subtree updates
meta-openembedded: 64974b8779..c95842cdca:
Adrian Bunk (46):
modemmanager: Remove the obsolete dependency on dbus-glib
gpsd: Remove the obsolete dependency on dbus-glib
eggdbus: Remove this obsolete package
sanity-meta-gnome: Remove obsolete class
gssdp: Merge inc
vlc: notify switched to GTK+3 some time ago
tremor: Upgrade 20150107 -> 20180319
vlc: Remove the obsolete dependency on dbus-glib
blueman: Enable thunar support by default but don't rdepend on it
gnome-bluetooth: Drop bluez4 support
networkmanager: Drop bluez4 support
packagegroup-meta-networking-connectivity: Correct a DISTRO_FEATURES check
packagegroup-tools-bluetooth: Remove bluez4 support
cpprest: Fix build failure with gcc 8
packagegroup-basic: Remove bluez4 support
packagegroup-meta-oe: Remove bogus bluez4 DISTRO_FEATURES checks
esound: Remove this obsolete package
gpsd: Remove obsolete musl patch
gpsd: Don't build without optimization
zeromq: Upgrade 4.3.1 -> 4.3.2
obex-data-server: Drop bluez4 support
openobex: Drop bluez4 support
gpsd: Drop bluez4 support
libao: Remove the non-default esound PACKAGECONFIG
gpsd: Disable manpage building by config option instead of patching
gpsd: Upgrade 3.18.1 -> 3.19
gnome-desktop3: Fix REQUIRED_DISTRO_FEATURES
meta-gnome: Remove GNOME_COMPRESS_TYPE = "xz" in recipes
jasper: Use the new upstream GitHub location instead of the defunct tarball URL
fluidsynth: Add PACKAGECONFIG for readline
meta-multimedia: Remove GNOME_COMPRESS_TYPE = "xz" in recipes
udisks: Remove this obsolete version
gpsd: Switch from python-scons-native to python3-scons-native
meta-gnome: Inherit gnomebase instead of gnome
meta-oe: Inherit gnomebase instead of gnome
libgsf: Drop the obsolete inherit gconf
gnome-system-monitor: Add DEPENDS on polkit
meta-oe: Change some ftp:// URIs to http(s)://
meta-oe: Use GNU_MIRROR in more recipes
wireshark: Use an upstream URL that stays valid longer
modemmanager: Use a simpler workaround for the clang build
network-manager-applet: Remove obsolete do_configure_append
network-manager-applet: Remove the obsolete DEPENDS on gconf
wv: Remove, abiword was the only user
gtkmathview: Remove, abiword was the last user
t1lib: Remove, gtkmathview was the last user
Alex Kiernan (6):
keyutils: Fix build with usrmerge
iwd: update to 0.18
libzip: Upgrade 1.5.1 -> 1.5.2
zstd: New recipe
zstd: Update 1.4.0 -> 1.4.2
iwd: Upgrade 0.18 -> 0.19
Alexander Kanavin (3):
python-matplotlib: remove the python 2.x version of the recipe
python-oauthlib: remove the 2.x version of the recipe
python-pandas: remove the python 2.x version of the recipe
Alistair Francis (3):
gpsd: Upgrade from 3.17 to 3.18.1
gpsd: Fix the systemd service run paths
python: pypi: Add python3-term
Anatol Belski (1):
gperftools: separate off libtcmalloc-minimal
Andreas Müller (2):
meta-xfce: Make Kai Kang layer maintainer
abiword: remove
Andrej Valek (2):
nodejs: 10.15.3 -> 10.16.0
nodejs: 10.16.0 -> 10.16.2
André Draszik (1):
layer.conf: ignore wireless-regdb->crda dep for siggen purposes
Ankit Navik (1):
safec: Remove aarch64 from COMPATIBLE_HOST
Anuj Mittal (2):
xterm: upgrade 330 -> 347
libsdl: import from OE-Core
Armin Kuster (5):
keyutils: update to 1.6
keyutils: improve ptests
keyutils: fix QA WARNING
keyutils: fix pulling in glibc when musl enabled
keyutils: fix library install path
Arturo Buzarra (1):
lvm2: Fix RDEPEND on lvm2 to lvm2-udevrules
Ayoub Zaki (1):
pegtl: Initial recipe
Bartosz Golaszewski (2):
bats: new package
libgpiod: bump version to v1.4.1
Beniamin Sandu (1):
unbound: create recipe for version 1.9.2
Callaghan, Dan (1):
unixodbc: mysql5 is not required but readline is
Changqing Li (15):
python-pygobject: fix install dir for python2
dlm: upgrade 4.0.7 -> 4.0.9
uthash: remove uthash-ptest dependencies
waf-samba: switch to python3
libtevent: upgrade 0.9.37 -> 0.10.0
libtdb: upgrade 1.3.17 -> 1.4.0
libtalloc: upgrade 2.1.14 -> 2.2.0
samba: upgrade 4.8.12 -> 4.10.5
libldb: upgrade 1.4.1 -> 1.5.4
volume-key: fix "Nothing RPROVIDES" when multilib enabled
isomd5sum: fix "Nothing RPROVIDES" when multilib enabled
satyr: fix "Nothing RPROVIDES" when multilib enabled
libtevent: fix do_package_qa issue
libtdb: fix do_package_qa issue
fio: Delete redundant tag
Chin Huat Ang (1):
opencv: 3.4.5 -> 4.1.0
Denys Dmytriyenko (1):
ufs-tool: add tool to access UFS (Universal Flash Storage) devices
Douglas Royds (2):
grpc: DEPENDS on googletest
packagegroup-meta-oe: RDEPENDS on googletest
Drew Moseley (1):
networkmanager: Use ALTERNATIVES for resolv-conf handling.
Erik Botö (1):
paho-mqtt-c: enable SSL
Fabian Klemp (1):
openvpn: respect pid file in init.d service start
Gianfranco Costamagna (3):
iniparser: add initial recipe
cpprest: update to 2.10.14
cpprest: Do not export Werror from build system instead of adding -Wno-error to the same build command
He Zhe (1):
drbd-utils: Fix netlink failure with nested attributes for kernel v5.2
Hongxu Jia (24):
packagegroup-xfce-extended: conditional runtime recommends on xfce-polkit
xfce-polkit: add required distro feature check to polkit
xfce4-session: optional support polkit
upower: remove polkit dependency
gvfs: add meson option admin and udisks2 to PACKAGECONFIG
mongodb: add to PNBLACKLIST
itstool: use libxml2 to instead of python3-lxml
meta-multimedia: add layer depends on meta-python
itstool: use libxml2 to instead of python3-lxml
python-six: remove duplicated recipe
libauthen-radius-perl: ptest requires meta-networking to be present
xfce4-panel: use lxdm to replace dm-tool
drop lxdm_%.bbappend
python3-pykickstart: 3.18 -> 3.20
python3-blivet: 3.1.2 -> 3.1.4
python-pyparted/python3-pyparted: 3.11.1 -> 3.11.2
libbytesize: 1.4 -> 2.0
libblockdev: 2.20 -> 2.22
network-manager-applet: 1.8.20 -> 1.8.22
thin-provisioning-tools: 0.7.6 -> 0.8.5
libreport: 2.9.7 -> 2.10.0
python3-blivetgui: fix blivet-gui broken
php: remove 5.6.40
lmsensors: support package lmsensors
Jackie Huang (1):
keyutils: add new recipe
Jason Wessel (1):
libbytesize: Add depends for gettext-native
Joshua Lock (3):
python-cffi: add missing RDEPENDS on pycparser
python-attrs: add native BBCLASSEXTEND
python-dateutil: add native BBCLASSEXTEND
Kai Kang (39):
mozjs: fix configure failure on CentOS 7.6
libvncserver: update to latest commit 1354f7f
libxfce4util: 4.13.3 -> 4.13.4
libxfce4ui: 4.13.5 -> 4.13.6
exo: 0.12.5 -> 0.12.6
xfconf: 4.13.7 -> 4.13.8
thunar: 1.8.6 -> 1.8.7
xfce4-session: 4.13.2 -> 4.13.3
xfwm4: 4.13.2 -> 4.13.3
xfdesktop: 4.13.4 -> 4.13.5
xfce4-power-manager: 1.6.2 -> 1.6.3
xfce4-panel: 4.13.5 -> 4.13.6
xfce4-dev-tools: 4.12.0 -> 4.13.0
thunar-volman: 0.9.2 -> 0.9.3
garcon: 0.6.2 -> 0.6.3
xfce4-settings: 4.12.4 -> 4.13.7
xfce4-pulseaudio-plugin: add dependency dbus-glib
xfce4-verve-plugin: 1.1.0 -> 2.0.0
net-snmp: update SRC_URI
xfwm4: fix assertion error
poppler: toggle gobject-introspection support
xfce4-settings: rrecommends xfce4-datetime-setter
xfce4-datetime-setter: add recipe
libxfce4util: 4.13.4 -> 4.14.0
xfconf: 4.13.8 -> 4.14.1
libxfce4ui: 4.13.6 -> 4.14.1
exo: 0.12.6 -> 0.12.8
garcon: 0.6.3 -> 0.6.4
thunar: 1.8.7 -> 1.8.9
thunar-volman: 0.9.3 -> 0.9.5
tumbler: 0.2.0 -> 0.2.7
xfce4-appfinder: 4.13.3 -> 4.14.0
xfce4-dev-tools: 4.13.0 -> 4.14.0
xfce4-panel: 4.13.6 -> 4.14.0
xfce4-power-manager: 1.6.3 -> 1.6.5
xfce4-session: 4.13.3 -> 4.14.0
xfce4-settings: 4.13.7 -> 4.14.0
xfdesktop: 4.13.5 -> 4.14.1
xfwm4: 4.13.3 -> 4.14.0
Khem Raj (44):
wvdial: Fix build with musl
librelp: Pass Wno-error to compiler
recipes: Use BPN instead of PN in SRC_URIs
cli11: Refresh patch to fix fuzz
sthttpd: Use git SRC_URI instead of github archive
arno-iptables-firewall: Switch to git fetcher
firewalld: Update to 0.6.3->0.6.4
python-matplotlib: Use git src_uri
mpv: Switch to using git fetcher
x11vnc: Switch to git fetcher
dumb-init: Switch to git fetcher
pam-plugin-ldapdb: Use git fetcher
libuv: Switch to using git fetcher
usbctl: Switch to git fetcher
pmdk: Fix libdir which is multi-lib aware
kexec-tools-klibc: Refresh patch with no code change
log4cplus: Fix build with gold linker
orage: Fix build with libical3
pegtl: Fix build with clang/libc++
postfix: Fix build failures with glibc 2.30
snort: Fix build with glibc 2.30
opensaf: Add configure time check to detect gettid API in libc
ypbind-mt: Fix build with glibc 2.30
openocd: Fix build with glibc 2.30
netkit-rusers: Add dep on rpcsvc-proto for rpc headers
collectd: Fix build with glibc 2.30
alsa-oss: Drop now not needed patch
klcc-cross: Recognise --unwindlib clang option
libsub-exporter-progressive-perl: Remove unneeded DEPENDS_PN
libedit: Delete
sjf2410-linux-native: Do not include sys/io.h
gradm: Upgrade to 3.1-201903191516 release
pmdk: Fix packaging errors when building on non-x86 host
klibc: Pass -fno-builtin-bcmp with musl/clang combo
graphviz: Fix build error that surfaced with latest pango
graphviz: Do not build tcl support for target
python-grpcio: Use gettid API from glibc 2.30+
grpc: Update to 1.22.0
android-tools: Fix build with glibc 2.30
iperf2: Upgrade to 2.0.13
netkit-rusers: Depend on rpcsvc-proto-native for rpcgen tool
kpatch: Pass ARCH from environment
python3-pillow: Provide python3-imaging
netkit-rusers: Fix cross-build after glibc dropped rpc
Laszlo Toth (1):
networkmanager: fix typo in nonarch_base_libdir
Liwei Song (2):
pm-graph: fix time format parse error
fio: fix first direct IO errored when ioengine is splice
Luca Boccassi (2):
python-pygobject: move python-setuptools from RDEPENDS to DEPENDS
python-pygobject: remove build-dependency on setuptools and add dependency on pkgutil
Luca Ceresoli (4):
fuse-exfat: moved to github
exfat-utils: moved to github
fuse-exfat: update 1.2.3 -> 1.3.0
exfat-utils: update 1.2.3 -> 1.3.0
Luca Palano (1):
Netdata upgrade: 1.8.0 -> 1.16.0
Maciej Pijanowski (8):
python3-websockets: upgrade to 8.0.2
python3-multidict: upgrade to 4.5.2
python-engineio: upgrade to 3.9.3
python-socketio: upgrade to 4.3.1
python-aiohttp.inc: add missing RDEPENDS
python-async-timeout: add asyncio to RDEPENDS
python-socketio.inc: add missing RDEPENDS
python3-aiofiles: add recipe
Mariano Lopez (1):
nftables: 0.9.0 > 0.9.1
Martin Jansa (8):
protobuf: fix build with gold
SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS add lsb and util-linux for phoronix-test-suite
oprofile: drop kernel-vmlinux from RRECOMMENDS
libdbi-perl: prevent native libdbi-perl depending on target perl
redis: backport a fix for stack trace generation on aarch64
ntop: fix missing return from non-void function
python3-twofish: Fix missing return statements in module stubs
kernel-selftest: skip -Werror=format-security and fortify
Max Krummenacher (1):
joe: update to 4.6
Mikko Rapeli (2):
protobuf: fix ptest compilation with hardening flags
stress-ng: delete recipe
Mingli Yu (7):
fio: Upgrade to 3.15
crash: Upgrade to 7.2.6
makedumpfile: Upgrade to 1.6.6
hwloc: Upgrade to 1.11.13
iperf3: Upgrade to 3.7
log4cplus: Upgrade to 2.0.4
log4cplus: remove gold linker setting
Oleksandr Kravchuk (22):
nghttp2: update to 1.39.1
drbd-utils: update to 9.10.0
drbd: update to 9.0.18-1
keepalived: update to 2.0.16
nano: update to 4.3
nuttcp: add systemd unit file
mbedtls: update to 2.16.2
dhcpcd: update to 7.2.2
freediameter: update to 1.2.1
sethdlc: set PV in filename
miniupnpd: update to 2.1.20190210
ipvsadm: update to 1.30
uftp: update to 4.9.11
libnftnl: update to 1.1.3
dhcpcd: update to 7.2.3
blueman: update to 2.1.1
uftp: update to 4.10
htpdate: update to 1.2.1
dhcpcd: update to 8.0.1
chrony: update to 3.5
wolfssl: update to 4.1.0
dhcpcd: update to 8.0.2
Ovidiu Panait (2):
python3-pillow: 5.4.1 -> 6.1
python3-pillow: Add python3-misc/logging/numbers to RDEPENDS
Paolo Valente (1):
s-suite: push SRCREV to version 3.5
Parthiban Nallathambi (1):
python3-matplotlib: add version 3.1.1
Pascal Bach (1):
protobuf: 1.3.1 -> 1.3.2
Paul Eggleton (3):
mraa: update to 2.0.0
upm: update to 2.0.0
picocom: update to 3.1
Pierre-Jean Texier (2):
stunnel: bump to version 5.55
cppzmq: bump to version 4.4.1
Piotr Tworek (1):
itstool: Don't use hardcoded, absolute path to python3 binary.
Qi.Chen@windriver.com (3):
turbostat: set PACKAGE_ARCH as MACHINE_ARCH
esmtp: use alternatives to manage /usr/lib/sendmail
postfix: use alternatives to manage /usr/lib/sendmail
Radovan Scasny (2):
dhcpcd: enable udev by default
dhcpcd: fix building with pkgconfig
Randy MacLeod (2):
poppler: update from 0.75.0 to 0.79.0
rsyslog: update from 8.1903.0 to 8.1907.0
Ricardo Ribalda Delgado (1):
fwts: Update to 19.06.00
Robert Joslyn (1):
cryptsetup: Don't enable udev for native build
Roman Stratiienko (1):
glmark2: Upgrade SRCREV to latest
Ross Burton (2):
gtk+: add (from oe-core)
gnome-themes-standard: add recipe for GTK+ 2 Adwaita
Ruslan Bilovol (2):
libnss-nisplus: Add recipe
kpatch: fix QA build errors for nativesdk
Saravanan Sekar (1):
liblightmodbus: Add version 2.0.2
Scott Ellis (1):
wireguard: Upgrade 20190406 to 20190702
Slater, Joseph (3):
drbd-utils: enable reproducible_build awareness
php: remove host specific info from header file
mozjs: do not expose intl api for mips64
Tim Orling (9):
libencode-perl: upgrade 2.94 -> 3.01; enable ptest
libdbi-perl: fix dependencies
libtest-nowarnings-perl: add recipe for 1.04
libdbd-sqlite-perl: upgrade 1.54 -> 1.62; enable ptest
libsub-uplevel-perl: add recipe for 0.36
libtest-warn-perl: add recipe for 0.36
libcgi-perl: upgrade 4.43 -> 4.44
libnet-ldap-perl: upgrade 0.65 -> 0.66; enable ptest
libunicode-linebreak-perl: upgrade 2017.004 -> 2019.001; enable ptest
Trevor Gamblin (2):
metacity; upgrade from 3.30.1 to 3.32.0
gvfs: upgrade from 1.40.0 to 1.40.2
Vincent Prince (1):
mongodb: add mongo shell as a PACKAGECONF option
William A. Kennington III via Openembedded-devel (5):
gtest: Googletest project is back under github.com/google/googletest
googletest: The gtest and gmock projects were combined under googletest in 2015
libtar: Enable libtar-native build
fmt: Init at 5.3.0
cli11: 1.7.1 -> 1.8.0
Windel Bouwman (3):
python-humanfriendly: Add recipe for the humanfriendly package.
Fix python-humanfriendly recipe for python2.
Add recipe for the coloredlogs python package.
Yi Zhao (7):
strongswan: upgrade 5.7.1 -> 5.8.0
snort: fix compile-host-path QA issue
cryptsetup: set the default luks format to LUKS1
libldb: upgrade 1.5.4 -> 1.5.5
samba: upgrade 4.10.5 -> 4.10.6
snort: upgrade 2.9.13 -> 2.9.14
snort: upgrade 2.9.14 -> 2.9.14.1
Yong, Jonathan (1):
icewm: add recipe
Yongxin Liu (3):
keyutils: move recipe and patches from meta-security to meta-oe
ndctl: v63 -> v65
pmdk: update from 1.4.2 to 1.6
Yuan Chao (9):
python-pycodestyle: upgrade 2.4.0 -> 2.5.0
python-lxml: upgrade 4.3.4 -> 4.4.0
python-configparser: upgrade 3.5.0 -> 3.7.4
protobuf: upgrade 3.9.0 -> 3.9.1
python-markupsafe: upgrade 1.0 -> 1.1.1
hostapd: upgrade 2.8 -> 2.9
python-configparser: upgrade 3.7.4 -> 3.8.1
python-lxml: upgrade 4.4.0 -> 4.4.1
python-pip: upgrade 19.2.1 -> 19.2.2
Zang Ruochen (47):
postgresql: upgrade 11.3 -> 11.4
wireshark: upgrade 3.0.1 -> 3.0.2
python-pygobject: upgrade 3.32.1 -> 3.32.2
python-alembic: upgrade 1.0.10 -> 1.0.11
logwatch: upgrade 7.4.3 -> 7.5.1
tcsh: upgrade 6.20.00 -> 6.21.00
python-cython: upgrade 0.29.10 -> 0.29.11
dialog: upgrade 1.3-20180621 -> 1.3-20190211
php: upgrade 7.3.6 -> 7.3.7
sessreg: upgrade 1.1.1 -> 1.1.2
python-typing: upgrade 3.6.6 -> 3.7.4
python-mako: upgrade 1.0.12 -> 1.0.13
python-pbr: upgrade 5.2.1 -> 5.4.0
python-cython: upgrade 0.29.11 -> 0.29.12
adcli: added new recipe.
python-pyflakes: upgrade 1.6.0 -> 2.1.1
python-protobuf: upgrade 3.8.0 -> 3.9.0
protobuf: upgrade 3.8.0 -> 3.9.0
setxkbmap: upgrade 1.3.1 -> 1.3.2
uftrace: upgrade 0.9.2 -> 0.9.3
wireshark: upgrade 3.0.2 -> 3.0.3
python-pbr: upgrade 5.4.0 -> 5.4.1
dstat: upgrade 0.7.3 -> 0.7.4
python-mako: upgrade 1.0.13 -> 1.0.14
xfsprogs: upgrade 5.0.0 -> 5.1.0
python-beautifulsoup4: upgrade 4.7.1 -> 4.8.0
xterm: upgrade 347 -> 348
python-pip: upgrade 19.1.1 -> 19.2.1
python-paste: upgrade 3.0.8 -> 3.1.0
syslog-ng: append syslog-ng.service
dialog: upgrade 1.3-20190211 -> 1.3-20190728
openldap: upgrade 2.4.47 -> 2.4.48
python-cython: upgrade 0.29.12 -> 0.29.13
libsodium: upgrade 1.0.17 -> 1.0.18
hwdata: upgrade 0.322 -> 0.326
python-jsonpatch: upgrade 1.23 -> 1.24
python-pyasn1: upgrade 0.4.5 -> 0.4.6
python-pyasn1-modules: upgrade 0.2.2 -> 0.2.6
python-pyparsing: upgrade 2.4.0 -> 2.4.2
python-pytest-runner: upgrade 4.2 -> 5.1
python-pytz: upgrade 2019.1 -> 2019.2
itstool: upgrade 2.0.5 -> 2.0.6
opensaf: upgrade 5.19.03 -> 5.19.07
libkcapi: upgrade 1.1.4 -> 1.1.5
mcelog: upgrade 162 -> 164
php: upgrade 7.3.7 -> 7.3.8
kpatch: upgrade 0.61 -> 0.71
Zheng Ruoqin (3):
python-mako: upgrade 1.0.14 -> 1.1.0
python-pbr: upgrade 5.4.1 -> 5.4.2
dnf-plugin-tui: new recipe
wouterlucas (1):
python-jsonref: add recipe
meta-phosphor: fbd01b6e08..fe8cee7488:
Brad Bishop (1):
meta-phosphor: sdk: react to upstream gtest rename
meta-xilinx: 64aa3d35ae..f3c8b1c9a8:
Alejandro Enedino Hernandez Samaniego (7):
opencl-clhpp: Allow empty packages to be built
opencl-headers: Allow empty packages to be built
gcc-8: rebase microblaze patches for gcc 8.2.0
gcc8: update microblaze patches
gcc: update microblaze patches
update gcc-8 patches
gcc: Remove xilinx.ld requirement
Jaewon Lee (6):
zc1254-zynqmp.conf: Add support for zc1254 evaluation board
zc1275-zynqmp.conf: Add support for zc1275 evaluation board
zcu102-zynqmp.conf: Changing qemu boot mode
Adding FPGA_MNGR_RECONFIG_ENABLE to control enabling fpga manager
gcc: Removing already upstreamed patch
Rebasing binutils patches from 2.31 to 2.32
Madhurkiran Harikrishnan (2):
kernel-module-mali: Fix errors associated with kernel upgrade to 4.19
xf86-video-armsoc: Remove the recipe for xf86-video-armsoc
Manjukumar Matha (10):
libmali-xlnx_git.bb: Fix the package arch for libmali
zcu111-zynqmp.conf: Add support for ZCU111 evaluation board
qemu-system-aarch64-multiarch: Enable plm argument in runqemu
arm-trusted-firmware.inc: Add support to build ATF for versal devices
linux-xlnx.inc: Add support to build kernel for versal devices
linux-xlnx.inc: Use KBUILD_DEFCONFIG in externalsrc mode if defined
kernel-simpleimage.bbclass: Use dts for simpleImage generation for Microblaze
kernel-simpleimage.bbclass: Deploy simpleImage unstrip file
kernel-simpleimage.bbclass: Deploy simpleImage strip
binutils%.bbappend: Update Microblaze binutils patches to v2.31
Min Ma (4):
ocl-icd_git.bb: Add recipe for OpenCL ICD loaders
opencl-clhpp_git.bb: Recipe for OpenCL Host API C++ bindings
zocl: Recipe for Xilinx runtime driver module
xrt: Xilinx Runtime User Space Libraries and headers
Sai Hari Chandana Kalluri (1):
xilinx-testimage.bbclass: Include IMAGE_AUTOLOGIN and IMAGE_FSTYPES values for runqemu
Sreeja Vadakattu (1):
machine-xilinx-default.inc: Make u-boot.elf as UBOOT_ELF for zynq
Vineeth Chowdary Karumanchi (1):
tune-zynq.inc: Build zImage in addition to uImage
meta-security: c28b72e91d..ecb526ffab:
Armin Kuster (34):
linux-bbappends: simplify
layers: set warrior only
security-test-image: add a testing image
runtime: clamav test cleanup
packagegroup-core-security: cleanup and remove ptest
test-image: add packagegroup-core-security-ptest
test-image: add a few more packages to image
ima-evm-utils: update to tip
runtime: tpm2 fix names in packagecheck
tpm2 images: create tpm2 image and fix packagegroup
tpm image: split out tpm2
tpm2-pkcs11/tpm2-pkcs11: update to tip
tpm2-tcti-uefi: update to tip
tpm2-tools: update to 3.2.0
tpm2-tss: update to 2.2.3
tpm2-totp: update to offical release v0.1.1
tpm2-tss-engine: update to 1.0.0
libmspack: update SRC_URI and package
clamav: minor recipe cleanup
lynis: update to 2.7.5
meta-security-compliance: update README
openscap_git: update to 1.3.0
openscap: add 1.3.1 recipes for upstream source
scap-security-guide: update to 0.1.44
meta-security-compliance: add meta-python
libldb: remove recipe
waf-cross-answers: remove files
samhain: update to 4.3.3
keyutils: remove from meta-security
linux-%: remove kernel fragments now in cache
meta-integrity: remove kernel fragments now in cache
linux-stable/5.2: add stable bbappend
linux-yocto: use 4.19 kernel cache now
linux-yocto-dev: update to use kernel cache
Dmitry Eremin-Solenikov (11):
packagegroup-security-tpm2: stop including tpm2-tcti-uefi
tpm2-tss: fix compilation when using updated AX_CODE_COVERAGE macro
tpm2-tcti-uefi: add autoconf-archive-native dependency
tpm2-tcti-uefi: fix configure arguments
tpm2-tcti-uefi: stop inserting host directories into build path
tpm2-tcti-uefi: build and install examples
meta-integrity: rename IMA_EVM_BASE to INTEGRITY_BASE
ima-evm-utils: bump to release 1.2.1
kernel-modsign.bbclass: add support for kernel modules signing
linux: add support for kernel modules signing
layer.conf: switch to keyutils from meta-oe
He Zhe (1):
kernel: Add conditional inclusion of fragments for linux-yocto-dev
Mark Asselstine (1):
openscap/scap-security-guide: use _git instead of versioned filenames
Yi Zhao (5):
openscap: update recipe
scap-security-guide: update recipe
openscap: cleanup DEPENDS
scap-security-guide: fix typo
xmlsec1: upgrade 1.2.27 -> 1.2.28
lumag (3):
layer.conf: add dependency on meta-security
ima-evm-utils: bump version
ima-evm-utils: refresh xattr patch
meta-raspberrypi: 8636b63752..b112816e95:
Andrei Gherzan (46):
rpi-base.inc: Include rpi4 dtb
raspberrypi3.conf: Clarify machine mode
linux-raspberrypi: Include configuration for RaspberryPi3 defconfig
linux-raspberrypi: Update 4.19 kernel to 4.19.56
rpi-base: Rename the rpi0w dtb
firmware: Update to 20190620
raspberrypi4.conf: Add initial machine 32 bit configuration
linux-firmware-rpidistro: Fix WiFi on RaspberryPi 4
rpi-base.inc: Include the "fake" KMS dtbo
raspberrypi4: Use vc4-fkms-v3d
linux-raspberrypi: Bump 4.19 revision to fix RPi 4 arm64 builds
raspberrypi4-64.conf: Introduce RPi arm64 machine
firmware: Rename firmware inc file to raspberrypi-firmware.inc
armstubs: Add support for compiling ARM stubs
rpi-config: Handle ARMSTUB
sdcard_image-rpi.bbclass: Include in the SD card image the armstub file
raspberrypi4-64.conf: Initial machine configuration
raspberrypi-tools: Update to remove Makefile patch
linux-raspberrypi: Fix defconfig for RPi4-64
linux-raspberrypi.inc: Explicitly set defconfig for raspberrypi4-64
sdcard_image-rpi.bbclass: Fix typo
linux-raspberrypi: Bump 4.19 revision to have proper coherent_pool set
raspberrypi4-64.conf: Define a machine feature for armstubs
sdcard_image-rpi.bbclass: Use armstub machine feature
linux-raspberrypi: Bump 4.19.57 revision
raspberrypi4.conf: Define uboot defconfig
raspberrypi4-64.conf: Uboot configuration and drop armstub
u-boot: Use a temporary fork for RPi4 support
raspberrypi-firmware: Update to 20190709
raspberrypi4.conf: The firmware uses kernel7l.img when LPAE is supported
linux-raspberrypi: Bump 4.19 to 4.19.58
linux-raspberrypi: Build dtbs with dtbs make target for all 64bit targets
linux-raspberrypi: Bump 4.19 revision
raspberrypi4-64.conf: Remove memory limitation
u-boot: Replace custom fork by patches
u-boot: Update patches for RPi4
rpi-config: Check for armstub based on machine feature
sdcard_image-rpi: Check for armstub based on machine feature
armstubs: Error out when ARMSTUBS is not defined
raspberrypi*: Define ARMSTUB for all machines
raspberrypi4-64.conf: Limit RAM to 3G
README.md: Use matrix chat room
raspberrypi-firmware.inc: Update to 20190718
linux-raspberrypi: Update 4.19 recipe to 4.19.66
mesa: Add v3d and kmsro driver as well
raspberrypi4-64: Remove the 3G RAM limitation
Carton (2):
bluez5: Fixed typo (RC_URI -> SRC_URI)
rpi-config: Check some config values against "1"
Francesco Giancane (1):
linux-raspberrypi: update to 4.14.114
Khem Raj (8):
linux-raspberrypi: Upgrade to 4.19.57
userland: Upgrade to latest
webkitgtk: Remove -DUSE_GSTREAMER_GL=OFF for vc4graphics
layer.conf: Add meta-networking to dynamic layers
drbd: Disable for rpi machines
packagegroup-rpi-test: Depend on wireless-regdb instead of crda
xorg-xserver: Adapt bbappend to latest OE-core
python-rtimu,python-sense-hat: Convert to py3 modules
Kirill Goncharov (1):
omxplayer: Bump revision
Martin Jansa (1):
sdcard_image-rpi.bbclass: use -v for all mcopy calls and add bbfatal in case mcopy fails
Riyaz (1):
rpi-base.inc: Enabling open-source vc4graphics driver for all RPI platforms
Change-Id: I9e37b5952a2e2e30745275fc89e4dd7c47b851e2
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/meta-openembedded/meta-oe/recipes-graphics/gimp/gimp_2.8.22.bb b/meta-openembedded/meta-oe/recipes-graphics/gimp/gimp_2.8.22.bb
index 943986e..1d64910 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/gimp/gimp_2.8.22.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/gimp/gimp_2.8.22.bb
@@ -8,6 +8,7 @@
gdk-pixbuf-native \
intltool-native \
libxslt-native \
+ dbus-glib \
gtk+ \
babl \
gegl \
@@ -24,7 +25,7 @@
"
DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'libxmu libxpm', '', d)}"
-inherit distro_features_check gnome gtk-doc
+inherit distro_features_check gnomebase gtk-icon-cache gtk-doc
REQUIRED_DISTRO_FEATURES = "x11"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch
new file mode 100644
index 0000000..21bf1bc
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch
@@ -0,0 +1,33 @@
+From 564901ab78da2b2b1bed92351dc3c102dc0a8154 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 6 Aug 2019 17:51:39 -0700
+Subject: [PATCH] Set use_tcl to be empty string if tcl is disabled
+
+Upstream-Status: Inappropriate [Cross-compile specific]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -1676,7 +1676,7 @@ AC_ARG_ENABLE(tcl,
+ [], [enable_tcl=yes])
+
+ if test "x$enable_tcl" != "xyes"; then
+- use_tcl="No (disabled)"
++ use_tcl=""
+ fi
+
+ if test "x$use_tcl" = "x"; then
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -19,7 +19,7 @@ pkginclude_HEADERS = $(top_builddir)/gra
+ man_MANS = graphviz.7
+
+ # $(subdirs) contains the list from: AC_CONFIG_SUBDIRS
+-SUBDIRS = $(subdirs) lib plugin cmd tclpkg doc contrib share graphs rtest tests
++SUBDIRS = $(subdirs) lib plugin cmd doc contrib share graphs rtest tests
+
+ .PHONY: doxygen
+ doxygen:
diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-plugin-pango-Include-freetype-headers-explicitly.patch b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-plugin-pango-Include-freetype-headers-explicitly.patch
new file mode 100644
index 0000000..a9b0352
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz/0001-plugin-pango-Include-freetype-headers-explicitly.patch
@@ -0,0 +1,38 @@
+From 926d9285f3367ae1bdb9ce1dce95f7de73b3a980 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 6 Aug 2019 12:42:19 -0700
+Subject: [PATCH] plugin/pango: Include freetype headers explicitly
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Do not depend on pango automatically adding these headers
+Fixes
+| gvtextlayout_pango.c:140:10: error: unknown type name ‘FT_Face’
+| FT_Face face;
+| ^~~~~~~
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ plugin/pango/gvtextlayout_pango.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/plugin/pango/gvtextlayout_pango.c b/plugin/pango/gvtextlayout_pango.c
+index d620b29..b0da11c 100644
+--- a/plugin/pango/gvtextlayout_pango.c
++++ b/plugin/pango/gvtextlayout_pango.c
+@@ -15,6 +15,10 @@
+
+ #include <stdlib.h>
+ #include <string.h>
++
++#include <ft2build.h>
++#include FT_FREETYPE_H
++
+ #include "gvplugin_render.h"
+ #include "agxbuf.h"
+ #include "utils.h"
+--
+2.22.0
+
diff --git a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb
index a9efffa..176cf44 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/graphviz/graphviz_2.40.1.bb
@@ -26,9 +26,13 @@
# source - see https://src.fedoraproject.org/cgit/rpms/graphviz.git/tree/graphviz.spec
SRC_URI = "https://gitlab.com/graphviz/graphviz/-/archive/stable_release_${PV}/graphviz-stable_release_${PV}.tar.gz \
+ file://0001-plugin-pango-Include-freetype-headers-explicitly.patch \
"
# Use native mkdefs
-SRC_URI_append_class-target = " file://0001-Use-native-mkdefs.patch"
+SRC_URI_append_class-target = "\
+ file://0001-Use-native-mkdefs.patch \
+ file://0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch \
+"
SRC_URI[md5sum] = "2acf30ca8e6cc8b001b0334db65fd072"
SRC_URI[sha256sum] = "e6c3f8dbfde1c4523055403927bef29f97f9fc12715c1042b5dcf648a2c1c62a"
@@ -39,6 +43,7 @@
--with-expatlibdir=${STAGING_LIBDIR} \
--without-included-ltdl \
--disable-java \
+ --disable-tcl \
--disable-r \
--disable-sharp \
"
@@ -54,6 +59,19 @@
install -m755 ${B}/lib/gvpr/mkdefs ${D}${bindir}
}
+PACKAGES =+ "${PN}-python ${PN}-perl ${PN}-demo"
+
+FILES_${PN}-python += "${libdir}/python*/site-packages/ ${libdir}/graphviz/python/"
+FILES_${PN}-perl += "${libdir}/perl5/*/vendor_perl/ ${libdir}/graphviz/perl/"
+FILES_${PN}-demo += "${datadir}/graphviz/demo/"
+
+RDEPENDS_${PN}-perl += "perl"
+RDEPENDS_${PN}-python += "python"
+RDEPENDS_${PN}-demo += "python perl"
+
+INSANE_SKIP_${PN}-perl = "dev-so"
+INSANE_SKIP_${PN}-python = "dev-so"
+
FILES_SOLIBSDEV_append = " ${libdir}/graphviz/lib*${SOLIBSDEV}"
BBCLASSEXTEND = "native"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/gtkwave/gtkwave_3.3.98.bb b/meta-openembedded/meta-oe/recipes-graphics/gtkwave/gtkwave_3.3.98.bb
index b9aae0f..310c410 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/gtkwave/gtkwave_3.3.98.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/gtkwave/gtkwave_3.3.98.bb
@@ -5,7 +5,7 @@
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=75859989545e37968a99b631ef42722e"
-SRC_URI = "http://gtkwave.sourceforge.net/${PN}-${PV}.tar.gz"
+SRC_URI = "http://gtkwave.sourceforge.net/${BP}.tar.gz"
SRC_URI[md5sum] = "eac3073ef381e0c09da33590296ca37f"
SRC_URI[sha256sum] = "efa6bbbeb3bd54104425a69a2aa0d079bb5c3ecc1c420ba57dcaa1c97c5a22f6"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_1.900.1.bb b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_1.900.1.bb
index cc6a694..d2c7ffd 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_1.900.1.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/jasper/jasper_1.900.1.bb
@@ -4,7 +4,10 @@
PR = "r1"
-SRC_URI = "http://www.ece.uvic.ca/~mdadams/jasper/software/jasper-${PV}.zip"
+SRC_URI = "git://github.com/mdadams/jasper.git;protocol=https"
+SRCREV = "b13b8c86be870107f83b0a9a4b77557cb2b65d69"
+
+S = "${WORKDIR}/git"
inherit autotools lib_package
@@ -13,6 +16,3 @@
PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,freeglut"
EXTRA_OECONF = "--enable-shared"
-
-SRC_URI[md5sum] = "a342b2b4495b3e1394e161eb5d85d754"
-SRC_URI[sha256sum] = "6b905a9c2aca2e275544212666eefc4eb44d95d0a57e4305457b407fe63f9494"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch
new file mode 100644
index 0000000..ec8c0fd
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch
@@ -0,0 +1,73 @@
+From 44e4bb4cfb81024c8f5fd2e179e8a32c42756a2f Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 23 Jul 2017 16:52:43 -0700
+Subject: [PATCH] build: Pass --tag=CC explictly when using libtool
+
+Do not depend solely on libtool heuristics which fail
+in OE case when building with external compiler and
+hardening flags
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ Makefile.in | 4 ++--
+ build-scripts/makedep.sh | 8 ++++----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/Makefile.in b/Makefile.in
+index ab51035..743ce30 100644
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -72,10 +72,10 @@ depend:
+ include $(depend)
+
+ $(objects)/$(TARGET): $(OBJECTS)
+- $(LIBTOOL) --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS)
++ $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS)
+
+ $(objects)/$(SDLMAIN_TARGET): $(SDLMAIN_OBJECTS)
+- $(LIBTOOL) --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) $(SDLMAIN_LDFLAGS)
++ $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) $(SDLMAIN_LDFLAGS)
+
+
+ install: all install-bin install-hdrs install-lib install-data install-man
+diff --git a/build-scripts/makedep.sh b/build-scripts/makedep.sh
+index 3b3863b..dba28f2 100755
+--- a/build-scripts/makedep.sh
++++ b/build-scripts/makedep.sh
+@@ -51,19 +51,19 @@ do echo "Generating dependencies for $src"
+ case $ext in
+ c) cat >>${output}.new <<__EOF__
+
+- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
+
+ __EOF__
+ ;;
+ cc) cat >>${output}.new <<__EOF__
+
+- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
+
+ __EOF__
+ ;;
+ m) cat >>${output}.new <<__EOF__
+
+- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
+
+ __EOF__
+ ;;
+@@ -75,7 +75,7 @@ __EOF__
+ ;;
+ S) cat >>${output}.new <<__EOF__
+
+- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@
+
+ __EOF__
+ ;;
+--
+2.13.3
+
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch
new file mode 100644
index 0000000..c41c2de
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch
@@ -0,0 +1,114 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560182231 25200
+# Mon Jun 10 08:57:11 2019 -0700
+# Branch SDL-1.2
+# Node ID a8afedbcaea0e84921dc770195c4699bda3ccdc5
+# Parent faf9abbcfb5fe0d0ca23c4bf0394aa226ceccf02
+CVE-2019-7572: Fix a buffer overwrite in IMA_ADPCM_decode
+If data chunk was longer than expected based on a WAV format
+definition, IMA_ADPCM_decode() tried to write past the output
+buffer. This patch fixes it.
+
+Based on patch from
+<https://bugzilla.libsdl.org/show_bug.cgi?id=4496>.
+
+CVE-2019-7572
+https://bugzilla.libsdl.org/show_bug.cgi?id=4495
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560041863 25200
+# Sat Jun 08 17:57:43 2019 -0700
+# Branch SDL-1.2
+# Node ID e52413f5258600878f9a10d2f92605a729aa8976
+# Parent 4e73be7b47877ae11d2279bd916910d469d18f8e
+CVE-2019-7572: Fix a buffer overread in IMA_ADPCM_nibble
+If an IMA ADPCM block contained an initial index out of step table
+range (loaded in IMA_ADPCM_decode()), IMA_ADPCM_nibble() blindly used
+this bogus value and that lead to a buffer overread.
+
+This patch fixes it by moving clamping the index value at the
+beginning of IMA_ADPCM_nibble() function instead of the end after
+an update.
+
+CVE-2019-7572
+https://bugzilla.libsdl.org/show_bug.cgi?id=4495
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7572
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r faf9abbcfb5f -r a8afedbcaea0 src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Mon Jun 10 08:54:29 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 08:57:11 2019 -0700
+@@ -346,7 +346,7 @@
+ static int IMA_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len)
+ {
+ struct IMA_ADPCM_decodestate *state;
+- Uint8 *freeable, *encoded, *encoded_end, *decoded;
++ Uint8 *freeable, *encoded, *encoded_end, *decoded, *decoded_end;
+ Sint32 encoded_len, samplesleft;
+ unsigned int c, channels;
+
+@@ -373,6 +373,7 @@
+ return(-1);
+ }
+ decoded = *audio_buf;
++ decoded_end = decoded + *audio_len;
+
+ /* Get ready... Go! */
+ while ( encoded_len >= IMA_ADPCM_state.wavefmt.blockalign ) {
+@@ -392,6 +393,7 @@
+ }
+
+ /* Store the initial sample we start with */
++ if (decoded + 2 > decoded_end) goto invalid_size;
+ decoded[0] = (Uint8)(state[c].sample&0xFF);
+ decoded[1] = (Uint8)(state[c].sample>>8);
+ decoded += 2;
+@@ -402,6 +404,8 @@
+ while ( samplesleft > 0 ) {
+ for ( c=0; c<channels; ++c ) {
+ if (encoded + 4 > encoded_end) goto invalid_size;
++ if (decoded + 4 * 4 * channels > decoded_end)
++ goto invalid_size;
+ Fill_IMA_ADPCM_block(decoded, encoded,
+ c, channels, &state[c]);
+ encoded += 4;
+
+diff -r 4e73be7b4787 -r e52413f52586 src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Sat Jun 01 18:27:46 2019 +0100
++++ b/src/audio/SDL_wave.c Sat Jun 08 17:57:43 2019 -0700
+@@ -264,6 +264,14 @@
+ };
+ Sint32 delta, step;
+
++ /* Clamp index value. The inital value can be invalid. */
++ if ( state->index > 88 ) {
++ state->index = 88;
++ } else
++ if ( state->index < 0 ) {
++ state->index = 0;
++ }
++
+ /* Compute difference and new sample value */
+ step = step_table[state->index];
+ delta = step >> 3;
+@@ -275,12 +283,6 @@
+
+ /* Update index value */
+ state->index += index_table[nybble];
+- if ( state->index > 88 ) {
+- state->index = 88;
+- } else
+- if ( state->index < 0 ) {
+- state->index = 0;
+- }
+
+ /* Clamp output sample */
+ if ( state->sample > max_audioval ) {
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch
new file mode 100644
index 0000000..9fd53da
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch
@@ -0,0 +1,68 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560181859 25200
+# Mon Jun 10 08:50:59 2019 -0700
+# Branch SDL-1.2
+# Node ID a6e3d2f5183e1cc300ad993e10e9ce077e13bd9c
+# Parent 388987dff7bf8f1e214e69c2e4f1aa31e06396b5
+CVE-2019-7574: Fix a buffer overread in IMA_ADPCM_decode
+If data chunk was shorter than expected based on a WAV format
+definition, IMA_ADPCM_decode() tried to read past the data chunk
+buffer. This patch fixes it.
+
+CVE-2019-7574
+https://bugzilla.libsdl.org/show_bug.cgi?id=4496
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7574
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r 388987dff7bf -r a6e3d2f5183e src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Sat Jun 08 18:02:09 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 08:50:59 2019 -0700
+@@ -331,7 +331,7 @@
+ static int IMA_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len)
+ {
+ struct IMA_ADPCM_decodestate *state;
+- Uint8 *freeable, *encoded, *decoded;
++ Uint8 *freeable, *encoded, *encoded_end, *decoded;
+ Sint32 encoded_len, samplesleft;
+ unsigned int c, channels;
+
+@@ -347,6 +347,7 @@
+ /* Allocate the proper sized output buffer */
+ encoded_len = *audio_len;
+ encoded = *audio_buf;
++ encoded_end = encoded + encoded_len;
+ freeable = *audio_buf;
+ *audio_len = (encoded_len/IMA_ADPCM_state.wavefmt.blockalign) *
+ IMA_ADPCM_state.wSamplesPerBlock*
+@@ -362,6 +363,7 @@
+ while ( encoded_len >= IMA_ADPCM_state.wavefmt.blockalign ) {
+ /* Grab the initial information for this block */
+ for ( c=0; c<channels; ++c ) {
++ if (encoded + 4 > encoded_end) goto invalid_size;
+ /* Fill the state information for this block */
+ state[c].sample = ((encoded[1]<<8)|encoded[0]);
+ encoded += 2;
+@@ -384,6 +386,7 @@
+ samplesleft = (IMA_ADPCM_state.wSamplesPerBlock-1)*channels;
+ while ( samplesleft > 0 ) {
+ for ( c=0; c<channels; ++c ) {
++ if (encoded + 4 > encoded_end) goto invalid_size;
+ Fill_IMA_ADPCM_block(decoded, encoded,
+ c, channels, &state[c]);
+ encoded += 4;
+@@ -395,6 +398,10 @@
+ }
+ SDL_free(freeable);
+ return(0);
++invalid_size:
++ SDL_SetError("Unexpected chunk length for an IMA ADPCM decoder");
++ SDL_free(freeable);
++ return(-1);
+ }
+
+ SDL_AudioSpec * SDL_LoadWAV_RW (SDL_RWops *src, int freesrc,
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch
new file mode 100644
index 0000000..a3e8416
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch
@@ -0,0 +1,81 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560183905 25200
+# Mon Jun 10 09:25:05 2019 -0700
+# Branch SDL-1.2
+# Node ID a936f9bd3e381d67d8ddee8b9243f85799ea4798
+# Parent fcbecae427951bac1684baaba2ade68221315140
+CVE-2019-7575: Fix a buffer overwrite in MS_ADPCM_decode
+If a WAV format defines shorter audio stream and decoded MS ADPCM data chunk
+is longer, decoding continued past the output audio buffer.
+
+This fix is based on a patch from
+<https://bugzilla.libsdl.org/show_bug.cgi?id=4492>.
+
+https://bugzilla.libsdl.org/show_bug.cgi?id=4493
+CVE-2019-7575
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7575
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r fcbecae42795 -r a936f9bd3e38 src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Mon Jun 10 09:06:23 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 09:25:05 2019 -0700
+@@ -122,7 +122,7 @@
+ static int MS_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len)
+ {
+ struct MS_ADPCM_decodestate *state[2];
+- Uint8 *freeable, *encoded, *encoded_end, *decoded;
++ Uint8 *freeable, *encoded, *encoded_end, *decoded, *decoded_end;
+ Sint32 encoded_len, samplesleft;
+ Sint8 nybble, stereo;
+ Sint16 *coeff[2];
+@@ -142,6 +142,7 @@
+ return(-1);
+ }
+ decoded = *audio_buf;
++ decoded_end = decoded + *audio_len;
+
+ /* Get ready... Go! */
+ stereo = (MS_ADPCM_state.wavefmt.channels == 2);
+@@ -149,7 +150,7 @@
+ state[1] = &MS_ADPCM_state.state[stereo];
+ while ( encoded_len >= MS_ADPCM_state.wavefmt.blockalign ) {
+ /* Grab the initial information for this block */
+- if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto too_short;
++ if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto invalid_size;
+ state[0]->hPredictor = *encoded++;
+ if ( stereo ) {
+ state[1]->hPredictor = *encoded++;
+@@ -179,6 +180,7 @@
+ coeff[1] = MS_ADPCM_state.aCoeff[state[1]->hPredictor];
+
+ /* Store the two initial samples we start with */
++ if (decoded + 4 + (stereo ? 4 : 0) > decoded_end) goto invalid_size;
+ decoded[0] = state[0]->iSamp2&0xFF;
+ decoded[1] = state[0]->iSamp2>>8;
+ decoded += 2;
+@@ -200,7 +202,8 @@
+ samplesleft = (MS_ADPCM_state.wSamplesPerBlock-2)*
+ MS_ADPCM_state.wavefmt.channels;
+ while ( samplesleft > 0 ) {
+- if (encoded + 1 > encoded_end) goto too_short;
++ if (encoded + 1 > encoded_end) goto invalid_size;
++ if (decoded + 4 > decoded_end) goto invalid_size;
+
+ nybble = (*encoded)>>4;
+ new_sample = MS_ADPCM_nibble(state[0],nybble,coeff[0]);
+@@ -223,8 +226,8 @@
+ }
+ SDL_free(freeable);
+ return(0);
+-too_short:
+- SDL_SetError("Too short chunk for a MS ADPCM decoder");
++invalid_size:
++ SDL_SetError("Unexpected chunk length for a MS ADPCM decoder");
+ SDL_free(freeable);
+ return(-1);
+ invalid_predictor:
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch
new file mode 100644
index 0000000..d9a5052
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch
@@ -0,0 +1,80 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560182783 25200
+# Mon Jun 10 09:06:23 2019 -0700
+# Branch SDL-1.2
+# Node ID fcbecae427951bac1684baaba2ade68221315140
+# Parent a8afedbcaea0e84921dc770195c4699bda3ccdc5
+CVE-2019-7573, CVE-2019-7576: Fix buffer overreads in InitMS_ADPCM
+If MS ADPCM format chunk was too short, InitMS_ADPCM() parsing it
+could read past the end of chunk data. This patch fixes it.
+
+CVE-2019-7573
+https://bugzilla.libsdl.org/show_bug.cgi?id=4491
+CVE-2019-7576
+https://bugzilla.libsdl.org/show_bug.cgi?id=4490
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7573
+CVE: CVE-2019-7576
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r a8afedbcaea0 -r fcbecae42795 src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Mon Jun 10 08:57:11 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 09:06:23 2019 -0700
+@@ -44,12 +44,13 @@
+ struct MS_ADPCM_decodestate state[2];
+ } MS_ADPCM_state;
+
+-static int InitMS_ADPCM(WaveFMT *format)
++static int InitMS_ADPCM(WaveFMT *format, int length)
+ {
+- Uint8 *rogue_feel;
++ Uint8 *rogue_feel, *rogue_feel_end;
+ int i;
+
+ /* Set the rogue pointer to the MS_ADPCM specific data */
++ if (length < sizeof(*format)) goto too_short;
+ MS_ADPCM_state.wavefmt.encoding = SDL_SwapLE16(format->encoding);
+ MS_ADPCM_state.wavefmt.channels = SDL_SwapLE16(format->channels);
+ MS_ADPCM_state.wavefmt.frequency = SDL_SwapLE32(format->frequency);
+@@ -58,9 +59,11 @@
+ MS_ADPCM_state.wavefmt.bitspersample =
+ SDL_SwapLE16(format->bitspersample);
+ rogue_feel = (Uint8 *)format+sizeof(*format);
++ rogue_feel_end = (Uint8 *)format + length;
+ if ( sizeof(*format) == 16 ) {
+ rogue_feel += sizeof(Uint16);
+ }
++ if (rogue_feel + 4 > rogue_feel_end) goto too_short;
+ MS_ADPCM_state.wSamplesPerBlock = ((rogue_feel[1]<<8)|rogue_feel[0]);
+ rogue_feel += sizeof(Uint16);
+ MS_ADPCM_state.wNumCoef = ((rogue_feel[1]<<8)|rogue_feel[0]);
+@@ -70,12 +73,16 @@
+ return(-1);
+ }
+ for ( i=0; i<MS_ADPCM_state.wNumCoef; ++i ) {
++ if (rogue_feel + 4 > rogue_feel_end) goto too_short;
+ MS_ADPCM_state.aCoeff[i][0] = ((rogue_feel[1]<<8)|rogue_feel[0]);
+ rogue_feel += sizeof(Uint16);
+ MS_ADPCM_state.aCoeff[i][1] = ((rogue_feel[1]<<8)|rogue_feel[0]);
+ rogue_feel += sizeof(Uint16);
+ }
+ return(0);
++too_short:
++ SDL_SetError("Unexpected length of a chunk with a MS ADPCM format");
++ return(-1);
+ }
+
+ static Sint32 MS_ADPCM_nibble(struct MS_ADPCM_decodestate *state,
+@@ -495,7 +502,7 @@
+ break;
+ case MS_ADPCM_CODE:
+ /* Try to understand this */
+- if ( InitMS_ADPCM(format) < 0 ) {
++ if ( InitMS_ADPCM(format, lenread) < 0 ) {
+ was_error = 1;
+ goto done;
+ }
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch
new file mode 100644
index 0000000..92e40ae
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch
@@ -0,0 +1,123 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560182051 25200
+# Mon Jun 10 08:54:11 2019 -0700
+# Branch SDL-1.2
+# Node ID 416136310b88cbeeff8773e573e90ac1e22b3526
+# Parent a6e3d2f5183e1cc300ad993e10e9ce077e13bd9c
+CVE-2019-7577: Fix a buffer overread in MS_ADPCM_decode
+If RIFF/WAV data chunk length is shorter then expected for an audio
+format defined in preceeding RIFF/WAV format headers, a buffer
+overread can happen.
+
+This patch fixes it by checking a MS ADPCM data to be decoded are not
+past the initialized buffer.
+
+CVE-2019-7577
+Reproducer: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560182069 25200
+# Mon Jun 10 08:54:29 2019 -0700
+# Branch SDL-1.2
+# Node ID faf9abbcfb5fe0d0ca23c4bf0394aa226ceccf02
+# Parent 416136310b88cbeeff8773e573e90ac1e22b3526
+CVE-2019-7577: Fix a buffer overread in MS_ADPCM_nibble and MS_ADPCM_decode
+If a chunk of RIFF/WAV file with MS ADPCM encoding contains an invalid
+predictor (a valid predictor's value is between 0 and 6 inclusive),
+a buffer overread can happen when the predictor is used as an index
+into an array of MS ADPCM coefficients.
+
+The overead happens when indexing MS_ADPCM_state.aCoeff[] array in
+MS_ADPCM_decode() and later when dereferencing a coef pointer in
+MS_ADPCM_nibble().
+
+This patch fixes it by checking the MS ADPCM predictor values fit
+into the valid range.
+
+CVE-2019-7577
+Reproducer: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7577
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r a6e3d2f5183e -r 416136310b88 src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Mon Jun 10 08:50:59 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 08:54:11 2019 -0700
+@@ -115,7 +115,7 @@
+ static int MS_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len)
+ {
+ struct MS_ADPCM_decodestate *state[2];
+- Uint8 *freeable, *encoded, *decoded;
++ Uint8 *freeable, *encoded, *encoded_end, *decoded;
+ Sint32 encoded_len, samplesleft;
+ Sint8 nybble, stereo;
+ Sint16 *coeff[2];
+@@ -124,6 +124,7 @@
+ /* Allocate the proper sized output buffer */
+ encoded_len = *audio_len;
+ encoded = *audio_buf;
++ encoded_end = encoded + encoded_len;
+ freeable = *audio_buf;
+ *audio_len = (encoded_len/MS_ADPCM_state.wavefmt.blockalign) *
+ MS_ADPCM_state.wSamplesPerBlock*
+@@ -141,6 +142,7 @@
+ state[1] = &MS_ADPCM_state.state[stereo];
+ while ( encoded_len >= MS_ADPCM_state.wavefmt.blockalign ) {
+ /* Grab the initial information for this block */
++ if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto too_short;
+ state[0]->hPredictor = *encoded++;
+ if ( stereo ) {
+ state[1]->hPredictor = *encoded++;
+@@ -188,6 +190,8 @@
+ samplesleft = (MS_ADPCM_state.wSamplesPerBlock-2)*
+ MS_ADPCM_state.wavefmt.channels;
+ while ( samplesleft > 0 ) {
++ if (encoded + 1 > encoded_end) goto too_short;
++
+ nybble = (*encoded)>>4;
+ new_sample = MS_ADPCM_nibble(state[0],nybble,coeff[0]);
+ decoded[0] = new_sample&0xFF;
+@@ -209,6 +213,10 @@
+ }
+ SDL_free(freeable);
+ return(0);
++too_short:
++ SDL_SetError("Too short chunk for a MS ADPCM decoder");
++ SDL_free(freeable);
++ return(-1);
+ }
+
+ struct IMA_ADPCM_decodestate {
+
+
+diff -r 416136310b88 -r faf9abbcfb5f src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Mon Jun 10 08:54:11 2019 -0700
++++ b/src/audio/SDL_wave.c Mon Jun 10 08:54:29 2019 -0700
+@@ -147,6 +147,9 @@
+ if ( stereo ) {
+ state[1]->hPredictor = *encoded++;
+ }
++ if (state[0]->hPredictor >= 7 || state[1]->hPredictor >= 7) {
++ goto invalid_predictor;
++ }
+ state[0]->iDelta = ((encoded[1]<<8)|encoded[0]);
+ encoded += sizeof(Sint16);
+ if ( stereo ) {
+@@ -217,6 +220,10 @@
+ SDL_SetError("Too short chunk for a MS ADPCM decoder");
+ SDL_free(freeable);
+ return(-1);
++invalid_predictor:
++ SDL_SetError("Invalid predictor value for a MS ADPCM decoder");
++ SDL_free(freeable);
++ return(-1);
+ }
+
+ struct IMA_ADPCM_decodestate {
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch
new file mode 100644
index 0000000..7028890
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch
@@ -0,0 +1,64 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560042129 25200
+# Sat Jun 08 18:02:09 2019 -0700
+# Branch SDL-1.2
+# Node ID 388987dff7bf8f1e214e69c2e4f1aa31e06396b5
+# Parent e52413f5258600878f9a10d2f92605a729aa8976
+CVE-2019-7578: Fix a buffer overread in InitIMA_ADPCM
+If IMA ADPCM format chunk was too short, InitIMA_ADPCM() parsing it
+could read past the end of chunk data. This patch fixes it.
+
+CVE-2019-7578
+https://bugzilla.libsdl.org/show_bug.cgi?id=4494
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7578
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r e52413f52586 -r 388987dff7bf src/audio/SDL_wave.c
+--- a/src/audio/SDL_wave.c Sat Jun 08 17:57:43 2019 -0700
++++ b/src/audio/SDL_wave.c Sat Jun 08 18:02:09 2019 -0700
+@@ -222,11 +222,12 @@
+ struct IMA_ADPCM_decodestate state[2];
+ } IMA_ADPCM_state;
+
+-static int InitIMA_ADPCM(WaveFMT *format)
++static int InitIMA_ADPCM(WaveFMT *format, int length)
+ {
+- Uint8 *rogue_feel;
++ Uint8 *rogue_feel, *rogue_feel_end;
+
+ /* Set the rogue pointer to the IMA_ADPCM specific data */
++ if (length < sizeof(*format)) goto too_short;
+ IMA_ADPCM_state.wavefmt.encoding = SDL_SwapLE16(format->encoding);
+ IMA_ADPCM_state.wavefmt.channels = SDL_SwapLE16(format->channels);
+ IMA_ADPCM_state.wavefmt.frequency = SDL_SwapLE32(format->frequency);
+@@ -235,11 +236,16 @@
+ IMA_ADPCM_state.wavefmt.bitspersample =
+ SDL_SwapLE16(format->bitspersample);
+ rogue_feel = (Uint8 *)format+sizeof(*format);
++ rogue_feel_end = (Uint8 *)format + length;
+ if ( sizeof(*format) == 16 ) {
+ rogue_feel += sizeof(Uint16);
+ }
++ if (rogue_feel + 2 > rogue_feel_end) goto too_short;
+ IMA_ADPCM_state.wSamplesPerBlock = ((rogue_feel[1]<<8)|rogue_feel[0]);
+ return(0);
++too_short:
++ SDL_SetError("Unexpected length of a chunk with an IMA ADPCM format");
++ return(-1);
+ }
+
+ static Sint32 IMA_ADPCM_nibble(struct IMA_ADPCM_decodestate *state,Uint8 nybble)
+@@ -471,7 +477,7 @@
+ break;
+ case IMA_ADPCM_CODE:
+ /* Try to understand this */
+- if ( InitIMA_ADPCM(format) < 0 ) {
++ if ( InitIMA_ADPCM(format, lenread) < 0 ) {
+ was_error = 1;
+ goto done;
+ }
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch
new file mode 100644
index 0000000..78af1b0
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch
@@ -0,0 +1,63 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1560259692 25200
+# Tue Jun 11 06:28:12 2019 -0700
+# Branch SDL-1.2
+# Node ID f1f5878be5dbf63c1161a8ee52b8a86ece30e552
+# Parent a936f9bd3e381d67d8ddee8b9243f85799ea4798
+CVE-2019-7635: Reject BMP images with pixel colors out the palette
+If a 1-, 4-, or 8-bit per pixel BMP image declares less used colors
+than the palette offers an SDL_Surface with a palette of the indicated
+number of used colors is created. If some of the image's pixel
+refer to a color number higher then the maximal used colors, a subsequent
+bliting operation on the surface will look up a color past a blit map
+(that is based on the palette) memory. I.e. passing such SDL_Surface
+to e.g. an SDL_DisplayFormat() function will result in a buffer overread in
+a blit function.
+
+This patch fixes it by validing each pixel's color to be less than the
+maximal color number in the palette. A validation failure raises an
+error from a SDL_LoadBMP_RW() function.
+
+CVE-2019-7635
+https://bugzilla.libsdl.org/show_bug.cgi?id=4498
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7635
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r a936f9bd3e38 -r f1f5878be5db src/video/SDL_bmp.c
+--- a/src/video/SDL_bmp.c Mon Jun 10 09:25:05 2019 -0700
++++ b/src/video/SDL_bmp.c Tue Jun 11 06:28:12 2019 -0700
+@@ -308,6 +308,12 @@
+ }
+ *(bits+i) = (pixel>>shift);
+ pixel <<= ExpandBMP;
++ if ( bits[i] >= biClrUsed ) {
++ SDL_SetError(
++ "A BMP image contains a pixel with a color out of the palette");
++ was_error = SDL_TRUE;
++ goto done;
++ }
+ } }
+ break;
+
+@@ -318,6 +324,16 @@
+ was_error = SDL_TRUE;
+ goto done;
+ }
++ if ( 8 == biBitCount && palette && biClrUsed < (1 << biBitCount ) ) {
++ for ( i=0; i<surface->w; ++i ) {
++ if ( bits[i] >= biClrUsed ) {
++ SDL_SetError(
++ "A BMP image contains a pixel with a color out of the palette");
++ was_error = SDL_TRUE;
++ goto done;
++ }
++ }
++ }
+ #if SDL_BYTEORDER == SDL_BIG_ENDIAN
+ /* Byte-swap the pixels if needed. Note that the 24bpp
+ case has already been taken care of above. */
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch
new file mode 100644
index 0000000..c95338e
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch
@@ -0,0 +1,192 @@
+# HG changeset patch
+# User Petr Písař <ppisar@redhat.com>
+# Date 1552788984 25200
+# Sat Mar 16 19:16:24 2019 -0700
+# Branch SDL-1.2
+# Node ID 9b0e5c555c0f5ce6d2c3c19da6cc2c7fb5048bf2
+# Parent 4646533663ae1d80c2cc6b2d6dbfb37c62491c1e
+CVE-2019-7637: Fix in integer overflow in SDL_CalculatePitch
+If a too large width is passed to SDL_SetVideoMode() the width travels
+to SDL_CalculatePitch() where the width (e.g. 65535) is multiplied by
+BytesPerPixel (e.g. 4) and the result is stored into Uint16 pitch
+variable. During this arithmetics an integer overflow can happen (e.g.
+the value is clamped as 65532). As a result SDL_Surface with a pitch
+smaller than width * BytesPerPixel is created, too small pixel buffer
+is allocated and when the SDL_Surface is processed in SDL_FillRect()
+a buffer overflow occurs.
+
+This can be reproduced with "./graywin -width 21312312313123213213213"
+command.
+
+This patch fixes is by using a very careful arithmetics in
+SDL_CalculatePitch(). If an overflow is detected, an error is reported
+back as a special 0 value. We assume that 0-width surfaces do not
+occur in the wild. Since SDL_CalculatePitch() is a private function,
+we can change the semantics.
+
+CVE-2019-7637
+https://bugzilla.libsdl.org/show_bug.cgi?id=4497
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+
+CVE: CVE-2019-7637
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/SDL_pixels.c
+--- a/src/video/SDL_pixels.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/SDL_pixels.c Sat Mar 16 19:16:24 2019 -0700
+@@ -286,26 +286,53 @@
+ }
+ }
+ /*
+- * Calculate the pad-aligned scanline width of a surface
++ * Calculate the pad-aligned scanline width of a surface. Return 0 in case of
++ * an error.
+ */
+ Uint16 SDL_CalculatePitch(SDL_Surface *surface)
+ {
+- Uint16 pitch;
++ unsigned int pitch = 0;
+
+ /* Surface should be 4-byte aligned for speed */
+- pitch = surface->w*surface->format->BytesPerPixel;
++ /* The code tries to prevent from an Uint16 overflow. */;
++ for (Uint8 byte = surface->format->BytesPerPixel; byte; byte--) {
++ pitch += (unsigned int)surface->w;
++ if (pitch < surface->w) {
++ SDL_SetError("A scanline is too wide");
++ return(0);
++ }
++ }
+ switch (surface->format->BitsPerPixel) {
+ case 1:
+- pitch = (pitch+7)/8;
++ if (pitch % 8) {
++ pitch = pitch / 8 + 1;
++ } else {
++ pitch = pitch / 8;
++ }
+ break;
+ case 4:
+- pitch = (pitch+1)/2;
++ if (pitch % 2) {
++ pitch = pitch / 2 + 1;
++ } else {
++ pitch = pitch / 2;
++ }
+ break;
+ default:
+ break;
+ }
+- pitch = (pitch + 3) & ~3; /* 4-byte aligning */
+- return(pitch);
++ /* 4-byte aligning */
++ if (pitch & 3) {
++ if (pitch + 3 < pitch) {
++ SDL_SetError("A scanline is too wide");
++ return(0);
++ }
++ pitch = (pitch + 3) & ~3;
++ }
++ if (pitch > 0xFFFF) {
++ SDL_SetError("A scanline is too wide");
++ return(0);
++ }
++ return((Uint16)pitch);
+ }
+ /*
+ * Match an RGB value to a particular palette index
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/gapi/SDL_gapivideo.c
+--- a/src/video/gapi/SDL_gapivideo.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/gapi/SDL_gapivideo.c Sat Mar 16 19:16:24 2019 -0700
+@@ -733,6 +733,9 @@
+ video->w = gapi->w = width;
+ video->h = gapi->h = height;
+ video->pitch = SDL_CalculatePitch(video);
++ if (!current->pitch) {
++ return(NULL);
++ }
+
+ /* Small fix for WinCE/Win32 - when activating window
+ SDL_VideoSurface is equal to zero, so activating code
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/nanox/SDL_nxvideo.c
+--- a/src/video/nanox/SDL_nxvideo.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/nanox/SDL_nxvideo.c Sat Mar 16 19:16:24 2019 -0700
+@@ -378,6 +378,10 @@
+ current -> w = width ;
+ current -> h = height ;
+ current -> pitch = SDL_CalculatePitch (current) ;
++ if (!current->pitch) {
++ current = NULL;
++ goto done;
++ }
+ NX_ResizeImage (this, current, flags) ;
+ }
+
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/ps2gs/SDL_gsvideo.c
+--- a/src/video/ps2gs/SDL_gsvideo.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/ps2gs/SDL_gsvideo.c Sat Mar 16 19:16:24 2019 -0700
+@@ -479,6 +479,9 @@
+ current->w = width;
+ current->h = height;
+ current->pitch = SDL_CalculatePitch(current);
++ if (!current->pitch) {
++ return(NULL);
++ }
+
+ /* Memory map the DMA area for block memory transfer */
+ if ( ! mapped_mem ) {
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/ps3/SDL_ps3video.c
+--- a/src/video/ps3/SDL_ps3video.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/ps3/SDL_ps3video.c Sat Mar 16 19:16:24 2019 -0700
+@@ -339,6 +339,9 @@
+ current->w = width;
+ current->h = height;
+ current->pitch = SDL_CalculatePitch(current);
++ if (!current->pitch) {
++ return(NULL);
++ }
+
+ /* Alloc aligned mem for current->pixels */
+ s_pixels = memalign(16, current->h * current->pitch);
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/windib/SDL_dibvideo.c
+--- a/src/video/windib/SDL_dibvideo.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/windib/SDL_dibvideo.c Sat Mar 16 19:16:24 2019 -0700
+@@ -675,6 +675,9 @@
+ video->w = width;
+ video->h = height;
+ video->pitch = SDL_CalculatePitch(video);
++ if (!current->pitch) {
++ return(NULL);
++ }
+
+ /* Small fix for WinCE/Win32 - when activating window
+ SDL_VideoSurface is equal to zero, so activating code
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/windx5/SDL_dx5video.c
+--- a/src/video/windx5/SDL_dx5video.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/windx5/SDL_dx5video.c Sat Mar 16 19:16:24 2019 -0700
+@@ -1127,6 +1127,9 @@
+ video->w = width;
+ video->h = height;
+ video->pitch = SDL_CalculatePitch(video);
++ if (!current->pitch) {
++ return(NULL);
++ }
+
+ #ifndef NO_CHANGEDISPLAYSETTINGS
+ /* Set fullscreen mode if appropriate.
+diff -r 4646533663ae -r 9b0e5c555c0f src/video/x11/SDL_x11video.c
+--- a/src/video/x11/SDL_x11video.c Sat Mar 16 18:35:33 2019 -0700
++++ b/src/video/x11/SDL_x11video.c Sat Mar 16 19:16:24 2019 -0700
+@@ -1225,6 +1225,10 @@
+ current->w = width;
+ current->h = height;
+ current->pitch = SDL_CalculatePitch(current);
++ if (!current->pitch) {
++ current = NULL;
++ goto done;
++ }
+ if (X11_ResizeImage(this, current, flags) < 0) {
+ current = NULL;
+ goto done;
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch
new file mode 100644
index 0000000..dab9aae
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch
@@ -0,0 +1,38 @@
+# HG changeset patch
+# User Sam Lantinga <slouken@libsdl.org>
+# Date 1550504903 28800
+# Mon Feb 18 07:48:23 2019 -0800
+# Branch SDL-1.2
+# Node ID 19d8c3b9c25143f71a34ff40ce1df91b4b3e3b78
+# Parent 8586f153eedec4c4e07066d6248ebdf67f10a229
+Fixed bug 4500 - Heap-Buffer Overflow in Map1toN pertaining to SDL_pixels.c
+
+Petr Pisar
+
+The reproducer has these data in BITMAPINFOHEADER:
+
+biSize = 40
+biBitCount = 8
+biClrUsed = 131075
+
+SDL_LoadBMP_RW() function passes biBitCount as a color depth to SDL_CreateRGBSurface(), thus 256-color pallete is allocated. But then biClrUsed colors are read from a file and stored into the palette. SDL_LoadBMP_RW should report an error if biClrUsed is greater than 2^biBitCount.
+
+CVE: CVE-2019-7638
+CVE: CVE-2019-7636
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+diff -r 8586f153eede -r 19d8c3b9c251 src/video/SDL_bmp.c
+--- a/src/video/SDL_bmp.c Sun Jan 13 15:27:50 2019 +0100
++++ b/src/video/SDL_bmp.c Mon Feb 18 07:48:23 2019 -0800
+@@ -233,6 +233,10 @@
+ if ( palette ) {
+ if ( biClrUsed == 0 ) {
+ biClrUsed = 1 << biBitCount;
++ } else if ( biClrUsed > (1 << biBitCount) ) {
++ SDL_SetError("BMP file has an invalid number of colors");
++ was_error = SDL_TRUE;
++ goto done;
+ }
+ if ( biSize == 12 ) {
+ for ( i = 0; i < (int)biClrUsed; ++i ) {
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch
new file mode 100644
index 0000000..f98b927
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch
@@ -0,0 +1,19 @@
+libX11-1.5.99.901 has changed prototype of _XData32
+
+Upstream-Status: Backport
+<http://bugzilla.libsdl.org/show_bug.cgi?id=1769>
+
+Signed-off-by: Saul Wold <sgw@linux.intel.com>
+
+diff -r b6b2829cd7ef src/video/x11/SDL_x11sym.h
+--- a/src/video/x11/SDL_x11sym.h Wed Feb 27 15:20:31 2013 -0800
++++ b/src/video/x11/SDL_x11sym.h Wed Mar 27 16:07:23 2013 +0100
+@@ -165,7 +165,7 @@
+ */
+ #ifdef LONG64
+ SDL_X11_MODULE(IO_32BIT)
+-SDL_X11_SYM(int,_XData32,(Display *dpy,register long *data,unsigned len),(dpy,data,len),return)
++SDL_X11_SYM(int,_XData32,(Display *dpy,register _Xconst long *data,unsigned len),(dpy,data,len),return)
+ SDL_X11_SYM(void,_XRead32,(Display *dpy,register long *data,long len),(dpy,data,len),)
+ #endif
+
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch
new file mode 100644
index 0000000..913baa9
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch
@@ -0,0 +1,187 @@
+Rather than code which doesn't even work properly when cross compiling,
+lets just use pkg-config instead. Its a little simpler.
+
+RP 2014/6/20
+
+Upstream-Status: Pending
+
+Index: SDL-1.2.15/sdl.m4
+===================================================================
+--- SDL-1.2.15.orig/sdl.m4
++++ SDL-1.2.15/sdl.m4
+@@ -12,174 +12,8 @@ dnl Test for SDL, and define SDL_CFLAGS
+ dnl
+ AC_DEFUN([AM_PATH_SDL],
+ [dnl
+-dnl Get the cflags and libraries from the sdl-config script
+-dnl
+-AC_ARG_WITH(sdl-prefix,[ --with-sdl-prefix=PFX Prefix where SDL is installed (optional)],
+- sdl_prefix="$withval", sdl_prefix="")
+-AC_ARG_WITH(sdl-exec-prefix,[ --with-sdl-exec-prefix=PFX Exec prefix where SDL is installed (optional)],
+- sdl_exec_prefix="$withval", sdl_exec_prefix="")
+-AC_ARG_ENABLE(sdltest, [ --disable-sdltest Do not try to compile and run a test SDL program],
+- , enable_sdltest=yes)
+-
+- if test x$sdl_exec_prefix != x ; then
+- sdl_config_args="$sdl_config_args --exec-prefix=$sdl_exec_prefix"
+- if test x${SDL_CONFIG+set} != xset ; then
+- SDL_CONFIG=$sdl_exec_prefix/bin/sdl-config
+- fi
+- fi
+- if test x$sdl_prefix != x ; then
+- sdl_config_args="$sdl_config_args --prefix=$sdl_prefix"
+- if test x${SDL_CONFIG+set} != xset ; then
+- SDL_CONFIG=$sdl_prefix/bin/sdl-config
+- fi
+- fi
+-
+- as_save_PATH="$PATH"
+- if test "x$prefix" != xNONE; then
+- PATH="$prefix/bin:$prefix/usr/bin:$PATH"
+- fi
+- AC_PATH_PROG(SDL_CONFIG, sdl-config, no, [$PATH])
+- PATH="$as_save_PATH"
+ min_sdl_version=ifelse([$1], ,0.11.0,$1)
+- AC_MSG_CHECKING(for SDL - version >= $min_sdl_version)
+- no_sdl=""
+- if test "$SDL_CONFIG" = "no" ; then
+- no_sdl=yes
+- else
+- SDL_CFLAGS=`$SDL_CONFIG $sdl_config_args --cflags`
+- SDL_LIBS=`$SDL_CONFIG $sdl_config_args --libs`
+-
+- sdl_major_version=`$SDL_CONFIG $sdl_config_args --version | \
+- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
+- sdl_minor_version=`$SDL_CONFIG $sdl_config_args --version | \
+- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
+- sdl_micro_version=`$SDL_CONFIG $sdl_config_args --version | \
+- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
+- if test "x$enable_sdltest" = "xyes" ; then
+- ac_save_CFLAGS="$CFLAGS"
+- ac_save_CXXFLAGS="$CXXFLAGS"
+- ac_save_LIBS="$LIBS"
+- CFLAGS="$CFLAGS $SDL_CFLAGS"
+- CXXFLAGS="$CXXFLAGS $SDL_CFLAGS"
+- LIBS="$LIBS $SDL_LIBS"
+-dnl
+-dnl Now check if the installed SDL is sufficiently new. (Also sanity
+-dnl checks the results of sdl-config to some extent
+-dnl
+- rm -f conf.sdltest
+- AC_TRY_RUN([
+-#include <stdio.h>
+-#include <stdlib.h>
+-#include <string.h>
+-#include "SDL.h"
+-
+-char*
+-my_strdup (char *str)
+-{
+- char *new_str;
+-
+- if (str)
+- {
+- new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char));
+- strcpy (new_str, str);
+- }
+- else
+- new_str = NULL;
+-
+- return new_str;
+-}
+-
+-int main (int argc, char *argv[])
+-{
+- int major, minor, micro;
+- char *tmp_version;
+-
+- /* This hangs on some systems (?)
+- system ("touch conf.sdltest");
+- */
+- { FILE *fp = fopen("conf.sdltest", "a"); if ( fp ) fclose(fp); }
+-
+- /* HP/UX 9 (%@#!) writes to sscanf strings */
+- tmp_version = my_strdup("$min_sdl_version");
+- if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) {
+- printf("%s, bad version string\n", "$min_sdl_version");
+- exit(1);
+- }
+-
+- if (($sdl_major_version > major) ||
+- (($sdl_major_version == major) && ($sdl_minor_version > minor)) ||
+- (($sdl_major_version == major) && ($sdl_minor_version == minor) && ($sdl_micro_version >= micro)))
+- {
+- return 0;
+- }
+- else
+- {
+- printf("\n*** 'sdl-config --version' returned %d.%d.%d, but the minimum version\n", $sdl_major_version, $sdl_minor_version, $sdl_micro_version);
+- printf("*** of SDL required is %d.%d.%d. If sdl-config is correct, then it is\n", major, minor, micro);
+- printf("*** best to upgrade to the required version.\n");
+- printf("*** If sdl-config was wrong, set the environment variable SDL_CONFIG\n");
+- printf("*** to point to the correct copy of sdl-config, and remove the file\n");
+- printf("*** config.cache before re-running configure\n");
+- return 1;
+- }
+-}
+-
+-],, no_sdl=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+- CFLAGS="$ac_save_CFLAGS"
+- CXXFLAGS="$ac_save_CXXFLAGS"
+- LIBS="$ac_save_LIBS"
+- fi
+- fi
+- if test "x$no_sdl" = x ; then
+- AC_MSG_RESULT(yes)
+- ifelse([$2], , :, [$2])
+- else
+- AC_MSG_RESULT(no)
+- if test "$SDL_CONFIG" = "no" ; then
+- echo "*** The sdl-config script installed by SDL could not be found"
+- echo "*** If SDL was installed in PREFIX, make sure PREFIX/bin is in"
+- echo "*** your path, or set the SDL_CONFIG environment variable to the"
+- echo "*** full path to sdl-config."
+- else
+- if test -f conf.sdltest ; then
+- :
+- else
+- echo "*** Could not run SDL test program, checking why..."
+- CFLAGS="$CFLAGS $SDL_CFLAGS"
+- CXXFLAGS="$CXXFLAGS $SDL_CFLAGS"
+- LIBS="$LIBS $SDL_LIBS"
+- AC_TRY_LINK([
+-#include <stdio.h>
+-#include "SDL.h"
+-
+-int main(int argc, char *argv[])
+-{ return 0; }
+-#undef main
+-#define main K_and_R_C_main
+-], [ return 0; ],
+- [ echo "*** The test program compiled, but did not run. This usually means"
+- echo "*** that the run-time linker is not finding SDL or finding the wrong"
+- echo "*** version of SDL. If it is not finding SDL, you'll need to set your"
+- echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
+- echo "*** to the installed location Also, make sure you have run ldconfig if that"
+- echo "*** is required on your system"
+- echo "***"
+- echo "*** If you have an old version installed, it is best to remove it, although"
+- echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"],
+- [ echo "*** The test program failed to compile or link. See the file config.log for the"
+- echo "*** exact error that occured. This usually means SDL was incorrectly installed"
+- echo "*** or that you have moved SDL since it was installed. In the latter case, you"
+- echo "*** may want to edit the sdl-config script: $SDL_CONFIG" ])
+- CFLAGS="$ac_save_CFLAGS"
+- CXXFLAGS="$ac_save_CXXFLAGS"
+- LIBS="$ac_save_LIBS"
+- fi
+- fi
+- SDL_CFLAGS=""
+- SDL_LIBS=""
+- ifelse([$3], , :, [$3])
+- fi
++ PKG_CHECK_MODULES([SDL], [sdl >= $min_sdl_version])
+ AC_SUBST(SDL_CFLAGS)
+ AC_SUBST(SDL_LIBS)
+- rm -f conf.sdltest
+ ])
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb
new file mode 100644
index 0000000..7a01908
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb
@@ -0,0 +1,83 @@
+SUMMARY = "Simple DirectMedia Layer"
+DESCRIPTION = "Simple DirectMedia Layer is a cross-platform multimedia \
+library designed to provide low level access to audio, keyboard, mouse, \
+joystick, 3D hardware via OpenGL, and 2D video framebuffer."
+HOMEPAGE = "http://www.libsdl.org"
+BUGTRACKER = "http://bugzilla.libsdl.org/"
+
+SECTION = "libs"
+
+LICENSE = "LGPLv2.1"
+LIC_FILES_CHKSUM = "file://COPYING;md5=27818cd7fd83877a8e3ef82b82798ef4"
+
+PROVIDES = "virtual/libsdl"
+
+PR = "r3"
+
+SRC_URI = "http://www.libsdl.org/release/SDL-${PV}.tar.gz \
+ file://libsdl-1.2.15-xdata32.patch \
+ file://pkgconfig.patch \
+ file://0001-build-Pass-tag-CC-explictly-when-using-libtool.patch \
+ file://CVE-2019-7577.patch \
+ file://CVE-2019-7574.patch \
+ file://CVE-2019-7572.patch \
+ file://CVE-2019-7578.patch \
+ file://CVE-2019-7575.patch \
+ file://CVE-2019-7635.patch \
+ file://CVE-2019-7637.patch \
+ file://CVE-2019-7638.patch \
+ file://CVE-2019-7576.patch \
+ "
+
+UPSTREAM_CHECK_REGEX = "SDL-(?P<pver>\d+(\.\d+)+)\.tar"
+
+S = "${WORKDIR}/SDL-${PV}"
+
+SRC_URI[md5sum] = "9d96df8417572a2afb781a7c4c811a85"
+SRC_URI[sha256sum] = "d6d316a793e5e348155f0dd93b979798933fb98aa1edebcc108829d6474aad00"
+
+BINCONFIG = "${bindir}/sdl-config"
+
+inherit autotools lib_package binconfig-disabled pkgconfig
+
+CVE_PRODUCT = "simple_directmedia_layer sdl"
+
+EXTRA_OECONF = "--disable-static --enable-cdrom --enable-threads --enable-timers \
+ --enable-file --disable-oss --disable-esd --disable-arts \
+ --disable-diskaudio --disable-nas \
+ --disable-mintaudio --disable-nasm --disable-video-dga \
+ --disable-video-fbcon --disable-video-ps2gs --disable-video-ps3 \
+ --disable-xbios --disable-gem --disable-video-dummy \
+ --enable-input-events --enable-pthreads \
+ --disable-video-svga \
+ --disable-video-picogui --disable-video-qtopia --enable-sdl-dlopen \
+ --disable-rpath"
+
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'alsa directfb pulseaudio x11', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'opengl', '', d)}"
+PACKAGECONFIG_class-native = "x11"
+PACKAGECONFIG_class-nativesdk = "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}"
+
+PACKAGECONFIG[alsa] = "--enable-alsa --disable-alsatest,--disable-alsa,alsa-lib"
+PACKAGECONFIG[pulseaudio] = "--enable-pulseaudio,--disable-pulseaudio,pulseaudio"
+PACKAGECONFIG[tslib] = "--enable-input-tslib, --disable-input-tslib, tslib"
+PACKAGECONFIG[directfb] = "--enable-video-directfb, --disable-video-directfb, directfb"
+PACKAGECONFIG[opengl] = "--enable-video-opengl, --disable-video-opengl, virtual/libgl libglu"
+PACKAGECONFIG[x11] = "--enable-video-x11 --disable-x11-shared, --disable-video-x11, virtual/libx11 libxext libxrandr libxrender"
+
+# The following two options should only enabled with mingw support
+PACKAGECONFIG[stdio-redirect] = "--enable-stdio-redirect,--disable-stdio-redirect"
+PACKAGECONFIG[directx] = "--enable-directx,--disable-directx"
+
+EXTRA_AUTORECONF += "--include=acinclude --exclude=autoheader"
+
+do_configure_prepend() {
+ # Remove old libtool macros.
+ MACROS="libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4"
+ for i in ${MACROS}; do
+ rm -f ${S}/acinclude/$i
+ done
+ export SYSROOT=$PKG_CONFIG_SYSROOT_DIR
+}
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_git.bb b/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb
similarity index 90%
rename from meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_git.bb
rename to meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb
index bc47a3f..4e4acb8 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_git.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.12.bb
@@ -31,7 +31,9 @@
inherit cmake
SRC_URI = "git://github.com/LibVNC/libvncserver"
-SRCREV = "c0a23857a5c42b45b6d22ccf7218becd1fa69402"
-PV = "0.9.12+git${SRCPV}"
+SRCREV = "1354f7f1bb6962dab209eddb9d6aac1f03408110"
+PV .= "+git${SRCPV}"
S = "${WORKDIR}/git"
+
+EXTRA_OECMAKE = "-DMAKE_INSTALL_LIBDIR=${libdir}"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb
index 1aace02..e4a0321 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb
@@ -7,13 +7,12 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://src/x11vnc.h;endline=31;md5=e871a2ad004776794b616822dcab6314"
-SRC_URI = "https://github.com/LibVNC/x11vnc/archive/${PV}.tar.gz;downloadfilename=x11vnc-${PV}.tar.gz\
+SRCREV = "4ca006fed80410bd9b061a1519bd5d9366bb0bc8"
+SRC_URI = "git://github.com/LibVNC/x11vnc \
file://starting-fix.patch \
file://0001-misc-Makefile.am-don-t-install-Xdummy-when-configure.patch \
"
-
-SRC_URI[md5sum] = "64172e8f896389ec963fff93415f0d93"
-SRC_URI[sha256sum] = "885e5b5f5f25eec6f9e4a1e8be3d0ac71a686331ee1cfb442dba391111bd32bd"
+S = "${WORKDIR}/git"
DEPENDS = "\
jpeg \
diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.1.bb b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.2.bb
similarity index 73%
rename from meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.1.bb
rename to meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.2.bb
index d2afa78..ad6bd17 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.1.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/sessreg_1.1.2.bb
@@ -4,8 +4,8 @@
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=d938a70c8280c265a1ccd2954365d185"
SRC_URI += "file://0001-Makefile.am-Error-Fix.patch"
-SRC_URI[md5sum] = "e475167a892b589da23edf8edf8c942d"
-SRC_URI[sha256sum] = "78a76ae3f3f6a26547a34630d1b740f42344848b5fb6d7c9c7f7da255e35a6e1"
+SRC_URI[md5sum] = "92be564d4be7d8aa7b5024057b715210"
+SRC_URI[sha256sum] = "dfcb9e954273ace63879aec053c7880466f8755752a35aa9ced3fa5f04fd2c33"
CFLAGS_append_libc-musl = " -D_WTMPX_FILE=WTMP_FILE -D_PATH_WTMPX=_PATH_WTMP -D_UTMPX_FILE=UTMP_FILE -D_PATH_UTMPX=_PATH_UTMP "
diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.1.bb b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.2.bb
similarity index 78%
rename from meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.1.bb
rename to meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.2.bb
index 8402753..30fbd1b 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.1.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/setxkbmap_1.3.2.bb
@@ -15,5 +15,5 @@
BBCLASSEXTEND = "native"
-SRC_URI[md5sum] = "2c47a1b8e268df73963c4eb2316b1a89"
-SRC_URI[sha256sum] = "a9ddb3963f263ba13f0ea105d8c45a531832140530217cc559587bb94f02d3e1"
+SRC_URI[md5sum] = "93e736c98fb75856ee8227a0c49a128d"
+SRC_URI[sha256sum] = "8ff27486442725e50b02d7049152f51d125ecad71b7ce503cfa09d5d8ceeb9f5"
diff --git a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_330.bb b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_348.bb
similarity index 70%
rename from meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_330.bb
rename to meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_348.bb
index c2feb81..2dd8322 100644
--- a/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_330.bb
+++ b/meta-openembedded/meta-oe/recipes-graphics/xorg-app/xterm_348.bb
@@ -2,12 +2,12 @@
SUMMARY = "xterm is the standard terminal emulator for the X Window System"
DEPENDS = "libxaw xorgproto libxext libxau libxinerama libxpm ncurses"
-LIC_FILES_CHKSUM = "file://xterm.h;beginline=3;endline=31;md5=f02ab9ebda87b770ecf711dbb3784a33"
+LIC_FILES_CHKSUM = "file://xterm.h;beginline=3;endline=31;md5=c7faceb872d90115e7c0ad90e90c390d"
SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz"
-SRC_URI[md5sum] = "9a6db7974aa4ccbb50eabebf72618467"
-SRC_URI[sha256sum] = "7aeef9f29f6b95e09f481173c8c3053357bf5ffe162585647f690fd1707556df"
+SRC_URI[md5sum] = "05340ef6eabb96826953346c64b35225"
+SRC_URI[sha256sum] = "8b1f5121dbf3690de9d85a3b9329e3357021705dd7c21da192e47542769275be"
PACKAGECONFIG ?= ""
PACKAGECONFIG[xft] = "--enable-freetype,--disable-freetype,libxft fontconfig freetype-native"
@@ -16,7 +16,9 @@
FREETYPE_CONFIG=${STAGING_BINDIR_CROSS}/freetype-config \
--disable-imake \
--disable-rpath-hack \
- --disable-setuid"
+ --disable-setuid \
+ --with-app-defaults=${datadir}/X11/app-defaults \
+ "
B = "${S}"
@@ -26,8 +28,6 @@
oe_runconf
}
-FILES_${PN} += "/usr/lib/X11"
-
# busybox can supply resize too
inherit update-alternatives