subtree updates
meta-security: a397a38ed9..53c5cc794f:
Anton Antonov (2):
Fix PACKAGECONFIG check in Parsec OEQA tests
Flush caches after OEQA tests
Armin Kuster (6):
checksecurity: update to 2.0.16
krill: forced to inclued fetch hashes.
suricata: Fixup to work within the recent crate changes.
suricata: Missed on crate depends
parsec-tool: update SRC_URI hash
parsec-service: fix SRC_URI hash
Gowtham Suresh Kumar (2):
meta-parsec: Disable RSA-OAEP OEQA tests for Parsec PKCS11 backend
parsec-service: Update parsec recipes to 1.2.0 and parsec-tool to 0.6.0
Patrick Williams (1):
libwhisker2-perl: adjust perl-version variable
meta-openembedded: 17243e70c8..c5f330bc9a:
Alex Yao (3):
lcov: Fix Perl Path
lcov: Upgrade 1.14 -> 1.16
lcov: Fix homepage
Ari Parkkila (1):
python3-appdirs: add native and nativesdk to BBCLASSEXTEND
Arsalan H. Awan (1):
meta-networking/licenses/netperf: remove unused license
Bartosz Golaszewski (11):
reboot-mode: put the build artifacts in ${B}
libgpiod: enable all features for ptest
libgpiod: drop unneeded S assignment
libgpiod: generalize the local files directories
libgpiod: update to v2.0.1
python3-gpiod: don't hardcode the project version in recipe
python3-gpiod: add missing run-time dependencies
libgpiod: install the libgpiosim header
python3-gpiod: fetch sources from pypi
libgpiod: fold libgpiod-src.inc into libgpiod.inc
libgpiod: remove test executables from ${bindir}
Chen Qi (1):
android-tools: fix systemd service setting
Enrico Scholz (1):
sox: remove ffmpeg dependency
Etienne Cordonnier (4):
uutils-coreutils: Add crates checksum
uutils-coreutils: remove obsolete comment
uutils-coreutils: upgrade 0.0.17 -> 0.0.18
uutils-coreutils: disable musl support
Ever ATILANO (4):
meta-python: python3-path: Add ptest
meta-python: python3-lorem: Add ptest
meta-oe: recipes-support: dc: Add ptest
meta-oe: recipes-extended: bitwise: Add ptest
Gianfranco Costamagna (1):
vbxguestdrivers: upgrade 7.0.4 -> 7.0.8
Jasper Orschulko (1):
python3-gcovr: Add missing runtime dependency
Jayanth Othayoth (1):
etcd-cpp-apiv3: add recipe
Johannes Kirchmair (1):
redirect unwanted error message in nginx install
Johannes Pointner (1):
python3-pyzstd: add new recipe
Kai Kang (16):
xfce4-taskmanager: 1.5.2 -> 1.5.5
xfce4-terminal: 1.0.0 -> 1.0.4
syslog-ng: not deliver syslog-ng-update-virtualenv
xfce4-notifyd: 0.6.3 -> 0.8.2
xfce4-screenshooter: 1.9.10 -> 1.10.3
thunar: 4.18.0 -> 4.18.4
thunar-media-tags-plugin: 0.3.0 -> 0.4.0
libxfce4util: 4.18.0 -> 4.18.1
libxfce4ui: 4.18.0 -> 4.18.3
xfce4-settings: 4.18.0 -> 4.18.2
xfce4-session: 4.18.0 -> 4.18.2
xfce4-panel: 4.18.0 -> 4.18.3
thunar-archive-plugin: 0.5.0 -> 0.5.1
xfce4-power-manager: 4.18.0 -> 4.18.1
garcon: 4.18.0 -> 4.18.1
xfce4-screensaver: 4.16.0 -> 4.18.1
Khem Raj (36):
krb5: Fix build with autoconf 2.72
cyrus-sasl: Fix autoconf patch to work with new autoconf 2.72
gmime: Update to 3.2.13
imagemagick: Update to 7.1.1
mpv: Upgrade to 0.35.1
fwknop: Use pkg-config instead of gpgme-config
fwknop: Fix AS_IF configure syntax
libstemmer: Update to 2.2.0
libidn: Update largefile m4 macros
emacs: Fix build with autconf 2.72+
ptest-packagelists-meta-oe: Remove minicoredumper from PTESTS_FAST_META_OE on musl
poco: Remove pushd/popd from run-ptest
surf: Fix build with gtkwebkit 2.40
libio-pty-perl: Fix build with musl/clang
meta-gnome: Update patch status for several recipes
libnet-ssleay-perl: Fix patch upstream status
meta-xfce: Fix missing upstream status in patches
meta-multimedia: Fix missing upstream status in several patches
meta-webserver: Fix missing upstream status on patches
babl: Drop clang10 workaround for mips/rv64
babl: Package /usr/lib/babl-0.1/ directory
libtinyxml2: Add ptest support
ptest-packagelists-meta-oe: Add libtinyxml2
minifi-cpp: Always use stat on 64bit linux
libdnet: Upgrade to 1.16.3
python3-pyruvate: regenerate with updated bbclass
monkey,webmin: Fix upstream patch status
python3-pyruvate: Upgrade to 1.2.1
onig: Ignore .debug directories while finding ptests
python3-h5py: Fix TMPDIR references in dbg files
python3-pandas: Fix TMPDIR references in dbg files
fwupd: Do not emit build time paths into generated headers
libcereal: Fix TMPDIR leaking into debug_str section
xmlrpc-c: Upgrade to 1.59.01
grilo: Fix buildpaths in generated header file
python3-click: Fix ptest failure
Leon Anavi (2):
libpcsc-perl: Add recipe
pcsc-tools: Add runtime dependencies
Linus Jacobson (1):
khronos-cts: Replace wayland feature dependancy with vulkan
Markus Volk (40):
nv-codec-headers: add clean target to Makefile
flatpak: update 1.15.3 -> 1.15.4
libcamera: re-introduce fix for gcc-13
polkit-gnome: add recipe
eog: update 43.2 -> 44.0
evince: update 43.1 -> 44.0
gdm: update 43.0 -> 44.0
gnome-calculator: update 43.0.1 -> 44.0
gnome-calendar: update 43.1 -> 44.0
gnome-desktop: update 43 -> 44.0
gnome-disk-utility: update 43.0 -> 44.0
gnome-font-viewer: update 43.0 -> 44.0
gnome-online-accounts: update 3.46.0 -> 3.48.0
gnome-photos: update 43.0 -> 44.0
gnome-session: update 43.0 -> 44.0
gnome-settings-daemon: update 43.0 -> 44.0
gnome-shell-extensions: update 43.1 -> 44.0
gnome-software: update 43.4 -> 44.0
gnome-terminal: update 3.46.7 -> 3.48.0
gnome-text-editor: update 43.1 -> 44.0
tracker-miners: update 3.4.2 -> 3.5.0
zenity: update 3.43.0 -> 3.44.0
xdg-desktop-portal-gnome: update 43.1 -> 44.0
gedit: update 43.2 -> 44.2
evolution-data-server: build oauth with gtk+3
file-roller: set cpio path manually
libdecor: update 1.1.0 -> 1.1.99
freerdp: set PROXY_PLUGINDIR
libnfs: add recipe
pipewire: update 0.3.67 -> 0.3.68
iwd: update 2.3 -> 2.4
mozjs: update 102.5.0 -> 102.9.0
glibmm: fix reproducibility issues
adw-gtk3: add recipe
xdg-desktop-portal-wlr: update
pipewire: remove 'inherit gsettings'
polkit: update SRC_URI
webp-pixbuf-loader: update 0.2.0 -> 0.2.4
udisks2: add PACKAGECONFIGs for btrfs,lvm2 and lsm
pipewire: update 0.3.68 -> 0.3.70
Martin Jansa (7):
zsh: fix installed-vs-shipped with multilib
restinio: fix S variable in multilib builds
mongodb: fix chown user for multilib builds
pahole: respect libdir
lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
dleyna-{server,renderer}: fix dev-so QA issue with multilib
lirc: fix do_install with multilib
Mingli Yu (2):
mcelog: improve the ptest output
php: Fix GCC 12 -Og
Peter Johennecken (1):
nginx: added packagegroup for webdav module
Peter Kjellerstedt (5):
python3-crc32c: Correct the license information
paho-mqtt-cpp: Improve the license information
autossh: Correct the license information
paho-mqtt-c: Improve the license information
recipes: Remove double protocol= from SRC_URIs
Peter Marko (1):
ntp: whitelist CVE-2019-11331
Petr Gotthard (2):
cockpit: upgrade 276 -> 289
nftables: upgrade 1.0.6 -> 1.0.7
Randolph Sapp (1):
glfw: add packageconfig and wayland dependencies
Steffen Trumtrar (3):
openocd: 0.11->0.12
openocd: fix jimtcl url
openocd: enable jtag-vpi and buspirate
Tim Orling (11):
cli11: do not inherit ptest
span-lite: do not inherit ptest
ptest-packagelists-meta-oe.inc: add ptest recipes
meta-oe-ptest*-image: enable BBCLASSEXTEND parallel execution
ptest-packagelists-meta-python.inc: add ptest recipes
meta-python-ptest*-image: enable BBCLASSEXTEND parallel execution
python3-aspectlib: fix ptest
ptest-packagelists-meta-perl.inc: add ptest recipes
recipes-perl/packagegroups: move to recipes-core/
recipes-perl/images: move to recipes-core
meta-perl-ptest*-image: enable BBCLASSEXTEND parallel execution
Ulrich Ölmann (1):
jwt-cpp: enable usage in an SDK
Valeria Petrov (1):
apache2: upgrade 2.4.56 -> 2.4.57
Virendra Thakur (2):
p7zip: fix for CVE-2018-5996
p7zip: Fix for CVE-2016-9296
Wang Mingyu (117):
abseil-cpp: upgrade 20230125.1 -> 20230125.2
libbytesize: upgrade 2.7 -> 2.8
gegl: upgrade 0.4.42 -> 0.4.44
ctags: upgrade 6.0.20230319.0 -> 6.0.20230402.0
libdeflate: upgrade 1.17 -> 1.18
libldb: upgrade 2.7.1 -> 2.7.2
ndisc6: upgrade 1.0.6 -> 1.0.7
libpfm4: upgrade 4.12.0 -> 4.13.0
libtraceevent: upgrade 1.7.1 -> 1.7.2
nginx: upgrade 1.23.3 -> 1.23.4
links: upgrade 2.28 -> 2.29
python3-pyproj: upgrade 3.4.1 -> 3.5.0
ostree: upgrade 2023.1 -> 2023.2
openvpn: upgrade 2.6.1 -> 2.6.2
python3-aenum: upgrade 3.1.11 -> 3.1.12
python3-argcomplete: upgrade 3.0.0 -> 3.0.5
python3-cassandra-driver: upgrade 3.25.0 -> 3.26.0
python3-astroid: upgrade 2.15.0 -> 2.15.1
python3-cmake: upgrade 3.26.0 -> 3.26.1
python3-dateparser: upgrade 1.1.7 -> 1.1.8
python3-google-api-python-client: upgrade 2.81.0 -> 2.83.0
python3-elementpath: upgrade 4.0.1 -> 4.1.0
python3-googleapis-common-protos: upgrade 1.58.0 -> 1.59.0
python3-httplib2: upgrade 0.21.0 -> 0.22.0
python3-google-auth: upgrade 2.16.2 -> 2.17.1
python3-ipython: upgrade 8.11.0 -> 8.12.0
python3-imageio: upgrade 2.26.0 -> 2.27.0
python3-pychromecast: upgrade 13.0.4 -> 13.0.6
python3-jdatetime: upgrade 4.1.0 -> 4.1.1
python3-luma-oled: upgrade 3.11.0 -> 3.12.0
python3-pydantic: upgrade 1.10.6 -> 1.10.7
python3-pymodbus: upgrade 3.2.1 -> 3.2.2
python3-pymisp: upgrade 2.4.169.2 -> 2.4.169.3
python3-pywbemtools: upgrade 1.1.1 -> 1.2.0
python3-redis: upgrade 4.5.1 -> 4.5.4
python3-regex: upgrade 2022.10.31 -> 2023.3.23
python3-typeguard: upgrade 3.0.1 -> 3.0.2
python3-sentry-sdk: upgrade 1.17.0 -> 1.18.0
python3-rich: upgrade 13.3.2 -> 13.3.3
python3-watchdog: upgrade 2.3.1 -> 3.0.0
feh: upgrade 3.9.1 -> 3.10
c-periphery: upgrade 2.3.1 -> 2.4.0
grilo-plugins: upgrade 0.3.15 -> 0.3.16
hwdata: upgrade 0.368 -> 0.369
hwloc: upgrade 2.9.0 -> 2.9.1
libconfig-tiny-perl: upgrade 2.28 -> 2.29
mg: upgrade 20221112 -> 20230406
python3-pillow: upgrade 9.4.0 -> 9.5.0
python3-websockets: upgrade 10.4 -> 11.0.1
poppler: upgrade 23.03.0 -> 23.04.0
python3-alembic: upgrade 1.10.2 -> 1.10.3
python3-astroid: upgrade 2.15.1 -> 2.15.2
python3-coverage: upgrade 7.2.2 -> 7.2.3
python3-google-api-python-client: upgrade 2.83.0 -> 2.84.0
python3-google-auth: upgrade 2.17.1 -> 2.17.2
python3-imgtool: upgrade 1.9.0 -> 1.10.0
python3-pychromecast: upgrade 13.0.6 -> 13.0.7
python3-simplejson: upgrade 3.18.4 -> 3.19.1
python3-networkx: upgrade 3.0 -> 3.1
tesseract: upgrade 5.3.0 -> 5.3.1
python3-zeroconf: upgrade 0.47.4 -> 0.55.0
python3-web3: upgrade 6.0.0 -> 6.1.0
python3-sqlalchemy: upgrade 2.0.7 -> 2.0.9
python3-sentry-sdk: upgrade 1.18.0 -> 1.19.1
hdf5: Fix install conflict when enable multilib.
capnproto: upgrade 0.10.3 -> 0.10.4
ctags: upgrade 6.0.20230402.0 -> 6.0.20230416.0
mctp: upgrade 1.0 -> 1.1
php: upgrade 8.2.4 -> 8.2.5
openvpn: upgrade 2.6.2 -> 2.6.3
python3-croniter: upgrade 1.3.8 -> 1.3.14
python3-diskcache: upgrade 5.4.0 -> 5.5.1
python3-cmake: upgrade 3.26.1 -> 3.26.3
python3-elementpath: upgrade 4.1.0 -> 4.1.1
python3-google-api-python-client: upgrade 2.84.0 -> 2.85.0
python3-google-auth: upgrade 2.17.2 -> 2.17.3
python3-protobuf: upgrade 4.22.1 -> 4.22.3
python3-web3: upgrade 6.1.0 -> 6.2.0
python3-rich: upgrade 13.3.3 -> 13.3.4
python3-pymisp: upgrade 2.4.169.3 -> 2.4.170
python3-xlsxwriter: upgrade 3.0.9 -> 3.1.0
python3-zeroconf: upgrade 0.55.0 -> 0.56.0
remmina: upgrade 1.4.29 -> 1.4.30
tbb: upgrade 2021.8.0 -> 2021.9.0
sip: upgrade 6.7.7 -> 6.7.8
tcpdump: upgrade 4.99.3 -> 4.99.4
tcsh: upgrade 6.24.07 -> 6.24.10
evolution-data-server: upgrade 3.48.0 -> 3.48.1
babl: upgrade 0.1.102 -> 0.1.104
gensio: upgrade 2.6.2 -> 2.6.4
libopus: upgrade 1.3.1 -> 1.4
network-manager-applet: upgrade 1.30.0 -> 1.32.0
networkmanager: upgrade 1.42.4 -> 1.42.6
opencl-headers: upgrade 2023.02.06 -> 2023.04.17
c-periphery: upgrade 2.4.0 -> 2.4.1
mbw: upgrade 1.5 -> 2.0
libmodule-build-tiny-perl: upgrade 0.039 -> 0.043
python3-periphery: upgrade 2.3.0 -> 2.4.1
python3-astroid: upgrade 2.15.2 -> 2.15.3
python3-diskcache: upgrade 5.5.1 -> 5.6.1
python3-engineio: upgrade 4.4.0 -> 4.4.1
python3-soupsieve: upgrade 2.4 -> 2.4.1
python3-google-api-python-client: upgrade 2.85.0 -> 2.86.0
python3-mock: upgrade 5.0.1 -> 5.0.2
python3-pyalsaaudio: upgrade 0.9.2 -> 0.10.0
python3-icu: upgrade 2.10.2 -> 2.11
python3-pymisp: upgrade 2.4.170 -> 2.4.170.1
python3-python-vlc: upgrade 3.0.18121 -> 3.0.18122
python3-sentry-sdk: upgrade 1.19.1 -> 1.20.0
python3-pyscaffold: upgrade 4.4 -> 4.4.1
python3-websockets: upgrade 11.0.1 -> 11.0.2
python3-tornado: upgrade 6.2 -> 6.3
redis: upgrade 7.0.10 -> 7.0.11
python3-xmlschema: upgrade 2.2.2 -> 2.2.3
samba: upgrade 4.18.1 -> 4.18.2
ser2net: upgrade 4.3.11 -> 4.3.12
sip: upgrade 6.7.8 -> 6.7.9
Wentao Zhang (2):
jemalloc: include the missing shell scripts and source the corresponds shell scripts for some test cases.
nss: fix failed test of nss.
Wolfgang Meyer (2):
qrencode: add PACKAGECONFIG for command line tools
qrencode: enable native build
Yi Zhao (1):
samba: upgrade 4.18.0 -> 4.18.1
Yogita Urade (1):
dlt-daemon: fix CVE-2023-26257
Zoltán Böszörményi (2):
hplip: Fix installation and QA
libgusb: Allow building in native mode
poky: 0907793d5e..cce6db2a59:
Alex Kiernan (2):
cargo_common.bbclass: Support local github repos
rust: Upgrade 1.68.1 -> 1.68.2
Alexander Kanavin (5):
rust: do not run separate build/install steps
rust: install llvm item only once
rust: update 1.67.1 -> 1.68.1
ffmpeg: update 5.1.2 -> 6.0
meta/recipes: ensure all recipes have a SUMMARY
Arslan Ahmad (1):
kernel-fitimage: Fix the default dtb config check
Bartosz Golaszewski (5):
python3-pyproject-hooks: add missing run-time dependencies
python3-packaging: add missing run-time dependencies
python3-manifest: add tomllib
python3-manifest: add ensurepip
python3-build: add missing run-time dependencies
Bruce Ashfield (7):
kernel: improve initramfs bundle processing time
linux-yocto/6.1: update to v6.1.23
linux-yocto/5.15: update to v5.15.106
linux-yocto/6.1: update to v6.1.24
linux-yocto/5.15: update to v5.15.107
linux-yocto/6.1: update to v6.1.25
linux-yocto/5.15: update to v5.15.108
Chen Qi (1):
bitbake: runqueue: fix PSI check calculation
Chris Elledge (1):
busybox: move hwclock init earlier in startup
Denys Dmytriyenko (2):
xz: upgrade 5.4.1 -> 5.4.2
grep: upgrade 3.9 -> 3.10
Dit Kozmaj (2):
wic: use part_name when defined
selftest: wic: Add test for --part-name argument
Dmitry Baryshkov (1):
linux-firmware: upgrade 20230210 -> 20230404
Enrico Jörns (10):
oeqa/selftest/cases/runqemu: update imports
oeqa/targetcontrol: fix misspelled RuntimeError
oeqa/targetcontrol: do not set dump_host_cmds redundantly
oeqa/targetcontrol: remove unused imports
oeqa/utils/commands: fix usage of undefined EPIPE
oeqa/utils/commands: remove unused imports
oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output
oeqa/utils/qemurunner: limit precision of timing debugging output
oeqa/utils/qemurunner: fix undefined TimeoutExpired
oeqa: whitespace and indentation cleanups
Enrico Scholz (2):
bitbake: fetch2/crate: create versioned 'name' entries
bitbake: cooker: do not abort on single ctrl-c
Fabio Estevam (1):
u-boot: Upgrade to 2023.04
Frank WOLFF (1):
logrotate: add ptest support
Frederic Martinsons (6):
cargo_common.bbclass: add support of user in url for patch
devtool: add support for multiple git url inside a cargo based recipe
patch: support of git patches when the source uri contained subpath parameter
meta-selftest: provide a recipe for zvariant
cargo-update-recipe-crates: force name overrides
bitbake: fetch2: Display all missing checksum at once
Geoffrey GIRY (1):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
Jan Vermaete (1):
cve-update-nvd2-native: added the missing http import
Kai Kang (2):
libnotify: remove dependency dbus
bitbake: bitbake: ConfHandler: Allow variable flag name with a single character
Khem Raj (16):
e2fsprogs: Define 64bit off_t on rv32
ffmpeg: Disable asm and rvv on riscv32
cargo: Fix build on musl/riscv
musl: Update to latest trunk
systemd: Refresh a musl patch to remove patch-fuzz with 253.3
musl-locales: Add Canadian French (fr_CA) locale support
gawk: Disable known ptest fails on musl
gawk: Remove redundant patch
gawk: Add skipped.txt to emit test to ignore
libxml2: Disable icu tests on musl
apt-util: Fix ptest on musl
lua: Disable locale dependent tests on musl
attr: Disable attr.test on musl
acl: Disable misc.test on musl
fts: Fix typo in summary
m4: Do not munge locale in ptests for musl
Lee Chee Yang (2):
migration-guides: add release-notes for 4.0.9
release-notes-4.2: update RC3 changes
Luca Ceresoli (1):
devicetree.bbclass: fix typo
Marek Vasut (1):
cpio: Fix wrong CRC with ASCII CRC for large files
Mark Asselstine (2):
oeqa/selftest/bblogging: uncomment python stdout checks
python3-psutil: fix-up -tests runtime dependencies
Mark Hatle (1):
sanity.bbclass: Update minimum gcc version to 8.0
Markus Volk (1):
at-spi2-core: update 2.46.0 -> 2.48.0
Marta Rybczynska (1):
cve-update-nvd2-native: new CVE database fetcher
Martin Jansa (8):
selftest: imagefeatures.py: don't mix tabs and spaces for indentation
selftest: runqemu: better check for ROOTFS: in the log
selftest: runqemu: use better error message when asserts fail
runqemu: respect IMAGE_LINK_NAME
python3-cryptography-crates.inc: regenerate with updated bbclass
python3-bcrypt-crates.inc: regenerate with updated bbclass
selftest: efibootpartition.py: fix QEMU_USE_KVM usage
populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override
Michael Opdenacker (20):
manuals: update disk space requirements
manuals: add rm_work disk space data
manuals: add minimum RAM requirements
ref-manual: release-process.rst: update testing section
ref-manual: release-process.rst: major updates
manuals: add "LTS" term
manuals: improve and fix target for supported distros
ref-manual: variables: document VOLATILE_TMP_DIR
migration-guides: update 4.2 migration and release notes
ref-manual: classes.rst: document devicetree.bbclass
ref-manual: remove unused and obsolete file
ref-manual: variables.rst: add wikipedia shortcut for "getty"
overview-manual: update section about source archives
manuals: document SPDX_CUSTOM_ANNOTATION_VARS
overview-manual: development-environment: update text and screenshots
ref-manual: add "Mixin" term
migration-guides: release-notes-4.0.9.rst: add missing SPDX info
migration-guides: fixes and improvements to 4.2 release notes
manuals: expand init manager documentation
ref-manual: variables.rst: document KERNEL_DANGLING_FEATURES_WARN_ONLY
Mikko Rapeli (2):
oeqa ping.py: avoid busylooping failing ping command
oeqa ping.py: fail test if target IP address has not been set
Mingli Yu (3):
report-error: catch Nothing PROVIDES error
bitbake: event: add bb.event.ParseError
report-error: make it catch ParseError error
Ola x Nilsson (2):
patch.py: Use shlex instead of deprecated pipe
package: Use shlex instead of deprecated pipe
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Paul Eggleton (20):
bitbake: bitbake-user-manual: document BB_CACHEDIR
bitbake: bitbake-user-manual: add addpylib and BB_GLOBAL_PYMODULES
bitbake: bitbake-user-manual: add BB_HASH_CODEPARSER_VALS
ref-manual: add new SDK_ZIP_OPTIONS variable
ref-manual: Add new RUST_CHANNEL variable
ref-manual: update for IMAGE_MACHINE_SUFFIX addition
dev/ref-manual: Remove references to INC_PR
ref-manual: add BB_CACHEDIR
migration-guides: Add coverage of addpylib directive
ref-manual: Remove references to package_tar class
ref-manual: add missing QA checks from previous releases
ref-manual: document new patch-status-* QA checks
ref-manual: add FIT_CONF_DEFAULT_DTB
ref-manual: add section link also to buildtools-extended entry
ref-manual: add SDK_ARCHIVE_TYPE
ref-manual: move Initramfs entry from variables to terms
dev/ref-manual: Document INIT_MANAGER
migration-guides: extend migration guide for 4.2
release-notes-4.1: fix some CVE links
release-notes-4.2: add release notes
Pavel Zhukov (2):
scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2
scripts/runqemu: Add possibility to disable network
Pawan Badganchi (1):
tiff: Add fix for CVE-2022-4645
Peter Kjellerstedt (1):
cargo-update-recipe-crates.bbclass: Do not add name= to crate:// URIs
Petr Kubizňák (12):
harfbuzz: depend on glib-2.0-native
json-glib: depend on glib-2.0-native
libgudev: depend on glib-2.0-native
at-spi2-core: depend on glib-2.0-native
avahi: add missing dependencies
graphene: add gobject-types PACKAGECONFIG
python3-pygobject: depend on gobject-introspection
gconf: add missing dependencies
webkitgtk: add missing dependencies
libnotify: depend on glib-2.0-native
vte: depend on glib-2.0-native
gobject-introspection: reduce dependencies
Piotr Łobacz (1):
libarchive: Enable acls, xattr for native as well as target
Qiu Tingting (1):
coreutils: Delete gcc sysroot parameter for ptest on target
Randolph Sapp (1):
wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
Richard Purdie (11):
oeqa/loader: Ensure module names don't contain uppercase characters
zvariant: Exclude from world for now to avoid reproducibility issues
xdg-utils: Add a patch for CVE-2020-27748
cve-extra-exclusions.inc: Exclude some issues not present in linux-yocto
xdg-utils: Fix CVE number
bitbake: bitbake: Bump to version 2.4.0
build-appliance-image: Update to master head revision
poky.conf: Bump version for 4.2 mickledore release
build-appliance-image: Update to master head revision
build-appliance-image: Update to master head revision
cve-exclusions: Document some further linux-yocto CVE statuses
Ross Burton (11):
llvm: remove redundant CMake variables
libgit2: clean up CMake variables
webkitgtk: clean up Python variables
oeqa/runtime: clean up deprecated backslash expansion
classes-recipe/setuptools3-base: clean up FILES assignments
bind: don't package non-existant .la files into -staticdev
gstreamer1.0-plugins: package the internal libraries explicitly
Increase minimum GCC version to 8.0
machine/qemuarm*: don't explicitly set vmalloc
screen: backport fix for CVE-2023-24626
go: backport fix for CVE-2023-24537
Soumya (1):
shadow: Fix can not print full login timeout message
Svend Meyland Nicolaisen (1):
bitbake: npmsw fetcher: Avoid instantiating Fetch class if url list is empty
Thomas De Schampheleire (3):
qemu: make tracetool-generated output reproducible
qemu: retain default trace backend if 'ust' is not enabled
qemu: rename deprecated --enable-trace-backend configure option
Thomas Roos (2):
oeqa/selftest: Use SSTATE_DIR of parent build dir
oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set
Tobias Hagelborn (1):
lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign
Ulrich Ölmann (3):
kernel-dev: fix typos
ref-manual: classes.rst: fix typo
bitbake: bitbake-user-manual: fix BB_RUNFMT's default value
Wang Mingyu (46):
apr: upgrade 1.7.2 -> 1.7.3
bind: upgrade 9.18.12 -> 9.18.13
cracklib: upgrade 2.9.10 -> 2.9.11
libhandy: upgrade 1.8.1 -> 1.8.2
libpcap: upgrade 1.10.3 -> 1.10.4
libsdl2: upgrade 2.26.3 -> 2.26.5
libsoup: upgrade 3.2.2 -> 3.4.0
mpg123: upgrade 1.31.2 -> 1.31.3
acpica: upgrade 20220331 -> 20230331
ccache: upgrade 4.7.4 -> 4.8
libcap: upgrade 2.67 -> 2.68
man-pages: upgrade 6.03 -> 6.04
mtools: upgrade 4.0.42 -> 4.0.43
pango: upgrade 1.50.13 -> 1.50.14
ruby: upgrade 3.2.1 -> 3.2.2
spirv-headers: upgrade 1.3.239.0 -> 1.3.243.0
spirv-tools: upgrade 1.3.239.0 -> 1.3.243.0
sqlite3: upgrade 3.41.0 -> 3.41.2
texinfo: upgrade 7.0.2 -> 7.0.3
wayland: upgrade 1.21.0 -> 1.22.0
wpebackend-fdo: upgrade 1.14.0 -> 1.14.2
xserver-xorg: upgrade 21.1.7 -> 21.1.8
xwayland: upgrade 22.1.8 -> 23.1.1
vala: upgrade 0.56.4 -> 0.56.6
python3-cython: upgrade 0.29.33 -> 0.29.34
python3-hypothesis: upgrade 6.68.2 -> 6.71.0
python3-importlib-metadata: upgrade 6.0.0 -> 6.2.0
python3-installer: upgrade 0.6.0 -> 0.7.0
python3-markdown: upgrade 3.4.1 -> 3.4.3
python3-pathspec: upgrade 0.11.0 -> 0.11.1
python3-pygobject: upgrade 3.42.2 -> 3.44.1
python3-pyopenssl: upgrade 23.0.0 -> 23.1.1
python3-pytz: upgrade 2022.7.1 -> 2023.3
python3-setuptools: upgrade 67.6.0 -> 67.6.1
mesa: upgrade 23.0.0 -> 23.0.2
systemd: upgrade 253.1 -> 253.3
libgit2: upgrade 1.6.3 -> 1.6.4
libsolv: upgrade 0.7.23 -> 0.7.24
libxml2: upgrade 2.10.3 -> 2.10.4
boost: upgrade 1.81.0 -> 1.82.0
ofono: upgrade 2.0 -> 2.1
python3-dtschema: upgrade 2023.1 -> 2023.4
python3-packaging: upgrade 23.0 -> 23.1
python3-pytest: upgrade 7.2.2 -> 7.3.1
stress-ng: upgrade 0.15.06 -> 0.15.07
gdb: Fix conflict of sframe-spec.info
Wentao Zhang (1):
python3: Fix failing sysconfig.py test on x86(64 bit) using lib64 as baselib by updating test_sysconfig for posix_user purelib
Xiangyu Chen (1):
shadow: backport patch to fix CVE-2023-29383
Yoann Congal (4):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
cve-exclusions_6.1: ignore patched CVE-2022-38457 & CVE-2022-40133
cve-extra-exclusion: ignore disputed CVE-2023-23005
cve-extra-exclusions: linux-yocto: ignore fixed CVE-2023-1652 & CVE-2023-1829
Zhixiong Chi (1):
libpam: Fix the xtests/tst-pam_motd[1|3] failures
bkylerussell@gmail.com (1):
kernel-devsrc: depend on python3-core instead of python3
meta-raspberrypi: 3afdbbf782..bf948e0aa8:
Jesse Visser (2):
recipe-bsp: Add support for Raspberry Pi Camera Module v3
docs: Update extra build config Raspberry Pi Camera Module section
Rodrigo M. Duarte (1):
python3-adafruit-blinka: Fix the correct python recipes path in dynamic-layer sub-dir
meta-arm: 9b6c8c95e4..c60d7865dd:
Adam Johnston (3):
arm-bsp/optee: Update OP-TEE TA devkit to 3.20 for N1SDP
CI: Remove ts-smm-gateway from N1SDP
arm-bsp/trusted-firmware-a: Update N1SDP to v2.8.0
Denys Dmytriyenko (4):
optee-os-tadevkit: remove old unused patches
optee-client: add 3.20.0 version
optee-test: add 3.20.0 version
optee-examples: add 3.20.0 version
Emekcan Aras (4):
arm-bsp/trusted-firmware-m: apply patches correctly from external repos
arm-bsp/trusted-firmware-m: Switch to TF-M BL1 in Corstone1000
arm-bsp/corstone1000: add OTP config for fvp
arm-bsp/trusted-firmware-m: Increase assets number for corstone1000
Jon Mason (8):
CI: dev kernel allow failure
arm/linux-yocto: remove IP_VS config fragment
CI: update to the latest kas version
CI: track mickledore branch
arm-bsp/tc1: Fix signed u-boot
arm-bsp/tc1: Add FVP support
arm/trusted-firmware-m-scripts: relocate to tfm directory
arm-bsp/tc1: disable signed kernel image
Peter Hoyes (1):
arm/scp-firmware: Add support for components other than SCP, MCP
Ross Burton (8):
arm/scp-firmware: add recipe for 2.11
arm-bsp/scp-firmware: move all machines to SCP 2.11
arm/scp-firmware: remove 2.10 recipe
arm/trusted-firmware-m: add the tf-m-extras repository that some machines need
arm/trusted-firmware-m: clean up environment flags
arm/trusted-firmware-m: package .elf files in PN-dbg
arm-bsp/trusted-firmware-m: enable for Total Compute on RSS
CI: add TF-M to TC build
Rui Miguel Silva (1):
arm-bsp/corstone1000: tf-m set/get fwu, private metadata using gpt
Xueliang Zhong (3):
arm-bsp/n1sdp-board-firmware: update to newer SHA
arm-bsp/optee-os: N1SDP support for optee-os 3.20
arm-bsp/n1sdp: use edk2-firmware 202211 version
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I68eb48f27b781da34c4a7636f9b3bb1507b46416
diff --git a/poky/meta/recipes-core/busybox/busybox.inc b/poky/meta/recipes-core/busybox/busybox.inc
index 4569acd..582d879 100644
--- a/poky/meta/recipes-core/busybox/busybox.inc
+++ b/poky/meta/recipes-core/busybox/busybox.inc
@@ -34,6 +34,7 @@
INITSCRIPT_NAME:${PN}-httpd = "busybox-httpd"
INITSCRIPT_NAME:${PN}-hwclock = "hwclock.sh"
+INITSCRIPT_PARAMS:${PN}-hwclock = "start 40 S . stop 20 0 1 6 ."
INITSCRIPT_NAME:${PN}-mdev = "mdev"
INITSCRIPT_PARAMS:${PN}-mdev = "start 04 S ."
INITSCRIPT_NAME:${PN}-syslog = "syslog"
diff --git a/poky/meta/recipes-core/coreutils/coreutils_9.1.bb b/poky/meta/recipes-core/coreutils/coreutils_9.1.bb
index 4807eef..e12a6d6 100644
--- a/poky/meta/recipes-core/coreutils/coreutils_9.1.bb
+++ b/poky/meta/recipes-core/coreutils/coreutils_9.1.bb
@@ -193,6 +193,7 @@
sed -i '/^abs_top_builddir/s/= .*$/= \$\{PWD\}/g' ${D}${PTEST_PATH}/Makefile
sed -i '/^abs_top_srcdir/s/= .*$/= \$\{PWD\}/g' ${D}${PTEST_PATH}/Makefile
sed -i '/^built_programs/s/ginstall/install/g' ${D}${PTEST_PATH}/Makefile
+ sed -i '/^CC =/s/ --sysroot=.*recipe-sysroot/ /g' ${D}${PTEST_PATH}/Makefile
chmod -R 777 ${D}${PTEST_PATH}
# Disable subcase stty-pairs.sh, it will cause test framework hang
diff --git a/poky/meta/recipes-core/fts/fts_1.2.7.bb b/poky/meta/recipes-core/fts/fts_1.2.7.bb
index d3b0f31..1010383 100644
--- a/poky/meta/recipes-core/fts/fts_1.2.7.bb
+++ b/poky/meta/recipes-core/fts/fts_1.2.7.bb
@@ -1,7 +1,7 @@
# Copyright (C) 2015 Khem Raj <raj.khem@gmail.com>
# Released under the MIT license (see COPYING.MIT for the terms)
-SUMMARY = "Implementation of ftsfor musl libc packages"
+SUMMARY = "Implementation of fts for musl libc packages"
HOMEPAGE = "https://github.com/pullmoll/musl-fts"
DESCRIPTION = "The musl-fts package implements the fts(3) functions fts_open, fts_read, fts_children, fts_set and fts_close, which are missing in musl libc."
LICENSE = "BSD-3-Clause"
diff --git a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index de0813f..8f54d22 100644
--- a/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/poky/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -26,7 +26,7 @@
REQUIRED_DISTRO_FEATURES += "xattr"
-SRCREV ?= "c45d58f003e8d8b323169ca9d479dc49c43a9974"
+SRCREV ?= "311c76c8e8cf39fa41456561148cebe2b8b3c057"
SRC_URI = "git://git.yoctoproject.org/poky;branch=master \
file://Yocto_Build_Appliance.vmx \
file://Yocto_Build_Appliance.vmxf \
diff --git a/poky/meta/recipes-core/images/core-image-ptest-all.bb b/poky/meta/recipes-core/images/core-image-ptest-all.bb
index c84e653..d4edb0f 100644
--- a/poky/meta/recipes-core/images/core-image-ptest-all.bb
+++ b/poky/meta/recipes-core/images/core-image-ptest-all.bb
@@ -1,4 +1,4 @@
-DESCRIPTION = "Recipe to trigger execution of all ptest images."
+SUMMARY = "Recipe to trigger execution of all ptest images."
HOMEPAGE = "https://www.yoctoproject.org/"
LICENSE = "MIT"
diff --git a/poky/meta/recipes-core/images/core-image-ptest-fast.bb b/poky/meta/recipes-core/images/core-image-ptest-fast.bb
index e768afb..a5364e6 100644
--- a/poky/meta/recipes-core/images/core-image-ptest-fast.bb
+++ b/poky/meta/recipes-core/images/core-image-ptest-fast.bb
@@ -1,6 +1,6 @@
require core-image-ptest-all.bb
-DESCRIPTION = "Recipe to trigger execution of all fast ptest images."
+SUMMARY = "Recipe to trigger execution of all fast ptest images."
PTESTS = "${PTESTS_FAST}"
diff --git a/poky/meta/recipes-core/libxml/libxml2_2.10.3.bb b/poky/meta/recipes-core/libxml/libxml2_2.10.4.bb
similarity index 87%
rename from poky/meta/recipes-core/libxml/libxml2_2.10.3.bb
rename to poky/meta/recipes-core/libxml/libxml2_2.10.4.bb
index 6b3dd3e..2886315 100644
--- a/poky/meta/recipes-core/libxml/libxml2_2.10.3.bb
+++ b/poky/meta/recipes-core/libxml/libxml2_2.10.4.bb
@@ -21,7 +21,7 @@
file://libxml-m4-use-pkgconfig.patch \
"
-SRC_URI[archive.sha256sum] = "5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c"
+SRC_URI[archive.sha256sum] = "ed0c91c5845008f1936739e4eee2035531c1c94742c6541f44ee66d885948d45"
SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273"
BINCONFIG = "${bindir}/xml2-config"
@@ -40,15 +40,15 @@
inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)}
-RDEPENDS:${PN}-ptest += "bash make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
+RDEPENDS:${PN}-ptest += "bash make locale-base-en-us ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}"
RDEPENDS:${PN}-python += "${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3-core', '', d)}"
+RDEPENDS:${PN}-ptest:append:libc-musl = " musl-locales"
RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-ebcdic-us \
glibc-gconv-ibm1141 \
glibc-gconv-iso8859-5 \
glibc-gconv-euc-jp \
- locale-base-en-us \
"
# WARNING: zlib is required for RPM use
@@ -85,6 +85,11 @@
fi
}
+# with musl we need to enable icu support explicitly for these tests
+do_install_ptest:append:libc-musl () {
+ rm -rf ${D}/${PTEST_PATH}/test/icu_parse_test.xml
+}
+
do_install:append:class-native () {
# Docs are not needed in the native case
rm ${D}${datadir}/gtk-doc -rf
diff --git a/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb
new file mode 100644
index 0000000..2b58598
--- /dev/null
+++ b/poky/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -0,0 +1,334 @@
+SUMMARY = "Updates the NVD CVE database"
+LICENSE = "MIT"
+
+# Important note:
+# This product uses the NVD API but is not endorsed or certified by the NVD.
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+inherit native
+
+deltask do_unpack
+deltask do_patch
+deltask do_configure
+deltask do_compile
+deltask do_install
+deltask do_populate_sysroot
+
+NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0"
+
+# CVE database update interval, in seconds. By default: once a day (24*60*60).
+# Use 0 to force the update
+# Use a negative value to skip the update
+CVE_DB_UPDATE_INTERVAL ?= "86400"
+
+# Timeout for blocking socket operations, such as the connection attempt.
+CVE_SOCKET_TIMEOUT ?= "60"
+
+CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db"
+
+CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db"
+
+python () {
+ if not bb.data.inherits_class("cve-check", d):
+ raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
+}
+
+python do_fetch() {
+ """
+ Update NVD database with API 2.0
+ """
+ import bb.utils
+ import bb.progress
+ import shutil
+
+ bb.utils.export_proxies(d)
+
+ db_file = d.getVar("CVE_CHECK_DB_FILE")
+ db_dir = os.path.dirname(db_file)
+ db_tmp_file = d.getVar("CVE_DB_TEMP_FILE")
+
+ cleanup_db_download(db_file, db_tmp_file)
+ # By default let's update the whole database (since time 0)
+ database_time = 0
+
+ # The NVD database changes once a day, so no need to update more frequently
+ # Allow the user to force-update
+ try:
+ import time
+ update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL"))
+ if update_interval < 0:
+ bb.note("CVE database update skipped")
+ return
+ if time.time() - os.path.getmtime(db_file) < update_interval:
+ bb.note("CVE database recently updated, skipping")
+ return
+ database_time = os.path.getmtime(db_file)
+
+ except OSError:
+ pass
+
+ bb.utils.mkdirhier(db_dir)
+ if os.path.exists(db_file):
+ shutil.copy2(db_file, db_tmp_file)
+
+ if update_db_file(db_tmp_file, d, database_time) == True:
+ # Update downloaded correctly, can swap files
+ shutil.move(db_tmp_file, db_file)
+ else:
+ # Update failed, do not modify the database
+ bb.warn("CVE database update failed")
+ os.remove(db_tmp_file)
+}
+
+do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
+do_fetch[file-checksums] = ""
+do_fetch[vardeps] = ""
+
+def cleanup_db_download(db_file, db_tmp_file):
+ """
+ Cleanup the download space from possible failed downloads
+ """
+
+ # Clean up the updates done on the main file
+ # Remove it only if a journal file exists - it means a complete re-download
+ if os.path.exists("{0}-journal".format(db_file)):
+ # If a journal is present the last update might have been interrupted. In that case,
+ # just wipe any leftovers and force the DB to be recreated.
+ os.remove("{0}-journal".format(db_file))
+
+ if os.path.exists(db_file):
+ os.remove(db_file)
+
+ # Clean-up the temporary file downloads, we can remove both journal
+ # and the temporary database
+ if os.path.exists("{0}-journal".format(db_tmp_file)):
+ # If a journal is present the last update might have been interrupted. In that case,
+ # just wipe any leftovers and force the DB to be recreated.
+ os.remove("{0}-journal".format(db_tmp_file))
+
+ if os.path.exists(db_tmp_file):
+ os.remove(db_tmp_file)
+
+def nvd_request_next(url, api_key, args):
+ """
+ Request next part of the NVD dabase
+ """
+
+ import urllib.request
+ import urllib.parse
+ import gzip
+ import http
+
+ headers = {}
+ if api_key:
+ headers['apiKey'] = api_key
+
+ data = urllib.parse.urlencode(args)
+
+ full_request = url + '?' + data
+
+ for attempt in range(3):
+ try:
+ r = urllib.request.urlopen(full_request)
+
+ if (r.headers['content-encoding'] == 'gzip'):
+ buf = r.read()
+ raw_data = gzip.decompress(buf)
+ else:
+ raw_data = r.read().decode("utf-8")
+
+ r.close()
+
+ except UnicodeDecodeError:
+ # Received garbage, retry
+ bb.debug(2, "CVE database: received malformed data, retrying (request: %s)" %(full_request))
+ pass
+ except http.client.IncompleteRead:
+ # Read incomplete, let's try again
+ bb.debug(2, "CVE database: received incomplete data, retrying (request: %s)" %(full_request))
+ pass
+ else:
+ return raw_data
+ else:
+ # We failed at all attempts
+ return None
+
+def update_db_file(db_tmp_file, d, database_time):
+ """
+ Update the given database file
+ """
+ import bb.utils, bb.progress
+ import datetime
+ import sqlite3
+ import json
+
+ # Connect to database
+ conn = sqlite3.connect(db_tmp_file)
+ initialize_db(conn)
+
+ req_args = {'startIndex' : 0}
+
+ # The maximum range for time is 120 days
+ # Force a complete update if our range is longer
+ if (database_time != 0):
+ database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time())
+ today_date = datetime.datetime.combine(datetime.date.today(), datetime.time())
+ delta = today_date - database_date
+ if delta.days < 120:
+ bb.debug(2, "CVE database: performing partial update")
+ req_args['lastModStartDate'] = database_date.isoformat()
+ req_args['lastModEndDate'] = today_date.isoformat()
+ else:
+ bb.note("CVE database: file too old, forcing a full update")
+
+ with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f:
+
+ bb.debug(2, "Updating entries")
+ index = 0
+ url = d.getVar("NVDCVE_URL")
+ while True:
+ req_args['startIndex'] = index
+ raw_data = nvd_request_next(url, None, req_args)
+ if raw_data is None:
+ # We haven't managed to download data
+ return False
+
+ data = json.loads(raw_data)
+
+ index = data["startIndex"]
+ total = data["totalResults"]
+ per_page = data["resultsPerPage"]
+
+ for cve in data["vulnerabilities"]:
+ update_db(conn, cve)
+
+ index += per_page
+ ph.update((float(index) / (total+1)) * 100)
+ if index >= total:
+ break
+
+ # Recommended by NVD
+ time.sleep(6)
+
+ # Update success, set the date to cve_check file.
+ cve_f.write('CVE database update : %s\n\n' % datetime.date.today())
+
+ conn.commit()
+ conn.close()
+ return True
+
+def initialize_db(conn):
+ with conn:
+ c = conn.cursor()
+
+ c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)")
+
+ c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \
+ SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)")
+
+ c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \
+ VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \
+ VERSION_END TEXT, OPERATOR_END TEXT)")
+ c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);")
+
+ c.close()
+
+def parse_node_and_insert(conn, node, cveId):
+
+ def cpe_generator():
+ for cpe in node.get('cpeMatch', ()):
+ if not cpe['vulnerable']:
+ return
+ cpe23 = cpe.get('criteria')
+ if not cpe23:
+ return
+ cpe23 = cpe23.split(':')
+ if len(cpe23) < 6:
+ return
+ vendor = cpe23[3]
+ product = cpe23[4]
+ version = cpe23[5]
+
+ if cpe23[6] == '*' or cpe23[6] == '-':
+ version_suffix = ""
+ else:
+ version_suffix = "_" + cpe23[6]
+
+ if version != '*' and version != '-':
+ # Version is defined, this is a '=' match
+ yield [cveId, vendor, product, version + version_suffix, '=', '', '']
+ elif version == '-':
+ # no version information is available
+ yield [cveId, vendor, product, version, '', '', '']
+ else:
+ # Parse start version, end version and operators
+ op_start = ''
+ op_end = ''
+ v_start = ''
+ v_end = ''
+
+ if 'versionStartIncluding' in cpe:
+ op_start = '>='
+ v_start = cpe['versionStartIncluding']
+
+ if 'versionStartExcluding' in cpe:
+ op_start = '>'
+ v_start = cpe['versionStartExcluding']
+
+ if 'versionEndIncluding' in cpe:
+ op_end = '<='
+ v_end = cpe['versionEndIncluding']
+
+ if 'versionEndExcluding' in cpe:
+ op_end = '<'
+ v_end = cpe['versionEndExcluding']
+
+ if op_start or op_end or v_start or v_end:
+ yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
+ else:
+ # This is no version information, expressed differently.
+ # Save processing by representing as -.
+ yield [cveId, vendor, product, '-', '', '', '']
+
+ conn.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()).close()
+
+def update_db(conn, elt):
+ """
+ Update a single entry in the on-disk database
+ """
+
+ accessVector = None
+ cveId = elt['cve']['id']
+ if elt['cve']['vulnStatus'] == "Rejected":
+ return
+ cveDesc = ""
+ for desc in elt['cve']['descriptions']:
+ if desc['lang'] == 'en':
+ cveDesc = desc['value']
+ date = elt['cve']['lastModified']
+ try:
+ accessVector = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['accessVector']
+ cvssv2 = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['baseScore']
+ except KeyError:
+ cvssv2 = 0.0
+ try:
+ accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector']
+ cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore']
+ except KeyError:
+ accessVector = accessVector or "UNKNOWN"
+ cvssv3 = 0.0
+
+ conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)",
+ [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close()
+
+ try:
+ configurations = elt['cve']['configurations'][0]['nodes']
+ for config in configurations:
+ parse_node_and_insert(conn, config, cveId)
+ except KeyError:
+ bb.debug(2, "Entry without a configuration")
+
+do_fetch[nostamp] = "1"
+
+EXCLUDE_FROM_WORLD = "1"
diff --git a/poky/meta/recipes-core/musl/musl-locales_git.bb b/poky/meta/recipes-core/musl/musl-locales_git.bb
index 9253223..6ffac4f 100644
--- a/poky/meta/recipes-core/musl/musl-locales_git.bb
+++ b/poky/meta/recipes-core/musl/musl-locales_git.bb
@@ -10,7 +10,7 @@
SRC_URI = "git://git.adelielinux.org/adelie/musl-locales;protocol=https;branch=main"
PV = "1.0+git${SRCPV}"
-SRCREV = "cac3dcdccd1d0c08d17f4919d862737d64b76f79"
+SRCREV = "5663f5bfd30bf9e1e0ba3fc5fe2da6725969f30e"
S = "${WORKDIR}/git"
@@ -35,6 +35,7 @@
LICENSE:locale-base-en-us = "MIT"
LICENSE:locale-base-es-es = "MIT"
LICENSE:locale-base-fi-fi = "MIT"
+LICENSE:locale-base-fr-ca = "MIT"
LICENSE:locale-base-fr-fr = "MIT"
LICENSE:locale-base-it-it = "MIT"
LICENSE:locale-base-nb-no = "MIT"
@@ -52,6 +53,7 @@
locale-base-en-us \
locale-base-es-es \
locale-base-fi-fi \
+ locale-base-fr-ca \
locale-base-fr-fr \
locale-base-it-it \
locale-base-nb-no \
@@ -69,6 +71,7 @@
FILES:locale-base-en-us += "${datadir}/i18n/locales/musl/en_US.UTF-8"
FILES:locale-base-es-es += "${datadir}/i18n/locales/musl/es_ES.UTF-8"
FILES:locale-base-fi-fi += "${datadir}/i18n/locales/musl/fi_FI.UTF-8"
+FILES:locale-base-fr-ca += "${datadir}/i18n/locales/musl/fr_CA.UTF-8"
FILES:locale-base-fr-fr += "${datadir}/i18n/locales/musl/fr_FR.UTF-8"
FILES:locale-base-it-it += "${datadir}/i18n/locales/musl/it_IT.UTF-8"
FILES:locale-base-nb-no += "${datadir}/i18n/locales/musl/nb_NO.UTF-8"
diff --git a/poky/meta/recipes-core/musl/musl-utils.bb b/poky/meta/recipes-core/musl/musl-utils.bb
index c42dff3..8280333 100644
--- a/poky/meta/recipes-core/musl/musl-utils.bb
+++ b/poky/meta/recipes-core/musl/musl-utils.bb
@@ -1,7 +1,7 @@
# Copyright (C) 2018 Khem Raj <raj.khem@gmail.com>
# Released under the MIT license (see COPYING.MIT for the terms)
-DESCRIPTION = "getconf, getent and iconv implementations for musl"
+SUMMARY = "getconf, getent and iconv implementations for musl"
HOMEPAGE = "https://git.alpinelinux.org/cgit/aports/tree/main/musl"
LICENSE = "BSD-2-Clause & GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=9d08215e611db87b357e8674b4b42564"
diff --git a/poky/meta/recipes-core/musl/musl_git.bb b/poky/meta/recipes-core/musl/musl_git.bb
index 39f6dd8..531f337 100644
--- a/poky/meta/recipes-core/musl/musl_git.bb
+++ b/poky/meta/recipes-core/musl/musl_git.bb
@@ -4,7 +4,7 @@
require musl.inc
inherit linuxloader
-SRCREV = "7d756e1c04de6eb3f2b3d3e1141a218bb329fcfb"
+SRCREV = "1d5750b95c06913a1f18a995481276d698d20fae"
BASEVER = "1.2.3"
diff --git a/poky/meta/recipes-core/systemd/systemd-boot_253.1.bb b/poky/meta/recipes-core/systemd/systemd-boot_253.3.bb
similarity index 100%
rename from poky/meta/recipes-core/systemd/systemd-boot_253.1.bb
rename to poky/meta/recipes-core/systemd/systemd-boot_253.3.bb
diff --git a/poky/meta/recipes-core/systemd/systemd.inc b/poky/meta/recipes-core/systemd/systemd.inc
index 14608f9..d50f2c9 100644
--- a/poky/meta/recipes-core/systemd/systemd.inc
+++ b/poky/meta/recipes-core/systemd/systemd.inc
@@ -14,11 +14,10 @@
LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"
-SRCREV = "6c327d74aa0d350482e82a247d7018559699798d"
+SRCREV = "ed18c2ab79e8b94182d5dcf31d58457763f3e3e1"
SRCBRANCH = "v253-stable"
SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH} \
file://0026-src-boot-efi-efi-string.c-define-wchar_t-from-__WCHA.patch \
- file://0025-systemctl-explicitly-cast-the-constants-to-uint64_t.patch \
"
S = "${WORKDIR}/git"
diff --git a/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch b/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch
index 6f01721..2090d81 100644
--- a/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch
+++ b/poky/meta/recipes-core/systemd/systemd/0010-add-fallback-parse_printf_format-implementation.patch
@@ -21,8 +21,6 @@
create mode 100644 src/basic/parse-printf-format.c
create mode 100644 src/basic/parse-printf-format.h
-diff --git a/meson.build b/meson.build
-index bfc86857d6..fb96143c37 100644
--- a/meson.build
+++ b/meson.build
@@ -755,6 +755,7 @@ endif
@@ -31,10 +29,8 @@
'linux/vm_sockets.h',
+ 'printf.h',
'sys/auxv.h',
+ 'threads.h',
'valgrind/memcheck.h',
- 'valgrind/valgrind.h',
-diff --git a/src/basic/meson.build b/src/basic/meson.build
-index 7aae031d81..1aa9f5006d 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -173,6 +173,11 @@ endforeach
@@ -49,9 +45,6 @@
############################################################
arch_list = [
-diff --git a/src/basic/parse-printf-format.c b/src/basic/parse-printf-format.c
-new file mode 100644
-index 0000000000..49437e5445
--- /dev/null
+++ b/src/basic/parse-printf-format.c
@@ -0,0 +1,273 @@
@@ -328,9 +321,6 @@
+
+ return last;
+}
-diff --git a/src/basic/parse-printf-format.h b/src/basic/parse-printf-format.h
-new file mode 100644
-index 0000000000..47be7522d7
--- /dev/null
+++ b/src/basic/parse-printf-format.h
@@ -0,0 +1,57 @@
@@ -391,8 +381,6 @@
+size_t parse_printf_format(const char *fmt, size_t n, int *types);
+
+#endif /* HAVE_PRINTF_H */
-diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h
-index 4e93ac90c9..f9deb6f662 100644
--- a/src/basic/stdio-util.h
+++ b/src/basic/stdio-util.h
@@ -1,12 +1,12 @@
@@ -409,8 +397,6 @@
_printf_(3, 4)
static inline char *snprintf_ok(char *buf, size_t len, const char *format, ...) {
-diff --git a/src/libsystemd/sd-journal/journal-send.c b/src/libsystemd/sd-journal/journal-send.c
-index 3b74d2246e..136ebcb153 100644
--- a/src/libsystemd/sd-journal/journal-send.c
+++ b/src/libsystemd/sd-journal/journal-send.c
@@ -2,7 +2,6 @@
@@ -429,6 +415,3 @@
#define SNDBUF_SIZE (8*1024*1024)
---
-2.39.2
-
diff --git a/poky/meta/recipes-core/systemd/systemd/0025-systemctl-explicitly-cast-the-constants-to-uint64_t.patch b/poky/meta/recipes-core/systemd/systemd/0025-systemctl-explicitly-cast-the-constants-to-uint64_t.patch
deleted file mode 100644
index d840de8..0000000
--- a/poky/meta/recipes-core/systemd/systemd/0025-systemctl-explicitly-cast-the-constants-to-uint64_t.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From fad29ce1f5cc7b12bc13671d9ad80775771a67eb Mon Sep 17 00:00:00 2001
-From: Frantisek Sumsal <frantisek@sumsal.cz>
-Date: Fri, 3 Mar 2023 12:17:27 +0100
-Subject: [PATCH] systemctl: explicitly cast the constants to uint64_t
-
-Otherwise under certain conditions `va_arg()` might get garbage instead
-of the expected value, i.e.:
-
-$ sudo build-o0/systemctl disable asdfasfaf
-sd_bus_message_appendv: Got uint64_t: 0
-Failed to disable unit: Unit file asdfasfaf.service does not exist.
-
-$ sudo build-o1/systemctl disable asdfasfaf
-sd_bus_message_appendv: Got uint64_t: 7954875719681572864
-Failed to disable unit: Invalid argument
-
-(reproduced on an armv7hl machine)
-
-Resolves: #26568
-Follow-up to: bf1bea43f15
-Related issue: https://github.com/systemd/systemd/pull/14470#discussion_r362893735
-
-Upstream-Status: Backport [https://github.com/systemd/systemd/commit/c63bfd0884cf20e48befbee49d41f667660a8802]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- src/systemctl/systemctl-enable.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/systemctl/systemctl-enable.c b/src/systemctl/systemctl-enable.c
-index 86d9f602fa..f94a286122 100644
---- a/src/systemctl/systemctl-enable.c
-+++ b/src/systemctl/systemctl-enable.c
-@@ -211,7 +211,7 @@ int verb_enable(int argc, char *argv[], void *userdata) {
-
- if (send_runtime) {
- if (streq(method, "DisableUnitFilesWithFlagsAndInstallInfo"))
-- r = sd_bus_message_append(m, "t", arg_runtime ? UNIT_FILE_RUNTIME : 0);
-+ r = sd_bus_message_append(m, "t", arg_runtime ? (uint64_t) UNIT_FILE_RUNTIME : UINT64_C(0));
- else
- r = sd_bus_message_append(m, "b", arg_runtime);
- if (r < 0)
---
-2.39.2
-
diff --git a/poky/meta/recipes-core/systemd/systemd_253.1.bb b/poky/meta/recipes-core/systemd/systemd_253.3.bb
similarity index 100%
rename from poky/meta/recipes-core/systemd/systemd_253.1.bb
rename to poky/meta/recipes-core/systemd/systemd_253.3.bb