
+- // Handle custom target specs, which are not included in `--print=all-target-specs-json`.
+- if config.target.ends_with(".json") {
+- targets.insert(
+- config.target.clone(),
+- serde_json::from_str(&rustc_output(
+- config,
+- &["--print=target-spec-json", "-Zunstable-options", "--target", &config.target],
+- ))
+- .unwrap(),
+- );
++ // If current target is not included in the `--print=all-target-specs-json` output,
++ // we check whether it is a custom target from the user or a synthetic target from bootstrap.
++ if !targets.contains_key(&config.target) {
++ let mut envs: HashMap<String, String> = HashMap::new();
++
++ if let Ok(t) = std::env::var("RUST_TARGET_PATH") {
++ envs.insert("RUST_TARGET_PATH".into(), t);
++ }
++
++ // This returns false only when the target is neither a synthetic target
++ // nor a custom target from the user, indicating it is most likely invalid.
++ if config.target.ends_with(".json") || !envs.is_empty() {
++ targets.insert(
++ config.target.clone(),
++ serde_json::from_str(&rustc_output(
++ config,
++ &[
++ "--print=target-spec-json",
++ "-Zunstable-options",
++ "--target",
++ &config.target,
++ ],
++ envs,
++ ))
++ .unwrap(),
++ );
++ }
+ }
+
+ for (target, cfg) in targets.iter() {
+@@ -545,7 +563,9 @@ fn get_current_target_config(
+ // code below extracts them from `--print=cfg`: make sure to only override fields that can
+ // actually be changed with `-C` flags.
+ for config in
+- rustc_output(config, &["--print=cfg", "--target", &config.target]).trim().lines()
++ rustc_output(config, &["--print=cfg", "--target", &config.target], Default::default())
++ .trim()
++ .lines()
+ {
+ let (name, value) = config
+ .split_once("=\"")
+@@ -624,11 +644,12 @@ pub enum Endian {
+ Big,
+ }
+
+-fn rustc_output(config: &Config, args: &[&str]) -> String {
++fn rustc_output(config: &Config, args: &[&str], envs: HashMap<String, String>) -> String {
+ let mut command = Command::new(&config.rustc_path);
+ add_dylib_path(&mut command, iter::once(&config.compile_lib_path));
+ command.args(&config.target_rustcflags).args(args);
+ command.env("RUSTC_BOOTSTRAP", "1");
++ command.envs(envs);
+
+ let output = match command.output() {
+ Ok(output) => output,
+
diff --git a/poky/meta/recipes-devtools/rust/files/rustc-bootstrap.patch b/poky/meta/recipes-devtools/rust/files/rustc-bootstrap.patch
new file mode 100644
index 0000000..406fc61
--- /dev/null
+++ b/poky/meta/recipes-devtools/rust/files/rustc-bootstrap.patch
@@ -0,0 +1,21 @@
+When rust.channel is set to either beta or stable, we can't use
+nightly features on bootstrap without RUSTC_BOOTSTRAP. Set RUSTC_BOOTSTRAP=1
+to use nightly features on stable or beta.
+
+Upstream-Status: Backport [https://github.com/rust-lang/rust/pull/119619/commits/8aa7dd06f6e50621dc10f9f9490681be8a45876f]
+
+Signed-off-by: onur-ozkan <work@onurozkan.dev>
+Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
+---
+diff --git a/src/bootstrap/synthetic_targets.rs b/ src/bootstrap/synthetic_targets.rs
+index d2c65b740da..45baf56f46b 100644
+--- a/src/bootstrap/synthetic_targets.rs
++++ b/src/bootstrap/synthetic_targets.rs
+@@ -59,6 +59,7 @@ fn create_synthetic_target(
+ let mut cmd = Command::new(builder.rustc(compiler));
+ cmd.arg("--target").arg(base.rustc_target_arg());
+ cmd.args(["-Zunstable-options", "--print", "target-spec-json"]);
++ cmd.env("RUSTC_BOOTSTRAP", "1");
+ cmd.stdout(Stdio::piped());
+
+ let output = cmd.spawn().unwrap().wait_with_output().unwrap();
diff --git a/poky/meta/recipes-devtools/rust/files/target-build-value.patch b/poky/meta/recipes-devtools/rust/files/target-build-value.patch
new file mode 100644
index 0000000..23e8c76
--- /dev/null
+++ b/poky/meta/recipes-devtools/rust/files/target-build-value.patch
@@ -0,0 +1,26 @@
+Add correct build value for cross-compiled targets on stage1 when
+bootstapping rustc.
+
+Upstream-Status: Backport [https://github.com/rust-lang/rust/pull/119619/commits/b888e2f82b9dbe81875f50d13adbc0271a9401ff]
+
+Signed-off-by: onur-ozkan <work@onurozkan.dev>
+Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
+---
+diff --git a/src/bootstrap/test.rs b/src/bootstrap/test.rs
+--- a/src/bootstrap/test.rs
++++ b/src/bootstrap/test.rs
+@@ -1489,8 +1489,12 @@
+ // NOTE: Only stage 1 is special cased because we need the rustc_private artifacts to match the
+ // running compiler in stage 2 when plugins run.
+ let stage_id = if suite == "ui-fulldeps" && compiler.stage == 1 {
+- compiler = builder.compiler(compiler.stage - 1, target);
+- format!("stage{}-{}", compiler.stage + 1, target)
++ // At stage 0 (stage - 1) we are using the beta compiler. Using `self.target` can lead finding
++ // an incorrect compiler path on cross-targets, as the stage 0 beta compiler is always equal
++ // to `build.build` in the configuration.
++ let build = builder.build.build;
++ compiler = builder.compiler(compiler.stage - 1, build);
++ format!("stage{}-{}", compiler.stage + 1, build)
+ } else {
+ format!("stage{}-{}", compiler.stage, target)
+ };
diff --git a/poky/meta/recipes-devtools/rust/rust-source.inc b/poky/meta/recipes-devtools/rust/rust-source.inc
index 83a0dbc..e02829e 100644
--- a/poky/meta/recipes-devtools/rust/rust-source.inc
+++ b/poky/meta/recipes-devtools/rust/rust-source.inc
@@ -10,6 +10,10 @@
file://0004-musl-Define-O_LARGEFILE-for-riscv32.patch;patchdir=${RUSTSRC} \
file://0005-musl-Define-SOCK_SEQPACKET-in-common-place.patch;patchdir=${RUSTSRC} \
file://0001-Revert-Map-source-absolute-paths-to-OUT_DIR-as-relat.patch;patchdir=${RUSTSRC} \
+ file://cargo-path.patch;patchdir=${RUSTSRC} \
+ file://custom-target-cfg.patch;patchdir=${RUSTSRC} \
+ file://rustc-bootstrap.patch;patchdir=${RUSTSRC} \
+ file://target-build-value.patch;patchdir=${RUSTSRC} \
"
SRC_URI[rust.sha256sum] = "b98c09d968529212fb29eec7d6d3e9bdaa869810679b7fb86a1ca69469d75f5e"
diff --git a/poky/meta/recipes-devtools/rust/rust_1.74.1.bb b/poky/meta/recipes-devtools/rust/rust_1.74.1.bb
index 30543ad..f8db186 100644
--- a/poky/meta/recipes-devtools/rust/rust_1.74.1.bb
+++ b/poky/meta/recipes-devtools/rust/rust_1.74.1.bb
@@ -200,7 +200,11 @@
if [ ${RUST_ALTERNATE_EXE_PATH_NATIVE} != ${RUST_ALTERNATE_EXE_PATH} -a ! -f ${RUST_ALTERNATE_EXE_PATH} ]; then
mkdir -p `dirname ${RUST_ALTERNATE_EXE_PATH}`
cp ${RUST_ALTERNATE_EXE_PATH_NATIVE} ${RUST_ALTERNATE_EXE_PATH}
- chrpath -d ${RUST_ALTERNATE_EXE_PATH}
+ if [ -e ${STAGING_LIBDIR_NATIVE}/libc++.so.1 ]; then
+ chrpath -r \$ORIGIN/../../../../../`basename ${STAGING_DIR_NATIVE}`${libdir_native} ${RUST_ALTERNATE_EXE_PATH}
+ else
+ chrpath -d ${RUST_ALTERNATE_EXE_PATH}
+ fi
fi
oe_cargo_fix_env
diff --git a/poky/meta/recipes-extended/cronie/cronie/crond_pam_config.patch b/poky/meta/recipes-extended/cronie/cronie/crond_pam_config.patch
index c374790..464d147 100644
--- a/poky/meta/recipes-extended/cronie/cronie/crond_pam_config.patch
+++ b/poky/meta/recipes-extended/cronie/cronie/crond_pam_config.patch
@@ -1,9 +1,19 @@
+From f5b325cba73018e5be984570fd4e680e59e7865d Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan@windriver.com>
+Date: Wed, 20 Jul 2011 02:42:28 +0000
+Subject: [PATCH] cronie: enable PAM support for cronie
+
password-auth is the Fedora's common pam configure file, use oe common pam
configure files instead.
Upstream-Status: Pending
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
+
+---
+ pam/crond | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
diff --git a/pam/crond b/pam/crond
index 560529d..95a6457 100644
--- a/pam/crond
diff --git a/poky/meta/recipes-extended/cronie/cronie_1.7.0.bb b/poky/meta/recipes-extended/cronie/cronie_1.7.1.bb
similarity index 96%
rename from poky/meta/recipes-extended/cronie/cronie_1.7.0.bb
rename to poky/meta/recipes-extended/cronie/cronie_1.7.1.bb
index 24c419b..854b681 100644
--- a/poky/meta/recipes-extended/cronie/cronie_1.7.0.bb
+++ b/poky/meta/recipes-extended/cronie/cronie_1.7.1.bb
@@ -25,7 +25,7 @@
PAM_SRC_URI = "file://crond_pam_config.patch"
PAM_DEPS = "libpam libpam-runtime pam-plugin-access pam-plugin-loginuid"
-SRC_URI[sha256sum] = "6827f5a47760cc64afeef0a60d3cb5376f52569109fc9a73957dd5e9fdae7619"
+SRC_URI[sha256sum] = "78033100c24413f0c40f93e6138774d6a4f55bc31050567b90db45a2f9f1b954"
inherit autotools update-rc.d useradd systemd github-releases
UPSTREAM_CHECK_REGEX = "releases/tag/cronie-(?P<pver>\d+(\.\d+)+)"
diff --git a/poky/meta/recipes-extended/shadow/shadow.inc b/poky/meta/recipes-extended/shadow/shadow.inc
index 43f4562..b8e5e28 100644
--- a/poky/meta/recipes-extended/shadow/shadow.inc
+++ b/poky/meta/recipes-extended/shadow/shadow.inc
@@ -47,16 +47,6 @@
CFLAGS:append:libc-musl = " -DLIBBSD_OVERLAY"
-# Force static linking of utilities so we can use from the sysroot/sstate for useradd
-# without worrying about the dependency libraries being available
-LDFLAGS:append:class-native = " -no-pie"
-do_compile:prepend:class-native () {
- sed -i -e 's#\(LIBS.*\)-lbsd#\1 ${STAGING_LIBDIR}/libbsd.a ${STAGING_LIBDIR}/libmd.a#g' \
- -e 's#\(LIBBSD.*\)-lbsd#\1 ${STAGING_LIBDIR}/libbsd.a ${STAGING_LIBDIR}/libmd.a#g' \
- -e 's#\(LIBATTR.*\)-lattr#\1 ${STAGING_LIBDIR}/libattr.a#g' \
- ${B}/lib/Makefile ${B}/src/Makefile
-}
-
NSCDOPT = ""
NSCDOPT:class-native = "--without-nscd"
NSCDOPT:class-nativesdk = "--without-nscd"
@@ -161,6 +151,20 @@
touch ${D}${sysconfdir}/subgid
}
+# Make executables look for dynamically linked libraries in a custom location, and install
+# the needed libraries there. That way we can use them from sstate
+# in setscene tasks without worrying about the dependency libraries being available.
+do_install:append:class-native() {
+ binaries=$(find ${D}${base_bindir}/ ${D}${base_sbindir}/ ${D}${bindir}/ ${D}${sbindir}/ -executable -type f)
+ chrpath -k -r ${STAGING_DIR_NATIVE}/lib-shadow-deps $binaries
+ mkdir -p ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
+ install ${STAGING_LIBDIR_NATIVE}/libattr.so.* ${STAGING_LIBDIR_NATIVE}/libbsd.so.* ${STAGING_LIBDIR_NATIVE}/libmd.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
+ install ${D}${libdir}/*.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
+}
+
+SYSROOT_DIRS:append:class-native = " ${STAGING_DIR_NATIVE}/lib-shadow-deps/"
+INSANE_SKIP:${PN}:class-native = "already-stripped"
+
PACKAGES =+ "${PN}-base"
FILES:${PN}-base = "\
${base_bindir}/login.shadow \
diff --git a/poky/meta/recipes-gnome/libgudev/libgudev/0001-meson-Pass-export-dynamic-option-to-linker.patch b/poky/meta/recipes-gnome/libgudev/libgudev/0001-meson-Pass-export-dynamic-option-to-linker.patch
new file mode 100644
index 0000000..8a06d24
--- /dev/null
+++ b/poky/meta/recipes-gnome/libgudev/libgudev/0001-meson-Pass-export-dynamic-option-to-linker.patch
@@ -0,0 +1,38 @@
+From dc4fcfb1e1e2326a412b252314af3e9424a31457 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 16 Jan 2024 12:02:46 -0800
+Subject: [PATCH] meson: Pass --export-dynamic option to linker
+
+Bypass the compiler driver trying to comprehend and translate it for
+linker, since its not clear what the right behavior should be, gcc seems
+to translate it into --export-dynamic but clang 18+ rejects it
+
+| x86_64-yoe-linux-clang: error: unknown argument: '-export-dynamic'
+
+also see [1]
+
+This makes it work as intended across gcc and clang
+
+Upstream-Status: Submitted [https://gitlab.gnome.org/GNOME/libgudev/-/merge_requests/30]
+[1] https://discourse.llvm.org/t/clang-option-export-dynamic-parse-to-e-xport-dynamic-error/72454
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gudev/meson.build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gudev/meson.build b/gudev/meson.build
+index e904203..3ed580b 100644
+--- a/gudev/meson.build
++++ b/gudev/meson.build
+@@ -33,7 +33,7 @@ libgudev_c_args = [
+ ]
+
+ libgudev_link_args = [
+- '-export-dynamic',
++ '-Wl,--export-dynamic',
+ '-Wl,--version-script,@0@/libgudev-1.0.sym'.format(top_srcdir),
+ ]
+
+--
+2.43.0
+
diff --git a/poky/meta/recipes-gnome/libgudev/libgudev_238.bb b/poky/meta/recipes-gnome/libgudev/libgudev_238.bb
index 5923544..f197f64 100644
--- a/poky/meta/recipes-gnome/libgudev/libgudev_238.bb
+++ b/poky/meta/recipes-gnome/libgudev/libgudev_238.bb
@@ -16,6 +16,8 @@
inherit gnomebase gobject-introspection gtk-doc
+SRC_URI += "file://0001-meson-Pass-export-dynamic-option-to-linker.patch"
+
GIR_MESON_ENABLE_FLAG = 'enabled'
GIR_MESON_DISABLE_FLAG = 'disabled'
diff --git a/poky/meta/recipes-gnome/libsecret/libsecret_0.21.1.bb b/poky/meta/recipes-gnome/libsecret/libsecret_0.21.2.bb
similarity index 90%
rename from poky/meta/recipes-gnome/libsecret/libsecret_0.21.1.bb
rename to poky/meta/recipes-gnome/libsecret/libsecret_0.21.2.bb
index f762d7c..2d8ea95 100644
--- a/poky/meta/recipes-gnome/libsecret/libsecret_0.21.1.bb
+++ b/poky/meta/recipes-gnome/libsecret/libsecret_0.21.2.bb
@@ -13,7 +13,7 @@
DEPENDS += "glib-2.0 libgcrypt gettext-native"
-SRC_URI[archive.sha256sum] = "674f51323a5f74e4cb7e3277da68b5afddd333eca25bc9fd2d820a92972f90b1"
+SRC_URI[archive.sha256sum] = "e4a341496a0815e64c8d3b8fabab33d7bae7efdeab77b843669731d5b181dcee"
GTKDOC_MESON_OPTION = 'gtk_doc'
diff --git a/poky/meta/recipes-graphics/cairo/cairo_1.18.0.bb b/poky/meta/recipes-graphics/cairo/cairo_1.18.0.bb
index fe72537..4c97e97 100644
--- a/poky/meta/recipes-graphics/cairo/cairo_1.18.0.bb
+++ b/poky/meta/recipes-graphics/cairo/cairo_1.18.0.bb
@@ -38,12 +38,13 @@
# if qemu usermode isn't available, this value needs to be set statically
# (otherwise it's determinted by running a small target executable with qemu)
-do_write_config:append:class-target() {
+do_write_config:append() {
cat >${WORKDIR}/cairo.cross <<EOF
[properties]
ipc_rmid_deferred_release = 'true'
EOF
}
+EXTRA_OEMESON:append:class-nativesdk = "${@' --cross-file ${WORKDIR}/cairo.cross' if d.getVar('EXEWRAPPER_ENABLED') == 'False' else ''}"
EXTRA_OEMESON:append:class-target = "${@' --cross-file ${WORKDIR}/cairo.cross' if d.getVar('EXEWRAPPER_ENABLED') == 'False' else ''}"
GTKDOC_MESON_OPTION = "gtk_doc"
diff --git a/poky/meta/recipes-graphics/shaderc/shaderc_2023.7.bb b/poky/meta/recipes-graphics/shaderc/shaderc_2023.7.bb
index e4555af..cf2ced9 100644
--- a/poky/meta/recipes-graphics/shaderc/shaderc_2023.7.bb
+++ b/poky/meta/recipes-graphics/shaderc/shaderc_2023.7.bb
@@ -6,7 +6,7 @@
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
-SRCREV = "23cc2d78fd4f866b6ab527886a396bec36948605"
+SRCREV = "3882b16417077aa8eaa7b5775920e7ba4b8a224d"
SRC_URI = "git://github.com/google/shaderc.git;protocol=https;branch=main \
file://0001-cmake-disable-building-external-dependencies.patch \
file://0002-libshaderc_util-fix-glslang-header-file-location.patch \
diff --git a/poky/meta/recipes-graphics/wayland/weston_12.0.2.bb b/poky/meta/recipes-graphics/wayland/weston_13.0.0.bb
similarity index 93%
rename from poky/meta/recipes-graphics/wayland/weston_12.0.2.bb
rename to poky/meta/recipes-graphics/wayland/weston_13.0.0.bb
index cfcaaca..c74f471 100644
--- a/poky/meta/recipes-graphics/wayland/weston_12.0.2.bb
+++ b/poky/meta/recipes-graphics/wayland/weston_13.0.0.bb
@@ -14,7 +14,7 @@
file://systemd-notify.weston-start \
"
-SRC_URI[sha256sum] = "eb686a7cf00992a23b17f192fca9a887313e92c346ee35d8575196983d656b4a"
+SRC_URI[sha256sum] = "52ff1d4aa2394a2e416c85a338b627ce97fa71d43eb762fd4aaf145d36fc795a"
UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html"
UPSTREAM_CHECK_REGEX = "weston-(?P<pver>\d+\.\d+\.(?!9\d+)\d+)"
@@ -38,7 +38,6 @@
${@bb.utils.contains('DISTRO_FEATURES', 'x11 wayland', 'xwayland', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)} \
${@bb.utils.contains_any('DISTRO_FEATURES', 'wayland x11', '', 'headless', d)} \
- launcher-libseat \
image-jpeg \
screenshare \
shell-desktop \
@@ -54,7 +53,7 @@
# Compositor choices
#
# Weston on KMS
-PACKAGECONFIG[kms] = "-Dbackend-drm=true,-Dbackend-drm=false,drm udev virtual/egl virtual/libgles2 virtual/libgbm mtdev"
+PACKAGECONFIG[kms] = "-Dbackend-drm=true,-Dbackend-drm=false,drm udev seatd virtual/egl virtual/libgles2 virtual/libgbm mtdev"
# Weston on Wayland (nested Weston)
PACKAGECONFIG[wayland] = "-Dbackend-wayland=true,-Dbackend-wayland=false,virtual/egl virtual/libgles2"
# Weston on X11
@@ -93,10 +92,6 @@
PACKAGECONFIG[shell-kiosk] = "-Dshell-kiosk=true,-Dshell-kiosk=false"
# JPEG image loading support
PACKAGECONFIG[image-jpeg] = "-Dimage-jpeg=true,-Dimage-jpeg=false, jpeg"
-# support libseat based launch
-PACKAGECONFIG[launcher-libseat] = "-Dlauncher-libseat=true,-Dlauncher-libseat=false,seatd"
-# deprecated and superseded by libseat launcher
-PACKAGECONFIG[launcher-logind] = "-Ddeprecated-launcher-logind=true,-Ddeprecated-launcher-logind=false,"
# screencasting via PipeWire
PACKAGECONFIG[pipewire] = "-Dbackend-pipewire=true,-Dbackend-pipewire=false,pipewire"
# VNC remote screensharing
diff --git a/poky/meta/recipes-graphics/xorg-app/xev/diet-x11.patch b/poky/meta/recipes-graphics/xorg-app/xev/diet-x11.patch
deleted file mode 100644
index 361369b..0000000
--- a/poky/meta/recipes-graphics/xorg-app/xev/diet-x11.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From b9b2b8d1af283a13cdccea55562cf332de48dcb9 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross@openedhand.com>
-Date: Wed, 28 Mar 2007 16:10:50 +0000
-Subject: [PATCH] Add xev
-
-Upstream-Status: Inappropriate [disable feature]
-
----
- xev.c | 64 +----------------------------------------------------------
- 1 file changed, 1 insertion(+), 63 deletions(-)
-
-diff --git a/xev.c b/xev.c
-index ea69234..6d5eb30 100644
---- a/xev.c
-+++ b/xev.c
-@@ -175,17 +175,6 @@ do_KeyPress(XEvent *eventp)
- nbytes = XLookupString(e, str, 256, &ks, NULL);
-
- /* not supposed to call XmbLookupString on a key release event */
-- if (e->type == KeyPress && xic) {
-- do {
-- nmbbytes = XmbLookupString(xic, e, buf, bsize - 1, &ks, &status);
-- buf[nmbbytes] = '\0';
--
-- if (status == XBufferOverflow) {
-- bsize = nmbbytes + 1;
-- buf = realloc(buf, bsize);
-- }
-- } while (status == XBufferOverflow);
-- }
-
- if (ks == NoSymbol)
- ksname = "NoSymbol";
-@@ -220,16 +209,6 @@ do_KeyPress(XEvent *eventp)
- }
-
- /* not supposed to call XmbLookupString on a key release event */
-- if (e->type == KeyPress && xic) {
-- output(Indent, "XmbLookupString gives %d bytes: ", nmbbytes);
-- if (nmbbytes > 0) {
-- dump(buf, nmbbytes);
-- output(NewLine, " \"%s\"", buf);
-- }
-- else {
-- output_new_line();
-- }
-- }
-
- output(Indent | NewLine, "XFilterEvent returns: %s",
- XFilterEvent(eventp, e->window) ? "True" : "False");
-@@ -1211,7 +1190,7 @@ parse_event_mask(const char *s, long event_masks[])
- if (s)
- return True;
- }
-- }
-+ }
-
- if (s != NULL)
- fprintf(stderr, "%s: unrecognized event mask '%s'\n", ProgramName, s);
-@@ -1361,37 +1340,6 @@ main(int argc, char **argv)
- fprintf(stderr, "%s: XSetLocaleModifiers failed\n", ProgramName);
- }
-
-- xim = XOpenIM(dpy, NULL, NULL, NULL);
-- if (xim == NULL) {
-- fprintf(stderr, "%s: XOpenIM failed\n", ProgramName);
-- }
--
-- if (xim) {
-- imvalret = XGetIMValues(xim, XNQueryInputStyle, &xim_styles, NULL);
-- if (imvalret != NULL || xim_styles == NULL) {
-- fprintf(stderr, "%s: input method doesn't support any styles\n",
-- ProgramName);
-- }
--
-- if (xim_styles) {
-- xim_style = 0;
-- for (i = 0; i < xim_styles->count_styles; i++) {
-- if (xim_styles->supported_styles[i] ==
-- (XIMPreeditNothing | XIMStatusNothing)) {
-- xim_style = xim_styles->supported_styles[i];
-- break;
-- }
-- }
--
-- if (xim_style == 0) {
-- fprintf(stderr,
-- "%s: input method doesn't support the style we support\n",
-- ProgramName);
-- }
-- XFree(xim_styles);
-- }
-- }
--
- screen = DefaultScreen(dpy);
-
- attr.event_mask = event_masks[EVENT_MASK_INDEX_CORE];
-@@ -1446,16 +1394,6 @@ main(int argc, char **argv)
- printf("Outer window is 0x%lx, inner window is 0x%lx\n", w, subw);
- }
-
-- if (xim && xim_style) {
-- xic = XCreateIC(xim,
-- XNInputStyle, xim_style,
-- XNClientWindow, w, XNFocusWindow, w, NULL);
--
-- if (xic == NULL) {
-- fprintf(stderr, "XCreateIC failed\n");
-- }
-- }
--
- have_rr = XRRQueryExtension(dpy, &rr_event_base, &rr_error_base);
- if (have_rr) {
- int rr_major, rr_minor;
diff --git a/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb
index 0e3def6..1d2e66b 100644
--- a/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb
+++ b/poky/meta/recipes-graphics/xorg-app/xev_1.2.5.bb
@@ -12,8 +12,6 @@
DEPENDS += "libxrandr xorgproto"
-SRC_URI += "file://diet-x11.patch"
-
SRC_URI[sha256sum] = "c9461a4389714e0f33974f9e75934bdc38d836a0f059b8dc089c7cbf2ce36ec1"
SRC_URI_EXT = "xz"
diff --git a/poky/meta/recipes-graphics/xorg-lib/libxcomposite/change-include-order.patch b/poky/meta/recipes-graphics/xorg-lib/libxcomposite/change-include-order.patch
deleted file mode 100644
index 60331f6..0000000
--- a/poky/meta/recipes-graphics/xorg-lib/libxcomposite/change-include-order.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-
-This patch makes the build use its own Xcomposite.h over rather than an
-older Xcomposite.h that might already be installed in the staging dir.
-
-Index: libXcomposite-0.4.3/src/Makefile.am
-===================================================================
---- libXcomposite-0.4.3.orig/src/Makefile.am 2010-06-30 22:42:53.000000000 -0700
-+++ libXcomposite-0.4.3/src/Makefile.am 2010-11-23 23:09:34.544322930 -0800
-@@ -19,7 +19,7 @@
- # TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- # PERFORMANCE OF THIS SOFTWARE.
-
--AM_CFLAGS = $(CWARNFLAGS) $(XCOMPOSITE_CFLAGS) $(XFIXES_CFLAGS)
-+AM_CFLAGS = -I$(top_srcdir)/include $(CWARNFLAGS) $(XCOMPOSITE_CFLAGS) $(XFIXES_CFLAGS)
- AM_CPPFLAGS = -I$(top_srcdir)/include
-
- lib_LTLIBRARIES = libXcomposite.la
diff --git a/poky/meta/recipes-graphics/xorg-lib/libxcomposite_0.4.6.bb b/poky/meta/recipes-graphics/xorg-lib/libxcomposite_0.4.6.bb
index 77b3db5..881f579 100644
--- a/poky/meta/recipes-graphics/xorg-lib/libxcomposite_0.4.6.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/libxcomposite_0.4.6.bb
@@ -22,6 +22,4 @@
XORG_PN = "libXcomposite"
-SRC_URI += " file://change-include-order.patch"
-
SRC_URI[sha256sum] = "fe40bcf0ae1a09070eba24088a5eb9810efe57453779ec1e20a55080c6dc2c87"
diff --git a/poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.3.bb b/poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.4.bb
similarity index 87%
rename from poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.3.bb
rename to poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.4.bb
index 98572bd..3e2825b 100644
--- a/poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.3.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/libxrandr_1.5.4.bb
@@ -19,4 +19,4 @@
BBCLASSEXTEND = "native nativesdk"
-SRC_URI[sha256sum] = "897639014a78e1497704d669c5dd5682d721931a4452c89a7ba62676064eb428"
+SRC_URI[sha256sum] = "1ad5b065375f4a85915aa60611cc6407c060492a214d7f9daf214be752c3b4d3"
diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 085fcaf..22f7d9a 100644
--- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -116,7 +116,6 @@
EXTRA_OEMESON += " \
-Dxnest=false \
- -Dxvfb=true \
-Ddtrace=false \
-Dint10=x86emu \
-Dxkb_output_dir=/var/lib/xkb \
@@ -138,6 +137,7 @@
PACKAGECONFIG[unwind] = "-Dlibunwind=true,-Dlibunwind=false,libunwind"
PACKAGECONFIG[systemd-logind] = "-Dsystemd_logind=true,-Dsystemd_logind=false,dbus,"
PACKAGECONFIG[xinerama] = "-Dxinerama=true,-Dxinerama=false"
+PACKAGECONFIG[xvfb] = "-Dxvfb=true,-Dxvfb=false"
# Xorg requires a SHA1 implementation, pick one
XORG_CRYPTO ??= "openssl"
@@ -175,3 +175,5 @@
d.appendVar("RPROVIDES:" + pn, " " + get_abi("input"))
d.appendVar("RPROVIDES:" + pn, " " + get_abi("video"))
}
+
+CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', '', 'not-applicable-config: specific to Xvfb', d)}"
diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb
index 16cf8e2..9347cde 100644
--- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb
+++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20231211.bb
@@ -263,9 +263,7 @@
PACKAGES =+ "${PN}-amphion-vpu-license ${PN}-amphion-vpu \
${PN}-cw1200-license ${PN}-cw1200 \
${PN}-ralink-license ${PN}-ralink \
- ${PN}-mt7601u-license ${PN}-mt7601u \
- ${PN}-mt7650-license ${PN}-mt7650 \
- ${PN}-mt76x2-license ${PN}-mt76x2 \
+ ${PN}-mt76x-license ${PN}-mt7601u ${PN}-mt7650 ${PN}-mt76x2 \
${PN}-radeon-license ${PN}-radeon \
${PN}-amdgpu-license ${PN}-amdgpu \
${PN}-marvell-license ${PN}-pcie8897 ${PN}-pcie8997 \
@@ -507,43 +505,36 @@
RDEPENDS:${PN}-ralink += "${PN}-ralink-license"
# For mediatek MT7601U
-LICENSE:${PN}-mt7601u = "Firmware-ralink_a_mediatek_company_firmware"
-LICENSE:${PN}-mt7601u-license = "Firmware-ralink_a_mediatek_company_firmware"
+LICENSE:${PN}-mt76x-license = "Firmware-ralink_a_mediatek_company_firmware"
+FILES:${PN}-mt76x-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware"
-FILES:${PN}-mt7601u-license = "${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware"
+LICENSE:${PN}-mt7601u = "Firmware-ralink_a_mediatek_company_firmware"
+
FILES:${PN}-mt7601u = " \
${nonarch_base_libdir}/firmware/mediatek/mt7601u.bin \
${nonarch_base_libdir}/firmware/mt7601u.bin \
"
-RDEPENDS:${PN}-mt7601u += "${PN}-mt7601u-license"
+RDEPENDS:${PN}-mt7601u += "${PN}-mt76x-license"
# For MediaTek Bluetooth USB driver 7650
LICENSE:${PN}-mt7650 = "Firmware-ralink_a_mediatek_company_firmware"
-LICENSE:${PN}-mt7650-license = "Firmware-ralink_a_mediatek_company_firmware"
-FILES:${PN}-mt7650-license = " \
- ${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware \
-"
FILES:${PN}-mt7650 = " \
${nonarch_base_libdir}/firmware/mediatek/mt7650.bin \
${nonarch_base_libdir}/firmware/mt7650.bin \
"
-RDEPENDS:${PN}-mt7650 += "${PN}-mt7650-license"
+RDEPENDS:${PN}-mt7650 += "${PN}-mt76x-license"
# For MediaTek MT76x2 Wireless MACs
LICENSE:${PN}-mt76x2 = "Firmware-ralink_a_mediatek_company_firmware"
-LICENSE:${PN}-mt76x2-license = "Firmware-ralink_a_mediatek_company_firmware"
-FILES:${PN}-mt76x2-license = " \
- ${nonarch_base_libdir}/firmware/LICENCE.ralink_a_mediatek_company_firmware \
-"
FILES:${PN}-mt76x2 = " \
${nonarch_base_libdir}/firmware/mediatek/mt7662.bin \
${nonarch_base_libdir}/firmware/mt7662.bin \
${nonarch_base_libdir}/firmware/mediatek/mt7662_rom_patch.bin \
${nonarch_base_libdir}/firmware/mt7662_rom_patch.bin \
"
-RDEPENDS:${PN}-mt76x2 += "${PN}-mt76x2-license"
+RDEPENDS:${PN}-mt76x2 += "${PN}-mt76x-license"
# For MediaTek
LICENSE:${PN}-mediatek = "Firmware-mediatek"
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
deleted file mode 100644
index 8d34583..0000000
--- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ /dev/null
@@ -1,5172 +0,0 @@
-
-# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2024-01-03 21:24:21.156991+00:00 for version 6.1.70
-
-python check_kernel_cve_status_version() {
- this_version = "6.1.70"
- kernel_version = d.getVar("LINUX_VERSION")
- if kernel_version != this_version:
- bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
-}
-do_cve_check[prefuncs] += "check_kernel_cve_status_version"
-
-CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed from version 2.6.12rc2"
-
-CVE_STATUS[CVE-2004-0230] = "fixed-version: Fixed from version 3.6rc1"
-
-# CVE-2005-3660 has no known resolution
-
-CVE_STATUS[CVE-2006-3635] = "fixed-version: Fixed from version 2.6.26rc5"
-
-CVE_STATUS[CVE-2006-5331] = "fixed-version: Fixed from version 2.6.19rc3"
-
-CVE_STATUS[CVE-2006-6128] = "fixed-version: Fixed from version 2.6.19rc2"
-
-# CVE-2007-3719 has no known resolution
-
-CVE_STATUS[CVE-2007-4774] = "fixed-version: Fixed from version 2.6.12rc2"
-
-CVE_STATUS[CVE-2007-6761] = "fixed-version: Fixed from version 2.6.24rc6"
-
-CVE_STATUS[CVE-2007-6762] = "fixed-version: Fixed from version 2.6.20rc5"
-
-# CVE-2008-2544 has no known resolution
-
-# CVE-2008-4609 has no known resolution
-
-CVE_STATUS[CVE-2008-7316] = "fixed-version: Fixed from version 2.6.25rc1"
-
-CVE_STATUS[CVE-2009-2692] = "fixed-version: Fixed from version 2.6.31rc6"
-
-CVE_STATUS[CVE-2010-0008] = "fixed-version: Fixed from version 2.6.23rc9"
-
-CVE_STATUS[CVE-2010-3432] = "fixed-version: Fixed from version 2.6.36rc5"
-
-# CVE-2010-4563 has no known resolution
-
-CVE_STATUS[CVE-2010-4648] = "fixed-version: Fixed from version 2.6.37rc6"
-
-CVE_STATUS[CVE-2010-5313] = "fixed-version: Fixed from version 2.6.38rc1"
-
-# CVE-2010-5321 has no known resolution
-
-CVE_STATUS[CVE-2010-5328] = "fixed-version: Fixed from version 2.6.35rc1"
-
-CVE_STATUS[CVE-2010-5329] = "fixed-version: Fixed from version 2.6.39rc1"
-
-CVE_STATUS[CVE-2010-5331] = "fixed-version: Fixed from version 2.6.34rc7"
-
-CVE_STATUS[CVE-2010-5332] = "fixed-version: Fixed from version 2.6.37rc1"
-
-CVE_STATUS[CVE-2011-4098] = "fixed-version: Fixed from version 3.2rc1"
-
-CVE_STATUS[CVE-2011-4131] = "fixed-version: Fixed from version 3.3rc1"
-
-CVE_STATUS[CVE-2011-4915] = "fixed-version: Fixed from version 3.2rc1"
-
-# CVE-2011-4916 has no known resolution
-
-# CVE-2011-4917 has no known resolution
-
-CVE_STATUS[CVE-2011-5321] = "fixed-version: Fixed from version 3.2rc1"
-
-CVE_STATUS[CVE-2011-5327] = "fixed-version: Fixed from version 3.1rc1"
-
-CVE_STATUS[CVE-2012-0957] = "fixed-version: Fixed from version 3.7rc2"
-
-CVE_STATUS[CVE-2012-2119] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2012-2136] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2012-2137] = "fixed-version: Fixed from version 3.5rc2"
-
-CVE_STATUS[CVE-2012-2313] = "fixed-version: Fixed from version 3.4rc6"
-
-CVE_STATUS[CVE-2012-2319] = "fixed-version: Fixed from version 3.4rc6"
-
-CVE_STATUS[CVE-2012-2372] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2012-2375] = "fixed-version: Fixed from version 3.4rc1"
-
-CVE_STATUS[CVE-2012-2390] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2012-2669] = "fixed-version: Fixed from version 3.5rc4"
-
-CVE_STATUS[CVE-2012-2744] = "fixed-version: Fixed from version 2.6.34rc1"
-
-CVE_STATUS[CVE-2012-2745] = "fixed-version: Fixed from version 3.4rc3"
-
-CVE_STATUS[CVE-2012-3364] = "fixed-version: Fixed from version 3.5rc6"
-
-CVE_STATUS[CVE-2012-3375] = "fixed-version: Fixed from version 3.4rc5"
-
-CVE_STATUS[CVE-2012-3400] = "fixed-version: Fixed from version 3.5rc5"
-
-CVE_STATUS[CVE-2012-3412] = "fixed-version: Fixed from version 3.6rc2"
-
-CVE_STATUS[CVE-2012-3430] = "fixed-version: Fixed from version 3.6rc1"
-
-CVE_STATUS[CVE-2012-3510] = "fixed-version: Fixed from version 2.6.19rc4"
-
-CVE_STATUS[CVE-2012-3511] = "fixed-version: Fixed from version 3.5rc6"
-
-CVE_STATUS[CVE-2012-3520] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-3552] = "fixed-version: Fixed from version 3.0rc1"
-
-# Skipping CVE-2012-4220, no affected_versions
-
-# Skipping CVE-2012-4221, no affected_versions
-
-# Skipping CVE-2012-4222, no affected_versions
-
-CVE_STATUS[CVE-2012-4398] = "fixed-version: Fixed from version 3.4rc1"
-
-CVE_STATUS[CVE-2012-4444] = "fixed-version: Fixed from version 2.6.36rc4"
-
-CVE_STATUS[CVE-2012-4461] = "fixed-version: Fixed from version 3.7rc6"
-
-CVE_STATUS[CVE-2012-4467] = "fixed-version: Fixed from version 3.6rc5"
-
-CVE_STATUS[CVE-2012-4508] = "fixed-version: Fixed from version 3.7rc3"
-
-CVE_STATUS[CVE-2012-4530] = "fixed-version: Fixed from version 3.8rc1"
-
-# CVE-2012-4542 has no known resolution
-
-CVE_STATUS[CVE-2012-4565] = "fixed-version: Fixed from version 3.7rc4"
-
-CVE_STATUS[CVE-2012-5374] = "fixed-version: Fixed from version 3.8rc1"
-
-CVE_STATUS[CVE-2012-5375] = "fixed-version: Fixed from version 3.8rc1"
-
-CVE_STATUS[CVE-2012-5517] = "fixed-version: Fixed from version 3.6rc1"
-
-CVE_STATUS[CVE-2012-6536] = "fixed-version: Fixed from version 3.6rc7"
-
-CVE_STATUS[CVE-2012-6537] = "fixed-version: Fixed from version 3.6rc7"
-
-CVE_STATUS[CVE-2012-6538] = "fixed-version: Fixed from version 3.6rc7"
-
-CVE_STATUS[CVE-2012-6539] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6540] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6541] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6542] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6543] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6544] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6545] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6546] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2012-6547] = "fixed-version: Fixed from version 3.6rc1"
-
-CVE_STATUS[CVE-2012-6548] = "fixed-version: Fixed from version 3.6rc1"
-
-CVE_STATUS[CVE-2012-6549] = "fixed-version: Fixed from version 3.6rc1"
-
-CVE_STATUS[CVE-2012-6638] = "fixed-version: Fixed from version 3.3rc1"
-
-CVE_STATUS[CVE-2012-6647] = "fixed-version: Fixed from version 3.6rc2"
-
-CVE_STATUS[CVE-2012-6657] = "fixed-version: Fixed from version 3.6"
-
-CVE_STATUS[CVE-2012-6689] = "fixed-version: Fixed from version 3.6rc5"
-
-CVE_STATUS[CVE-2012-6701] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2012-6703] = "fixed-version: Fixed from version 3.7rc1"
-
-CVE_STATUS[CVE-2012-6704] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2012-6712] = "fixed-version: Fixed from version 3.4rc1"
-
-CVE_STATUS[CVE-2013-0160] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-0190] = "fixed-version: Fixed from version 3.8rc5"
-
-CVE_STATUS[CVE-2013-0216] = "fixed-version: Fixed from version 3.8rc7"
-
-CVE_STATUS[CVE-2013-0217] = "fixed-version: Fixed from version 3.8rc7"
-
-CVE_STATUS[CVE-2013-0228] = "fixed-version: Fixed from version 3.8"
-
-CVE_STATUS[CVE-2013-0231] = "fixed-version: Fixed from version 3.8rc7"
-
-CVE_STATUS[CVE-2013-0268] = "fixed-version: Fixed from version 3.8rc6"
-
-CVE_STATUS[CVE-2013-0290] = "fixed-version: Fixed from version 3.8"
-
-CVE_STATUS[CVE-2013-0309] = "fixed-version: Fixed from version 3.7rc1"
-
-CVE_STATUS[CVE-2013-0310] = "fixed-version: Fixed from version 3.5"
-
-CVE_STATUS[CVE-2013-0311] = "fixed-version: Fixed from version 3.7rc8"
-
-CVE_STATUS[CVE-2013-0313] = "fixed-version: Fixed from version 3.8rc5"
-
-CVE_STATUS[CVE-2013-0343] = "fixed-version: Fixed from version 3.11rc7"
-
-CVE_STATUS[CVE-2013-0349] = "fixed-version: Fixed from version 3.8rc6"
-
-CVE_STATUS[CVE-2013-0871] = "fixed-version: Fixed from version 3.8rc5"
-
-CVE_STATUS[CVE-2013-0913] = "fixed-version: Fixed from version 3.9rc4"
-
-CVE_STATUS[CVE-2013-0914] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-1059] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-1763] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-1767] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-1772] = "fixed-version: Fixed from version 3.5rc1"
-
-CVE_STATUS[CVE-2013-1773] = "fixed-version: Fixed from version 3.3rc1"
-
-CVE_STATUS[CVE-2013-1774] = "fixed-version: Fixed from version 3.8rc5"
-
-CVE_STATUS[CVE-2013-1792] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-1796] = "fixed-version: Fixed from version 3.9rc4"
-
-CVE_STATUS[CVE-2013-1797] = "fixed-version: Fixed from version 3.9rc4"
-
-CVE_STATUS[CVE-2013-1798] = "fixed-version: Fixed from version 3.9rc4"
-
-CVE_STATUS[CVE-2013-1819] = "fixed-version: Fixed from version 3.8rc6"
-
-CVE_STATUS[CVE-2013-1826] = "fixed-version: Fixed from version 3.6rc7"
-
-CVE_STATUS[CVE-2013-1827] = "fixed-version: Fixed from version 3.6rc3"
-
-CVE_STATUS[CVE-2013-1828] = "fixed-version: Fixed from version 3.9rc2"
-
-CVE_STATUS[CVE-2013-1848] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-1858] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-1860] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-1928] = "fixed-version: Fixed from version 3.7rc3"
-
-CVE_STATUS[CVE-2013-1929] = "fixed-version: Fixed from version 3.9rc6"
-
-# Skipping CVE-2013-1935, no affected_versions
-
-CVE_STATUS[CVE-2013-1943] = "fixed-version: Fixed from version 3.0rc1"
-
-CVE_STATUS[CVE-2013-1956] = "fixed-version: Fixed from version 3.9rc5"
-
-CVE_STATUS[CVE-2013-1957] = "fixed-version: Fixed from version 3.9rc5"
-
-CVE_STATUS[CVE-2013-1958] = "fixed-version: Fixed from version 3.9rc5"
-
-CVE_STATUS[CVE-2013-1959] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-1979] = "fixed-version: Fixed from version 3.9rc8"
-
-CVE_STATUS[CVE-2013-2015] = "fixed-version: Fixed from version 3.8rc2"
-
-CVE_STATUS[CVE-2013-2017] = "fixed-version: Fixed from version 2.6.34"
-
-CVE_STATUS[CVE-2013-2058] = "fixed-version: Fixed from version 3.8rc4"
-
-CVE_STATUS[CVE-2013-2094] = "fixed-version: Fixed from version 3.9rc8"
-
-CVE_STATUS[CVE-2013-2128] = "fixed-version: Fixed from version 2.6.34rc4"
-
-CVE_STATUS[CVE-2013-2140] = "fixed-version: Fixed from version 3.11rc3"
-
-CVE_STATUS[CVE-2013-2141] = "fixed-version: Fixed from version 3.9rc8"
-
-CVE_STATUS[CVE-2013-2146] = "fixed-version: Fixed from version 3.9rc8"
-
-CVE_STATUS[CVE-2013-2147] = "fixed-version: Fixed from version 3.12rc3"
-
-CVE_STATUS[CVE-2013-2148] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-2164] = "fixed-version: Fixed from version 3.11rc1"
-
-# Skipping CVE-2013-2188, no affected_versions
-
-CVE_STATUS[CVE-2013-2206] = "fixed-version: Fixed from version 3.9rc4"
-
-# Skipping CVE-2013-2224, no affected_versions
-
-CVE_STATUS[CVE-2013-2232] = "fixed-version: Fixed from version 3.10"
-
-CVE_STATUS[CVE-2013-2234] = "fixed-version: Fixed from version 3.10"
-
-CVE_STATUS[CVE-2013-2237] = "fixed-version: Fixed from version 3.9rc6"
-
-# Skipping CVE-2013-2239, no affected_versions
-
-CVE_STATUS[CVE-2013-2546] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-2547] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-2548] = "fixed-version: Fixed from version 3.9rc1"
-
-CVE_STATUS[CVE-2013-2596] = "fixed-version: Fixed from version 3.9rc8"
-
-CVE_STATUS[CVE-2013-2634] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-2635] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-2636] = "fixed-version: Fixed from version 3.9rc3"
-
-CVE_STATUS[CVE-2013-2850] = "fixed-version: Fixed from version 3.10rc4"
-
-CVE_STATUS[CVE-2013-2851] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-2852] = "fixed-version: Fixed from version 3.10rc6"
-
-CVE_STATUS[CVE-2013-2888] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-2889] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2890] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2891] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2892] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-2893] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2894] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2895] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2896] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-2897] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-2898] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-2899] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-2929] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-2930] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-3076] = "fixed-version: Fixed from version 3.9"
-
-CVE_STATUS[CVE-2013-3222] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3223] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3224] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3225] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3226] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3227] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3228] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3229] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3230] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3231] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3232] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3233] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3234] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3235] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3236] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3237] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3301] = "fixed-version: Fixed from version 3.9rc7"
-
-CVE_STATUS[CVE-2013-3302] = "fixed-version: Fixed from version 3.8rc3"
-
-CVE_STATUS[CVE-2013-4125] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-4127] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-4129] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-4162] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-4163] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2013-4205] = "fixed-version: Fixed from version 3.11rc5"
-
-CVE_STATUS[CVE-2013-4220] = "fixed-version: Fixed from version 3.10rc4"
-
-CVE_STATUS[CVE-2013-4247] = "fixed-version: Fixed from version 3.10rc5"
-
-CVE_STATUS[CVE-2013-4254] = "fixed-version: Fixed from version 3.11rc6"
-
-CVE_STATUS[CVE-2013-4270] = "fixed-version: Fixed from version 3.12rc4"
-
-CVE_STATUS[CVE-2013-4299] = "fixed-version: Fixed from version 3.12rc6"
-
-CVE_STATUS[CVE-2013-4300] = "fixed-version: Fixed from version 3.11"
-
-CVE_STATUS[CVE-2013-4312] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2013-4343] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-4345] = "fixed-version: Fixed from version 3.13rc2"
-
-CVE_STATUS[CVE-2013-4348] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-4350] = "fixed-version: Fixed from version 3.12rc2"
-
-CVE_STATUS[CVE-2013-4387] = "fixed-version: Fixed from version 3.12rc4"
-
-CVE_STATUS[CVE-2013-4470] = "fixed-version: Fixed from version 3.12rc7"
-
-CVE_STATUS[CVE-2013-4483] = "fixed-version: Fixed from version 3.10rc1"
-
-CVE_STATUS[CVE-2013-4511] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4512] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4513] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4514] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4515] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4516] = "fixed-version: Fixed from version 3.12"
-
-CVE_STATUS[CVE-2013-4563] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-4579] = "fixed-version: Fixed from version 3.13rc7"
-
-CVE_STATUS[CVE-2013-4587] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2013-4588] = "fixed-version: Fixed from version 2.6.33rc4"
-
-CVE_STATUS[CVE-2013-4591] = "fixed-version: Fixed from version 3.8rc1"
-
-CVE_STATUS[CVE-2013-4592] = "fixed-version: Fixed from version 3.7rc1"
-
-# Skipping CVE-2013-4737, no affected_versions
-
-# Skipping CVE-2013-4738, no affected_versions
-
-# Skipping CVE-2013-4739, no affected_versions
-
-CVE_STATUS[CVE-2013-5634] = "fixed-version: Fixed from version 3.10rc5"
-
-CVE_STATUS[CVE-2013-6282] = "fixed-version: Fixed from version 3.6rc6"
-
-CVE_STATUS[CVE-2013-6367] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2013-6368] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2013-6376] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2013-6378] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-6380] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-6381] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-6382] = "fixed-version: Fixed from version 3.13rc4"
-
-CVE_STATUS[CVE-2013-6383] = "fixed-version: Fixed from version 3.12"
-
-# Skipping CVE-2013-6392, no affected_versions
-
-CVE_STATUS[CVE-2013-6431] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2013-6432] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-6885] = "fixed-version: Fixed from version 3.14rc1"
-
-CVE_STATUS[CVE-2013-7026] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7027] = "fixed-version: Fixed from version 3.12rc7"
-
-CVE_STATUS[CVE-2013-7263] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7264] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7265] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7266] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7267] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7268] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7269] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7270] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7271] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7281] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7339] = "fixed-version: Fixed from version 3.13rc7"
-
-CVE_STATUS[CVE-2013-7348] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2013-7421] = "fixed-version: Fixed from version 3.19rc1"
-
-# CVE-2013-7445 has no known resolution
-
-CVE_STATUS[CVE-2013-7446] = "fixed-version: Fixed from version 4.4rc4"
-
-CVE_STATUS[CVE-2013-7470] = "fixed-version: Fixed from version 3.12rc7"
-
-CVE_STATUS[CVE-2014-0038] = "fixed-version: Fixed from version 3.14rc1"
-
-CVE_STATUS[CVE-2014-0049] = "fixed-version: Fixed from version 3.14rc5"
-
-CVE_STATUS[CVE-2014-0055] = "fixed-version: Fixed from version 3.14"
-
-CVE_STATUS[CVE-2014-0069] = "fixed-version: Fixed from version 3.14rc4"
-
-CVE_STATUS[CVE-2014-0077] = "fixed-version: Fixed from version 3.14"
-
-CVE_STATUS[CVE-2014-0100] = "fixed-version: Fixed from version 3.14rc7"
-
-CVE_STATUS[CVE-2014-0101] = "fixed-version: Fixed from version 3.14rc6"
-
-CVE_STATUS[CVE-2014-0102] = "fixed-version: Fixed from version 3.14rc6"
-
-CVE_STATUS[CVE-2014-0131] = "fixed-version: Fixed from version 3.14rc7"
-
-CVE_STATUS[CVE-2014-0155] = "fixed-version: Fixed from version 3.15rc2"
-
-CVE_STATUS[CVE-2014-0181] = "fixed-version: Fixed from version 3.15rc5"
-
-CVE_STATUS[CVE-2014-0196] = "fixed-version: Fixed from version 3.15rc5"
-
-CVE_STATUS[CVE-2014-0203] = "fixed-version: Fixed from version 2.6.33rc5"
-
-CVE_STATUS[CVE-2014-0205] = "fixed-version: Fixed from version 2.6.37rc1"
-
-CVE_STATUS[CVE-2014-0206] = "fixed-version: Fixed from version 3.16rc3"
-
-# Skipping CVE-2014-0972, no affected_versions
-
-CVE_STATUS[CVE-2014-1438] = "fixed-version: Fixed from version 3.13"
-
-CVE_STATUS[CVE-2014-1444] = "fixed-version: Fixed from version 3.12rc7"
-
-CVE_STATUS[CVE-2014-1445] = "fixed-version: Fixed from version 3.12rc7"
-
-CVE_STATUS[CVE-2014-1446] = "fixed-version: Fixed from version 3.13rc7"
-
-CVE_STATUS[CVE-2014-1690] = "fixed-version: Fixed from version 3.13rc8"
-
-CVE_STATUS[CVE-2014-1737] = "fixed-version: Fixed from version 3.15rc5"
-
-CVE_STATUS[CVE-2014-1738] = "fixed-version: Fixed from version 3.15rc5"
-
-CVE_STATUS[CVE-2014-1739] = "fixed-version: Fixed from version 3.15rc6"
-
-CVE_STATUS[CVE-2014-1874] = "fixed-version: Fixed from version 3.14rc2"
-
-CVE_STATUS[CVE-2014-2038] = "fixed-version: Fixed from version 3.14rc1"
-
-CVE_STATUS[CVE-2014-2039] = "fixed-version: Fixed from version 3.14rc3"
-
-CVE_STATUS[CVE-2014-2309] = "fixed-version: Fixed from version 3.14rc7"
-
-CVE_STATUS[CVE-2014-2523] = "fixed-version: Fixed from version 3.14rc1"
-
-CVE_STATUS[CVE-2014-2568] = "fixed-version: Fixed from version 3.14"
-
-CVE_STATUS[CVE-2014-2580] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-2672] = "fixed-version: Fixed from version 3.14rc6"
-
-CVE_STATUS[CVE-2014-2673] = "fixed-version: Fixed from version 3.14rc6"
-
-CVE_STATUS[CVE-2014-2678] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-2706] = "fixed-version: Fixed from version 3.14rc6"
-
-CVE_STATUS[CVE-2014-2739] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-2851] = "fixed-version: Fixed from version 3.15rc2"
-
-CVE_STATUS[CVE-2014-2889] = "fixed-version: Fixed from version 3.2rc7"
-
-CVE_STATUS[CVE-2014-3122] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-3144] = "fixed-version: Fixed from version 3.15rc2"
-
-CVE_STATUS[CVE-2014-3145] = "fixed-version: Fixed from version 3.15rc2"
-
-CVE_STATUS[CVE-2014-3153] = "fixed-version: Fixed from version 3.15"
-
-CVE_STATUS[CVE-2014-3180] = "fixed-version: Fixed from version 3.17rc4"
-
-CVE_STATUS[CVE-2014-3181] = "fixed-version: Fixed from version 3.17rc3"
-
-CVE_STATUS[CVE-2014-3182] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-3183] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-3184] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-3185] = "fixed-version: Fixed from version 3.17rc3"
-
-CVE_STATUS[CVE-2014-3186] = "fixed-version: Fixed from version 3.17rc3"
-
-# Skipping CVE-2014-3519, no affected_versions
-
-CVE_STATUS[CVE-2014-3534] = "fixed-version: Fixed from version 3.16rc7"
-
-CVE_STATUS[CVE-2014-3535] = "fixed-version: Fixed from version 2.6.36rc1"
-
-CVE_STATUS[CVE-2014-3601] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-3610] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-3611] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-3631] = "fixed-version: Fixed from version 3.17rc5"
-
-CVE_STATUS[CVE-2014-3645] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2014-3646] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-3647] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-3673] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-3687] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-3688] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-3690] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-3917] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2014-3940] = "fixed-version: Fixed from version 3.15"
-
-CVE_STATUS[CVE-2014-4014] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2014-4027] = "fixed-version: Fixed from version 3.14rc1"
-
-CVE_STATUS[CVE-2014-4157] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-4171] = "fixed-version: Fixed from version 3.16rc3"
-
-# Skipping CVE-2014-4322, no affected_versions
-
-# Skipping CVE-2014-4323, no affected_versions
-
-CVE_STATUS[CVE-2014-4508] = "fixed-version: Fixed from version 3.16rc3"
-
-CVE_STATUS[CVE-2014-4608] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-4611] = "fixed-version: Fixed from version 3.16rc3"
-
-CVE_STATUS[CVE-2014-4652] = "fixed-version: Fixed from version 3.16rc2"
-
-CVE_STATUS[CVE-2014-4653] = "fixed-version: Fixed from version 3.16rc2"
-
-CVE_STATUS[CVE-2014-4654] = "fixed-version: Fixed from version 3.16rc2"
-
-CVE_STATUS[CVE-2014-4655] = "fixed-version: Fixed from version 3.16rc2"
-
-CVE_STATUS[CVE-2014-4656] = "fixed-version: Fixed from version 3.16rc2"
-
-CVE_STATUS[CVE-2014-4667] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2014-4699] = "fixed-version: Fixed from version 3.16rc4"
-
-CVE_STATUS[CVE-2014-4943] = "fixed-version: Fixed from version 3.16rc6"
-
-CVE_STATUS[CVE-2014-5045] = "fixed-version: Fixed from version 3.16rc7"
-
-CVE_STATUS[CVE-2014-5077] = "fixed-version: Fixed from version 3.16"
-
-CVE_STATUS[CVE-2014-5206] = "fixed-version: Fixed from version 3.17rc1"
-
-CVE_STATUS[CVE-2014-5207] = "fixed-version: Fixed from version 3.17rc1"
-
-# Skipping CVE-2014-5332, no affected_versions
-
-CVE_STATUS[CVE-2014-5471] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-5472] = "fixed-version: Fixed from version 3.17rc2"
-
-CVE_STATUS[CVE-2014-6410] = "fixed-version: Fixed from version 3.17rc5"
-
-CVE_STATUS[CVE-2014-6416] = "fixed-version: Fixed from version 3.17rc5"
-
-CVE_STATUS[CVE-2014-6417] = "fixed-version: Fixed from version 3.17rc5"
-
-CVE_STATUS[CVE-2014-6418] = "fixed-version: Fixed from version 3.17rc5"
-
-CVE_STATUS[CVE-2014-7145] = "fixed-version: Fixed from version 3.17rc2"
-
-# Skipping CVE-2014-7207, no affected_versions
-
-CVE_STATUS[CVE-2014-7283] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-7284] = "fixed-version: Fixed from version 3.15rc7"
-
-CVE_STATUS[CVE-2014-7822] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2014-7825] = "fixed-version: Fixed from version 3.18rc3"
-
-CVE_STATUS[CVE-2014-7826] = "fixed-version: Fixed from version 3.18rc3"
-
-CVE_STATUS[CVE-2014-7841] = "fixed-version: Fixed from version 3.18rc5"
-
-CVE_STATUS[CVE-2014-7842] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-7843] = "fixed-version: Fixed from version 3.18rc5"
-
-CVE_STATUS[CVE-2014-7970] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-7975] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-8086] = "fixed-version: Fixed from version 3.18rc3"
-
-CVE_STATUS[CVE-2014-8133] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-8134] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-8159] = "fixed-version: Fixed from version 4.0rc7"
-
-CVE_STATUS[CVE-2014-8160] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-8171] = "fixed-version: Fixed from version 3.12rc1"
-
-CVE_STATUS[CVE-2014-8172] = "fixed-version: Fixed from version 3.13rc1"
-
-CVE_STATUS[CVE-2014-8173] = "fixed-version: Fixed from version 3.13rc5"
-
-# Skipping CVE-2014-8181, no affected_versions
-
-CVE_STATUS[CVE-2014-8369] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-8480] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-8481] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-8559] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-8709] = "fixed-version: Fixed from version 3.14rc3"
-
-CVE_STATUS[CVE-2014-8884] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2014-8989] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9090] = "fixed-version: Fixed from version 3.18rc6"
-
-CVE_STATUS[CVE-2014-9322] = "fixed-version: Fixed from version 3.18rc6"
-
-CVE_STATUS[CVE-2014-9419] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9420] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9428] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2014-9529] = "fixed-version: Fixed from version 3.19rc4"
-
-CVE_STATUS[CVE-2014-9584] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2014-9585] = "fixed-version: Fixed from version 3.19rc4"
-
-CVE_STATUS[CVE-2014-9644] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9683] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9710] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2014-9715] = "fixed-version: Fixed from version 3.15rc1"
-
-CVE_STATUS[CVE-2014-9717] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2014-9728] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2014-9729] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2014-9730] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2014-9731] = "fixed-version: Fixed from version 3.19rc3"
-
-# Skipping CVE-2014-9777, no affected_versions
-
-# Skipping CVE-2014-9778, no affected_versions
-
-# Skipping CVE-2014-9779, no affected_versions
-
-# Skipping CVE-2014-9780, no affected_versions
-
-# Skipping CVE-2014-9781, no affected_versions
-
-# Skipping CVE-2014-9782, no affected_versions
-
-# Skipping CVE-2014-9783, no affected_versions
-
-# Skipping CVE-2014-9784, no affected_versions
-
-# Skipping CVE-2014-9785, no affected_versions
-
-# Skipping CVE-2014-9786, no affected_versions
-
-# Skipping CVE-2014-9787, no affected_versions
-
-# Skipping CVE-2014-9788, no affected_versions
-
-# Skipping CVE-2014-9789, no affected_versions
-
-CVE_STATUS[CVE-2014-9803] = "fixed-version: Fixed from version 3.16rc1"
-
-# Skipping CVE-2014-9863, no affected_versions
-
-# Skipping CVE-2014-9864, no affected_versions
-
-# Skipping CVE-2014-9865, no affected_versions
-
-# Skipping CVE-2014-9866, no affected_versions
-
-# Skipping CVE-2014-9867, no affected_versions
-
-# Skipping CVE-2014-9868, no affected_versions
-
-# Skipping CVE-2014-9869, no affected_versions
-
-CVE_STATUS[CVE-2014-9870] = "fixed-version: Fixed from version 3.11rc1"
-
-# Skipping CVE-2014-9871, no affected_versions
-
-# Skipping CVE-2014-9872, no affected_versions
-
-# Skipping CVE-2014-9873, no affected_versions
-
-# Skipping CVE-2014-9874, no affected_versions
-
-# Skipping CVE-2014-9875, no affected_versions
-
-# Skipping CVE-2014-9876, no affected_versions
-
-# Skipping CVE-2014-9877, no affected_versions
-
-# Skipping CVE-2014-9878, no affected_versions
-
-# Skipping CVE-2014-9879, no affected_versions
-
-# Skipping CVE-2014-9880, no affected_versions
-
-# Skipping CVE-2014-9881, no affected_versions
-
-# Skipping CVE-2014-9882, no affected_versions
-
-# Skipping CVE-2014-9883, no affected_versions
-
-# Skipping CVE-2014-9884, no affected_versions
-
-# Skipping CVE-2014-9885, no affected_versions
-
-# Skipping CVE-2014-9886, no affected_versions
-
-# Skipping CVE-2014-9887, no affected_versions
-
-CVE_STATUS[CVE-2014-9888] = "fixed-version: Fixed from version 3.13rc1"
-
-# Skipping CVE-2014-9889, no affected_versions
-
-# Skipping CVE-2014-9890, no affected_versions
-
-# Skipping CVE-2014-9891, no affected_versions
-
-# Skipping CVE-2014-9892, no affected_versions
-
-# Skipping CVE-2014-9893, no affected_versions
-
-# Skipping CVE-2014-9894, no affected_versions
-
-CVE_STATUS[CVE-2014-9895] = "fixed-version: Fixed from version 3.11rc1"
-
-# Skipping CVE-2014-9896, no affected_versions
-
-# Skipping CVE-2014-9897, no affected_versions
-
-# Skipping CVE-2014-9898, no affected_versions
-
-# Skipping CVE-2014-9899, no affected_versions
-
-# Skipping CVE-2014-9900, no affected_versions
-
-CVE_STATUS[CVE-2014-9903] = "fixed-version: Fixed from version 3.14rc4"
-
-CVE_STATUS[CVE-2014-9904] = "fixed-version: Fixed from version 3.17rc1"
-
-CVE_STATUS[CVE-2014-9914] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2014-9922] = "fixed-version: Fixed from version 3.18rc2"
-
-CVE_STATUS[CVE-2014-9940] = "fixed-version: Fixed from version 3.19rc1"
-
-CVE_STATUS[CVE-2015-0239] = "fixed-version: Fixed from version 3.19rc6"
-
-CVE_STATUS[CVE-2015-0274] = "fixed-version: Fixed from version 3.15rc5"
-
-CVE_STATUS[CVE-2015-0275] = "fixed-version: Fixed from version 4.1rc1"
-
-# Skipping CVE-2015-0777, no affected_versions
-
-# Skipping CVE-2015-1328, no affected_versions
-
-CVE_STATUS[CVE-2015-1333] = "fixed-version: Fixed from version 4.2rc5"
-
-CVE_STATUS[CVE-2015-1339] = "fixed-version: Fixed from version 4.4rc5"
-
-CVE_STATUS[CVE-2015-1350] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2015-1420] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-1421] = "fixed-version: Fixed from version 3.19rc7"
-
-CVE_STATUS[CVE-2015-1465] = "fixed-version: Fixed from version 3.19rc7"
-
-CVE_STATUS[CVE-2015-1573] = "fixed-version: Fixed from version 3.19rc5"
-
-CVE_STATUS[CVE-2015-1593] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2015-1805] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2015-2041] = "fixed-version: Fixed from version 3.19rc7"
-
-CVE_STATUS[CVE-2015-2042] = "fixed-version: Fixed from version 3.19"
-
-CVE_STATUS[CVE-2015-2150] = "fixed-version: Fixed from version 4.0rc4"
-
-CVE_STATUS[CVE-2015-2666] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2015-2672] = "fixed-version: Fixed from version 4.0rc3"
-
-CVE_STATUS[CVE-2015-2686] = "fixed-version: Fixed from version 4.0rc6"
-
-CVE_STATUS[CVE-2015-2830] = "fixed-version: Fixed from version 4.0rc3"
-
-# CVE-2015-2877 has no known resolution
-
-CVE_STATUS[CVE-2015-2922] = "fixed-version: Fixed from version 4.0rc7"
-
-CVE_STATUS[CVE-2015-2925] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2015-3212] = "fixed-version: Fixed from version 4.2rc1"
-
-CVE_STATUS[CVE-2015-3214] = "fixed-version: Fixed from version 2.6.33rc8"
-
-CVE_STATUS[CVE-2015-3288] = "fixed-version: Fixed from version 4.2rc2"
-
-CVE_STATUS[CVE-2015-3290] = "fixed-version: Fixed from version 4.2rc3"
-
-CVE_STATUS[CVE-2015-3291] = "fixed-version: Fixed from version 4.2rc3"
-
-CVE_STATUS[CVE-2015-3331] = "fixed-version: Fixed from version 4.0rc5"
-
-# Skipping CVE-2015-3332, no affected_versions
-
-CVE_STATUS[CVE-2015-3339] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-3636] = "fixed-version: Fixed from version 4.1rc2"
-
-CVE_STATUS[CVE-2015-4001] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-4002] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-4003] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-4004] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2015-4036] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2015-4167] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2015-4170] = "fixed-version: Fixed from version 3.13rc5"
-
-CVE_STATUS[CVE-2015-4176] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-4177] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-4178] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-4692] = "fixed-version: Fixed from version 4.2rc1"
-
-CVE_STATUS[CVE-2015-4700] = "fixed-version: Fixed from version 4.1rc6"
-
-CVE_STATUS[CVE-2015-5156] = "fixed-version: Fixed from version 4.2rc7"
-
-CVE_STATUS[CVE-2015-5157] = "fixed-version: Fixed from version 4.2rc3"
-
-CVE_STATUS[CVE-2015-5257] = "fixed-version: Fixed from version 4.3rc3"
-
-CVE_STATUS[CVE-2015-5283] = "fixed-version: Fixed from version 4.3rc3"
-
-CVE_STATUS[CVE-2015-5307] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-5327] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-5364] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-5366] = "fixed-version: Fixed from version 4.1rc7"
-
-CVE_STATUS[CVE-2015-5697] = "fixed-version: Fixed from version 4.2rc6"
-
-CVE_STATUS[CVE-2015-5706] = "fixed-version: Fixed from version 4.1rc3"
-
-CVE_STATUS[CVE-2015-5707] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-6252] = "fixed-version: Fixed from version 4.2rc5"
-
-CVE_STATUS[CVE-2015-6526] = "fixed-version: Fixed from version 4.1rc1"
-
-# CVE-2015-6619 has no known resolution
-
-# CVE-2015-6646 has no known resolution
-
-CVE_STATUS[CVE-2015-6937] = "fixed-version: Fixed from version 4.3rc1"
-
-# Skipping CVE-2015-7312, no affected_versions
-
-CVE_STATUS[CVE-2015-7509] = "fixed-version: Fixed from version 3.7rc1"
-
-CVE_STATUS[CVE-2015-7513] = "fixed-version: Fixed from version 4.4rc7"
-
-CVE_STATUS[CVE-2015-7515] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-7550] = "fixed-version: Fixed from version 4.4rc8"
-
-# Skipping CVE-2015-7553, no affected_versions
-
-CVE_STATUS[CVE-2015-7566] = "fixed-version: Fixed from version 4.5rc2"
-
-CVE_STATUS[CVE-2015-7613] = "fixed-version: Fixed from version 4.3rc4"
-
-CVE_STATUS[CVE-2015-7799] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-7833] = "fixed-version: Fixed from version 4.6rc6"
-
-# Skipping CVE-2015-7837, no affected_versions
-
-CVE_STATUS[CVE-2015-7872] = "fixed-version: Fixed from version 4.3rc7"
-
-CVE_STATUS[CVE-2015-7884] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-7885] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-7990] = "fixed-version: Fixed from version 4.4rc4"
-
-# Skipping CVE-2015-8019, no affected_versions
-
-CVE_STATUS[CVE-2015-8104] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-8215] = "fixed-version: Fixed from version 4.0rc3"
-
-CVE_STATUS[CVE-2015-8324] = "fixed-version: Fixed from version 2.6.34rc1"
-
-CVE_STATUS[CVE-2015-8374] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-8539] = "fixed-version: Fixed from version 4.4rc3"
-
-CVE_STATUS[CVE-2015-8543] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8550] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8551] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8552] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8553] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8569] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8575] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8660] = "fixed-version: Fixed from version 4.4rc4"
-
-CVE_STATUS[CVE-2015-8709] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2015-8746] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2015-8767] = "fixed-version: Fixed from version 4.3rc4"
-
-CVE_STATUS[CVE-2015-8785] = "fixed-version: Fixed from version 4.4rc5"
-
-CVE_STATUS[CVE-2015-8787] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-8812] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2015-8816] = "fixed-version: Fixed from version 4.4rc6"
-
-CVE_STATUS[CVE-2015-8830] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-8839] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2015-8844] = "fixed-version: Fixed from version 4.4rc3"
-
-CVE_STATUS[CVE-2015-8845] = "fixed-version: Fixed from version 4.4rc3"
-
-# Skipping CVE-2015-8937, no affected_versions
-
-# Skipping CVE-2015-8938, no affected_versions
-
-# Skipping CVE-2015-8939, no affected_versions
-
-# Skipping CVE-2015-8940, no affected_versions
-
-# Skipping CVE-2015-8941, no affected_versions
-
-# Skipping CVE-2015-8942, no affected_versions
-
-# Skipping CVE-2015-8943, no affected_versions
-
-# Skipping CVE-2015-8944, no affected_versions
-
-CVE_STATUS[CVE-2015-8950] = "fixed-version: Fixed from version 4.1rc2"
-
-CVE_STATUS[CVE-2015-8952] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2015-8953] = "fixed-version: Fixed from version 4.3"
-
-CVE_STATUS[CVE-2015-8955] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2015-8956] = "fixed-version: Fixed from version 4.2rc1"
-
-CVE_STATUS[CVE-2015-8961] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-8962] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2015-8963] = "fixed-version: Fixed from version 4.4"
-
-CVE_STATUS[CVE-2015-8964] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2015-8966] = "fixed-version: Fixed from version 4.4rc8"
-
-CVE_STATUS[CVE-2015-8967] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2015-8970] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2015-9004] = "fixed-version: Fixed from version 3.19rc7"
-
-CVE_STATUS[CVE-2015-9016] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2015-9289] = "fixed-version: Fixed from version 4.2rc1"
-
-CVE_STATUS[CVE-2016-0617] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-0723] = "fixed-version: Fixed from version 4.5rc2"
-
-CVE_STATUS[CVE-2016-0728] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-0758] = "fixed-version: Fixed from version 4.6"
-
-# Skipping CVE-2016-0774, no affected_versions
-
-CVE_STATUS[CVE-2016-0821] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2016-0823] = "fixed-version: Fixed from version 4.0rc5"
-
-CVE_STATUS[CVE-2016-10044] = "fixed-version: Fixed from version 4.8rc7"
-
-CVE_STATUS[CVE-2016-10088] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10147] = "fixed-version: Fixed from version 4.9"
-
-CVE_STATUS[CVE-2016-10150] = "fixed-version: Fixed from version 4.9rc8"
-
-CVE_STATUS[CVE-2016-10153] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10154] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10200] = "fixed-version: Fixed from version 4.9rc7"
-
-CVE_STATUS[CVE-2016-10208] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10229] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-10318] = "fixed-version: Fixed from version 4.8rc6"
-
-CVE_STATUS[CVE-2016-10723] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2016-10741] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10764] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-10905] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2016-10906] = "fixed-version: Fixed from version 4.5rc6"
-
-CVE_STATUS[CVE-2016-10907] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2016-1237] = "fixed-version: Fixed from version 4.7rc5"
-
-CVE_STATUS[CVE-2016-1575] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-1576] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-1583] = "fixed-version: Fixed from version 4.7rc3"
-
-CVE_STATUS[CVE-2016-2053] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2016-2069] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2070] = "fixed-version: Fixed from version 4.4"
-
-CVE_STATUS[CVE-2016-2085] = "fixed-version: Fixed from version 4.5rc4"
-
-CVE_STATUS[CVE-2016-2117] = "fixed-version: Fixed from version 4.6rc5"
-
-CVE_STATUS[CVE-2016-2143] = "fixed-version: Fixed from version 4.5"
-
-CVE_STATUS[CVE-2016-2184] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-2185] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-2186] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-2187] = "fixed-version: Fixed from version 4.6rc5"
-
-CVE_STATUS[CVE-2016-2188] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2016-2383] = "fixed-version: Fixed from version 4.5rc4"
-
-CVE_STATUS[CVE-2016-2384] = "fixed-version: Fixed from version 4.5rc4"
-
-CVE_STATUS[CVE-2016-2543] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2544] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2545] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2546] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2547] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2548] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2549] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2016-2550] = "fixed-version: Fixed from version 4.5rc4"
-
-CVE_STATUS[CVE-2016-2782] = "fixed-version: Fixed from version 4.5rc2"
-
-CVE_STATUS[CVE-2016-2847] = "fixed-version: Fixed from version 4.5rc1"
-
-# Skipping CVE-2016-2853, no affected_versions
-
-# Skipping CVE-2016-2854, no affected_versions
-
-CVE_STATUS[CVE-2016-3044] = "fixed-version: Fixed from version 4.5"
-
-CVE_STATUS[CVE-2016-3070] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2016-3134] = "fixed-version: Fixed from version 4.6rc2"
-
-CVE_STATUS[CVE-2016-3135] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-3136] = "fixed-version: Fixed from version 4.6rc3"
-
-CVE_STATUS[CVE-2016-3137] = "fixed-version: Fixed from version 4.6rc3"
-
-CVE_STATUS[CVE-2016-3138] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-3139] = "fixed-version: Fixed from version 3.17rc1"
-
-CVE_STATUS[CVE-2016-3140] = "fixed-version: Fixed from version 4.6rc3"
-
-CVE_STATUS[CVE-2016-3156] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-3157] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-3672] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-3689] = "fixed-version: Fixed from version 4.6rc1"
-
-# Skipping CVE-2016-3695, no affected_versions
-
-# Skipping CVE-2016-3699, no affected_versions
-
-# Skipping CVE-2016-3707, no affected_versions
-
-CVE_STATUS[CVE-2016-3713] = "fixed-version: Fixed from version 4.7rc1"
-
-# CVE-2016-3775 has no known resolution
-
-# CVE-2016-3802 has no known resolution
-
-# CVE-2016-3803 has no known resolution
-
-CVE_STATUS[CVE-2016-3841] = "fixed-version: Fixed from version 4.4rc4"
-
-CVE_STATUS[CVE-2016-3857] = "fixed-version: Fixed from version 4.8rc2"
-
-CVE_STATUS[CVE-2016-3951] = "fixed-version: Fixed from version 4.5"
-
-CVE_STATUS[CVE-2016-3955] = "fixed-version: Fixed from version 4.6rc3"
-
-CVE_STATUS[CVE-2016-3961] = "fixed-version: Fixed from version 4.6rc5"
-
-CVE_STATUS[CVE-2016-4440] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4470] = "fixed-version: Fixed from version 4.7rc4"
-
-CVE_STATUS[CVE-2016-4482] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4485] = "fixed-version: Fixed from version 4.6"
-
-CVE_STATUS[CVE-2016-4486] = "fixed-version: Fixed from version 4.6"
-
-CVE_STATUS[CVE-2016-4557] = "fixed-version: Fixed from version 4.6rc6"
-
-CVE_STATUS[CVE-2016-4558] = "fixed-version: Fixed from version 4.6rc7"
-
-CVE_STATUS[CVE-2016-4565] = "fixed-version: Fixed from version 4.6rc6"
-
-CVE_STATUS[CVE-2016-4568] = "fixed-version: Fixed from version 4.6rc6"
-
-CVE_STATUS[CVE-2016-4569] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4578] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4580] = "fixed-version: Fixed from version 4.6"
-
-CVE_STATUS[CVE-2016-4581] = "fixed-version: Fixed from version 4.6rc7"
-
-CVE_STATUS[CVE-2016-4794] = "fixed-version: Fixed from version 4.7rc4"
-
-CVE_STATUS[CVE-2016-4805] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-4913] = "fixed-version: Fixed from version 4.6"
-
-CVE_STATUS[CVE-2016-4951] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4997] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-4998] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-5195] = "fixed-version: Fixed from version 4.9rc2"
-
-CVE_STATUS[CVE-2016-5243] = "fixed-version: Fixed from version 4.7rc3"
-
-CVE_STATUS[CVE-2016-5244] = "fixed-version: Fixed from version 4.7rc3"
-
-# Skipping CVE-2016-5340, no affected_versions
-
-# Skipping CVE-2016-5342, no affected_versions
-
-# Skipping CVE-2016-5343, no affected_versions
-
-# Skipping CVE-2016-5344, no affected_versions
-
-CVE_STATUS[CVE-2016-5400] = "fixed-version: Fixed from version 4.7"
-
-CVE_STATUS[CVE-2016-5412] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2016-5696] = "fixed-version: Fixed from version 4.7"
-
-CVE_STATUS[CVE-2016-5728] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-5828] = "fixed-version: Fixed from version 4.7rc6"
-
-CVE_STATUS[CVE-2016-5829] = "fixed-version: Fixed from version 4.7rc5"
-
-# CVE-2016-5870 has no known resolution
-
-CVE_STATUS[CVE-2016-6130] = "fixed-version: Fixed from version 4.6rc6"
-
-CVE_STATUS[CVE-2016-6136] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2016-6156] = "fixed-version: Fixed from version 4.7rc7"
-
-CVE_STATUS[CVE-2016-6162] = "fixed-version: Fixed from version 4.7"
-
-CVE_STATUS[CVE-2016-6187] = "fixed-version: Fixed from version 4.7rc7"
-
-CVE_STATUS[CVE-2016-6197] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-6198] = "fixed-version: Fixed from version 4.6"
-
-CVE_STATUS[CVE-2016-6213] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2016-6327] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-6480] = "fixed-version: Fixed from version 4.8rc3"
-
-CVE_STATUS[CVE-2016-6516] = "fixed-version: Fixed from version 4.8rc1"
-
-# Skipping CVE-2016-6753, no affected_versions
-
-CVE_STATUS[CVE-2016-6786] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2016-6787] = "fixed-version: Fixed from version 4.0rc1"
-
-CVE_STATUS[CVE-2016-6828] = "fixed-version: Fixed from version 4.8rc5"
-
-CVE_STATUS[CVE-2016-7039] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-7042] = "fixed-version: Fixed from version 4.9rc3"
-
-CVE_STATUS[CVE-2016-7097] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2016-7117] = "fixed-version: Fixed from version 4.6rc1"
-
-# Skipping CVE-2016-7118, no affected_versions
-
-CVE_STATUS[CVE-2016-7425] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2016-7910] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2016-7911] = "fixed-version: Fixed from version 4.7rc7"
-
-CVE_STATUS[CVE-2016-7912] = "fixed-version: Fixed from version 4.6rc5"
-
-CVE_STATUS[CVE-2016-7913] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-7914] = "fixed-version: Fixed from version 4.6rc4"
-
-CVE_STATUS[CVE-2016-7915] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-7916] = "fixed-version: Fixed from version 4.6rc7"
-
-CVE_STATUS[CVE-2016-7917] = "fixed-version: Fixed from version 4.5rc6"
-
-CVE_STATUS[CVE-2016-8399] = "fixed-version: Fixed from version 4.9"
-
-# Skipping CVE-2016-8401, no affected_versions
-
-# Skipping CVE-2016-8402, no affected_versions
-
-# Skipping CVE-2016-8403, no affected_versions
-
-# Skipping CVE-2016-8404, no affected_versions
-
-CVE_STATUS[CVE-2016-8405] = "fixed-version: Fixed from version 4.10rc6"
-
-# Skipping CVE-2016-8406, no affected_versions
-
-# Skipping CVE-2016-8407, no affected_versions
-
-CVE_STATUS[CVE-2016-8630] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-8632] = "fixed-version: Fixed from version 4.9rc8"
-
-CVE_STATUS[CVE-2016-8633] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-8636] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2016-8645] = "fixed-version: Fixed from version 4.9rc6"
-
-CVE_STATUS[CVE-2016-8646] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2016-8650] = "fixed-version: Fixed from version 4.9rc7"
-
-CVE_STATUS[CVE-2016-8655] = "fixed-version: Fixed from version 4.9rc8"
-
-CVE_STATUS[CVE-2016-8658] = "fixed-version: Fixed from version 4.8rc7"
-
-# CVE-2016-8660 has no known resolution
-
-CVE_STATUS[CVE-2016-8666] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-9083] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-9084] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-9120] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-9178] = "fixed-version: Fixed from version 4.8rc7"
-
-CVE_STATUS[CVE-2016-9191] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2016-9313] = "fixed-version: Fixed from version 4.9rc3"
-
-CVE_STATUS[CVE-2016-9555] = "fixed-version: Fixed from version 4.9rc4"
-
-CVE_STATUS[CVE-2016-9576] = "fixed-version: Fixed from version 4.9"
-
-CVE_STATUS[CVE-2016-9588] = "fixed-version: Fixed from version 4.10rc1"
-
-CVE_STATUS[CVE-2016-9604] = "fixed-version: Fixed from version 4.11rc8"
-
-# Skipping CVE-2016-9644, no affected_versions
-
-CVE_STATUS[CVE-2016-9685] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2016-9754] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-9755] = "fixed-version: Fixed from version 4.9rc8"
-
-CVE_STATUS[CVE-2016-9756] = "fixed-version: Fixed from version 4.9rc7"
-
-CVE_STATUS[CVE-2016-9777] = "fixed-version: Fixed from version 4.9rc7"
-
-CVE_STATUS[CVE-2016-9793] = "fixed-version: Fixed from version 4.9rc8"
-
-CVE_STATUS[CVE-2016-9794] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-9806] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2016-9919] = "fixed-version: Fixed from version 4.9rc8"
-
-# Skipping CVE-2017-0403, no affected_versions
-
-# Skipping CVE-2017-0404, no affected_versions
-
-# Skipping CVE-2017-0426, no affected_versions
-
-# Skipping CVE-2017-0427, no affected_versions
-
-# CVE-2017-0507 has no known resolution
-
-# CVE-2017-0508 has no known resolution
-
-# Skipping CVE-2017-0510, no affected_versions
-
-# Skipping CVE-2017-0528, no affected_versions
-
-# Skipping CVE-2017-0537, no affected_versions
-
-# CVE-2017-0564 has no known resolution
-
-CVE_STATUS[CVE-2017-0605] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-0627] = "fixed-version: Fixed from version 4.14rc1"
-
-# CVE-2017-0630 has no known resolution
-
-# CVE-2017-0749 has no known resolution
-
-CVE_STATUS[CVE-2017-0750] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2017-0786] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-0861] = "fixed-version: Fixed from version 4.15rc3"
-
-CVE_STATUS[CVE-2017-1000] = "fixed-version: Fixed from version 4.13rc5"
-
-CVE_STATUS[CVE-2017-1000111] = "fixed-version: Fixed from version 4.13rc5"
-
-CVE_STATUS[CVE-2017-1000112] = "fixed-version: Fixed from version 4.13rc5"
-
-CVE_STATUS[CVE-2017-1000251] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-1000252] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-1000253] = "fixed-version: Fixed from version 4.1rc1"
-
-CVE_STATUS[CVE-2017-1000255] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-1000363] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-1000364] = "fixed-version: Fixed from version 4.12rc6"
-
-CVE_STATUS[CVE-2017-1000365] = "fixed-version: Fixed from version 4.12rc7"
-
-CVE_STATUS[CVE-2017-1000370] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-1000371] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-1000379] = "fixed-version: Fixed from version 4.12rc6"
-
-CVE_STATUS[CVE-2017-1000380] = "fixed-version: Fixed from version 4.12rc5"
-
-CVE_STATUS[CVE-2017-1000405] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2017-1000407] = "fixed-version: Fixed from version 4.15rc3"
-
-CVE_STATUS[CVE-2017-1000410] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2017-10661] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-10662] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-10663] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-10810] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-10911] = "fixed-version: Fixed from version 4.12rc7"
-
-CVE_STATUS[CVE-2017-11089] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-11176] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-11472] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-11473] = "fixed-version: Fixed from version 4.13rc2"
-
-CVE_STATUS[CVE-2017-11600] = "fixed-version: Fixed from version 4.13"
-
-CVE_STATUS[CVE-2017-12134] = "fixed-version: Fixed from version 4.13rc6"
-
-CVE_STATUS[CVE-2017-12146] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-12153] = "fixed-version: Fixed from version 4.14rc2"
-
-CVE_STATUS[CVE-2017-12154] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-12168] = "fixed-version: Fixed from version 4.9rc6"
-
-CVE_STATUS[CVE-2017-12188] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-12190] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-12192] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-12193] = "fixed-version: Fixed from version 4.14rc7"
-
-CVE_STATUS[CVE-2017-12762] = "fixed-version: Fixed from version 4.13rc4"
-
-CVE_STATUS[CVE-2017-13080] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-13166] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2017-13167] = "fixed-version: Fixed from version 4.5rc4"
-
-CVE_STATUS[CVE-2017-13168] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2017-13215] = "fixed-version: Fixed from version 4.5rc1"
-
-CVE_STATUS[CVE-2017-13216] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2017-13220] = "fixed-version: Fixed from version 3.19rc3"
-
-# CVE-2017-13221 has no known resolution
-
-# CVE-2017-13222 has no known resolution
-
-CVE_STATUS[CVE-2017-13305] = "fixed-version: Fixed from version 4.12rc5"
-
-CVE_STATUS[CVE-2017-13686] = "fixed-version: Fixed from version 4.13rc7"
-
-# CVE-2017-13693 has no known resolution
-
-# CVE-2017-13694 has no known resolution
-
-CVE_STATUS[CVE-2017-13695] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2017-13715] = "fixed-version: Fixed from version 4.3rc1"
-
-CVE_STATUS[CVE-2017-14051] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-14106] = "fixed-version: Fixed from version 4.12rc3"
-
-CVE_STATUS[CVE-2017-14140] = "fixed-version: Fixed from version 4.13rc6"
-
-CVE_STATUS[CVE-2017-14156] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-14340] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-14489] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-14497] = "fixed-version: Fixed from version 4.13"
-
-CVE_STATUS[CVE-2017-14954] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-14991] = "fixed-version: Fixed from version 4.14rc2"
-
-CVE_STATUS[CVE-2017-15102] = "fixed-version: Fixed from version 4.9rc1"
-
-CVE_STATUS[CVE-2017-15115] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-15116] = "fixed-version: Fixed from version 4.2rc1"
-
-CVE_STATUS[CVE-2017-15121] = "fixed-version: Fixed from version 3.11rc1"
-
-CVE_STATUS[CVE-2017-15126] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-15127] = "fixed-version: Fixed from version 4.13rc5"
-
-CVE_STATUS[CVE-2017-15128] = "fixed-version: Fixed from version 4.14rc8"
-
-CVE_STATUS[CVE-2017-15129] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-15265] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-15274] = "fixed-version: Fixed from version 4.12rc5"
-
-CVE_STATUS[CVE-2017-15299] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-15306] = "fixed-version: Fixed from version 4.14rc7"
-
-CVE_STATUS[CVE-2017-15537] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-15649] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-15868] = "fixed-version: Fixed from version 3.19rc3"
-
-CVE_STATUS[CVE-2017-15951] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-16525] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-16526] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-16527] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-16528] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2017-16529] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-16530] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-16531] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-16532] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-16533] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-16534] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2017-16535] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-16536] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-16537] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-16538] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2017-16643] = "fixed-version: Fixed from version 4.14rc7"
-
-CVE_STATUS[CVE-2017-16644] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2017-16645] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2017-16646] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-16647] = "fixed-version: Fixed from version 4.14"
-
-CVE_STATUS[CVE-2017-16648] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-16649] = "fixed-version: Fixed from version 4.14"
-
-CVE_STATUS[CVE-2017-16650] = "fixed-version: Fixed from version 4.14"
-
-CVE_STATUS[CVE-2017-16911] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-16912] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-16913] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-16914] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-16939] = "fixed-version: Fixed from version 4.14rc7"
-
-CVE_STATUS[CVE-2017-16994] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-16995] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-16996] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17052] = "fixed-version: Fixed from version 4.13rc7"
-
-CVE_STATUS[CVE-2017-17053] = "fixed-version: Fixed from version 4.13rc7"
-
-CVE_STATUS[CVE-2017-17448] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17449] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17450] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17558] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17712] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17741] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17805] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17806] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-17807] = "fixed-version: Fixed from version 4.15rc3"
-
-CVE_STATUS[CVE-2017-17852] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17853] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17854] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17855] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17856] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17857] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17862] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-17863] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17864] = "fixed-version: Fixed from version 4.15rc5"
-
-CVE_STATUS[CVE-2017-17975] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2017-18017] = "fixed-version: Fixed from version 4.11rc7"
-
-CVE_STATUS[CVE-2017-18075] = "fixed-version: Fixed from version 4.15rc7"
-
-CVE_STATUS[CVE-2017-18079] = "fixed-version: Fixed from version 4.13rc1"
-
-# CVE-2017-18169 has no known resolution
-
-CVE_STATUS[CVE-2017-18174] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2017-18193] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-18200] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-18202] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2017-18203] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-18204] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-18208] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2017-18216] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-18218] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-18221] = "fixed-version: Fixed from version 4.12rc4"
-
-CVE_STATUS[CVE-2017-18222] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-18224] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2017-18232] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2017-18241] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-18249] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-18255] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-18257] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-18261] = "fixed-version: Fixed from version 4.13rc6"
-
-CVE_STATUS[CVE-2017-18270] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-18344] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2017-18360] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-18379] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2017-18509] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-18549] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-18550] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-18551] = "fixed-version: Fixed from version 4.15rc9"
-
-CVE_STATUS[CVE-2017-18552] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-18595] = "fixed-version: Fixed from version 4.15rc6"
-
-CVE_STATUS[CVE-2017-2583] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-2584] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-2596] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-2618] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-2634] = "fixed-version: Fixed from version 2.6.25rc1"
-
-CVE_STATUS[CVE-2017-2636] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2017-2647] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2017-2671] = "fixed-version: Fixed from version 4.11rc6"
-
-CVE_STATUS[CVE-2017-5123] = "fixed-version: Fixed from version 4.14rc5"
-
-CVE_STATUS[CVE-2017-5546] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-5547] = "fixed-version: Fixed from version 4.10rc5"
-
-CVE_STATUS[CVE-2017-5548] = "fixed-version: Fixed from version 4.10rc5"
-
-CVE_STATUS[CVE-2017-5549] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-5550] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-5551] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-5576] = "fixed-version: Fixed from version 4.10rc6"
-
-CVE_STATUS[CVE-2017-5577] = "fixed-version: Fixed from version 4.10rc6"
-
-CVE_STATUS[CVE-2017-5669] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-5715] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2017-5753] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2017-5754] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2017-5897] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-5967] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-5970] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-5972] = "fixed-version: Fixed from version 4.4rc1"
-
-CVE_STATUS[CVE-2017-5986] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-6001] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-6074] = "fixed-version: Fixed from version 4.10"
-
-CVE_STATUS[CVE-2017-6214] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-6345] = "fixed-version: Fixed from version 4.10"
-
-CVE_STATUS[CVE-2017-6346] = "fixed-version: Fixed from version 4.10"
-
-CVE_STATUS[CVE-2017-6347] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-6348] = "fixed-version: Fixed from version 4.10"
-
-CVE_STATUS[CVE-2017-6353] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-6874] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2017-6951] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2017-7184] = "fixed-version: Fixed from version 4.11rc5"
-
-CVE_STATUS[CVE-2017-7187] = "fixed-version: Fixed from version 4.11rc5"
-
-CVE_STATUS[CVE-2017-7261] = "fixed-version: Fixed from version 4.11rc6"
-
-CVE_STATUS[CVE-2017-7273] = "fixed-version: Fixed from version 4.10rc4"
-
-CVE_STATUS[CVE-2017-7277] = "fixed-version: Fixed from version 4.11rc4"
-
-CVE_STATUS[CVE-2017-7294] = "fixed-version: Fixed from version 4.11rc6"
-
-CVE_STATUS[CVE-2017-7308] = "fixed-version: Fixed from version 4.11rc6"
-
-CVE_STATUS[CVE-2017-7346] = "fixed-version: Fixed from version 4.12rc5"
-
-# CVE-2017-7369 has no known resolution
-
-CVE_STATUS[CVE-2017-7374] = "fixed-version: Fixed from version 4.11rc4"
-
-CVE_STATUS[CVE-2017-7472] = "fixed-version: Fixed from version 4.11rc8"
-
-CVE_STATUS[CVE-2017-7477] = "fixed-version: Fixed from version 4.11"
-
-CVE_STATUS[CVE-2017-7482] = "fixed-version: Fixed from version 4.12rc7"
-
-CVE_STATUS[CVE-2017-7487] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-7495] = "fixed-version: Fixed from version 4.7rc1"
-
-CVE_STATUS[CVE-2017-7518] = "fixed-version: Fixed from version 4.12rc7"
-
-CVE_STATUS[CVE-2017-7533] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-7541] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-7542] = "fixed-version: Fixed from version 4.13rc2"
-
-CVE_STATUS[CVE-2017-7558] = "fixed-version: Fixed from version 4.13"
-
-CVE_STATUS[CVE-2017-7616] = "fixed-version: Fixed from version 4.11rc6"
-
-CVE_STATUS[CVE-2017-7618] = "fixed-version: Fixed from version 4.11rc8"
-
-CVE_STATUS[CVE-2017-7645] = "fixed-version: Fixed from version 4.11"
-
-CVE_STATUS[CVE-2017-7889] = "fixed-version: Fixed from version 4.11rc7"
-
-CVE_STATUS[CVE-2017-7895] = "fixed-version: Fixed from version 4.11"
-
-CVE_STATUS[CVE-2017-7979] = "fixed-version: Fixed from version 4.11rc8"
-
-CVE_STATUS[CVE-2017-8061] = "fixed-version: Fixed from version 4.11rc4"
-
-CVE_STATUS[CVE-2017-8062] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2017-8063] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-8064] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-8065] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-8066] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-8067] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2017-8068] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-8069] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-8070] = "fixed-version: Fixed from version 4.10rc8"
-
-CVE_STATUS[CVE-2017-8071] = "fixed-version: Fixed from version 4.10rc7"
-
-CVE_STATUS[CVE-2017-8072] = "fixed-version: Fixed from version 4.10rc7"
-
-CVE_STATUS[CVE-2017-8106] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2017-8240] = "fixed-version: Fixed from version 3.19rc6"
-
-# CVE-2017-8242 has no known resolution
-
-# CVE-2017-8244 has no known resolution
-
-# CVE-2017-8245 has no known resolution
-
-# CVE-2017-8246 has no known resolution
-
-CVE_STATUS[CVE-2017-8797] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-8824] = "fixed-version: Fixed from version 4.15rc3"
-
-CVE_STATUS[CVE-2017-8831] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-8890] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-8924] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2017-8925] = "fixed-version: Fixed from version 4.11rc2"
-
-CVE_STATUS[CVE-2017-9059] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-9074] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-9075] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-9076] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-9077] = "fixed-version: Fixed from version 4.12rc2"
-
-CVE_STATUS[CVE-2017-9150] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2017-9211] = "fixed-version: Fixed from version 4.12rc3"
-
-CVE_STATUS[CVE-2017-9242] = "fixed-version: Fixed from version 4.12rc3"
-
-CVE_STATUS[CVE-2017-9605] = "fixed-version: Fixed from version 4.12rc5"
-
-CVE_STATUS[CVE-2017-9725] = "fixed-version: Fixed from version 4.3rc7"
-
-CVE_STATUS[CVE-2017-9984] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-9985] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2017-9986] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2018-1000004] = "fixed-version: Fixed from version 4.15rc9"
-
-CVE_STATUS[CVE-2018-1000026] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-1000028] = "fixed-version: Fixed from version 4.15"
-
-CVE_STATUS[CVE-2018-1000199] = "fixed-version: Fixed from version 4.16"
-
-CVE_STATUS[CVE-2018-1000200] = "fixed-version: Fixed from version 4.17rc5"
-
-CVE_STATUS[CVE-2018-1000204] = "fixed-version: Fixed from version 4.17rc7"
-
-CVE_STATUS[CVE-2018-10021] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-10074] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-10087] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2018-10124] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2018-10322] = "fixed-version: Fixed from version 4.17rc4"
-
-CVE_STATUS[CVE-2018-10323] = "fixed-version: Fixed from version 4.17rc4"
-
-CVE_STATUS[CVE-2018-1065] = "fixed-version: Fixed from version 4.16rc3"
-
-CVE_STATUS[CVE-2018-1066] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2018-10675] = "fixed-version: Fixed from version 4.13rc6"
-
-CVE_STATUS[CVE-2018-1068] = "fixed-version: Fixed from version 4.16rc5"
-
-CVE_STATUS[CVE-2018-10840] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-10853] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-1087] = "fixed-version: Fixed from version 4.16rc7"
-
-# CVE-2018-10872 has no known resolution
-
-CVE_STATUS[CVE-2018-10876] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10877] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10878] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10879] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10880] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10881] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10882] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10883] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-10901] = "fixed-version: Fixed from version 2.6.36rc1"
-
-CVE_STATUS[CVE-2018-10902] = "fixed-version: Fixed from version 4.18rc6"
-
-CVE_STATUS[CVE-2018-1091] = "fixed-version: Fixed from version 4.14rc2"
-
-CVE_STATUS[CVE-2018-1092] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-1093] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-10938] = "fixed-version: Fixed from version 4.13rc5"
-
-CVE_STATUS[CVE-2018-1094] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-10940] = "fixed-version: Fixed from version 4.17rc3"
-
-CVE_STATUS[CVE-2018-1095] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-1108] = "fixed-version: Fixed from version 4.17rc2"
-
-CVE_STATUS[CVE-2018-1118] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-1120] = "fixed-version: Fixed from version 4.17rc6"
-
-# CVE-2018-1121 has no known resolution
-
-CVE_STATUS[CVE-2018-11232] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2018-1128] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-1129] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-1130] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-11412] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-11506] = "fixed-version: Fixed from version 4.17rc7"
-
-CVE_STATUS[CVE-2018-11508] = "fixed-version: Fixed from version 4.17rc5"
-
-# CVE-2018-11987 has no known resolution
-
-CVE_STATUS[CVE-2018-12126] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2018-12127] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2018-12130] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2018-12207] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2018-12232] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-12233] = "fixed-version: Fixed from version 4.18rc2"
-
-CVE_STATUS[CVE-2018-12633] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-12714] = "fixed-version: Fixed from version 4.18rc2"
-
-CVE_STATUS[CVE-2018-12896] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-12904] = "fixed-version: Fixed from version 4.18rc1"
-
-# CVE-2018-12928 has no known resolution
-
-# CVE-2018-12929 has no known resolution
-
-# CVE-2018-12930 has no known resolution
-
-# CVE-2018-12931 has no known resolution
-
-CVE_STATUS[CVE-2018-13053] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13093] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-13094] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-13095] = "fixed-version: Fixed from version 4.18rc3"
-
-CVE_STATUS[CVE-2018-13096] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13097] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13098] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13099] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13100] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-13405] = "fixed-version: Fixed from version 4.18rc4"
-
-CVE_STATUS[CVE-2018-13406] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-14609] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14610] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14611] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14612] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14613] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14614] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14615] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14616] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14617] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-14619] = "fixed-version: Fixed from version 4.15rc4"
-
-CVE_STATUS[CVE-2018-14625] = "fixed-version: Fixed from version 4.20rc6"
-
-CVE_STATUS[CVE-2018-14633] = "fixed-version: Fixed from version 4.19rc6"
-
-CVE_STATUS[CVE-2018-14634] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2018-14641] = "fixed-version: Fixed from version 4.19rc4"
-
-CVE_STATUS[CVE-2018-14646] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2018-14656] = "fixed-version: Fixed from version 4.19rc2"
-
-CVE_STATUS[CVE-2018-14678] = "fixed-version: Fixed from version 4.18rc8"
-
-CVE_STATUS[CVE-2018-14734] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-15471] = "fixed-version: Fixed from version 4.19rc7"
-
-CVE_STATUS[CVE-2018-15572] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-15594] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-16276] = "fixed-version: Fixed from version 4.18rc5"
-
-CVE_STATUS[CVE-2018-16597] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2018-16658] = "fixed-version: Fixed from version 4.19rc2"
-
-CVE_STATUS[CVE-2018-16862] = "fixed-version: Fixed from version 4.20rc5"
-
-CVE_STATUS[CVE-2018-16871] = "fixed-version: Fixed from version 4.20rc3"
-
-CVE_STATUS[CVE-2018-16880] = "fixed-version: Fixed from version 5.0rc5"
-
-CVE_STATUS[CVE-2018-16882] = "fixed-version: Fixed from version 4.20"
-
-CVE_STATUS[CVE-2018-16884] = "fixed-version: Fixed from version 5.0rc1"
-
-# CVE-2018-16885 has no known resolution
-
-CVE_STATUS[CVE-2018-17182] = "fixed-version: Fixed from version 4.19rc4"
-
-CVE_STATUS[CVE-2018-17972] = "fixed-version: Fixed from version 4.19rc7"
-
-# CVE-2018-17977 has no known resolution
-
-CVE_STATUS[CVE-2018-18021] = "fixed-version: Fixed from version 4.19rc7"
-
-CVE_STATUS[CVE-2018-18281] = "fixed-version: Fixed from version 4.19"
-
-CVE_STATUS[CVE-2018-18386] = "fixed-version: Fixed from version 4.15rc6"
-
-CVE_STATUS[CVE-2018-18397] = "fixed-version: Fixed from version 4.20rc5"
-
-CVE_STATUS[CVE-2018-18445] = "fixed-version: Fixed from version 4.19rc7"
-
-CVE_STATUS[CVE-2018-18559] = "fixed-version: Fixed from version 4.15rc2"
-
-# CVE-2018-18653 has no known resolution
-
-CVE_STATUS[CVE-2018-18690] = "fixed-version: Fixed from version 4.17rc4"
-
-CVE_STATUS[CVE-2018-18710] = "fixed-version: Fixed from version 4.20rc1"
-
-CVE_STATUS[CVE-2018-18955] = "fixed-version: Fixed from version 4.20rc2"
-
-CVE_STATUS[CVE-2018-19406] = "fixed-version: Fixed from version 4.20rc5"
-
-CVE_STATUS[CVE-2018-19407] = "fixed-version: Fixed from version 4.20rc5"
-
-CVE_STATUS[CVE-2018-19824] = "fixed-version: Fixed from version 4.20rc6"
-
-CVE_STATUS[CVE-2018-19854] = "fixed-version: Fixed from version 4.20rc3"
-
-CVE_STATUS[CVE-2018-19985] = "fixed-version: Fixed from version 4.20"
-
-CVE_STATUS[CVE-2018-20169] = "fixed-version: Fixed from version 4.20rc6"
-
-CVE_STATUS[CVE-2018-20449] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2018-20509] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2018-20510] = "fixed-version: Fixed from version 4.16rc3"
-
-CVE_STATUS[CVE-2018-20511] = "fixed-version: Fixed from version 4.19rc5"
-
-CVE_STATUS[CVE-2018-20669] = "fixed-version: Fixed from version 5.0rc1"
-
-CVE_STATUS[CVE-2018-20784] = "fixed-version: Fixed from version 5.0rc1"
-
-CVE_STATUS[CVE-2018-20836] = "fixed-version: Fixed from version 4.20rc1"
-
-CVE_STATUS[CVE-2018-20854] = "fixed-version: Fixed from version 4.20rc1"
-
-CVE_STATUS[CVE-2018-20855] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-20856] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-20961] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-20976] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-21008] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2018-25015] = "fixed-version: Fixed from version 4.15rc9"
-
-CVE_STATUS[CVE-2018-25020] = "fixed-version: Fixed from version 4.17rc7"
-
-# CVE-2018-3574 has no known resolution
-
-CVE_STATUS[CVE-2018-3620] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-3639] = "fixed-version: Fixed from version 4.17rc7"
-
-CVE_STATUS[CVE-2018-3646] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-3665] = "fixed-version: Fixed from version 3.7rc1"
-
-CVE_STATUS[CVE-2018-3693] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-5332] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2018-5333] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2018-5344] = "fixed-version: Fixed from version 4.15rc8"
-
-CVE_STATUS[CVE-2018-5390] = "fixed-version: Fixed from version 4.18rc7"
-
-CVE_STATUS[CVE-2018-5391] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-5703] = "fixed-version: Fixed from version 4.16rc5"
-
-CVE_STATUS[CVE-2018-5750] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-5803] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-5814] = "fixed-version: Fixed from version 4.17rc6"
-
-CVE_STATUS[CVE-2018-5848] = "fixed-version: Fixed from version 4.16rc1"
-
-# Skipping CVE-2018-5856, no affected_versions
-
-CVE_STATUS[CVE-2018-5873] = "fixed-version: Fixed from version 4.11rc8"
-
-CVE_STATUS[CVE-2018-5953] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2018-5995] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2018-6412] = "fixed-version: Fixed from version 4.16rc5"
-
-CVE_STATUS[CVE-2018-6554] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2018-6555] = "fixed-version: Fixed from version 4.17rc1"
-
-# CVE-2018-6559 has no known resolution
-
-CVE_STATUS[CVE-2018-6927] = "fixed-version: Fixed from version 4.15rc9"
-
-CVE_STATUS[CVE-2018-7191] = "fixed-version: Fixed from version 4.14rc6"
-
-CVE_STATUS[CVE-2018-7273] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2018-7480] = "fixed-version: Fixed from version 4.11rc1"
-
-CVE_STATUS[CVE-2018-7492] = "fixed-version: Fixed from version 4.15rc3"
-
-CVE_STATUS[CVE-2018-7566] = "fixed-version: Fixed from version 4.16rc2"
-
-CVE_STATUS[CVE-2018-7740] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-7754] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2018-7755] = "fixed-version: Fixed from version 4.19rc5"
-
-CVE_STATUS[CVE-2018-7757] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-7995] = "fixed-version: Fixed from version 4.16rc5"
-
-CVE_STATUS[CVE-2018-8043] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-8087] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2018-8781] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-8822] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-8897] = "fixed-version: Fixed from version 4.16rc7"
-
-CVE_STATUS[CVE-2018-9363] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2018-9385] = "fixed-version: Fixed from version 4.17rc3"
-
-CVE_STATUS[CVE-2018-9415] = "fixed-version: Fixed from version 4.17rc3"
-
-CVE_STATUS[CVE-2018-9422] = "fixed-version: Fixed from version 4.6rc1"
-
-CVE_STATUS[CVE-2018-9465] = "fixed-version: Fixed from version 4.15rc6"
-
-CVE_STATUS[CVE-2018-9516] = "fixed-version: Fixed from version 4.18rc5"
-
-CVE_STATUS[CVE-2018-9517] = "fixed-version: Fixed from version 4.14rc1"
-
-CVE_STATUS[CVE-2018-9518] = "fixed-version: Fixed from version 4.16rc3"
-
-CVE_STATUS[CVE-2018-9568] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2019-0136] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-0145] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-0146] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-0147] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-0148] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-0149] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-0154] = "fixed-version: Fixed from version 5.4rc8"
-
-CVE_STATUS[CVE-2019-0155] = "fixed-version: Fixed from version 5.4rc8"
-
-CVE_STATUS[CVE-2019-10124] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-10125] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-10126] = "fixed-version: Fixed from version 5.2rc6"
-
-# CVE-2019-10140 has no known resolution
-
-CVE_STATUS[CVE-2019-10142] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-10207] = "fixed-version: Fixed from version 5.3rc3"
-
-CVE_STATUS[CVE-2019-10220] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-10638] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-10639] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-11085] = "fixed-version: Fixed from version 5.0rc3"
-
-CVE_STATUS[CVE-2019-11091] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-11135] = "fixed-version: Fixed from version 5.4rc8"
-
-CVE_STATUS[CVE-2019-11190] = "fixed-version: Fixed from version 4.8rc5"
-
-CVE_STATUS[CVE-2019-11191] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-1125] = "fixed-version: Fixed from version 5.3rc4"
-
-CVE_STATUS[CVE-2019-11477] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-11478] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-11479] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-11486] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-11487] = "fixed-version: Fixed from version 5.1rc5"
-
-CVE_STATUS[CVE-2019-11599] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-11683] = "fixed-version: Fixed from version 5.1"
-
-CVE_STATUS[CVE-2019-11810] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-11811] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-11815] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-11833] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-11884] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-12378] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-12379] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-12380] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-12381] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-12382] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-12454] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-12455] = "fixed-version: Fixed from version 5.3rc1"
-
-# CVE-2019-12456 has no known resolution
-
-CVE_STATUS[CVE-2019-12614] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-12615] = "fixed-version: Fixed from version 5.2rc4"
-
-CVE_STATUS[CVE-2019-12817] = "fixed-version: Fixed from version 5.2rc7"
-
-CVE_STATUS[CVE-2019-12818] = "fixed-version: Fixed from version 5.0"
-
-CVE_STATUS[CVE-2019-12819] = "fixed-version: Fixed from version 5.0rc8"
-
-CVE_STATUS[CVE-2019-12881] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2019-12984] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-13233] = "fixed-version: Fixed from version 5.2rc4"
-
-CVE_STATUS[CVE-2019-13272] = "fixed-version: Fixed from version 5.2"
-
-CVE_STATUS[CVE-2019-13631] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-13648] = "fixed-version: Fixed from version 5.3rc2"
-
-CVE_STATUS[CVE-2019-14283] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-14284] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-14615] = "fixed-version: Fixed from version 5.5rc7"
-
-CVE_STATUS[CVE-2019-14763] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2019-14814] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-14815] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-14816] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-14821] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-14835] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-14895] = "fixed-version: Fixed from version 5.5rc3"
-
-CVE_STATUS[CVE-2019-14896] = "fixed-version: Fixed from version 5.5"
-
-CVE_STATUS[CVE-2019-14897] = "fixed-version: Fixed from version 5.5"
-
-# CVE-2019-14898 has no known resolution
-
-CVE_STATUS[CVE-2019-14901] = "fixed-version: Fixed from version 5.5rc3"
-
-CVE_STATUS[CVE-2019-15030] = "fixed-version: Fixed from version 5.3rc8"
-
-CVE_STATUS[CVE-2019-15031] = "fixed-version: Fixed from version 5.3rc8"
-
-CVE_STATUS[CVE-2019-15090] = "fixed-version: Fixed from version 5.2rc2"
-
-CVE_STATUS[CVE-2019-15098] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-15099] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-15117] = "fixed-version: Fixed from version 5.3rc5"
-
-CVE_STATUS[CVE-2019-15118] = "fixed-version: Fixed from version 5.3rc5"
-
-CVE_STATUS[CVE-2019-15211] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15212] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-15213] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15214] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-15215] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15216] = "fixed-version: Fixed from version 5.1"
-
-CVE_STATUS[CVE-2019-15217] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15218] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-15219] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2019-15220] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15221] = "fixed-version: Fixed from version 5.2"
-
-CVE_STATUS[CVE-2019-15222] = "fixed-version: Fixed from version 5.3rc3"
-
-CVE_STATUS[CVE-2019-15223] = "fixed-version: Fixed from version 5.2rc3"
-
-# CVE-2019-15239 has no known resolution
-
-# CVE-2019-15290 has no known resolution
-
-CVE_STATUS[CVE-2019-15291] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-15292] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-15504] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-15505] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-15538] = "fixed-version: Fixed from version 5.3rc6"
-
-CVE_STATUS[CVE-2019-15666] = "fixed-version: Fixed from version 5.1"
-
-# CVE-2019-15791 has no known resolution
-
-# CVE-2019-15792 has no known resolution
-
-# CVE-2019-15793 has no known resolution
-
-CVE_STATUS[CVE-2019-15794] = "fixed-version: Fixed from version 5.12"
-
-CVE_STATUS[CVE-2019-15807] = "fixed-version: Fixed from version 5.2rc3"
-
-# CVE-2019-15902 has no known resolution
-
-CVE_STATUS[CVE-2019-15916] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-15917] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-15918] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-15919] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-15920] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-15921] = "fixed-version: Fixed from version 5.1rc3"
-
-CVE_STATUS[CVE-2019-15922] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-15923] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-15924] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-15925] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15926] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-15927] = "fixed-version: Fixed from version 5.0rc2"
-
-# CVE-2019-16089 has no known resolution
-
-CVE_STATUS[CVE-2019-16229] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-16230] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-16231] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-16232] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-16233] = "fixed-version: Fixed from version 5.4rc5"
-
-CVE_STATUS[CVE-2019-16234] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-16413] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-16714] = "fixed-version: Fixed from version 5.3rc7"
-
-CVE_STATUS[CVE-2019-16746] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-16921] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2019-16994] = "fixed-version: Fixed from version 5.0"
-
-CVE_STATUS[CVE-2019-16995] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-17052] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-17053] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-17054] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-17055] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-17056] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-17075] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-17133] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-17351] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-17666] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-18198] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-18282] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-18660] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-18675] = "fixed-version: Fixed from version 4.17rc5"
-
-# CVE-2019-18680 has no known resolution
-
-CVE_STATUS[CVE-2019-18683] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-18786] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-18805] = "fixed-version: Fixed from version 5.1rc7"
-
-CVE_STATUS[CVE-2019-18806] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-18807] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-18808] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-18809] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-18810] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-18811] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-18812] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-18813] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-18814] = "fixed-version: Fixed from version 5.7rc7"
-
-CVE_STATUS[CVE-2019-18885] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-19036] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19037] = "fixed-version: Fixed from version 5.5rc3"
-
-CVE_STATUS[CVE-2019-19039] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2019-19043] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19044] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-19045] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-19046] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19047] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-19048] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19049] = "fixed-version: Fixed from version 5.4rc5"
-
-CVE_STATUS[CVE-2019-19050] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19051] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-19052] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-19053] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19054] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19055] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-19056] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19057] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19058] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-19059] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-19060] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19061] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19062] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19063] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19064] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19065] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19066] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19067] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-19068] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19069] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19070] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19071] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19072] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19073] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19074] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19075] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-19076] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19077] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19078] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19079] = "fixed-version: Fixed from version 5.3"
-
-CVE_STATUS[CVE-2019-19080] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19081] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19082] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19083] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-19227] = "fixed-version: Fixed from version 5.1rc3"
-
-CVE_STATUS[CVE-2019-19241] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19252] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19318] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19319] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-19332] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19338] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19377] = "fixed-version: Fixed from version 5.7rc1"
-
-# CVE-2019-19378 has no known resolution
-
-CVE_STATUS[CVE-2019-19447] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19448] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2019-19449] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2019-19462] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2019-19523] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19524] = "fixed-version: Fixed from version 5.4rc8"
-
-CVE_STATUS[CVE-2019-19525] = "fixed-version: Fixed from version 5.4rc2"
-
-CVE_STATUS[CVE-2019-19526] = "fixed-version: Fixed from version 5.4rc4"
-
-CVE_STATUS[CVE-2019-19527] = "fixed-version: Fixed from version 5.3rc4"
-
-CVE_STATUS[CVE-2019-19528] = "fixed-version: Fixed from version 5.4rc3"
-
-CVE_STATUS[CVE-2019-19529] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-19530] = "fixed-version: Fixed from version 5.3rc5"
-
-CVE_STATUS[CVE-2019-19531] = "fixed-version: Fixed from version 5.3rc4"
-
-CVE_STATUS[CVE-2019-19532] = "fixed-version: Fixed from version 5.4rc6"
-
-CVE_STATUS[CVE-2019-19533] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19534] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-19535] = "fixed-version: Fixed from version 5.3rc4"
-
-CVE_STATUS[CVE-2019-19536] = "fixed-version: Fixed from version 5.3rc4"
-
-CVE_STATUS[CVE-2019-19537] = "fixed-version: Fixed from version 5.3rc5"
-
-CVE_STATUS[CVE-2019-19543] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-19602] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19767] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2019-19768] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2019-19769] = "fixed-version: Fixed from version 5.6rc5"
-
-CVE_STATUS[CVE-2019-19770] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2019-19807] = "fixed-version: Fixed from version 5.4rc7"
-
-CVE_STATUS[CVE-2019-19813] = "fixed-version: Fixed from version 5.2rc1"
-
-# CVE-2019-19814 has no known resolution
-
-CVE_STATUS[CVE-2019-19815] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2019-19816] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-19922] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-19927] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-19947] = "fixed-version: Fixed from version 5.5rc3"
-
-CVE_STATUS[CVE-2019-19965] = "fixed-version: Fixed from version 5.5rc2"
-
-CVE_STATUS[CVE-2019-19966] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-1999] = "fixed-version: Fixed from version 5.1rc3"
-
-CVE_STATUS[CVE-2019-20054] = "fixed-version: Fixed from version 5.1rc3"
-
-CVE_STATUS[CVE-2019-20095] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-20096] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-2024] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2019-2025] = "fixed-version: Fixed from version 4.20rc5"
-
-CVE_STATUS[CVE-2019-20422] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-2054] = "fixed-version: Fixed from version 4.8rc1"
-
-CVE_STATUS[CVE-2019-20636] = "fixed-version: Fixed from version 5.5rc6"
-
-# CVE-2019-20794 has no known resolution
-
-CVE_STATUS[CVE-2019-20806] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-20810] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2019-20811] = "fixed-version: Fixed from version 5.1rc3"
-
-CVE_STATUS[CVE-2019-20812] = "fixed-version: Fixed from version 5.5rc3"
-
-CVE_STATUS[CVE-2019-20908] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2019-20934] = "fixed-version: Fixed from version 5.3rc2"
-
-CVE_STATUS[CVE-2019-2101] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-2181] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-2182] = "fixed-version: Fixed from version 4.16rc3"
-
-CVE_STATUS[CVE-2019-2213] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-2214] = "fixed-version: Fixed from version 5.3rc2"
-
-CVE_STATUS[CVE-2019-2215] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2019-25044] = "fixed-version: Fixed from version 5.2rc4"
-
-CVE_STATUS[CVE-2019-25045] = "fixed-version: Fixed from version 5.1"
-
-CVE_STATUS[CVE-2019-3016] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2019-3459] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-3460] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-3701] = "fixed-version: Fixed from version 5.0rc3"
-
-CVE_STATUS[CVE-2019-3819] = "fixed-version: Fixed from version 5.0rc6"
-
-CVE_STATUS[CVE-2019-3837] = "fixed-version: Fixed from version 3.18rc1"
-
-CVE_STATUS[CVE-2019-3846] = "fixed-version: Fixed from version 5.2rc6"
-
-CVE_STATUS[CVE-2019-3874] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-3882] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-3887] = "fixed-version: Fixed from version 5.1rc4"
-
-CVE_STATUS[CVE-2019-3892] = "fixed-version: Fixed from version 5.1rc6"
-
-CVE_STATUS[CVE-2019-3896] = "fixed-version: Fixed from version 2.6.35rc1"
-
-CVE_STATUS[CVE-2019-3900] = "fixed-version: Fixed from version 5.2rc4"
-
-CVE_STATUS[CVE-2019-3901] = "fixed-version: Fixed from version 4.6rc6"
-
-CVE_STATUS[CVE-2019-5108] = "fixed-version: Fixed from version 5.3"
-
-# Skipping CVE-2019-5489, no affected_versions
-
-CVE_STATUS[CVE-2019-6133] = "fixed-version: Fixed from version 5.0rc2"
-
-CVE_STATUS[CVE-2019-6974] = "fixed-version: Fixed from version 5.0rc6"
-
-CVE_STATUS[CVE-2019-7221] = "fixed-version: Fixed from version 5.0rc6"
-
-CVE_STATUS[CVE-2019-7222] = "fixed-version: Fixed from version 5.0rc6"
-
-CVE_STATUS[CVE-2019-7308] = "fixed-version: Fixed from version 5.0rc3"
-
-CVE_STATUS[CVE-2019-8912] = "fixed-version: Fixed from version 5.0rc8"
-
-CVE_STATUS[CVE-2019-8956] = "fixed-version: Fixed from version 5.0rc6"
-
-CVE_STATUS[CVE-2019-8980] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-9003] = "fixed-version: Fixed from version 5.0rc4"
-
-CVE_STATUS[CVE-2019-9162] = "fixed-version: Fixed from version 5.0rc7"
-
-CVE_STATUS[CVE-2019-9213] = "fixed-version: Fixed from version 5.0"
-
-CVE_STATUS[CVE-2019-9245] = "fixed-version: Fixed from version 5.0rc1"
-
-CVE_STATUS[CVE-2019-9444] = "fixed-version: Fixed from version 4.15rc2"
-
-CVE_STATUS[CVE-2019-9445] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-9453] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2019-9454] = "fixed-version: Fixed from version 4.15rc9"
-
-CVE_STATUS[CVE-2019-9455] = "fixed-version: Fixed from version 5.0rc1"
-
-CVE_STATUS[CVE-2019-9456] = "fixed-version: Fixed from version 4.16rc6"
-
-CVE_STATUS[CVE-2019-9457] = "fixed-version: Fixed from version 4.13rc1"
-
-CVE_STATUS[CVE-2019-9458] = "fixed-version: Fixed from version 4.19rc7"
-
-CVE_STATUS[CVE-2019-9466] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-9500] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-9503] = "fixed-version: Fixed from version 5.1rc1"
-
-CVE_STATUS[CVE-2019-9506] = "fixed-version: Fixed from version 5.2"
-
-CVE_STATUS[CVE-2019-9857] = "fixed-version: Fixed from version 5.1rc2"
-
-CVE_STATUS[CVE-2020-0009] = "fixed-version: Fixed from version 5.6rc3"
-
-CVE_STATUS[CVE-2020-0030] = "fixed-version: Fixed from version 4.16rc3"
-
-CVE_STATUS[CVE-2020-0041] = "fixed-version: Fixed from version 5.5rc2"
-
-CVE_STATUS[CVE-2020-0066] = "fixed-version: Fixed from version 4.3rc7"
-
-CVE_STATUS[CVE-2020-0067] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2020-0110] = "fixed-version: Fixed from version 5.6rc2"
-
-CVE_STATUS[CVE-2020-0255] = "fixed-version: Fixed from version 5.7rc4"
-
-CVE_STATUS[CVE-2020-0305] = "fixed-version: Fixed from version 5.5rc6"
-
-# CVE-2020-0347 has no known resolution
-
-CVE_STATUS[CVE-2020-0404] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2020-0423] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-0427] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2020-0429] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2020-0430] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2020-0431] = "fixed-version: Fixed from version 5.5rc6"
-
-CVE_STATUS[CVE-2020-0432] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2020-0433] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2020-0435] = "fixed-version: Fixed from version 4.19rc1"
-
-CVE_STATUS[CVE-2020-0444] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2020-0465] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-0466] = "fixed-version: Fixed from version 5.9rc2"
-
-CVE_STATUS[CVE-2020-0543] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10135] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10690] = "fixed-version: Fixed from version 5.5rc5"
-
-# CVE-2020-10708 has no known resolution
-
-CVE_STATUS[CVE-2020-10711] = "fixed-version: Fixed from version 5.7rc6"
-
-CVE_STATUS[CVE-2020-10720] = "fixed-version: Fixed from version 5.2rc3"
-
-CVE_STATUS[CVE-2020-10732] = "fixed-version: Fixed from version 5.7"
-
-CVE_STATUS[CVE-2020-10742] = "fixed-version: Fixed from version 3.16rc1"
-
-CVE_STATUS[CVE-2020-10751] = "fixed-version: Fixed from version 5.7rc4"
-
-CVE_STATUS[CVE-2020-10757] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10766] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10767] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10768] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-10769] = "fixed-version: Fixed from version 5.0rc3"
-
-CVE_STATUS[CVE-2020-10773] = "fixed-version: Fixed from version 5.4rc6"
-
-# CVE-2020-10774 has no known resolution
-
-CVE_STATUS[CVE-2020-10781] = "fixed-version: Fixed from version 5.8rc6"
-
-CVE_STATUS[CVE-2020-10942] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2020-11494] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-11565] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-11608] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-11609] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-11668] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-11669] = "fixed-version: Fixed from version 5.2rc1"
-
-# CVE-2020-11725 has no known resolution
-
-CVE_STATUS[CVE-2020-11884] = "fixed-version: Fixed from version 5.7rc4"
-
-# CVE-2020-11935 has no known resolution
-
-CVE_STATUS[CVE-2020-12114] = "fixed-version: Fixed from version 5.3rc1"
-
-CVE_STATUS[CVE-2020-12351] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-12352] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-12362] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-12363] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-12364] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-12464] = "fixed-version: Fixed from version 5.7rc3"
-
-CVE_STATUS[CVE-2020-12465] = "fixed-version: Fixed from version 5.6rc6"
-
-CVE_STATUS[CVE-2020-12652] = "fixed-version: Fixed from version 5.5rc7"
-
-CVE_STATUS[CVE-2020-12653] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2020-12654] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2020-12655] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-12656] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-12657] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-12659] = "fixed-version: Fixed from version 5.7rc2"
-
-CVE_STATUS[CVE-2020-12768] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2020-12769] = "fixed-version: Fixed from version 5.5rc6"
-
-CVE_STATUS[CVE-2020-12770] = "fixed-version: Fixed from version 5.7rc3"
-
-CVE_STATUS[CVE-2020-12771] = "fixed-version: Fixed from version 5.8rc2"
-
-CVE_STATUS[CVE-2020-12826] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-12888] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-12912] = "fixed-version: Fixed from version 5.10rc4"
-
-CVE_STATUS[CVE-2020-13143] = "fixed-version: Fixed from version 5.7rc6"
-
-CVE_STATUS[CVE-2020-13974] = "fixed-version: Fixed from version 5.8rc1"
-
-# CVE-2020-14304 has no known resolution
-
-CVE_STATUS[CVE-2020-14305] = "fixed-version: Fixed from version 4.12rc1"
-
-CVE_STATUS[CVE-2020-14314] = "fixed-version: Fixed from version 5.9rc2"
-
-CVE_STATUS[CVE-2020-14331] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2020-14351] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-14353] = "fixed-version: Fixed from version 4.14rc3"
-
-CVE_STATUS[CVE-2020-14356] = "fixed-version: Fixed from version 5.8rc5"
-
-CVE_STATUS[CVE-2020-14381] = "fixed-version: Fixed from version 5.6rc6"
-
-CVE_STATUS[CVE-2020-14385] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-14386] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-14390] = "fixed-version: Fixed from version 5.9rc6"
-
-CVE_STATUS[CVE-2020-14416] = "fixed-version: Fixed from version 5.5"
-
-CVE_STATUS[CVE-2020-15393] = "fixed-version: Fixed from version 5.8rc3"
-
-CVE_STATUS[CVE-2020-15436] = "fixed-version: Fixed from version 5.8rc2"
-
-CVE_STATUS[CVE-2020-15437] = "fixed-version: Fixed from version 5.8rc7"
-
-CVE_STATUS[CVE-2020-15780] = "fixed-version: Fixed from version 5.8rc3"
-
-# CVE-2020-15802 has no known resolution
-
-CVE_STATUS[CVE-2020-15852] = "fixed-version: Fixed from version 5.8rc6"
-
-CVE_STATUS[CVE-2020-16119] = "fixed-version: Fixed from version 5.15rc2"
-
-CVE_STATUS[CVE-2020-16120] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-16166] = "fixed-version: Fixed from version 5.8"
-
-CVE_STATUS[CVE-2020-1749] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2020-24394] = "fixed-version: Fixed from version 5.8rc4"
-
-CVE_STATUS[CVE-2020-24490] = "fixed-version: Fixed from version 5.8"
-
-# CVE-2020-24502 has no known resolution
-
-# CVE-2020-24503 has no known resolution
-
-CVE_STATUS[CVE-2020-24504] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2020-24586] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2020-24587] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2020-24588] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2020-25211] = "fixed-version: Fixed from version 5.9rc7"
-
-CVE_STATUS[CVE-2020-25212] = "fixed-version: Fixed from version 5.9rc1"
-
-# CVE-2020-25220 has no known resolution
-
-CVE_STATUS[CVE-2020-25221] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-25284] = "fixed-version: Fixed from version 5.9rc5"
-
-CVE_STATUS[CVE-2020-25285] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-25639] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2020-25641] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2020-25643] = "fixed-version: Fixed from version 5.9rc7"
-
-CVE_STATUS[CVE-2020-25645] = "fixed-version: Fixed from version 5.9rc7"
-
-CVE_STATUS[CVE-2020-25656] = "fixed-version: Fixed from version 5.10rc2"
-
-# CVE-2020-25661 has no known resolution
-
-# CVE-2020-25662 has no known resolution
-
-CVE_STATUS[CVE-2020-25668] = "fixed-version: Fixed from version 5.10rc3"
-
-CVE_STATUS[CVE-2020-25669] = "fixed-version: Fixed from version 5.10rc5"
-
-CVE_STATUS[CVE-2020-25670] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2020-25671] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2020-25672] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2020-25673] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2020-25704] = "fixed-version: Fixed from version 5.10rc3"
-
-CVE_STATUS[CVE-2020-25705] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-26088] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2020-26139] = "fixed-version: Fixed from version 5.13rc4"
-
-# CVE-2020-26140 has no known resolution
-
-CVE_STATUS[CVE-2020-26141] = "fixed-version: Fixed from version 5.13rc4"
-
-# CVE-2020-26142 has no known resolution
-
-# CVE-2020-26143 has no known resolution
-
-CVE_STATUS[CVE-2020-26145] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2020-26147] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2020-26541] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2020-26555] = "fixed-version: Fixed from version 5.13rc1"
-
-# CVE-2020-26556 has no known resolution
-
-# CVE-2020-26557 has no known resolution
-
-CVE_STATUS[CVE-2020-26558] = "fixed-version: Fixed from version 5.13rc1"
-
-# CVE-2020-26559 has no known resolution
-
-# CVE-2020-26560 has no known resolution
-
-CVE_STATUS[CVE-2020-27066] = "fixed-version: Fixed from version 5.6"
-
-CVE_STATUS[CVE-2020-27067] = "fixed-version: Fixed from version 4.14rc4"
-
-CVE_STATUS[CVE-2020-27068] = "fixed-version: Fixed from version 5.6rc2"
-
-CVE_STATUS[CVE-2020-27152] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27170] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2020-27171] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9"
-
-CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5"
-
-CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27675] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27777] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27784] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27786] = "fixed-version: Fixed from version 5.7rc6"
-
-CVE_STATUS[CVE-2020-27815] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-27820] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2020-27825] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-27830] = "fixed-version: Fixed from version 5.10rc7"
-
-CVE_STATUS[CVE-2020-27835] = "fixed-version: Fixed from version 5.10rc6"
-
-CVE_STATUS[CVE-2020-28097] = "fixed-version: Fixed from version 5.9rc6"
-
-CVE_STATUS[CVE-2020-28374] = "fixed-version: Fixed from version 5.11rc4"
-
-CVE_STATUS[CVE-2020-28588] = "fixed-version: Fixed from version 5.10rc7"
-
-CVE_STATUS[CVE-2020-28915] = "fixed-version: Fixed from version 5.9"
-
-CVE_STATUS[CVE-2020-28941] = "fixed-version: Fixed from version 5.10rc5"
-
-CVE_STATUS[CVE-2020-28974] = "fixed-version: Fixed from version 5.10rc3"
-
-CVE_STATUS[CVE-2020-29368] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-29369] = "fixed-version: Fixed from version 5.8rc7"
-
-CVE_STATUS[CVE-2020-29370] = "fixed-version: Fixed from version 5.6rc7"
-
-CVE_STATUS[CVE-2020-29371] = "fixed-version: Fixed from version 5.9rc2"
-
-CVE_STATUS[CVE-2020-29372] = "fixed-version: Fixed from version 5.7rc3"
-
-CVE_STATUS[CVE-2020-29373] = "fixed-version: Fixed from version 5.6rc2"
-
-CVE_STATUS[CVE-2020-29374] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-29534] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-29568] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-29569] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-29660] = "fixed-version: Fixed from version 5.10rc7"
-
-CVE_STATUS[CVE-2020-29661] = "fixed-version: Fixed from version 5.10rc7"
-
-CVE_STATUS[CVE-2020-35499] = "fixed-version: Fixed from version 5.11rc1"
-
-# CVE-2020-35501 has no known resolution
-
-CVE_STATUS[CVE-2020-35508] = "fixed-version: Fixed from version 5.10rc3"
-
-CVE_STATUS[CVE-2020-35513] = "fixed-version: Fixed from version 4.17rc1"
-
-CVE_STATUS[CVE-2020-35519] = "fixed-version: Fixed from version 5.10rc7"
-
-CVE_STATUS[CVE-2020-36158] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-36310] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-36311] = "fixed-version: Fixed from version 5.9rc5"
-
-CVE_STATUS[CVE-2020-36312] = "fixed-version: Fixed from version 5.9rc5"
-
-CVE_STATUS[CVE-2020-36313] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-36322] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2020-36385] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2020-36386] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2020-36387] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2020-36516] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2020-36557] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-36558] = "fixed-version: Fixed from version 5.6rc3"
-
-CVE_STATUS[CVE-2020-36691] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2020-36694] = "fixed-version: Fixed from version 5.10"
-
-CVE_STATUS[CVE-2020-36766] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2020-3702] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2020-4788] = "fixed-version: Fixed from version 5.10rc5"
-
-CVE_STATUS[CVE-2020-7053] = "fixed-version: Fixed from version 5.2rc1"
-
-CVE_STATUS[CVE-2020-8428] = "fixed-version: Fixed from version 5.5"
-
-CVE_STATUS[CVE-2020-8647] = "fixed-version: Fixed from version 5.6rc5"
-
-CVE_STATUS[CVE-2020-8648] = "fixed-version: Fixed from version 5.6rc3"
-
-CVE_STATUS[CVE-2020-8649] = "fixed-version: Fixed from version 5.6rc5"
-
-CVE_STATUS[CVE-2020-8694] = "fixed-version: Fixed from version 5.10rc4"
-
-# CVE-2020-8832 has no known resolution
-
-CVE_STATUS[CVE-2020-8834] = "fixed-version: Fixed from version 4.18rc1"
-
-CVE_STATUS[CVE-2020-8835] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2020-8992] = "fixed-version: Fixed from version 5.6rc2"
-
-CVE_STATUS[CVE-2020-9383] = "fixed-version: Fixed from version 5.6rc4"
-
-CVE_STATUS[CVE-2020-9391] = "fixed-version: Fixed from version 5.6rc3"
-
-CVE_STATUS[CVE-2021-0129] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-0342] = "fixed-version: Fixed from version 5.8rc1"
-
-# CVE-2021-0399 has no known resolution
-
-CVE_STATUS[CVE-2021-0447] = "fixed-version: Fixed from version 4.15rc1"
-
-CVE_STATUS[CVE-2021-0448] = "fixed-version: Fixed from version 5.9rc7"
-
-CVE_STATUS[CVE-2021-0512] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-0605] = "fixed-version: Fixed from version 5.8"
-
-# CVE-2021-0606 has no known resolution
-
-# CVE-2021-0695 has no known resolution
-
-CVE_STATUS[CVE-2021-0707] = "fixed-version: Fixed from version 5.11rc3"
-
-CVE_STATUS[CVE-2021-0920] = "fixed-version: Fixed from version 5.14rc4"
-
-# CVE-2021-0924 has no known resolution
-
-CVE_STATUS[CVE-2021-0929] = "fixed-version: Fixed from version 5.6rc1"
-
-CVE_STATUS[CVE-2021-0935] = "fixed-version: Fixed from version 4.16rc7"
-
-# CVE-2021-0936 has no known resolution
-
-CVE_STATUS[CVE-2021-0937] = "fixed-version: Fixed from version 5.12rc8"
-
-CVE_STATUS[CVE-2021-0938] = "fixed-version: Fixed from version 5.10rc4"
-
-CVE_STATUS[CVE-2021-0941] = "fixed-version: Fixed from version 5.12rc1"
-
-# CVE-2021-0961 has no known resolution
-
-CVE_STATUS[CVE-2021-1048] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2021-20177] = "fixed-version: Fixed from version 5.5rc1"
-
-CVE_STATUS[CVE-2021-20194] = "fixed-version: Fixed from version 5.10rc1"
-
-# CVE-2021-20219 has no known resolution
-
-CVE_STATUS[CVE-2021-20226] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2021-20239] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2021-20261] = "fixed-version: Fixed from version 4.5rc5"
-
-CVE_STATUS[CVE-2021-20265] = "fixed-version: Fixed from version 4.5rc3"
-
-CVE_STATUS[CVE-2021-20268] = "fixed-version: Fixed from version 5.11rc5"
-
-CVE_STATUS[CVE-2021-20292] = "fixed-version: Fixed from version 5.9rc1"
-
-CVE_STATUS[CVE-2021-20317] = "fixed-version: Fixed from version 5.4rc1"
-
-CVE_STATUS[CVE-2021-20320] = "fixed-version: Fixed from version 5.15rc3"
-
-CVE_STATUS[CVE-2021-20321] = "fixed-version: Fixed from version 5.15rc5"
-
-CVE_STATUS[CVE-2021-20322] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-21781] = "fixed-version: Fixed from version 5.11rc7"
-
-CVE_STATUS[CVE-2021-22543] = "fixed-version: Fixed from version 5.13"
-
-CVE_STATUS[CVE-2021-22555] = "fixed-version: Fixed from version 5.12rc8"
-
-CVE_STATUS[CVE-2021-22600] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2021-23133] = "fixed-version: Fixed from version 5.12rc8"
-
-CVE_STATUS[CVE-2021-23134] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-26401] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2021-26708] = "fixed-version: Fixed from version 5.11rc7"
-
-CVE_STATUS[CVE-2021-26930] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-26931] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-26932] = "fixed-version: Fixed from version 5.12rc1"
-
-# CVE-2021-26934 has no known resolution
-
-CVE_STATUS[CVE-2021-27363] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-27364] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-27365] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-28038] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-28039] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-28375] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-28660] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-28688] = "fixed-version: Fixed from version 5.12rc6"
-
-CVE_STATUS[CVE-2021-28691] = "fixed-version: Fixed from version 5.13rc6"
-
-CVE_STATUS[CVE-2021-28711] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-28712] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-28713] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-28714] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-28715] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-28950] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-28951] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-28952] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-28964] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-28971] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-28972] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-29154] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2021-29155] = "fixed-version: Fixed from version 5.12rc8"
-
-CVE_STATUS[CVE-2021-29264] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-29265] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-29266] = "fixed-version: Fixed from version 5.12rc4"
-
-CVE_STATUS[CVE-2021-29646] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-29647] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-29648] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-29649] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-29650] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-29657] = "fixed-version: Fixed from version 5.12rc6"
-
-CVE_STATUS[CVE-2021-30002] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-30178] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2021-31440] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-3178] = "fixed-version: Fixed from version 5.11rc5"
-
-CVE_STATUS[CVE-2021-31829] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-31916] = "fixed-version: Fixed from version 5.12rc5"
-
-CVE_STATUS[CVE-2021-32078] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-32399] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-32606] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2021-33033] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-33034] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-33061] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2021-33098] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2021-33135] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2021-33200] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2021-3347] = "fixed-version: Fixed from version 5.11rc6"
-
-CVE_STATUS[CVE-2021-3348] = "fixed-version: Fixed from version 5.11rc6"
-
-CVE_STATUS[CVE-2021-33624] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-33655] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2021-33656] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-33909] = "fixed-version: Fixed from version 5.14rc3"
-
-CVE_STATUS[CVE-2021-3411] = "fixed-version: Fixed from version 5.10"
-
-CVE_STATUS[CVE-2021-3428] = "fixed-version: Fixed from version 5.9rc2"
-
-CVE_STATUS[CVE-2021-3444] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-34556] = "fixed-version: Fixed from version 5.14rc4"
-
-CVE_STATUS[CVE-2021-34693] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-3483] = "fixed-version: Fixed from version 5.12rc6"
-
-CVE_STATUS[CVE-2021-34866] = "fixed-version: Fixed from version 5.14"
-
-CVE_STATUS[CVE-2021-3489] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2021-3490] = "fixed-version: Fixed from version 5.13rc4"
-
-CVE_STATUS[CVE-2021-3491] = "fixed-version: Fixed from version 5.13rc1"
-
-# CVE-2021-3492 has no known resolution
-
-CVE_STATUS[CVE-2021-3493] = "fixed-version: Fixed from version 5.11rc1"
-
-CVE_STATUS[CVE-2021-34981] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-3501] = "fixed-version: Fixed from version 5.12rc8"
-
-CVE_STATUS[CVE-2021-35039] = "fixed-version: Fixed from version 5.13"
-
-CVE_STATUS[CVE-2021-3506] = "fixed-version: Fixed from version 5.13rc1"
-
-# CVE-2021-3542 has no known resolution
-
-CVE_STATUS[CVE-2021-3543] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-35477] = "fixed-version: Fixed from version 5.14rc4"
-
-CVE_STATUS[CVE-2021-3564] = "fixed-version: Fixed from version 5.13rc5"
-
-CVE_STATUS[CVE-2021-3573] = "fixed-version: Fixed from version 5.13rc5"
-
-CVE_STATUS[CVE-2021-3587] = "fixed-version: Fixed from version 5.13rc5"
-
-CVE_STATUS[CVE-2021-3600] = "fixed-version: Fixed from version 5.11"
-
-CVE_STATUS[CVE-2021-3609] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-3612] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-3635] = "fixed-version: Fixed from version 5.5rc7"
-
-CVE_STATUS[CVE-2021-3640] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2021-3653] = "fixed-version: Fixed from version 5.14rc7"
-
-CVE_STATUS[CVE-2021-3655] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-3656] = "fixed-version: Fixed from version 5.14rc7"
-
-CVE_STATUS[CVE-2021-3659] = "fixed-version: Fixed from version 5.12rc7"
-
-CVE_STATUS[CVE-2021-3669] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-3679] = "fixed-version: Fixed from version 5.14rc3"
-
-# CVE-2021-3714 has no known resolution
-
-CVE_STATUS[CVE-2021-3715] = "fixed-version: Fixed from version 5.6"
-
-CVE_STATUS[CVE-2021-37159] = "fixed-version: Fixed from version 5.14rc3"
-
-CVE_STATUS[CVE-2021-3732] = "fixed-version: Fixed from version 5.14rc6"
-
-CVE_STATUS[CVE-2021-3736] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-3739] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-3743] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-3744] = "fixed-version: Fixed from version 5.15rc4"
-
-CVE_STATUS[CVE-2021-3752] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2021-3753] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-37576] = "fixed-version: Fixed from version 5.14rc3"
-
-CVE_STATUS[CVE-2021-3759] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-3760] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-3764] = "fixed-version: Fixed from version 5.15rc4"
-
-CVE_STATUS[CVE-2021-3772] = "fixed-version: Fixed from version 5.15"
-
-CVE_STATUS[CVE-2021-38160] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-38166] = "fixed-version: Fixed from version 5.14rc6"
-
-CVE_STATUS[CVE-2021-38198] = "fixed-version: Fixed from version 5.13rc6"
-
-CVE_STATUS[CVE-2021-38199] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-38200] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-38201] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-38202] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-38203] = "fixed-version: Fixed from version 5.14rc2"
-
-CVE_STATUS[CVE-2021-38204] = "fixed-version: Fixed from version 5.14rc3"
-
-CVE_STATUS[CVE-2021-38205] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-38206] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-38207] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2021-38208] = "fixed-version: Fixed from version 5.13rc5"
-
-CVE_STATUS[CVE-2021-38209] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-38300] = "fixed-version: Fixed from version 5.15rc4"
-
-# CVE-2021-3847 has no known resolution
-
-# CVE-2021-3864 has no known resolution
-
-# CVE-2021-3892 has no known resolution
-
-CVE_STATUS[CVE-2021-3894] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-3896] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-3923] = "fixed-version: Fixed from version 5.16"
-
-CVE_STATUS[CVE-2021-39633] = "fixed-version: Fixed from version 5.14"
-
-CVE_STATUS[CVE-2021-39634] = "fixed-version: Fixed from version 5.9rc8"
-
-CVE_STATUS[CVE-2021-39636] = "fixed-version: Fixed from version 4.16rc1"
-
-CVE_STATUS[CVE-2021-39648] = "fixed-version: Fixed from version 5.11rc3"
-
-CVE_STATUS[CVE-2021-39656] = "fixed-version: Fixed from version 5.12rc3"
-
-CVE_STATUS[CVE-2021-39657] = "fixed-version: Fixed from version 5.11rc4"
-
-CVE_STATUS[CVE-2021-39685] = "fixed-version: Fixed from version 5.16rc5"
-
-CVE_STATUS[CVE-2021-39686] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2021-39698] = "fixed-version: Fixed from version 5.16rc5"
-
-CVE_STATUS[CVE-2021-39711] = "fixed-version: Fixed from version 4.18rc6"
-
-CVE_STATUS[CVE-2021-39713] = "fixed-version: Fixed from version 4.20rc1"
-
-CVE_STATUS[CVE-2021-39714] = "fixed-version: Fixed from version 4.12rc1"
-
-# CVE-2021-39800 has no known resolution
-
-# CVE-2021-39801 has no known resolution
-
-# CVE-2021-39802 has no known resolution
-
-CVE_STATUS[CVE-2021-4001] = "fixed-version: Fixed from version 5.16rc2"
-
-CVE_STATUS[CVE-2021-4002] = "fixed-version: Fixed from version 5.16rc3"
-
-CVE_STATUS[CVE-2021-4023] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-4028] = "fixed-version: Fixed from version 5.15rc4"
-
-CVE_STATUS[CVE-2021-4032] = "fixed-version: Fixed from version 5.15rc7"
-
-CVE_STATUS[CVE-2021-4037] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2021-40490] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-4083] = "fixed-version: Fixed from version 5.16rc4"
-
-CVE_STATUS[CVE-2021-4090] = "fixed-version: Fixed from version 5.16rc2"
-
-CVE_STATUS[CVE-2021-4093] = "fixed-version: Fixed from version 5.15rc7"
-
-CVE_STATUS[CVE-2021-4095] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2021-41073] = "fixed-version: Fixed from version 5.15rc2"
-
-CVE_STATUS[CVE-2021-4135] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2021-4148] = "fixed-version: Fixed from version 5.15"
-
-CVE_STATUS[CVE-2021-4149] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-4150] = "fixed-version: Fixed from version 5.15rc7"
-
-CVE_STATUS[CVE-2021-4154] = "fixed-version: Fixed from version 5.14rc2"
-
-CVE_STATUS[CVE-2021-4155] = "fixed-version: Fixed from version 5.16"
-
-CVE_STATUS[CVE-2021-4157] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-4159] = "fixed-version: Fixed from version 5.7rc1"
-
-CVE_STATUS[CVE-2021-41864] = "fixed-version: Fixed from version 5.15rc5"
-
-CVE_STATUS[CVE-2021-4197] = "fixed-version: Fixed from version 5.16"
-
-CVE_STATUS[CVE-2021-42008] = "fixed-version: Fixed from version 5.14rc7"
-
-CVE_STATUS[CVE-2021-4202] = "fixed-version: Fixed from version 5.16rc2"
-
-CVE_STATUS[CVE-2021-4203] = "fixed-version: Fixed from version 5.15rc4"
-
-CVE_STATUS[CVE-2021-4204] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2021-4218] = "fixed-version: Fixed from version 5.8rc1"
-
-CVE_STATUS[CVE-2021-42252] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2021-42327] = "fixed-version: Fixed from version 5.15"
-
-CVE_STATUS[CVE-2021-42739] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2021-43056] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-43057] = "fixed-version: Fixed from version 5.15rc3"
-
-CVE_STATUS[CVE-2021-43267] = "fixed-version: Fixed from version 5.15"
-
-CVE_STATUS[CVE-2021-43389] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2021-43975] = "fixed-version: Fixed from version 5.16rc2"
-
-CVE_STATUS[CVE-2021-43976] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2021-44733] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-44879] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2021-45095] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2021-45100] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2021-45402] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2021-45469] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2021-45480] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2021-45485] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2021-45486] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2021-45868] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2021-46283] = "fixed-version: Fixed from version 5.13rc7"
-
-CVE_STATUS[CVE-2022-0001] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-0002] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-0168] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-0171] = "fixed-version: Fixed from version 5.18rc4"
-
-CVE_STATUS[CVE-2022-0185] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-0264] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2022-0286] = "fixed-version: Fixed from version 5.14rc2"
-
-CVE_STATUS[CVE-2022-0322] = "fixed-version: Fixed from version 5.15rc6"
-
-CVE_STATUS[CVE-2022-0330] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-0382] = "fixed-version: Fixed from version 5.16"
-
-# CVE-2022-0400 has no known resolution
-
-CVE_STATUS[CVE-2022-0433] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-0435] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2022-0480] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2022-0487] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2022-0492] = "fixed-version: Fixed from version 5.17rc3"
-
-CVE_STATUS[CVE-2022-0494] = "fixed-version: Fixed from version 5.17rc5"
-
-CVE_STATUS[CVE-2022-0500] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-0516] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2022-0617] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-0644] = "fixed-version: Fixed from version 5.15rc7"
-
-CVE_STATUS[CVE-2022-0646] = "fixed-version: Fixed from version 5.17rc5"
-
-CVE_STATUS[CVE-2022-0742] = "fixed-version: Fixed from version 5.17rc7"
-
-CVE_STATUS[CVE-2022-0812] = "fixed-version: Fixed from version 5.8rc6"
-
-CVE_STATUS[CVE-2022-0847] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-0850] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2022-0854] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-0995] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-0998] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-1011] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-1012] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2022-1015] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1016] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1043] = "fixed-version: Fixed from version 5.14rc7"
-
-CVE_STATUS[CVE-2022-1048] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1055] = "fixed-version: Fixed from version 5.17rc3"
-
-# CVE-2022-1116 has no known resolution
-
-CVE_STATUS[CVE-2022-1158] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1184] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1195] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2022-1198] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-1199] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-1204] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1205] = "fixed-version: Fixed from version 5.18rc1"
-
-# CVE-2022-1247 has no known resolution
-
-CVE_STATUS[CVE-2022-1263] = "fixed-version: Fixed from version 5.18rc3"
-
-CVE_STATUS[CVE-2022-1280] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2022-1353] = "fixed-version: Fixed from version 5.17"
-
-CVE_STATUS[CVE-2022-1419] = "fixed-version: Fixed from version 5.6rc2"
-
-CVE_STATUS[CVE-2022-1462] = "fixed-version: Fixed from version 5.19rc7"
-
-CVE_STATUS[CVE-2022-1508] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2022-1516] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1651] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1652] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2022-1671] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-1678] = "fixed-version: Fixed from version 4.20rc1"
-
-CVE_STATUS[CVE-2022-1679] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-1729] = "fixed-version: Fixed from version 5.18"
-
-CVE_STATUS[CVE-2022-1734] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2022-1786] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-1789] = "fixed-version: Fixed from version 5.18"
-
-CVE_STATUS[CVE-2022-1836] = "fixed-version: Fixed from version 5.18rc5"
-
-CVE_STATUS[CVE-2022-1852] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1882] = "fixed-version: Fixed from version 5.19rc8"
-
-CVE_STATUS[CVE-2022-1943] = "fixed-version: Fixed from version 5.18rc7"
-
-CVE_STATUS[CVE-2022-1966] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1972] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1973] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1974] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2022-1975] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2022-1976] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-1998] = "fixed-version: Fixed from version 5.17rc3"
-
-CVE_STATUS[CVE-2022-20008] = "fixed-version: Fixed from version 5.17rc5"
-
-CVE_STATUS[CVE-2022-20132] = "fixed-version: Fixed from version 5.16rc5"
-
-CVE_STATUS[CVE-2022-20141] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2022-20148] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2022-20153] = "fixed-version: Fixed from version 5.13rc1"
-
-CVE_STATUS[CVE-2022-20154] = "fixed-version: Fixed from version 5.16rc8"
-
-CVE_STATUS[CVE-2022-20158] = "fixed-version: Fixed from version 5.17"
-
-CVE_STATUS[CVE-2022-20166] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2022-20368] = "fixed-version: Fixed from version 5.17"
-
-CVE_STATUS[CVE-2022-20369] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-20409] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-20421] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-20422] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-20423] = "fixed-version: Fixed from version 5.17"
-
-CVE_STATUS[CVE-2022-20424] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-20565] = "fixed-version: Fixed from version 5.9rc4"
-
-CVE_STATUS[CVE-2022-20566] = "fixed-version: Fixed from version 5.19"
-
-CVE_STATUS[CVE-2022-20567] = "fixed-version: Fixed from version 4.16rc5"
-
-CVE_STATUS[CVE-2022-20568] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-20572] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-2078] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-21123] = "fixed-version: Fixed from version 5.19rc3"
-
-CVE_STATUS[CVE-2022-21125] = "fixed-version: Fixed from version 5.19rc3"
-
-CVE_STATUS[CVE-2022-21166] = "fixed-version: Fixed from version 5.19rc3"
-
-CVE_STATUS[CVE-2022-21385] = "fixed-version: Fixed from version 4.20"
-
-CVE_STATUS[CVE-2022-21499] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-21505] = "fixed-version: Fixed from version 5.19rc8"
-
-CVE_STATUS[CVE-2022-2153] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-2196] = "cpe-stable-backport: Backported in 6.1.14"
-
-# CVE-2022-2209 has no known resolution
-
-CVE_STATUS[CVE-2022-22942] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-23036] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23037] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23038] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23039] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23040] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23041] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-23042] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-2308] = "fixed-version: Fixed from version 6.0"
-
-CVE_STATUS[CVE-2022-2318] = "fixed-version: Fixed from version 5.19rc5"
-
-CVE_STATUS[CVE-2022-23222] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-2327] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-2380] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-23816] = "fixed-version: Fixed from version 5.19rc7"
-
-# CVE-2022-23825 has no known resolution
-
-CVE_STATUS[CVE-2022-23960] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-24122] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-24448] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-24958] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-24959] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-2503] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-25258] = "fixed-version: Fixed from version 5.17rc4"
-
-# CVE-2022-25265 has no known resolution
-
-CVE_STATUS[CVE-2022-25375] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2022-25636] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-2585] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-2586] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-2588] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-2590] = "fixed-version: Fixed from version 6.0rc3"
-
-CVE_STATUS[CVE-2022-2602] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-26365] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-26373] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-2639] = "fixed-version: Fixed from version 5.18rc4"
-
-CVE_STATUS[CVE-2022-26490] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-2663] = "fixed-version: Fixed from version 6.0rc5"
-
-# CVE-2022-26878 has no known resolution
-
-CVE_STATUS[CVE-2022-26966] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-27223] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-27666] = "fixed-version: Fixed from version 5.17rc8"
-
-CVE_STATUS[CVE-2022-27672] = "cpe-stable-backport: Backported in 6.1.12"
-
-CVE_STATUS[CVE-2022-2785] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-27950] = "fixed-version: Fixed from version 5.17rc5"
-
-CVE_STATUS[CVE-2022-28356] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-28388] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-28389] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-28390] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-2873] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-28796] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-28893] = "fixed-version: Fixed from version 5.18rc2"
-
-CVE_STATUS[CVE-2022-2905] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-29156] = "fixed-version: Fixed from version 5.17rc6"
-
-CVE_STATUS[CVE-2022-2938] = "fixed-version: Fixed from version 5.17rc2"
-
-CVE_STATUS[CVE-2022-29581] = "fixed-version: Fixed from version 5.18rc4"
-
-CVE_STATUS[CVE-2022-29582] = "fixed-version: Fixed from version 5.18rc2"
-
-CVE_STATUS[CVE-2022-2959] = "fixed-version: Fixed from version 5.19rc1"
-
-# CVE-2022-2961 has no known resolution
-
-CVE_STATUS[CVE-2022-2964] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2022-2977] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-2978] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-29900] = "fixed-version: Fixed from version 5.19rc7"
-
-CVE_STATUS[CVE-2022-29901] = "fixed-version: Fixed from version 5.19rc7"
-
-CVE_STATUS[CVE-2022-2991] = "fixed-version: Fixed from version 5.15rc1"
-
-CVE_STATUS[CVE-2022-29968] = "fixed-version: Fixed from version 5.18rc5"
-
-CVE_STATUS[CVE-2022-3028] = "fixed-version: Fixed from version 6.0rc3"
-
-CVE_STATUS[CVE-2022-30594] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-3061] = "fixed-version: Fixed from version 5.18rc5"
-
-CVE_STATUS[CVE-2022-3077] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3078] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-3103] = "fixed-version: Fixed from version 6.0rc3"
-
-CVE_STATUS[CVE-2022-3104] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3105] = "fixed-version: Fixed from version 5.16"
-
-CVE_STATUS[CVE-2022-3106] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2022-3107] = "fixed-version: Fixed from version 5.17"
-
-CVE_STATUS[CVE-2022-3108] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-3110] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3111] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-3112] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-3113] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-3114] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3115] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3169] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3170] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-3176] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2022-3202] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-32250] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-32296] = "fixed-version: Fixed from version 5.18rc6"
-
-# CVE-2022-3238 has no known resolution
-
-CVE_STATUS[CVE-2022-3239] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2022-32981] = "fixed-version: Fixed from version 5.19rc2"
-
-CVE_STATUS[CVE-2022-3303] = "fixed-version: Fixed from version 6.0rc5"
-
-CVE_STATUS[CVE-2022-3344] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2022-33740] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-33741] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-33742] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-33743] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-33744] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-33981] = "fixed-version: Fixed from version 5.18rc5"
-
-CVE_STATUS[CVE-2022-3424] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2022-3435] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-34494] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-34495] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-34918] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-3521] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3522] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3523] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3524] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3526] = "fixed-version: Fixed from version 5.18rc3"
-
-CVE_STATUS[CVE-2022-3531] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2022-3532] = "cpe-stable-backport: Backported in 6.1.2"
-
-# CVE-2022-3533 has no known resolution
-
-CVE_STATUS[CVE-2022-3534] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2022-3535] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3541] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3542] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3543] = "fixed-version: Fixed from version 6.1rc1"
-
-# CVE-2022-3544 has no known resolution
-
-CVE_STATUS[CVE-2022-3545] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3564] = "fixed-version: Fixed from version 6.1rc4"
-
-CVE_STATUS[CVE-2022-3565] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3566] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3567] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3577] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3586] = "fixed-version: Fixed from version 6.0rc5"
-
-CVE_STATUS[CVE-2022-3594] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3595] = "fixed-version: Fixed from version 6.1rc1"
-
-# CVE-2022-3606 has no known resolution
-
-CVE_STATUS[CVE-2022-36123] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-3619] = "fixed-version: Fixed from version 6.1rc4"
-
-CVE_STATUS[CVE-2022-3621] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3623] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3624] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3625] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3628] = "fixed-version: Fixed from version 6.1rc5"
-
-CVE_STATUS[CVE-2022-36280] = "cpe-stable-backport: Backported in 6.1.4"
-
-CVE_STATUS[CVE-2022-3629] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3630] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3633] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3635] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-3636] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-3640] = "fixed-version: Fixed from version 6.1rc4"
-
-# CVE-2022-36402 has no known resolution
-
-# CVE-2022-3642 has no known resolution
-
-CVE_STATUS[CVE-2022-3643] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2022-3646] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-3649] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-36879] = "fixed-version: Fixed from version 5.19rc8"
-
-CVE_STATUS[CVE-2022-36946] = "fixed-version: Fixed from version 5.19"
-
-CVE_STATUS[CVE-2022-3707] = "cpe-stable-backport: Backported in 6.1.5"
-
-# CVE-2022-38096 has no known resolution
-
-CVE_STATUS[CVE-2022-38457] = "cpe-stable-backport: Backported in 6.1.7"
-
-CVE_STATUS[CVE-2022-3903] = "fixed-version: Fixed from version 6.1rc2"
-
-CVE_STATUS[CVE-2022-3910] = "fixed-version: Fixed from version 6.0rc6"
-
-CVE_STATUS[CVE-2022-39188] = "fixed-version: Fixed from version 5.19rc8"
-
-CVE_STATUS[CVE-2022-39189] = "fixed-version: Fixed from version 5.19rc2"
-
-CVE_STATUS[CVE-2022-39190] = "fixed-version: Fixed from version 6.0rc3"
-
-CVE_STATUS[CVE-2022-3977] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-39842] = "fixed-version: Fixed from version 5.19rc4"
-
-CVE_STATUS[CVE-2022-40133] = "cpe-stable-backport: Backported in 6.1.7"
-
-CVE_STATUS[CVE-2022-40307] = "fixed-version: Fixed from version 6.0rc5"
-
-CVE_STATUS[CVE-2022-40476] = "fixed-version: Fixed from version 5.19rc4"
-
-CVE_STATUS[CVE-2022-40768] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-4095] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-40982] = "cpe-stable-backport: Backported in 6.1.44"
-
-CVE_STATUS[CVE-2022-41218] = "cpe-stable-backport: Backported in 6.1.4"
-
-CVE_STATUS[CVE-2022-41222] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2022-4127] = "fixed-version: Fixed from version 5.19rc6"
-
-CVE_STATUS[CVE-2022-4128] = "fixed-version: Fixed from version 5.19rc7"
-
-CVE_STATUS[CVE-2022-4129] = "fixed-version: Fixed from version 6.1rc6"
-
-CVE_STATUS[CVE-2022-4139] = "fixed-version: Fixed from version 6.1rc8"
-
-CVE_STATUS[CVE-2022-41674] = "fixed-version: Fixed from version 6.1rc1"
-
-# CVE-2022-41848 has no known resolution
-
-CVE_STATUS[CVE-2022-41849] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-41850] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-41858] = "fixed-version: Fixed from version 5.18rc2"
-
-CVE_STATUS[CVE-2022-42328] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2022-42329] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2022-42432] = "fixed-version: Fixed from version 6.0rc7"
-
-CVE_STATUS[CVE-2022-4269] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2022-42703] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-42719] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-42720] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-42721] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-42722] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-42895] = "fixed-version: Fixed from version 6.1rc4"
-
-CVE_STATUS[CVE-2022-42896] = "fixed-version: Fixed from version 6.1rc4"
-
-CVE_STATUS[CVE-2022-43750] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2022-4378] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2022-4379] = "cpe-stable-backport: Backported in 6.1.3"
-
-CVE_STATUS[CVE-2022-4382] = "cpe-stable-backport: Backported in 6.1.8"
-
-CVE_STATUS[CVE-2022-43945] = "fixed-version: Fixed from version 6.1rc1"
-
-# CVE-2022-44032 needs backporting (fixed from 6.4rc1)
-
-# CVE-2022-44033 needs backporting (fixed from 6.4rc1)
-
-# CVE-2022-44034 needs backporting (fixed from 6.4rc1)
-
-# CVE-2022-4543 has no known resolution
-
-CVE_STATUS[CVE-2022-45869] = "fixed-version: Fixed from version 6.1rc7"
-
-# CVE-2022-45884 has no known resolution
-
-# CVE-2022-45885 has no known resolution
-
-CVE_STATUS[CVE-2022-45886] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2022-45887] = "cpe-stable-backport: Backported in 6.1.33"
-
-# CVE-2022-45888 needs backporting (fixed from 6.2rc1)
-
-CVE_STATUS[CVE-2022-45919] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2022-45934] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2022-4662] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2022-4696] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2022-4744] = "fixed-version: Fixed from version 5.16rc7"
-
-CVE_STATUS[CVE-2022-47518] = "fixed-version: Fixed from version 6.1rc8"
-
-CVE_STATUS[CVE-2022-47519] = "fixed-version: Fixed from version 6.1rc8"
-
-CVE_STATUS[CVE-2022-47520] = "fixed-version: Fixed from version 6.1rc8"
-
-CVE_STATUS[CVE-2022-47521] = "fixed-version: Fixed from version 6.1rc8"
-
-CVE_STATUS[CVE-2022-47929] = "cpe-stable-backport: Backported in 6.1.6"
-
-CVE_STATUS[CVE-2022-47938] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-47939] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-47940] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2022-47941] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-47942] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-47943] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2022-47946] = "fixed-version: Fixed from version 5.12rc2"
-
-CVE_STATUS[CVE-2022-4842] = "cpe-stable-backport: Backported in 6.1.8"
-
-CVE_STATUS[CVE-2022-48423] = "cpe-stable-backport: Backported in 6.1.3"
-
-CVE_STATUS[CVE-2022-48424] = "cpe-stable-backport: Backported in 6.1.3"
-
-CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40"
-
-CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1"
-
-CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5"
-
-CVE_STATUS[CVE-2023-0047] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2023-0122] = "fixed-version: Fixed from version 6.0rc4"
-
-CVE_STATUS[CVE-2023-0160] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-0179] = "cpe-stable-backport: Backported in 6.1.7"
-
-CVE_STATUS[CVE-2023-0210] = "cpe-stable-backport: Backported in 6.1.5"
-
-CVE_STATUS[CVE-2023-0240] = "fixed-version: Fixed from version 5.10rc1"
-
-CVE_STATUS[CVE-2023-0266] = "cpe-stable-backport: Backported in 6.1.6"
-
-CVE_STATUS[CVE-2023-0386] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-0394] = "cpe-stable-backport: Backported in 6.1.7"
-
-CVE_STATUS[CVE-2023-0458] = "cpe-stable-backport: Backported in 6.1.8"
-
-CVE_STATUS[CVE-2023-0459] = "cpe-stable-backport: Backported in 6.1.14"
-
-CVE_STATUS[CVE-2023-0461] = "cpe-stable-backport: Backported in 6.1.5"
-
-CVE_STATUS[CVE-2023-0468] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-0469] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-0590] = "fixed-version: Fixed from version 6.1rc2"
-
-# CVE-2023-0597 needs backporting (fixed from 6.2rc1)
-
-CVE_STATUS[CVE-2023-0615] = "fixed-version: Fixed from version 6.1rc3"
-
-CVE_STATUS[CVE-2023-1032] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-1073] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-1074] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-1075] = "cpe-stable-backport: Backported in 6.1.11"
-
-CVE_STATUS[CVE-2023-1076] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-1077] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-1078] = "cpe-stable-backport: Backported in 6.1.12"
-
-CVE_STATUS[CVE-2023-1079] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-1095] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
-
-# CVE-2023-1193 needs backporting (fixed from 6.3rc6)
-
-CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
-
-CVE_STATUS[CVE-2023-1195] = "fixed-version: Fixed from version 6.1rc3"
-
-CVE_STATUS[CVE-2023-1206] = "cpe-stable-backport: Backported in 6.1.43"
-
-CVE_STATUS[CVE-2023-1249] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2023-1252] = "fixed-version: Fixed from version 5.16rc1"
-
-CVE_STATUS[CVE-2023-1281] = "cpe-stable-backport: Backported in 6.1.13"
-
-CVE_STATUS[CVE-2023-1295] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2023-1380] = "cpe-stable-backport: Backported in 6.1.27"
-
-CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4"
-
-CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13"
-
-CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4"
-
-CVE_STATUS[CVE-2023-1583] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-1611] = "cpe-stable-backport: Backported in 6.1.23"
-
-CVE_STATUS[CVE-2023-1637] = "fixed-version: Fixed from version 5.18rc2"
-
-CVE_STATUS[CVE-2023-1652] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-1670] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-1829] = "cpe-stable-backport: Backported in 6.1.18"
-
-CVE_STATUS[CVE-2023-1838] = "fixed-version: Fixed from version 5.18"
-
-CVE_STATUS[CVE-2023-1855] = "cpe-stable-backport: Backported in 6.1.21"
-
-CVE_STATUS[CVE-2023-1859] = "cpe-stable-backport: Backported in 6.1.25"
-
-CVE_STATUS[CVE-2023-1872] = "fixed-version: Fixed from version 5.18rc2"
-
-CVE_STATUS[CVE-2023-1989] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-1990] = "cpe-stable-backport: Backported in 6.1.21"
-
-CVE_STATUS[CVE-2023-1998] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-2002] = "cpe-stable-backport: Backported in 6.1.27"
-
-CVE_STATUS[CVE-2023-2006] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-2007] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-2008] = "fixed-version: Fixed from version 5.19rc4"
-
-CVE_STATUS[CVE-2023-2019] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-20569] = "cpe-stable-backport: Backported in 6.1.44"
-
-CVE_STATUS[CVE-2023-20588] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-20593] = "cpe-stable-backport: Backported in 6.1.41"
-
-CVE_STATUS[CVE-2023-20928] = "fixed-version: Fixed from version 6.0rc1"
-
-# CVE-2023-20937 has no known resolution
-
-CVE_STATUS[CVE-2023-20938] = "fixed-version: Fixed from version 5.18rc5"
-
-# CVE-2023-20941 has no known resolution
-
-CVE_STATUS[CVE-2023-21102] = "cpe-stable-backport: Backported in 6.1.8"
-
-CVE_STATUS[CVE-2023-21106] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-2124] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2023-21255] = "cpe-stable-backport: Backported in 6.1.31"
-
-# CVE-2023-21264 needs backporting (fixed from 6.4rc5)
-
-# CVE-2023-21400 has no known resolution
-
-CVE_STATUS[CVE-2023-2156] = "cpe-stable-backport: Backported in 6.1.26"
-
-CVE_STATUS[CVE-2023-2162] = "cpe-stable-backport: Backported in 6.1.11"
-
-CVE_STATUS[CVE-2023-2163] = "cpe-stable-backport: Backported in 6.1.26"
-
-CVE_STATUS[CVE-2023-2166] = "fixed-version: Fixed from version 6.1"
-
-# CVE-2023-2176 needs backporting (fixed from 6.3rc1)
-
-CVE_STATUS[CVE-2023-2177] = "fixed-version: Fixed from version 5.19"
-
-CVE_STATUS[CVE-2023-2194] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-2235] = "cpe-stable-backport: Backported in 6.1.21"
-
-CVE_STATUS[CVE-2023-2236] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-2248] = "cpe-stable-backport: Backported in 6.1.26"
-
-CVE_STATUS[CVE-2023-2269] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-22995] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2023-22996] = "fixed-version: Fixed from version 5.18rc1"
-
-CVE_STATUS[CVE-2023-22997] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2023-22998] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-22999] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2023-23000] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2023-23001] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2023-23002] = "fixed-version: Fixed from version 5.17rc1"
-
-CVE_STATUS[CVE-2023-23003] = "fixed-version: Fixed from version 5.16rc6"
-
-CVE_STATUS[CVE-2023-23004] = "fixed-version: Fixed from version 5.19rc1"
-
-# CVE-2023-23005 needs backporting (fixed from 6.2rc1)
-
-CVE_STATUS[CVE-2023-23006] = "fixed-version: Fixed from version 5.16rc8"
-
-# CVE-2023-23039 has no known resolution
-
-CVE_STATUS[CVE-2023-23454] = "cpe-stable-backport: Backported in 6.1.5"
-
-CVE_STATUS[CVE-2023-23455] = "cpe-stable-backport: Backported in 6.1.5"
-
-CVE_STATUS[CVE-2023-23559] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-23586] = "fixed-version: Fixed from version 5.12rc1"
-
-CVE_STATUS[CVE-2023-2430] = "cpe-stable-backport: Backported in 6.1.50"
-
-CVE_STATUS[CVE-2023-2483] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-25012] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-2513] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-25775] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-2598] = "fixed-version: only affects 6.3rc1 onwards"
-
-# CVE-2023-26242 has no known resolution
-
-# CVE-2023-2640 has no known resolution
-
-CVE_STATUS[CVE-2023-26544] = "cpe-stable-backport: Backported in 6.1.3"
-
-CVE_STATUS[CVE-2023-26545] = "cpe-stable-backport: Backported in 6.1.13"
-
-CVE_STATUS[CVE-2023-26605] = "fixed-version: Fixed from version 6.1rc7"
-
-CVE_STATUS[CVE-2023-26606] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2023-26607] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2023-28327] = "fixed-version: Fixed from version 6.1"
-
-CVE_STATUS[CVE-2023-28328] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2023-28410] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2023-28464] = "fixed-version: only affects 6.3rc1 onwards"
-
-CVE_STATUS[CVE-2023-28466] = "cpe-stable-backport: Backported in 6.1.20"
-
-CVE_STATUS[CVE-2023-2860] = "fixed-version: Fixed from version 6.0rc5"
-
-CVE_STATUS[CVE-2023-28772] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2023-28866] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-2898] = "cpe-stable-backport: Backported in 6.1.39"
-
-CVE_STATUS[CVE-2023-2985] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-3006] = "fixed-version: Fixed from version 6.1rc1"
-
-# Skipping CVE-2023-3022, no affected_versions
-
-CVE_STATUS[CVE-2023-30456] = "cpe-stable-backport: Backported in 6.1.21"
-
-CVE_STATUS[CVE-2023-30772] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-3090] = "cpe-stable-backport: Backported in 6.1.30"
-
-CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7"
-
-# Skipping CVE-2023-3108, no affected_versions
-
-# CVE-2023-31081 has no known resolution
-
-# CVE-2023-31082 has no known resolution
-
-# CVE-2023-31083 needs backporting (fixed from 6.6rc1)
-
-# CVE-2023-31084 needs backporting (fixed from 6.4rc3)
-
-CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.1.57"
-
-CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2"
-
-CVE_STATUS[CVE-2023-3117] = "cpe-stable-backport: Backported in 6.1.35"
-
-CVE_STATUS[CVE-2023-31248] = "cpe-stable-backport: Backported in 6.1.39"
-
-CVE_STATUS[CVE-2023-3141] = "cpe-stable-backport: Backported in 6.1.30"
-
-CVE_STATUS[CVE-2023-31436] = "cpe-stable-backport: Backported in 6.1.26"
-
-CVE_STATUS[CVE-2023-3159] = "fixed-version: Fixed from version 5.18rc6"
-
-CVE_STATUS[CVE-2023-3161] = "cpe-stable-backport: Backported in 6.1.11"
-
-CVE_STATUS[CVE-2023-3212] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2023-3220] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-32233] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-32247] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-32248] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-32250] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-32252] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-32254] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-32257] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-32258] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-32269] = "cpe-stable-backport: Backported in 6.1.11"
-
-# CVE-2023-32629 has no known resolution
-
-CVE_STATUS[CVE-2023-3268] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-3269] = "cpe-stable-backport: Backported in 6.1.37"
-
-CVE_STATUS[CVE-2023-3312] = "fixed-version: only affects 6.2rc1 onwards"
-
-CVE_STATUS[CVE-2023-3317] = "fixed-version: only affects 6.2rc1 onwards"
-
-CVE_STATUS[CVE-2023-33203] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-33250] = "fixed-version: only affects 6.2rc1 onwards"
-
-CVE_STATUS[CVE-2023-33288] = "cpe-stable-backport: Backported in 6.1.22"
-
-CVE_STATUS[CVE-2023-3338] = "fixed-version: Fixed from version 6.1rc1"
-
-CVE_STATUS[CVE-2023-3355] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-3357] = "cpe-stable-backport: Backported in 6.1.2"
-
-CVE_STATUS[CVE-2023-3358] = "cpe-stable-backport: Backported in 6.1.9"
-
-CVE_STATUS[CVE-2023-3359] = "cpe-stable-backport: Backported in 6.1.11"
-
-CVE_STATUS[CVE-2023-3389] = "fixed-version: Fixed from version 6.0rc1"
-
-CVE_STATUS[CVE-2023-3390] = "cpe-stable-backport: Backported in 6.1.35"
-
-CVE_STATUS[CVE-2023-33951] = "cpe-stable-backport: Backported in 6.1.13"
-
-CVE_STATUS[CVE-2023-33952] = "cpe-stable-backport: Backported in 6.1.13"
-
-# CVE-2023-3397 has no known resolution
-
-CVE_STATUS[CVE-2023-34255] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29"
-
-CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44"
-
-CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.1.57"
-
-CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5"
-
-CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39"
-
-CVE_STATUS[CVE-2023-3567] = "cpe-stable-backport: Backported in 6.1.11"
-
-# CVE-2023-35693 has no known resolution
-
-CVE_STATUS[CVE-2023-35788] = "cpe-stable-backport: Backported in 6.1.33"
-
-CVE_STATUS[CVE-2023-35823] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-35824] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-35826] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.1.59"
-
-CVE_STATUS[CVE-2023-35828] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-35829] = "cpe-stable-backport: Backported in 6.1.28"
-
-CVE_STATUS[CVE-2023-3609] = "cpe-stable-backport: Backported in 6.1.35"
-
-CVE_STATUS[CVE-2023-3610] = "cpe-stable-backport: Backported in 6.1.36"
-
-CVE_STATUS[CVE-2023-3611] = "cpe-stable-backport: Backported in 6.1.40"
-
-# CVE-2023-3640 has no known resolution
-
-CVE_STATUS[CVE-2023-37453] = "fixed-version: only affects 6.3rc1 onwards"
-
-# CVE-2023-37454 has no known resolution
-
-CVE_STATUS[CVE-2023-3772] = "cpe-stable-backport: Backported in 6.1.47"
-
-CVE_STATUS[CVE-2023-3773] = "cpe-stable-backport: Backported in 6.1.47"
-
-CVE_STATUS[CVE-2023-3776] = "cpe-stable-backport: Backported in 6.1.40"
-
-CVE_STATUS[CVE-2023-3777] = "cpe-stable-backport: Backported in 6.1.42"
-
-CVE_STATUS[CVE-2023-3812] = "fixed-version: Fixed from version 6.1rc4"
-
-CVE_STATUS[CVE-2023-38409] = "cpe-stable-backport: Backported in 6.1.25"
-
-CVE_STATUS[CVE-2023-38426] = "cpe-stable-backport: Backported in 6.1.30"
-
-CVE_STATUS[CVE-2023-38427] = "cpe-stable-backport: Backported in 6.1.34"
-
-CVE_STATUS[CVE-2023-38428] = "cpe-stable-backport: Backported in 6.1.30"
-
-CVE_STATUS[CVE-2023-38429] = "cpe-stable-backport: Backported in 6.1.30"
-
-CVE_STATUS[CVE-2023-38430] = "cpe-stable-backport: Backported in 6.1.35"
-
-CVE_STATUS[CVE-2023-38431] = "cpe-stable-backport: Backported in 6.1.34"
-
-CVE_STATUS[CVE-2023-38432] = "cpe-stable-backport: Backported in 6.1.36"
-
-CVE_STATUS[CVE-2023-3863] = "cpe-stable-backport: Backported in 6.1.39"
-
-CVE_STATUS[CVE-2023-3865] = "cpe-stable-backport: Backported in 6.1.36"
-
-CVE_STATUS[CVE-2023-3866] = "cpe-stable-backport: Backported in 6.1.36"
-
-CVE_STATUS[CVE-2023-3867] = "cpe-stable-backport: Backported in 6.1.40"
-
-CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.1.54"
-
-# CVE-2023-39191 needs backporting (fixed from 6.3rc1)
-
-CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-39194] = "cpe-stable-backport: Backported in 6.1.47"
-
-CVE_STATUS[CVE-2023-39197] = "cpe-stable-backport: Backported in 6.1.39"
-
-CVE_STATUS[CVE-2023-39198] = "cpe-stable-backport: Backported in 6.1.47"
-
-CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42"
-
-# CVE-2023-4010 has no known resolution
-
-CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43"
-
-CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-40791] = "fixed-version: only affects 6.3rc1 onwards"
-
-CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39"
-
-# CVE-2023-4133 needs backporting (fixed from 6.3)
-
-# CVE-2023-4134 needs backporting (fixed from 6.5rc1)
-
-CVE_STATUS[CVE-2023-4147] = "cpe-stable-backport: Backported in 6.1.43"
-
-CVE_STATUS[CVE-2023-4155] = "cpe-stable-backport: Backported in 6.1.46"
-
-CVE_STATUS[CVE-2023-4194] = "fixed-version: only affects 6.3rc1 onwards"
-
-CVE_STATUS[CVE-2023-4206] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-4207] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-4244] = "cpe-stable-backport: Backported in 6.1.56"
-
-CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45"
-
-CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.1.56"
-
-CVE_STATUS[CVE-2023-42755] = "cpe-stable-backport: Backported in 6.1.55"
-
-CVE_STATUS[CVE-2023-42756] = "fixed-version: only affects 6.4rc6 onwards"
-
-CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1"
-
-CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18"
-
-CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3"
-
-CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3"
-
-CVE_STATUS[CVE-2023-44466] = "cpe-stable-backport: Backported in 6.1.40"
-
-CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18"
-
-CVE_STATUS[CVE-2023-4563] = "cpe-stable-backport: Backported in 6.1.56"
-
-CVE_STATUS[CVE-2023-4569] = "cpe-stable-backport: Backported in 6.1.47"
-
-CVE_STATUS[CVE-2023-45862] = "cpe-stable-backport: Backported in 6.1.18"
-
-CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16"
-
-CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards"
-
-# CVE-2023-4610 needs backporting (fixed from 6.4)
-
-CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
-
-# CVE-2023-4622 needs backporting (fixed from 6.5rc1)
-
-CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53"
-
-CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.1.60"
-
-CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.1.61"
-
-# CVE-2023-47233 has no known resolution
-
-CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
-
-CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
-
-CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
-
-# CVE-2023-50431 has no known resolution
-
-CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62"
-
-CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
-
-# CVE-2023-51779 needs backporting (fixed from 6.7rc7)
-
-CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60"
-
-CVE_STATUS[CVE-2023-51780] = "cpe-stable-backport: Backported in 6.1.69"
-
-CVE_STATUS[CVE-2023-51781] = "cpe-stable-backport: Backported in 6.1.69"
-
-CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69"
-
-CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
-
-CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56"
-
-CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards"
-
-CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60"
-
-CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards"
-
-# CVE-2023-6039 needs backporting (fixed from 6.5rc5)
-
-CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards"
-
-CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65"
-
-CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54"
-
-# CVE-2023-6238 has no known resolution
-
-# CVE-2023-6356 has no known resolution
-
-# CVE-2023-6535 has no known resolution
-
-# CVE-2023-6536 has no known resolution
-
-CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47"
-
-# CVE-2023-6560 needs backporting (fixed from 6.7rc4)
-
-# CVE-2023-6606 needs backporting (fixed from 6.7rc7)
-
-# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
-
-CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68"
-
-# CVE-2023-6679 needs backporting (fixed from 6.7rc6)
-
-CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68"
-
-CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68"
-
-CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66"
-
-# CVE-2023-7042 has no known resolution
-
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc
index ee7df04..3a4451b 100644
--- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc
+++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.6.inc
@@ -1,9 +1,9 @@
# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2024-01-03 18:54:52.866645+00:00 for version 6.6.9
+# Generated at 2024-01-18 21:07:26.764606+00:00 for version 6.6.12
python check_kernel_cve_status_version() {
- this_version = "6.6.9"
+ this_version = "6.6.12"
kernel_version = d.getVar("LINUX_VERSION")
if kernel_version != this_version:
bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4584,6 +4584,8 @@
CVE_STATUS[CVE-2022-48502] = "fixed-version: Fixed from version 6.2rc1"
+CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1"
CVE_STATUS[CVE-2023-0045] = "fixed-version: Fixed from version 6.2rc3"
@@ -4666,6 +4668,8 @@
CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4"
+# CVE-2023-1476 has no known resolution
+
CVE_STATUS[CVE-2023-1513] = "fixed-version: Fixed from version 6.2"
CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4"
@@ -5114,7 +5118,7 @@
CVE_STATUS[CVE-2023-5158] = "fixed-version: Fixed from version 6.6rc5"
-# CVE-2023-51779 needs backporting (fixed from 6.7rc7)
+CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.6.9"
CVE_STATUS[CVE-2023-5178] = "fixed-version: Fixed from version 6.6rc7"
@@ -5136,6 +5140,8 @@
CVE_STATUS[CVE-2023-6039] = "fixed-version: Fixed from version 6.5rc5"
+CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-6111] = "cpe-stable-backport: Backported in 6.6.3"
CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.6.4"
@@ -5144,8 +5150,12 @@
# CVE-2023-6238 has no known resolution
+# CVE-2023-6270 has no known resolution
+
# CVE-2023-6356 has no known resolution
+CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.6.7"
+
# CVE-2023-6535 has no known resolution
# CVE-2023-6536 has no known resolution
@@ -5154,13 +5164,13 @@
CVE_STATUS[CVE-2023-6560] = "cpe-stable-backport: Backported in 6.6.5"
-# CVE-2023-6606 needs backporting (fixed from 6.7rc7)
+CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.6.9"
# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.6.7"
-# CVE-2023-6679 needs backporting (fixed from 6.7rc6)
+CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.6.7"
@@ -5170,3 +5180,13 @@
# CVE-2023-7042 has no known resolution
+CVE_STATUS[CVE-2023-7192] = "fixed-version: Fixed from version 6.3rc1"
+
+CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10"
+
+CVE_STATUS[CVE-2024-0340] = "fixed-version: Fixed from version 6.4rc6"
+
+CVE_STATUS[CVE-2024-0443] = "fixed-version: Fixed from version 6.4rc7"
+
+# Skipping dd=CVE-2023-1476, no affected_versions
+
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
deleted file mode 100644
index 3dbec14..0000000
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
+++ /dev/null
@@ -1,48 +0,0 @@
-KBRANCH ?= "v6.1/standard/preempt-rt/base"
-
-require recipes-kernel/linux/linux-yocto.inc
-
-# CVE exclusions
-include recipes-kernel/linux/cve-exclusion_6.1.inc
-
-# Skip processing of this recipe if it is not explicitly specified as the
-# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying
-# to build multiple virtual/kernel providers, e.g. as dependency of
-# core-image-rt-sdk, core-image-rt.
-python () {
- if d.getVar("KERNEL_PACKAGE_NAME") == "kernel" and d.getVar("PREFERRED_PROVIDER_virtual/kernel") != "linux-yocto-rt":
- raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
-}
-
-SRCREV_machine ?= "c7164e4299dfbd93c9ec4f9bd307ebbb88aa6b71"
-SRCREV_meta ?= "4fe5dc52631f3b990aefbb3f97330137c4ebb288"
-
-SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
- git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
-
-LINUX_VERSION ?= "6.1.70"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-
-DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
-DEPENDS += "openssl-native util-linux-native"
-
-PV = "${LINUX_VERSION}+git"
-
-KMETA = "kernel-meta"
-KCONF_BSP_AUDIT_LEVEL = "1"
-
-LINUX_KERNEL_TYPE = "preempt-rt"
-
-COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm|qemuarmv5|qemuarm64|qemuppc|qemumips)$"
-
-KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
-
-# Functionality flags
-KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc features/taskstats/taskstats.scc"
-KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}"
-KERNEL_FEATURES:append:qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc"
-KERNEL_FEATURES:append:qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc"
-KERNEL_FEATURES:append:qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc"
-KERNEL_FEATURES:append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
-KERNEL_FEATURES:append = "${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
index 90e5ead..d303891 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.6.bb
@@ -14,13 +14,13 @@
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "7e43b4538ce1a9084c4a5f1b22372c98aa888958"
-SRCREV_meta ?= "11390e802ca72f3549b9356f036b17e54afd7a34"
+SRCREV_machine ?= "59ee8cb752a7e280cfe2d480964aa5b6c74e4203"
+SRCREV_meta ?= "48f7c852bd375b9340c68897ccd87ad89ead5f38"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
-LINUX_VERSION ?= "6.6.9"
+LINUX_VERSION ?= "6.6.12"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
deleted file mode 100644
index 01641a8..0000000
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
+++ /dev/null
@@ -1,33 +0,0 @@
-KBRANCH ?= "v6.1/standard/tiny/base"
-
-LINUX_KERNEL_TYPE = "tiny"
-KCONFIG_MODE = "--allnoconfig"
-
-require recipes-kernel/linux/linux-yocto.inc
-
-# CVE exclusions
-include recipes-kernel/linux/cve-exclusion_6.1.inc
-
-LINUX_VERSION ?= "6.1.70"
-LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-
-DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
-DEPENDS += "openssl-native util-linux-native"
-
-KMETA = "kernel-meta"
-KCONF_BSP_AUDIT_LEVEL = "2"
-
-SRCREV_machine ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_meta ?= "4fe5dc52631f3b990aefbb3f97330137c4ebb288"
-
-PV = "${LINUX_VERSION}+git"
-
-SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
- git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
-
-COMPATIBLE_MACHINE = "^(qemux86|qemux86-64|qemuarm64|qemuarm|qemuarmv5)$"
-
-# Functionality flags
-KERNEL_FEATURES = ""
-
-KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
index 5d87855..628a7cb 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.6.bb
@@ -8,7 +8,7 @@
# CVE exclusions
include recipes-kernel/linux/cve-exclusion_6.6.inc
-LINUX_VERSION ?= "6.6.9"
+LINUX_VERSION ?= "6.6.12"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_meta ?= "11390e802ca72f3549b9356f036b17e54afd7a34"
+SRCREV_machine ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_meta ?= "48f7c852bd375b9340c68897ccd87ad89ead5f38"
PV = "${LINUX_VERSION}+git"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
deleted file mode 100644
index fc7bed9..0000000
--- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
+++ /dev/null
@@ -1,73 +0,0 @@
-KBRANCH ?= "v6.1/standard/base"
-
-require recipes-kernel/linux/linux-yocto.inc
-
-# CVE exclusions
-include recipes-kernel/linux/cve-exclusion.inc
-include recipes-kernel/linux/cve-exclusion_6.1.inc
-
-# board specific branches
-KBRANCH:qemuarm ?= "v6.1/standard/arm-versatile-926ejs"
-KBRANCH:qemuarm64 ?= "v6.1/standard/qemuarm64"
-KBRANCH:qemumips ?= "v6.1/standard/mti-malta32"
-KBRANCH:qemuppc ?= "v6.1/standard/qemuppc"
-KBRANCH:qemuriscv64 ?= "v6.1/standard/base"
-KBRANCH:qemuriscv32 ?= "v6.1/standard/base"
-KBRANCH:qemux86 ?= "v6.1/standard/base"
-KBRANCH:qemux86-64 ?= "v6.1/standard/base"
-KBRANCH:qemuloongarch64 ?= "v6.1/standard/base"
-KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64"
-
-SRCREV_machine:qemuarm ?= "b763843c7f0f71c1488daf5d7453656360bfd217"
-SRCREV_machine:qemuarm64 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemuloongarch64 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemumips ?= "f72c516f5594f4eef9c26d380abf60768695c7da"
-SRCREV_machine:qemuppc ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemuriscv64 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemuriscv32 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemux86 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemux86-64 ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_machine:qemumips64 ?= "951e24cce7143380de09baa2d1d59062a969d021"
-SRCREV_machine ?= "7d183bf1b0b8ded0b2a8a352aa75729a37293b1e"
-SRCREV_meta ?= "4fe5dc52631f3b990aefbb3f97330137c4ebb288"
-
-# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
-# get the <version>/base branch, which is pure upstream -stable, and the same
-# meta SRCREV as the linux-yocto-standard builds. Select your version using the
-# normal PREFERRED_VERSION settings.
-BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "a507f147e6f06e86b7649b46bc1d3caa34b196d6"
-PN:class-devupstream = "linux-yocto-upstream"
-KBRANCH:class-devupstream = "v6.1/base"
-
-SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH};protocol=https \
- git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
-SRC_URI += "file://0001-perf-cpumap-Make-counter-as-unsigned-ints.patch"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.1.70"
-
-PV = "${LINUX_VERSION}+git"
-
-KMETA = "kernel-meta"
-KCONF_BSP_AUDIT_LEVEL = "1"
-
-KERNEL_DEVICETREE:qemuarmv5 = "versatile-pb.dtb"
-
-COMPATIBLE_MACHINE = "^(qemuarm|qemuarmv5|qemuarm64|qemux86|qemuppc|qemuppc64|qemumips|qemumips64|qemux86-64|qemuriscv64|qemuriscv32|qemuloongarch64)$"
-
-# Functionality flags
-KERNEL_EXTRA_FEATURES ?= "features/netfilter/netfilter.scc"
-KERNEL_FEATURES:append = " ${KERNEL_EXTRA_FEATURES}"
-KERNEL_FEATURES:append:qemuall=" cfg/virtio.scc features/drm-bochs/drm-bochs.scc cfg/net/mdio.scc"
-KERNEL_FEATURES:append:qemux86=" cfg/sound.scc cfg/paravirt_kvm.scc"
-KERNEL_FEATURES:append:qemux86-64=" cfg/sound.scc cfg/paravirt_kvm.scc"
-KERNEL_FEATURES:append = " ${@bb.utils.contains("TUNE_FEATURES", "mx32", " cfg/x32.scc", "", d)}"
-KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/scsi/scsi-debug.scc", "", d)}"
-KERNEL_FEATURES:append = " ${@bb.utils.contains("DISTRO_FEATURES", "ptest", " features/gpio/mockup.scc", "", d)}"
-KERNEL_FEATURES:append:powerpc =" arch/powerpc/powerpc-debug.scc"
-KERNEL_FEATURES:append:powerpc64 =" arch/powerpc/powerpc-debug.scc"
-KERNEL_FEATURES:append:powerpc64le =" arch/powerpc/powerpc-debug.scc"
-
-INSANE_SKIP:kernel-vmlinux:qemuppc64 = "textrel"
-
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb
index dbe4db9..ab72df5 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.6.bb
@@ -18,25 +18,25 @@
KBRANCH:qemuloongarch64 ?= "v6.6/standard/base"
KBRANCH:qemumips64 ?= "v6.6/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "b0567ccb83b03434efe6bc00d7d672a59d50b82a"
-SRCREV_machine:qemuarm64 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemuloongarch64 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemumips ?= "df19050d1276ce9418652a39c31b77925b18fb17"
-SRCREV_machine:qemuppc ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemuriscv64 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemuriscv32 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemux86 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemux86-64 ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_machine:qemumips64 ?= "2cab83c3f46765b9390918a91c4fc64a873a3443"
-SRCREV_machine ?= "ff7ae7b32324226330214197e9b849d1aa35accd"
-SRCREV_meta ?= "11390e802ca72f3549b9356f036b17e54afd7a34"
+SRCREV_machine:qemuarm ?= "f50c6da5bec6481c9fd5618176c768d4ff7afcdd"
+SRCREV_machine:qemuarm64 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemuloongarch64 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemumips ?= "0175e713ae72f9b4ed10d1702ab9386d294fe96c"
+SRCREV_machine:qemuppc ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemuriscv64 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemuriscv32 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemux86 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemux86-64 ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_machine:qemumips64 ?= "d41c8b84fcfcb4c2dd8eb856172cdc2b6a1bd342"
+SRCREV_machine ?= "195b2994f955071be3dd16ff61127dbc6b2e0069"
+SRCREV_meta ?= "48f7c852bd375b9340c68897ccd87ad89ead5f38"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "5e9df83a705290c4d974693097df1da9cbe25854"
+SRCREV_machine:class-devupstream ?= "47345b4264bc394a8d16bb16e8e7744965fa3934"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v6.6/base"
@@ -44,7 +44,7 @@
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.6;destsuffix=${KMETA};protocol=https"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.6.9"
+LINUX_VERSION ?= "6.6.12"
PV = "${LINUX_VERSION}+git"
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
new file mode 100644
index 0000000..2020508
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2023-6228.patch
@@ -0,0 +1,31 @@
+From 1e7d217a323eac701b134afc4ae39b6bdfdbc96a Mon Sep 17 00:00:00 2001
+From: Su_Laus <sulau@freenet.de>
+Date: Wed, 17 Jan 2024 06:57:08 +0000
+Subject: [PATCH] codec of input image is available, independently from codec
+ check of output image and return with error if not.
+
+Fixes #606.
+
+CVE: CVE-2023-6228
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ tools/tiffcp.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index aff0626..a4f7f6b 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -846,6 +846,8 @@ static int tiffcp(TIFF *in, TIFF *out)
+ if (!TIFFIsCODECConfigured(compression))
+ return FALSE;
+ TIFFGetFieldDefaulted(in, TIFFTAG_COMPRESSION, &input_compression);
++ if (!TIFFIsCODECConfigured(input_compression))
++ return FALSE;
+ TIFFGetFieldDefaulted(in, TIFFTAG_PHOTOMETRIC, &input_photometric);
+ if (input_compression == COMPRESSION_JPEG)
+ {
+--
+2.40.0
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
index 4c472f8..eb8a096 100644
--- a/poky/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
+++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.6.0.bb
@@ -12,6 +12,7 @@
file://CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data.patch \
file://CVE-2023-6277-At-image-reading-compare-data-size-of-some-tags-data-2.patch \
file://CVE-2023-6277-Apply-1-suggestion-s-to-1-file-s.patch \
+ file://CVE-2023-6228.patch \
"
SRC_URI[sha256sum] = "88b3979e6d5c7e32b50d7ec72fb15af724f6ab2cbf7e10880c360a77e4b5d99a"
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index 2245a73..ae16056 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -187,6 +187,7 @@
FILES:${PN}-bin += "${sysconfdir}/default/volatiles/04_pulse"
FILES:${PN}-pa-info = "${bindir}/pa-info"
FILES:${PN}-server = "${bindir}/pulseaudio ${bindir}/start-* ${sysconfdir} ${bindir}/pactl */udev/rules.d/*.rules */*/udev/rules.d/*.rules ${systemd_user_unitdir}/*"
+FILES:${PN}-server += "${datadir}/dbus-1/system.d/pulseaudio-system.conf"
#SYSTEMD_PACKAGES = "${PN}-server"
SYSTEMD_SERVICE:${PN}-server = "pulseaudio.service"
diff --git a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_16.1.bb b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_17.0.bb
similarity index 83%
rename from poky/meta/recipes-multimedia/pulseaudio/pulseaudio_16.1.bb
rename to poky/meta/recipes-multimedia/pulseaudio/pulseaudio_17.0.bb
index 64002cd..54c79b4 100644
--- a/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_16.1.bb
+++ b/poky/meta/recipes-multimedia/pulseaudio/pulseaudio_17.0.bb
@@ -6,5 +6,5 @@
file://volatiles.04_pulse \
file://0001-doxygen-meson.build-remove-dependency-on-doxygen-bin.patch \
"
-SRC_URI[sha256sum] = "8eef32ce91d47979f95fd9a935e738cd7eb7463430dabc72863251751e504ae4"
+SRC_URI[sha256sum] = "053794d6671a3e397d849e478a80b82a63cb9d8ca296bd35b73317bb5ceb87b5"
UPSTREAM_CHECK_REGEX = "pulseaudio-(?P<pver>\d+(\.(?!99)\d+)+)\.tar"
diff --git a/poky/meta/recipes-support/debianutils/debianutils_5.15.bb b/poky/meta/recipes-support/debianutils/debianutils_5.16.bb
similarity index 97%
rename from poky/meta/recipes-support/debianutils/debianutils_5.15.bb
rename to poky/meta/recipes-support/debianutils/debianutils_5.16.bb
index b1368a3..ec629d8 100644
--- a/poky/meta/recipes-support/debianutils/debianutils_5.15.bb
+++ b/poky/meta/recipes-support/debianutils/debianutils_5.16.bb
@@ -11,7 +11,7 @@
SRC_URI = "git://salsa.debian.org/debian/debianutils.git;protocol=https;branch=master \
"
-SRCREV = "d886c15810b58e57411048f57d7fb941a6819987"
+SRCREV = "9e0facf19b17b6d090a5dcc8cacb0c16e5ad9f72"
inherit autotools update-alternatives
diff --git a/poky/meta/recipes-support/enchant/enchant2_2.6.4.bb b/poky/meta/recipes-support/enchant/enchant2_2.6.5.bb
similarity index 91%
rename from poky/meta/recipes-support/enchant/enchant2_2.6.4.bb
rename to poky/meta/recipes-support/enchant/enchant2_2.6.5.bb
index 431d02e..1d5c716 100644
--- a/poky/meta/recipes-support/enchant/enchant2_2.6.4.bb
+++ b/poky/meta/recipes-support/enchant/enchant2_2.6.5.bb
@@ -12,7 +12,7 @@
inherit autotools pkgconfig github-releases
SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/enchant-${PV}.tar.gz"
-SRC_URI[sha256sum] = "833b4d5600dbe9ac867e543aac6a7a40ad145351495ca41223d4499d3ddbbd2c"
+SRC_URI[sha256sum] = "9e8fd28cb65a7b6da3545878a5c2f52a15f03c04933a5ff48db89fe86845728e"
GITHUB_BASE_URI = "https://github.com/AbiWord/enchant/releases"
diff --git a/poky/meta/recipes-support/libpsl/libpsl_0.21.2.bb b/poky/meta/recipes-support/libpsl/libpsl_0.21.5.bb
similarity index 79%
rename from poky/meta/recipes-support/libpsl/libpsl_0.21.2.bb
rename to poky/meta/recipes-support/libpsl/libpsl_0.21.5.bb
index 3bbbc0e..b9341a9 100644
--- a/poky/meta/recipes-support/libpsl/libpsl_0.21.2.bb
+++ b/poky/meta/recipes-support/libpsl/libpsl_0.21.5.bb
@@ -7,13 +7,13 @@
BUGTRACKER = "https://github.com/rockdaboot/libpsl/issues"
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=6f40ab7fcf5ff18f3ff7f4b0860493fa \
- file://COPYING;md5=6f40ab7fcf5ff18f3ff7f4b0860493fa \
+LIC_FILES_CHKSUM = "file://LICENSE;md5=9f9e317096db2a598fc44237c5b8a4f7 \
+ file://COPYING;md5=9f9e317096db2a598fc44237c5b8a4f7 \
"
SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
"
-SRC_URI[sha256sum] = "e35991b6e17001afa2c0ca3b10c357650602b92596209b7492802f3768a6285f"
+SRC_URI[sha256sum] = "1dcc9ceae8b128f3c0b3f654decd0e1e891afc6ff81098f227ef260449dae208"
GITHUB_BASE_URI = "https://github.com/rockdaboot/libpsl/releases"
diff --git a/poky/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch b/poky/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch
new file mode 100644
index 0000000..ab0f419
--- /dev/null
+++ b/poky/meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch
@@ -0,0 +1,466 @@
+From d4634630432594b139b3af6b9f254b890c0f275d Mon Sep 17 00:00:00 2001
+From: Michael Buckley <michael@buckleyisms.com>
+Date: Thu, 30 Nov 2023 15:08:02 -0800
+Subject: [PATCH] src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack"
+
+Refs:
+https://terrapin-attack.com/
+https://seclists.org/oss-sec/2023/q4/292
+https://osv.dev/list?ecosystem=&q=CVE-2023-48795
+https://github.com/advisories/GHSA-45x7-px36-x8w8
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
+
+Fixes #1290
+Closes #1291
+
+CVE: CVE-2023-48795
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ src/kex.c | 63 +++++++++++++++++++++++------------
+ src/libssh2_priv.h | 18 +++++++---
+ src/packet.c | 83 +++++++++++++++++++++++++++++++++++++++++++---
+ src/packet.h | 2 +-
+ src/session.c | 3 ++
+ src/transport.c | 12 ++++++-
+ 6 files changed, 149 insertions(+), 32 deletions(-)
+
+diff --git a/src/kex.c b/src/kex.c
+index d4034a0a..b4b748ca 100644
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -3037,6 +3037,13 @@ kex_method_extension_negotiation = {
+ 0,
+ };
+
++static const LIBSSH2_KEX_METHOD
++kex_method_strict_client_extension = {
++ "kex-strict-c-v00@openssh.com",
++ NULL,
++ 0,
++};
++
+ static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = {
+ #if LIBSSH2_ED25519
+ &kex_method_ssh_curve25519_sha256,
+@@ -3055,6 +3062,7 @@ static const LIBSSH2_KEX_METHOD *libssh2_kex_methods[] = {
+ &kex_method_diffie_helman_group1_sha1,
+ &kex_method_diffie_helman_group_exchange_sha1,
+ &kex_method_extension_negotiation,
++ &kex_method_strict_client_extension,
+ NULL
+ };
+
+@@ -3307,13 +3315,13 @@ static int kexinit(LIBSSH2_SESSION * session)
+ return 0;
+ }
+
+-/* kex_agree_instr
++/* _libssh2_kex_agree_instr
+ * Kex specific variant of strstr()
+ * Needle must be preceded by BOL or ',', and followed by ',' or EOL
+ */
+-static unsigned char *
+-kex_agree_instr(unsigned char *haystack, size_t haystack_len,
+- const unsigned char *needle, size_t needle_len)
++unsigned char *
++_libssh2_kex_agree_instr(unsigned char *haystack, size_t haystack_len,
++ const unsigned char *needle, size_t needle_len)
+ {
+ unsigned char *s;
+ unsigned char *end_haystack;
+@@ -3398,7 +3406,7 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session,
+ while(s && *s) {
+ unsigned char *p = (unsigned char *) strchr((char *) s, ',');
+ size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s));
+- if(kex_agree_instr(hostkey, hostkey_len, s, method_len)) {
++ if(_libssh2_kex_agree_instr(hostkey, hostkey_len, s, method_len)) {
+ const LIBSSH2_HOSTKEY_METHOD *method =
+ (const LIBSSH2_HOSTKEY_METHOD *)
+ kex_get_method_by_name((char *) s, method_len,
+@@ -3432,9 +3440,9 @@ static int kex_agree_hostkey(LIBSSH2_SESSION * session,
+ }
+
+ while(hostkeyp && (*hostkeyp) && (*hostkeyp)->name) {
+- s = kex_agree_instr(hostkey, hostkey_len,
+- (unsigned char *) (*hostkeyp)->name,
+- strlen((*hostkeyp)->name));
++ s = _libssh2_kex_agree_instr(hostkey, hostkey_len,
++ (unsigned char *) (*hostkeyp)->name,
++ strlen((*hostkeyp)->name));
+ if(s) {
+ /* So far so good, but does it suit our purposes? (Encrypting vs
+ Signing) */
+@@ -3468,6 +3476,12 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex,
+ {
+ const LIBSSH2_KEX_METHOD **kexp = libssh2_kex_methods;
+ unsigned char *s;
++ const unsigned char *strict =
++ (unsigned char *)"kex-strict-s-v00@openssh.com";
++
++ if(_libssh2_kex_agree_instr(kex, kex_len, strict, 28)) {
++ session->kex_strict = 1;
++ }
+
+ if(session->kex_prefs) {
+ s = (unsigned char *) session->kex_prefs;
+@@ -3475,7 +3489,7 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex,
+ while(s && *s) {
+ unsigned char *q, *p = (unsigned char *) strchr((char *) s, ',');
+ size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s));
+- q = kex_agree_instr(kex, kex_len, s, method_len);
++ q = _libssh2_kex_agree_instr(kex, kex_len, s, method_len);
+ if(q) {
+ const LIBSSH2_KEX_METHOD *method = (const LIBSSH2_KEX_METHOD *)
+ kex_get_method_by_name((char *) s, method_len,
+@@ -3509,9 +3523,9 @@ static int kex_agree_kex_hostkey(LIBSSH2_SESSION * session, unsigned char *kex,
+ }
+
+ while(*kexp && (*kexp)->name) {
+- s = kex_agree_instr(kex, kex_len,
+- (unsigned char *) (*kexp)->name,
+- strlen((*kexp)->name));
++ s = _libssh2_kex_agree_instr(kex, kex_len,
++ (unsigned char *) (*kexp)->name,
++ strlen((*kexp)->name));
+ if(s) {
+ /* We've agreed on a key exchange method,
+ * Can we agree on a hostkey that works with this kex?
+@@ -3555,7 +3569,7 @@ static int kex_agree_crypt(LIBSSH2_SESSION * session,
+ unsigned char *p = (unsigned char *) strchr((char *) s, ',');
+ size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s));
+
+- if(kex_agree_instr(crypt, crypt_len, s, method_len)) {
++ if(_libssh2_kex_agree_instr(crypt, crypt_len, s, method_len)) {
+ const LIBSSH2_CRYPT_METHOD *method =
+ (const LIBSSH2_CRYPT_METHOD *)
+ kex_get_method_by_name((char *) s, method_len,
+@@ -3577,9 +3591,9 @@ static int kex_agree_crypt(LIBSSH2_SESSION * session,
+ }
+
+ while(*cryptp && (*cryptp)->name) {
+- s = kex_agree_instr(crypt, crypt_len,
+- (unsigned char *) (*cryptp)->name,
+- strlen((*cryptp)->name));
++ s = _libssh2_kex_agree_instr(crypt, crypt_len,
++ (unsigned char *) (*cryptp)->name,
++ strlen((*cryptp)->name));
+ if(s) {
+ endpoint->crypt = *cryptp;
+ return 0;
+@@ -3619,7 +3633,7 @@ static int kex_agree_mac(LIBSSH2_SESSION * session,
+ unsigned char *p = (unsigned char *) strchr((char *) s, ',');
+ size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s));
+
+- if(kex_agree_instr(mac, mac_len, s, method_len)) {
++ if(_libssh2_kex_agree_instr(mac, mac_len, s, method_len)) {
+ const LIBSSH2_MAC_METHOD *method = (const LIBSSH2_MAC_METHOD *)
+ kex_get_method_by_name((char *) s, method_len,
+ (const LIBSSH2_COMMON_METHOD **)
+@@ -3640,8 +3654,9 @@ static int kex_agree_mac(LIBSSH2_SESSION * session,
+ }
+
+ while(*macp && (*macp)->name) {
+- s = kex_agree_instr(mac, mac_len, (unsigned char *) (*macp)->name,
+- strlen((*macp)->name));
++ s = _libssh2_kex_agree_instr(mac, mac_len,
++ (unsigned char *) (*macp)->name,
++ strlen((*macp)->name));
+ if(s) {
+ endpoint->mac = *macp;
+ return 0;
+@@ -3672,7 +3687,7 @@ static int kex_agree_comp(LIBSSH2_SESSION *session,
+ unsigned char *p = (unsigned char *) strchr((char *) s, ',');
+ size_t method_len = (p ? (size_t)(p - s) : strlen((char *) s));
+
+- if(kex_agree_instr(comp, comp_len, s, method_len)) {
++ if(_libssh2_kex_agree_instr(comp, comp_len, s, method_len)) {
+ const LIBSSH2_COMP_METHOD *method =
+ (const LIBSSH2_COMP_METHOD *)
+ kex_get_method_by_name((char *) s, method_len,
+@@ -3694,8 +3709,9 @@ static int kex_agree_comp(LIBSSH2_SESSION *session,
+ }
+
+ while(*compp && (*compp)->name) {
+- s = kex_agree_instr(comp, comp_len, (unsigned char *) (*compp)->name,
+- strlen((*compp)->name));
++ s = _libssh2_kex_agree_instr(comp, comp_len,
++ (unsigned char *) (*compp)->name,
++ strlen((*compp)->name));
+ if(s) {
+ endpoint->comp = *compp;
+ return 0;
+@@ -3876,6 +3892,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
+ session->local.kexinit = key_state->oldlocal;
+ session->local.kexinit_len = key_state->oldlocal_len;
+ key_state->state = libssh2_NB_state_idle;
++ session->state &= ~LIBSSH2_STATE_INITIAL_KEX;
+ session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
+ session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS;
+ return -1;
+@@ -3901,6 +3918,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
+ session->local.kexinit = key_state->oldlocal;
+ session->local.kexinit_len = key_state->oldlocal_len;
+ key_state->state = libssh2_NB_state_idle;
++ session->state &= ~LIBSSH2_STATE_INITIAL_KEX;
+ session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
+ session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS;
+ return -1;
+@@ -3949,6 +3967,7 @@ _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
+ session->remote.kexinit = NULL;
+ }
+
++ session->state &= ~LIBSSH2_STATE_INITIAL_KEX;
+ session->state &= ~LIBSSH2_STATE_KEX_ACTIVE;
+ session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS;
+
+diff --git a/src/libssh2_priv.h b/src/libssh2_priv.h
+index 82c3afe2..ee1d8b5c 100644
+--- a/src/libssh2_priv.h
++++ b/src/libssh2_priv.h
+@@ -699,6 +699,9 @@ struct _LIBSSH2_SESSION
+ /* key signing algorithm preferences -- NULL yields server order */
+ char *sign_algo_prefs;
+
++ /* Whether to use the OpenSSH Strict KEX extension */
++ int kex_strict;
++
+ /* (remote as source of data -- packet_read ) */
+ libssh2_endpoint_data remote;
+
+@@ -870,6 +873,7 @@ struct _LIBSSH2_SESSION
+ int fullpacket_macstate;
+ size_t fullpacket_payload_len;
+ int fullpacket_packet_type;
++ uint32_t fullpacket_required_type;
+
+ /* State variables used in libssh2_sftp_init() */
+ libssh2_nonblocking_states sftpInit_state;
+@@ -910,10 +914,11 @@ struct _LIBSSH2_SESSION
+ };
+
+ /* session.state bits */
+-#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000001
+-#define LIBSSH2_STATE_NEWKEYS 0x00000002
+-#define LIBSSH2_STATE_AUTHENTICATED 0x00000004
+-#define LIBSSH2_STATE_KEX_ACTIVE 0x00000008
++#define LIBSSH2_STATE_INITIAL_KEX 0x00000001
++#define LIBSSH2_STATE_EXCHANGING_KEYS 0x00000002
++#define LIBSSH2_STATE_NEWKEYS 0x00000004
++#define LIBSSH2_STATE_AUTHENTICATED 0x00000008
++#define LIBSSH2_STATE_KEX_ACTIVE 0x00000010
+
+ /* session.flag helpers */
+ #ifdef MSG_NOSIGNAL
+@@ -1144,6 +1149,11 @@ ssize_t _libssh2_send(libssh2_socket_t socket, const void *buffer,
+ int _libssh2_kex_exchange(LIBSSH2_SESSION * session, int reexchange,
+ key_exchange_state_t * state);
+
++unsigned char *_libssh2_kex_agree_instr(unsigned char *haystack,
++ size_t haystack_len,
++ const unsigned char *needle,
++ size_t needle_len);
++
+ /* Let crypt.c/hostkey.c expose their method structs */
+ const LIBSSH2_CRYPT_METHOD **libssh2_crypt_methods(void);
+ const LIBSSH2_HOSTKEY_METHOD **libssh2_hostkey_methods(void);
+diff --git a/src/packet.c b/src/packet.c
+index b5b41981..35d4d39e 100644
+--- a/src/packet.c
++++ b/src/packet.c
+@@ -605,14 +605,13 @@ authagent_exit:
+ * layer when it has received a packet.
+ *
+ * The input pointer 'data' is pointing to allocated data that this function
+- * is asked to deal with so on failure OR success, it must be freed fine.
+- * The only exception is when the return code is LIBSSH2_ERROR_EAGAIN.
++ * will be freed unless return the code is LIBSSH2_ERROR_EAGAIN.
+ *
+ * This function will always be called with 'datalen' greater than zero.
+ */
+ int
+ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
+- size_t datalen, int macstate)
++ size_t datalen, int macstate, uint32_t seq)
+ {
+ int rc = 0;
+ unsigned char *message = NULL;
+@@ -657,6 +656,70 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
+ break;
+ }
+
++ if(session->state & LIBSSH2_STATE_INITIAL_KEX) {
++ if(msg == SSH_MSG_KEXINIT) {
++ if(!session->kex_strict) {
++ if(datalen < 17) {
++ LIBSSH2_FREE(session, data);
++ session->packAdd_state = libssh2_NB_state_idle;
++ return _libssh2_error(session,
++ LIBSSH2_ERROR_BUFFER_TOO_SMALL,
++ "Data too short extracting kex");
++ }
++ else {
++ const unsigned char *strict =
++ (unsigned char *)"kex-strict-s-v00@openssh.com";
++ struct string_buf buf;
++ unsigned char *algs = NULL;
++ size_t algs_len = 0;
++
++ buf.data = (unsigned char *)data;
++ buf.dataptr = buf.data;
++ buf.len = datalen;
++ buf.dataptr += 17; /* advance past type and cookie */
++
++ if(_libssh2_get_string(&buf, &algs, &algs_len)) {
++ LIBSSH2_FREE(session, data);
++ session->packAdd_state = libssh2_NB_state_idle;
++ return _libssh2_error(session,
++ LIBSSH2_ERROR_BUFFER_TOO_SMALL,
++ "Algs too short");
++ }
++
++ if(algs_len == 0 ||
++ _libssh2_kex_agree_instr(algs, algs_len, strict, 28)) {
++ session->kex_strict = 1;
++ }
++ }
++ }
++
++ if(session->kex_strict && seq) {
++ LIBSSH2_FREE(session, data);
++ session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
++ session->packAdd_state = libssh2_NB_state_idle;
++ libssh2_session_disconnect(session, "strict KEX violation: "
++ "KEXINIT was not the first packet");
++
++ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT,
++ "strict KEX violation: "
++ "KEXINIT was not the first packet");
++ }
++ }
++
++ if(session->kex_strict && session->fullpacket_required_type &&
++ session->fullpacket_required_type != msg) {
++ LIBSSH2_FREE(session, data);
++ session->socket_state = LIBSSH2_SOCKET_DISCONNECTED;
++ session->packAdd_state = libssh2_NB_state_idle;
++ libssh2_session_disconnect(session, "strict KEX violation: "
++ "unexpected packet type");
++
++ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT,
++ "strict KEX violation: "
++ "unexpected packet type");
++ }
++ }
++
+ if(session->packAdd_state == libssh2_NB_state_allocated) {
+ /* A couple exceptions to the packet adding rule: */
+ switch(msg) {
+@@ -1341,6 +1404,15 @@ _libssh2_packet_ask(LIBSSH2_SESSION * session, unsigned char packet_type,
+
+ return 0;
+ }
++ else if(session->kex_strict &&
++ (session->state & LIBSSH2_STATE_INITIAL_KEX)) {
++ libssh2_session_disconnect(session, "strict KEX violation: "
++ "unexpected packet type");
++
++ return _libssh2_error(session, LIBSSH2_ERROR_SOCKET_DISCONNECT,
++ "strict KEX violation: "
++ "unexpected packet type");
++ }
+ packet = _libssh2_list_next(&packet->node);
+ }
+ return -1;
+@@ -1402,7 +1474,10 @@ _libssh2_packet_require(LIBSSH2_SESSION * session, unsigned char packet_type,
+ }
+
+ while(session->socket_state == LIBSSH2_SOCKET_CONNECTED) {
+- int ret = _libssh2_transport_read(session);
++ int ret;
++ session->fullpacket_required_type = packet_type;
++ ret = _libssh2_transport_read(session);
++ session->fullpacket_required_type = 0;
+ if(ret == LIBSSH2_ERROR_EAGAIN)
+ return ret;
+ else if(ret < 0) {
+diff --git a/src/packet.h b/src/packet.h
+index 79018bcf..6ea100a5 100644
+--- a/src/packet.h
++++ b/src/packet.h
+@@ -71,6 +71,6 @@ int _libssh2_packet_burn(LIBSSH2_SESSION * session,
+ int _libssh2_packet_write(LIBSSH2_SESSION * session, unsigned char *data,
+ unsigned long data_len);
+ int _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned char *data,
+- size_t datalen, int macstate);
++ size_t datalen, int macstate, uint32_t seq);
+
+ #endif /* __LIBSSH2_PACKET_H */
+diff --git a/src/session.c b/src/session.c
+index a4d602ba..f4bafb57 100644
+--- a/src/session.c
++++ b/src/session.c
+@@ -464,6 +464,8 @@ libssh2_session_init_ex(LIBSSH2_ALLOC_FUNC((*my_alloc)),
+ session->abstract = abstract;
+ session->api_timeout = 0; /* timeout-free API by default */
+ session->api_block_mode = 1; /* blocking API by default */
++ session->state = LIBSSH2_STATE_INITIAL_KEX;
++ session->fullpacket_required_type = 0;
+ session->packet_read_timeout = LIBSSH2_DEFAULT_READ_TIMEOUT;
+ session->flag.quote_paths = 1; /* default behavior is to quote paths
+ for the scp subsystem */
+@@ -1186,6 +1188,7 @@ libssh2_session_disconnect_ex(LIBSSH2_SESSION *session, int reason,
+ const char *desc, const char *lang)
+ {
+ int rc;
++ session->state &= ~LIBSSH2_STATE_INITIAL_KEX;
+ session->state &= ~LIBSSH2_STATE_EXCHANGING_KEYS;
+ BLOCK_ADJUST(rc, session,
+ session_disconnect(session, reason, desc, lang));
+diff --git a/src/transport.c b/src/transport.c
+index 6d902d33..3b30ff84 100644
+--- a/src/transport.c
++++ b/src/transport.c
+@@ -187,6 +187,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
+ struct transportpacket *p = &session->packet;
+ int rc;
+ int compressed;
++ uint32_t seq = session->remote.seqno;
+
+ if(session->fullpacket_state == libssh2_NB_state_idle) {
+ session->fullpacket_macstate = LIBSSH2_MAC_CONFIRMED;
+@@ -318,7 +319,7 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
+ if(session->fullpacket_state == libssh2_NB_state_created) {
+ rc = _libssh2_packet_add(session, p->payload,
+ session->fullpacket_payload_len,
+- session->fullpacket_macstate);
++ session->fullpacket_macstate, seq);
+ if(rc == LIBSSH2_ERROR_EAGAIN)
+ return rc;
+ if(rc) {
+@@ -329,6 +330,11 @@ fullpacket(LIBSSH2_SESSION * session, int encrypted /* 1 or 0 */ )
+
+ session->fullpacket_state = libssh2_NB_state_idle;
+
++ if(session->kex_strict &&
++ session->fullpacket_packet_type == SSH_MSG_NEWKEYS) {
++ session->remote.seqno = 0;
++ }
++
+ return session->fullpacket_packet_type;
+ }
+
+@@ -1091,6 +1097,10 @@ int _libssh2_transport_send(LIBSSH2_SESSION *session,
+
+ session->local.seqno++;
+
++ if(session->kex_strict && data[0] == SSH_MSG_NEWKEYS) {
++ session->local.seqno = 0;
++ }
++
+ ret = LIBSSH2_SEND(session, p->outbuf, total_length,
+ LIBSSH2_SOCKET_SEND_FLAGS(session));
+ if(ret < 0)
+--
+2.34.1
+
diff --git a/poky/meta/recipes-support/libssh2/libssh2_1.11.0.bb b/poky/meta/recipes-support/libssh2/libssh2_1.11.0.bb
index edc25db..5100e6f 100644
--- a/poky/meta/recipes-support/libssh2/libssh2_1.11.0.bb
+++ b/poky/meta/recipes-support/libssh2/libssh2_1.11.0.bb
@@ -9,6 +9,7 @@
SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \
file://run-ptest \
+ file://CVE-2023-48795.patch \
"
SRC_URI[sha256sum] = "3736161e41e2693324deb38c26cfdc3efe6209d634ba4258db1cecff6a5ad461"
diff --git a/poky/meta/recipes-support/p11-kit/files/fix-parallel-build-failures.patch b/poky/meta/recipes-support/p11-kit/files/fix-parallel-build-failures.patch
new file mode 100644
index 0000000..47df027
--- /dev/null
+++ b/poky/meta/recipes-support/p11-kit/files/fix-parallel-build-failures.patch
@@ -0,0 +1,33 @@
+It fails occasionally with missing generated header files:
+
+| ../git/common/asn1.c:42:10: fatal error: openssl.asn.h: No such file or directory
+| 42 | #include "openssl.asn.h"
+| | ^~~~~~~~~~~~~~~
+| compilation terminated.
+
+According to meson manual page:
+
+https://mesonbuild.com/Wrap-best-practices-and-tips.html#declare-generated-headers-explicitly
+
+'asn_h_dep' should be a dependency of static_library target 'libp11_asn1' to
+make sure that required header files generated before compile common/asn1.c.
+
+Upstream-Status: Submitted [https://github.com/p11-glue/p11-kit/pull/619]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ common/meson.build | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/common/meson.build b/common/meson.build
+index dc86d7b..cc3ec48 100644
+--- a/common/meson.build
++++ b/common/meson.build
+@@ -113,6 +113,7 @@ if with_asn1
+ 'p11-asn1', libp11_asn1_sources,
+ gnu_symbol_visibility: 'hidden',
+ include_directories: configinc,
++ dependencies: asn_h_dep,
+ )
+
+ libp11_asn1_dep = declare_dependency(
diff --git a/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb b/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb
index 9e95942..b7ebd44 100644
--- a/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb
+++ b/poky/meta/recipes-support/p11-kit/p11-kit_0.25.3.bb
@@ -10,7 +10,9 @@
DEPENDS:append = "${@' glib-2.0' if d.getVar('GTKDOC_ENABLED') == 'True' else ''}"
-SRC_URI = "gitsm://github.com/p11-glue/p11-kit;branch=master;protocol=https"
+SRC_URI = "gitsm://github.com/p11-glue/p11-kit;branch=master;protocol=https \
+ file://fix-parallel-build-failures.patch \
+ "
SRCREV = "917e02a3211dabbdea4b079cb598581dce84fda1"
S = "${WORKDIR}/git"
diff --git a/poky/scripts/lib/devtool/standard.py b/poky/scripts/lib/devtool/standard.py
index 13612d6..8fb4b93 100644
--- a/poky/scripts/lib/devtool/standard.py
+++ b/poky/scripts/lib/devtool/standard.py
@@ -956,6 +956,26 @@
bb.utils.mkdirhier(os.path.dirname(appendfile))
with open(appendfile, 'w') as f:
+ # if not present, add type=git-dependency to the secondary sources
+ # (non local files) so they can be extracted correctly when building a recipe after
+ # doing a devtool modify on it
+ src_uri = rd.getVar('SRC_URI').split()
+ src_uri_append = []
+ src_uri_remove = []
+
+ # Assume first entry is main source extracted in ${S} so skip it
+ src_uri = src_uri[1::]
+
+ #Add "type=git-dependency" to all non local sources
+ for url in src_uri:
+ if not url.startswith('file://') and not 'type=' in url:
+ src_uri_remove.append(url)
+ src_uri_append.append('%s;type=git-dependency' % url)
+
+ if src_uri_remove:
+ f.write('SRC_URI:remove = "%s"\n' % ' '.join(src_uri_remove))
+ f.write('SRC_URI:append = "%s"\n\n' % ' '.join(src_uri_append))
+
f.write('FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n')
# Local files can be modified/tracked in separate subdir under srctree
# Mostly useful for packages with S != WORKDIR