subtree updates july 21 2023 poky,openembedded
poky: 13b646c0e1..b398c7653e:
Adrian Freihofer (2):
runqemu-ifdown: catch up with ifup
runqemu: drop uid parameter for ifdown
Alejandro Hernandez Samaniego (3):
baremetal-helloworld: Fix race condition
runqemu: Stop using warn() since its been deprecated
runqemu: Fix automated call to runqemu-ifup
Alex Kiernan (3):
rootfs: Add debugfs package db file copy and cleanup
rpm: Pick debugfs package db files/dirs explicitly
eudev: Add group sgx to eudev package
Alexander Kanavin (27):
insane.bbclass: enable 32 bit time API check (as a warning) on affected architectures
libxcrypt: upgrade 4.4.34 -> 4.4.35
libxml2: update 2.10.4 -> 2.11.4
ovmf: update 202302 -> 202305
lua: update 5.4.4 -> 5.4.6
cargo.bbclass: set up cargo environment in common do_compile
rust-common.bbclass: move musl-specific linking fix from rust-source.inc
python3-cryptography: update 39.0.2 -> 41.0.1
python3-cryptography-vectors: update 39.0.2 -> 41.0.1
python3: update 3.11.3 -> 3.11.4
diffutils: update 3.9 -> 3.10
shadow: remove dependency on pam-plugin-lastlog
libpam: update 1.5.2 -> 1.5.3
librsvg: update 2.56.0 -> 2.56.1
vulkan-validation-layers: update 1.3.243 -> 1.3.250
xcb-util-cursor: add a recipe from meta-oe
weston: update 11.0.1 -> 12.0.1
libdmx: update 1.1.4 -> 1.1.5
xtrans: update 1.4.0 -> 1.5.0
libproxy: fetch from git
libproxy: update 0.4.18 -> 0.5.2
libssh2: update 1.10.0 -> 1.11.0
gstreamer1.0-plugins-base: enable glx/opengl support
webkitgtk: update 2.38.5 -> 2.40.2
python3-cryptography: update a patch to upstream's better followup fix
time64.inc: annotate and clean up recipe-specific Y2038 exceptions
Revert "rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock"
Andrej Valek (3):
cve-check: add option to add additional patched CVEs
oeqa/selftest/cve_check: rework test to new cve status handling
cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
Anuj Mittal (7):
rpm: backport fix to prevent crashes with latest sqlite
sqlite3: upgrade 3.41.2 -> 3.42.0
vte: upgrade 0.72.1 -> 0.72.2
libpng: upgrade 1.6.39 -> 1.6.40
glib-networking: upgrade 2.76.0 -> 2.76.1
bluez5: upgrade 5.66 -> 5.68
selftest/cases/glibc.py: fix the override syntax
BELOUARGA Mohamed (9):
bitbake: fetch2/npmsw: Add support for the new format of the shrinkwrap file
bitbake: fetch2/npmsw: Don't fetch dev dependencies when they are not demanded
bitbake: fetch2/npm: Remove special caracters that causes recipe tool to fail
recipetool: create: npm: Remove duplicate function to not have future conflicts
classes: npm: Handle peer dependencies for npm packages
recipetool: create: npm: Add support for the new format of the shrinkwrap file
recipetool: create: npm: Add support to handle peer dependencies
classes: npm: Add support for the new format of the shrinkwrap file
classe-recipes: npm: Add support for dependencies and devDependencies
Benjamin Bouvier (1):
util-linux: add alternative links for ipcs,ipcrm
Bruce Ashfield (19):
perf: fix buildpaths QA warning in 6.4+
linux-libc-headers: bump to 6.4
kernel: fix localversion in v6.3+
linux-yocto: introduce 6.4 reference kernel recipes
linux-yocto/6.4: update to latest
linux-yocto/6.4: aufs6 integration
linux-yocto/6.4: refresh configuration
linux-yocto-rt/6.4: integrate -rt6
linux-yocto/6.4: update to v6.4.2
linux-yocto-tiny/6.4: fix configuration warnings (HID)
linux-yocto-tiny/arm: fix configuration warnings (HID)
linux-yocto/ppc: add elfutils-native to DEPENDS
linux-yocto/6.1: update to v6.1.36
linux-yocto/6.1: update to v6.1.37
linux-yocto/6.1: update to v6.1.38
linux-yocto/6.x: cfg: update ima.cfg to match current meta-integrity
linux-yocto/6.4: update to v6.4.3
kernel: set HOSTPKG_CONFIG to use pkg-config-native
linux-yocto/6.4: fix menuconfig
Changqing Li (2):
dnf: only write the log lock to root for native dnf
rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock
Denys Dmytriyenko (1):
bitbake: runqueue: convert deferral messages from bb.note to bb.debug
Enrico Scholz (1):
shadow-sysroot: add license information
Etienne Cordonnier (2):
libxcrypt: fix hard-coded ".so" extension
qemu: fix typo
Fabio Estevam (3):
u-boot: Update Upstream-Status
u-boot: Upgrade to 2023.07
u-boot: Upgrade to 2023.07.02
Frederic Martinsons (1):
ptest-cargo.bbclass: fix condition to detect test executable
Joe Slater (1):
ghostscript: advance to version 10.01.2
Jose Quaresma (12):
kernel: config modules directories are handled by kernel-module-split
kernel-module-split: install config modules directories only when they are needed
kernel-module-split: use context manager to open files
kernel-module-split: make autoload and probeconf distribution specific
kernel-module-split add systemd modulesloaddir and modprobedir config
pybootchartgui: calcule elapsed_time when starting the loop
pybootchartgui: concatenate the elapsed time with the process
pybootchartgui: fix overlapping argument in render_processes_chart
pybootchartgui: fix width max usage in draw_label_in_box
openssl: add PERLEXTERNAL path to test its existence
openssl: use a glob on the PERLEXTERNAL to track updates on the path
go: update 1.20.5 -> 1.20.6
Julien Stephan (1):
automake: fix buildtest patch
Khem Raj (9):
ffmpeg: Fix build on riscv
libpam: Fix examples build on musl
webkitgtk: Enable JIT on RISCV64
musl: Guard fallocate64 with _LARGEFILE64_SOURCE
alsa-lib: Disable old API symbols
mesa: Fix build with upcoming LLVM 17
meson.bbclass: Point to llvm-config from native sysroot
webkitgtk: Unbreak build on platforms using pvr graphics drivers
python3-lxml: upgrade 4.9.2 -> 4.9.3
Martin Jansa (4):
selftest: multiconfig-image-packager: try to respect IMAGE_LINK_NAME
kernel-devicetree: install dtb files without -${KERNEL_DTB_NAME} suffix
image-artifact-names: include ${IMAGE_NAME_SUFFIX} directly in both ${IMAGE_NAME} and ${IMAGE_LINK_NAME}
cpio: respect MLPREFIX for PACKAGE_WRITE_DEPS
Michael Halstead (1):
resulttool/resultutils: allow index generation despite corrupt json
Mingli Yu (1):
qemu: Add qemu-user-* and qemu-system-* to PACKAGES_DYNAMIC
Natasha Bailey (1):
tiff: backport a fix for CVE-2023-26965
Ovidiu Panait (5):
mdadm: fix util-linux ptest dependency
mdadm: fix 07revert-inplace ptest
mdadm: fix segfaults when running ptests
mdadm: skip running known broken ptests
mdadm: re-add mdadm-ptest to PTESTS_SLOW
Peter Hoyes (5):
bitbake: bitbake: tests/fetch: Mark TestTimeout as not a test suite
bitbake: bitbake: tests/fetch: Rename assertRaisesRegexp to assertRaisesRegex
bitbake: bitbake: tests/fetch: Set git config if not already set
bitbake: bitbake: tests: Use assertLogs to test logging output
bitbake: bitbake: Bootstrap pytest for self-tests
Peter Marko (4):
cve-update-nvd2-native: fix cvssV3 metrics
gcsections: apply section removal also in C++, not only in C
cve-update-nvd2-native: retry all errors and sleep between retries
cve-update-nvd2-native: increase retry count
Piotr Łobacz (1):
bitbake.conf: Add acl distro native features support
Quentin Schulz (1):
uboot-extlinux-config.bbclass: fix old override syntax in comment
Richard Purdie (14):
defaultsetup: Enable largefile and 64bit time_t support systemwide for 32 bit platforms
time64: Disable CFLAGS for strace
bitbake: runqueue: Fix deferred task/multiconfig race issue
strace: Update patches/tests with upstream fixes
bitbake: fetch2/npmsw: Support old and new shrinkwrap formats
ptest-runner: Pull in "runner: Remove threads and mutexes" fix
bitbake: server/process: Show command in timeout message
bitbake: cooker: Log when parsing starts in server log
gcc-testsuite: Fix ppc cpu specification
ptest-runner: Pull in parallel test fixes and output handling
oeqa/selftest/rust: Various fixes to work correctly
bitbake: runqueue: Add pressure change logging
build-appliance-image: Update to master head revision
glibc-testsuite: Fix network restrictions causing test failures
Ross Burton (26):
cve-update-db-native: remove
cve-update-nvd2-native: handle all configuration nodes, not just first
cve-update-nvd2-native: use exact times, don't truncate
ghostscript: remove CVE_CHECK_IGNORE for CVE-2013-6629
pkgconf: update SRC_URI
libjpeg-turbo: upgrade to 3.0.0
cups: upgrade to 2.4.6
tiff: upgrade to 4.5.1
linux-yocto/cve-exclusion: move entries from cve-extra-exclusions
linux-yocto/cve-exclusion: ignore more backported CVEs
python3: fix missing comma in get_module_deps3.py
python3-jsonpointer: upgrade to 2.4
oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
cml1: add showconfig task to easily find the generated .config file
rootfs_rpm: don't depend on opkg-native for update-alternatives
poky: add Debian 12 to supported distribution list
cve-update-nvd2-native: log a little more
cve-update-nvd2-native: actually use API keys
gcc: don't pass --enable-standard-branch-protection
machine/arch-arm64: add -mbranch-protection=standard
qemuarm: pin kernel to 6.1
libdmx: remove obsolete library
linux-yocto_6.1: ignore backported CVEs
python3: ignore CVE-2023-36632
ltp: add RDEPENDS on findutils
oeqa/ltp: rewrote LTP testcase and parser
Siddharth Doshi (2):
bind: Upgrade 9.18.15 -> 9.18.16
flac: Upgrade 1.4.2 -> 1.4.3
Soumya (1):
perl: Fix CVE-2023-31486
Staffan Rydén (1):
kernel: Fix path comparison in kernel staging dir symlinking
Stéphane Veyret (1):
scripts/oe-setup-builddir: copy conf-notes.txt to build dir
Sudip Mukherjee (1):
libssh2: disable rpath to fix curl-native build
Thomas Roos (1):
testimage/oeqa: Drop testimage_dump_host functionality
Tim Orling (10):
python3-pytest-subtests: upgrade 0.10.0 -> 0.11.0
python3-urllib3: upgrade 2.0.2 -> 2.0.3
python3-typing-extensions: upgrade 4.6.3 -> 4.7.0
python3-hypothesis: upgrade 6.79.2 -> 6.80.0
python3-pygments: upgrade 2.14.0 -> 2.15.1
python3-importlib-metadata: upgrade 6.7.0 -> 6.8.0
python3-typing-extensions: upgrade 4.7.0 -> 4.7.1
python3-cryptography{-vectors}: upgrade 41.0.1 -> 41.0.2
python3-zipp: upgrade 3.15.0 -> 3.16.2
python3-hypothesis: upgrade 6.80.0 -> 6.81.2
Trevor Gamblin (15):
python3: add cgitb, zipapp ptest dependencies
qemu: upgrade 8.0.0 -> 8.0.3
python3: parallelize ptests, add test_cppext dependencies
python3-setuptools: upgrade 67.6.1 -> 68.0.0
diffoscope: upgrade 242 -> 243
p11-kit: upgrade 0.24.1 -> 0.25.0
diffoscope: add missing RDEPENDS and alphabetize
linux-firmware: upgrade 20230515 -> 20230625
python3-trove-classifiers: upgrade 2023.5.24 -> 2023.7.6
python3-cython: upgrade 0.29.35 -> 0.29.36
icu: upgrade 72-1 -> 73-2
python3-editables: add python3-io to RDEPENDS
python3: ensure ptest regression capture
diffoscope: upgrade 243 -> 244
xeyes: upgrade 1.2.0 -> 1.3.0
Wang Mingyu (51):
freetype: upgrade 2.13.0 -> 2.13.1
gstreamer1.0: upgrade 1.22.3 -> 1.22.4
kbd: upgrade 2.5.1 -> 2.6.0
libassuan: upgrade 2.5.5 -> 2.5.6
libksba: upgrade 1.6.3 -> 1.6.4
libmd: upgrade 1.0.4 -> 1.1.0
libsdl2: upgrade 2.26.5 -> 2.28.0
libtraceevent: upgrade 1.7.2 -> 1.7.3
libx11: upgrade 1.8.5 -> 1.8.6
lttng-ust: upgrade 2.13.5 -> 2.13.6
nettle: upgrade 3.9 -> 3.9.1
nghttp2: upgrade 1.53.0 -> 1.54.0
ccache: upgrade 4.8.1 -> 4.8.2
mesa: upgrade 23.1.1 -> 23.1.3
python3-numpy: upgrade 1.24.3 -> 1.25.0
python3-typing-extensions: upgrade 4.6.2 -> 4.6.3
xorgproto: upgrade 2022.2 -> 2023.2
python3-hatchling: upgrade 1.17.0 -> 1.18.0
python3-hypothesis: upgrade 6.75.7 -> 6.79.2
python3-importlib-metadata: upgrade 6.6.0 -> 6.7.0
python3-iso8601: upgrade 1.1.0 -> 2.0.0
python3-markupsafe: upgrade 2.1.2 -> 2.1.3
python3-pluggy: upgrade 1.0.0 -> 1.2.0
python3-pycairo: upgrade 1.23.0 -> 1.24.0
python3-pyparsing: upgrade 3.0.9 -> 3.1.0
python3-pytest: upgrade 7.3.1 -> 7.4.0
python3-ruamel-yaml: upgrade 0.17.31 -> 0.17.32
python3-sphinx-rtd-theme: upgrade 1.2.1 -> 1.2.2
xkeyboard-config: upgrade 2.38 -> 2.39
xwayland: upgrade 23.1.1 -> 23.1.2
wayland-protocols: upgrade 1.31 -> 1.32
taglib: upgrade 1.13 -> 1.13.1
libxcrypt: upgrade 4.4.35 -> 4.4.36
msmtp: upgrade 1.8.23 -> 1.8.24
libwebp: upgrade 1.3.0 -> 1.3.1
libuv: upgrade 1.45.0 -> 1.46.0
acpica: upgrade 20230331 -> 20230628
libnss-nis: upgrade 3.1 -> 3.2
harfbuzz: upgrade 7.3.0 -> 8.0.1
libproxy: upgrade 0.5.2 -> 0.5.3
nghttp2: upgrade 1.54.0 -> 1.55.1
debianutils: upgrade 5.7 -> 5.8
glib-2.0: upgrade 2.76.3 -> 2.76.4
python3-pip: upgrade 23.1.2 -> 23.2
opkg: upgrade 0.6.1 -> 0.6.2
opkg-utils: upgrade 0.5.0 -> 0.6.2
python3-editables: upgrade 0.3 -> 0.4
python3-git: upgrade 3.1.31 -> 3.1.32
python3-numpy: upgrade 1.25.0 -> 1.25.1
repo: upgrade 2.34.1 -> 2.35
libva: upgrade to 2.19.0
Yash Shinde (1):
oeqa/selftest: Add rust selftests
Yi Zhao (1):
ifupdown: install missing directories
Yoann Congal (2):
recipetool: Fix inherit in created -native* recipes
oeqa/selftest/devtool: add unit test for "devtool add -b"
Yuta Hayama (1):
systemd-systemctl: fix errors in instance name expansion
meta-openembedded: 2638d458a5..0e3f5e5201:
Alex Kiernan (1):
ostree: Upgrade 2023.4 -> 2023.5
Archana Polampalli (1):
tcpreplay: upgrade 4.4.3 -> 4.4.4
Beniamin Sandu (1):
mbedtls: fix builds with crypto extensions
Bruce Ashfield (1):
vboxguestdrivers: fix compilation against 6.4 kernel / headers
Carlos Rafael Giani (3):
pipewire: Disable libmysofa since it is not available in OE
pipewire: Improve packageconfigs
pipewire: Add dedicated aes67 package and fix rlimits.d package assignment
Chee Yang Lee (1):
rabbitmq-c: Fix CVE-2023-35789
Jasper Orschulko (8):
python3-pytest-cov: Add initial recipe 4.1.0
python3-covdefaults: Add initial recipe 2.3.0
python3-platformdirs: Fix recipe version 3.6.0
python3-distlib: Add initial recipe 0.3.6
python3-filelock: Add initial recipe 3.12.0
python3-virtualenv: Add initial recipe 20.23.0
python3-pyproject-api: Add initial recipe 1.5.1
python3-tox: Add initial recipe 4.6.0
Joe Slater (1):
libgpiod: modify RDEPENDS for ptest
Justin Bronder (2):
python3-asyncinotify: upgrade 3.0.1 -> 4.0.2
python3-pytest-asyncio: upgrade 0.16.0 -> 0.21.1
Kai Kang (2):
libtimezonemap: rename downloaded file name
fltk-native: fix libdl link issue
Khem Raj (33):
gupnp-av: Fix build with libxml2-2.11 and newer
xcb-util-cursor: Delete recipe
pidgin-sipe: Add packageconfig to turn Werror on/off
fbida: Fix build on musl
pcp: Update to 6.0.5
geos: Upgrade to 3.12.0
ctags: Extend to build native package
libcoap: Build linker symbol file explicitly
geos: Use cmake directly
pcp: Fix build race
sblim-sfcc: Fix build with clang17
minifi-cpp: Fix build with clang 17
python3-grpcio-tools: Upgrade to 1.56.0
python3-grpcio: Upgrade to 1.56.0
python3-grpcio: Fix build on musl
python3-grpcio-tools: Fix build with musl
thin-provisioning-tools: Upgrade to 1.0.4
thin-provisioning-tools: Fix build on musl.
pcp: Disable parallel build
crash: Fix build with glibc 2.38+
breakpad: Update to latest trunk
python3-requests-toolbelt: Fix ptest failures seen with urllib3 2.0
ptest-packagelists-meta-oe: Limit mcelog to x86/x86_64
graphviz: Upgrade to 8.1.0 release
emlog: Update to latest to fix build with 6.4 kernel
dlm: Upgrade to 4.2.0
mdio-tools: Update to latest on trunk
dlm: Fix build with linux kernel 6.4+
dlm: Do not pass -fcf-protection=full via Makefile
dlm: Do not use -fcf-protection=full on arm platforms
zfs: Update to 2.2.0 rc1
zfs: Disable builds on aarch64 for now
dhcp-relay: Pass cross configure flags to bind build
Luke Schaefer (1):
nginx: Add stream Signed-off-by: Luke Schaefer <lukeschafer17@gmail.com>
Marek Vasut (4):
lvgl: Factor out and unify lv-drivers configuration
lvgl: Add default input device configuration option
linux-serial-test: Update to latest git revision
libiio: enable c++ bindings
Markus Volk (10):
pipewire: upgrade 0.3.71 -> 0.3.72
pipewire: upgrade 0.3.72 -> 0.3.73
gnome-software: upgrade 44.2 -> 44.3
eog: upgrade 44.2 -> 44.3
spdlog: upgrade 1.11.0 -> 1.12.0
flatpak: update dependencies
gnome-control-center: upgrade 44.2 -> 44.3
gnome-shell: upgrade 44.2 -> 44.3
mutter: upgrade 44.2 -> 44.3
gnome-settings-daemon: upgrade 44.0 -> 44.1
Martin Jansa (4):
nodejs: use PIE for host binaries
gupnp: backport a fix not to use deprecated xmlReadMemory
pidgin-sipe: allow to build with libxml2-2.11
raptor2: backport a fix to build with libxml2-2.11
Michael Haener (1):
nginx: upgrade to 1.24.0 release
Michael Weiß (1):
pv: Show progress bar even if no terminal is set as in 1.6.6
Mingli Yu (1):
snort: Add systemd unit file
Peter Kjellerstedt (1):
cppzmq: Move the version to the recipe file name
Petr Gotthard (2):
python3-pyroute2: upgrade 0.5.19 -> 0.7.9
networkmanager: upgrade 1.42.6 -> 1.42.8
Ricardo Salveti (1):
lshw: bump to b4e0673
Ross Burton (5):
poppler: fix missing include
libpaper: remove redundant autoreconf --install
liblbxutil: remove obsolete library
xsetmode: remove obsolete utility
libxkbui: remove obsolete recipe
Tim Orling (1):
python3-argh: upgrade 0.26.2 -> 0.28.1
Trevor Gamblin (9):
python3-alembic: upgrade 1.10.4 -> 1.11.1
python3-sqlalchemy: upgrade 2.0.15 -> 2.0.19
python3-argcomplete: upgrade 3.1.0 -> 3.1.1
python3-arpeggio: upgrade 2.0.0 -> 2.0.2
python3-astroid: upgrade 2.15.5 -> 2.15.6
python3-autobahn: upgrade 23.6.1 -> 23.6.2
python3-bandit: upgrade 1.7.4 -> 1.7.5
python3-bandit: add python3-rich to RDEPENDS
python3-bitarray: upgrade 2.7.3 -> 2.7.6
Wang Mingyu (44):
cppzmq: upgrade 4.9.0 -> 4.10.0
iwd: upgrade 2.5 -> 2.6
libburn: upgrade 1.5.4 -> 1.5.6
libzip: upgrade 1.9.2 -> 1.10.0
openfortivpn: upgrade 1.20.3 -> 1.20.5
psqlodbc: upgrade 13.02.0000 -> 15.00.0000
python3-aenum: upgrade 3.1.12 -> 3.1.14
python3-can: upgrade 4.2.1 -> 4.2.2
python3-google-api-python-client: upgrade 2.89.0 -> 2.90.0
python3-h5py: upgrade 3.8.0 -> 3.9.0
python3-natsort: upgrade 8.3.1 -> 8.4.0
python3-pymodbus: upgrade 3.3.1 -> 3.3.2
python3-pymongo: upgrade 4.3.3 -> 4.4.0
python3-pyscaffold: upgrade 4.4.1 -> 4.5
python3-pyzstd: upgrade 0.15.7 -> 0.15.9
python3-requests-futures: upgrade 1.0.0 -> 1.0.1
python3-sentry-sdk: upgrade 1.25.1 -> 1.26.0
python3-zeroconf: upgrade 0.68.0 -> 0.69.0
weechat: upgrade 3.8 -> 4.0.0
python3-platformdirs: upgrade 3.6.0 -> 3.8.0
renderdoc: upgrade 1.13 -> 1.27
gegl: upgrade 0.4.44 -> 0.4.46
gvfs: upgrade 1.50.4 -> 1.51.1
weechat: upgrade 4.0.0 -> 4.0.1
avro-c: upgrade 1.11.1 -> 1.11.2
glfw: upgrade 3.3 -> 3.3.8
hwloc: upgrade 2.9.1 -> 2.9.2
minicoredumper: upgrade 2.0.3 -> 2.0.6
thingsboard-gateway: upgrade 3.2 -> 3.3
xterm: upgrade 382 -> 383
passwdqc: upgrade 2.0.2 -> 2.0.3
python3-aenum: upgrade 3.1.14 -> 3.1.15
python3-configargparse : upgrade 1.5.3 -> 1.5.5
python3-elementpath: upgrade 4.1.3 -> 4.1.4
python3-google-api-python-client: upgrade 2.90.0 -> 2.92.0
python3-google-auth: upgrade 2.20.0 -> 2.21.0
python3-joblib: upgrade 1.2.0 -> 1.3.1
python3-pillow: upgrade 9.5.0 -> 10.0.0
python3-redis: upgrade 4.5.5 -> 4.6.0
python3-tox: upgrade 4.6.0 -> 4.6.3
python3-virtualenv: upgrade 20.23.0 -> 20.23.1
python3-zeroconf: upgrade 0.69.0 -> 0.70.0
libyang: Fix install conflict when enable multilib.
php: Fix install conflict when enable multilib.
Wolfgang Meyer (4):
fbida: Switch to git fetcher
fbida: build with meson
fbida: SRC_REV bump ac9005b..eb769e3
fbida: make fbpdf build optional
Yi Zhao (6):
conntrack-tools: add systemd unit file
conntrack-tools: add required kernel modules to RRECOMMENDS
frr: upgrade 8.4.2 -> 8.4.4
mbedtls: upgrade 2.28.2 -> 2.28.3
open-vm-tools: Security fix CVE-2023-20867
samba: upgrade 4.18.3 -> 4.18.4
Zoltán Böszörményi (1):
opencv: 4.8.0
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I48c2ba4573ee81b637b1ba890c312f491004f666
diff --git a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.2.9.bb b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.2.9.bb
index a8bf099..d482e27 100644
--- a/poky/meta/recipes-multimedia/alsa/alsa-lib_1.2.9.bb
+++ b/poky/meta/recipes-multimedia/alsa/alsa-lib_1.2.9.bb
@@ -16,7 +16,7 @@
EXTRA_OECONF += " \
${@bb.utils.contains('TARGET_FPU', 'soft', '--with-softfloat', '', d)} \
- --disable-python \
+ --disable-python --disable-old-symbols \
"
PACKAGES =+ "alsa-server alsa-conf libatopology"
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch
new file mode 100644
index 0000000..94e0ba6
--- /dev/null
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch
@@ -0,0 +1,35 @@
+From 85eefb65eb632d827e17a72518dd289dcd721084 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 2 Jul 2023 19:29:55 -0700
+Subject: [PATCH] libswscale/riscv: Fix syntax of vsetvli
+
+Add missing operand which clang complains about but gcc assumes it to be
+'m1' if not specifiied.
+
+Fixes building with clang
+| src/libswscale/riscv/rgb2rgb_rvv.S:88:25: error: operand must be e[8|16|32|64|128|256|512|1024],m[1|2|4|8|f2|f4|f8],[ta|tu],[ma|mu]
+| vsetvli t4, t3, e8, ta, ma
+| ^
+
+Upstream-Status: Submitted [https://ffmpeg.org/pipermail/ffmpeg-devel/2023-July/311514.html]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ libswscale/riscv/rgb2rgb_rvv.S | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S
+index 5626d90..bbdfdbe 100644
+--- a/libswscale/riscv/rgb2rgb_rvv.S
++++ b/libswscale/riscv/rgb2rgb_rvv.S
+@@ -85,7 +85,7 @@ func ff_interleave_bytes_rvv, zve32x
+ mv t3, a3
+ addi a4, a4, -1
+ 2:
+- vsetvli t4, t3, e8, ta, ma
++ vsetvli t4, t3, e8, m1, ta, ma
+ sub t3, t3, t4
+ vle8.v v8, (t0)
+ add t0, t4, t0
+--
+2.41.0
+
diff --git a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb
index f84d9bb..181c17d 100644
--- a/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb
+++ b/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.0.bb
@@ -22,7 +22,8 @@
file://COPYING.LGPLv2.1;md5=bd7a443320af8c812e4c18d1b79df004 \
file://COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02"
-SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz"
+SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
+ file://0001-libswscale-riscv-Fix-syntax-of-vsetvli.patch"
SRC_URI[sha256sum] = "57be87c22d9b49c112b6d24bc67d42508660e6b718b3db89c44e47e289137082"
diff --git a/poky/meta/recipes-multimedia/flac/flac_1.4.2.bb b/poky/meta/recipes-multimedia/flac/flac_1.4.3.bb
similarity index 76%
rename from poky/meta/recipes-multimedia/flac/flac_1.4.2.bb
rename to poky/meta/recipes-multimedia/flac/flac_1.4.3.bb
index d3ece3f..d4e463c 100644
--- a/poky/meta/recipes-multimedia/flac/flac_1.4.2.bb
+++ b/poky/meta/recipes-multimedia/flac/flac_1.4.3.bb
@@ -5,15 +5,15 @@
SECTION = "libs"
LICENSE = "GFDL-1.2 & GPL-2.0-or-later & LGPL-2.1-or-later & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \
- file://src/Makefile.am;beginline=1;endline=17;md5=146d2c8c2fd287545cc1bd81f31e8758 \
+ file://src/Makefile.am;beginline=1;endline=17;md5=b1dab2704be7f01bfbd9b7f6d5f000a9 \
file://COPYING.GPL;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
- file://src/flac/main.c;beginline=1;endline=18;md5=893456854ce6bf14a1a7ea77266eebab \
+ file://src/flac/main.c;beginline=1;endline=18;md5=23099119c034d894bd1bf7ef5bd22101 \
file://COPYING.LGPL;md5=fbc093901857fcd118f065f900982c24 \
- file://COPYING.Xiph;md5=3d6da238b5b57a0965d6730291119f65 \
+ file://COPYING.Xiph;md5=0c90e41ab2fa7e69ca9391330d870221 \
file://include/FLAC/all.h;beginline=65;endline=70;md5=39aaf5e03c7364363884c8b8ddda8eea"
SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz"
-SRC_URI[sha256sum] = "e322d58a1f48d23d9dd38f432672865f6f79e73a6f9cc5a5f57fcaa83eb5a8e4"
+SRC_URI[sha256sum] = "6c58e69cd22348f441b861092b825e591d0b822e106de6eb0ee4d05d27205b70"
CVE_PRODUCT = "libflac flac"
@@ -25,11 +25,8 @@
"
PACKAGECONFIG ??= " \
- ${@bb.utils.filter("TUNE_FEATURES", "altivec vsx", d)} \
ogg \
"
-PACKAGECONFIG[altivec] = "--enable-altivec,--disable-altivec"
-PACKAGECONFIG[vsx] = "--enable-vsx,--disable-vsx"
PACKAGECONFIG[avx] = "--enable-avx,--disable-avx"
PACKAGECONFIG[ogg] = "--enable-ogg --with-ogg-libraries=${STAGING_LIBDIR} --with-ogg-includes=${STAGING_INCDIR},--disable-ogg,libogg"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.4.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.4.bb
index fa82ef7..beaf1a9 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.4.bb
@@ -12,7 +12,7 @@
file://0001-connect-has-a-different-signature-on-musl.patch \
"
-SRC_URI[sha256sum] = "446ac9c42d502cbfd9081737cc1b853b3c1f50db77ca7ccd01aea10f687550c1"
+SRC_URI[sha256sum] = "4c52053ce8c1df72fd81721e9f53de3b146edcf2de28f607be705bce4cf909d1"
DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
RRECOMMENDS:${PN} = "git"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.4.bb
similarity index 91%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.4.bb
index c5af676..4d59353 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.4.bb
@@ -12,7 +12,7 @@
"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "2ec5c805808b4371a7e32b1da0202a1c8a6b36b6ce905080bf5c34097d12a923"
+SRC_URI[sha256sum] = "9a751bc740de768e791c37a95f0a924c6a41d12fd7f37f54ce6a4e834be122d3"
S = "${WORKDIR}/gst-libav-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.4.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.4.bb
index 694a12b..fc70805 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.4.bb
@@ -10,7 +10,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
-SRC_URI[sha256sum] = "6f51c2331c334593c2c3cf12e9f22b9e3b419a3247cfb2fec0e1bd845569863a"
+SRC_URI[sha256sum] = "5fcb872d977b035fb75a2d0ea955ba052dc3bdae282f8f60aa9d865808784211"
S = "${WORKDIR}/gst-omx-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.4.bb
similarity index 98%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.4.bb
index 3aa5319..16d5320 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.4.bb
@@ -10,7 +10,7 @@
file://0002-avoid-including-sys-poll.h-directly.patch \
file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
"
-SRC_URI[sha256sum] = "e1798fee2d86127f0637481c607f983293bf0fd81aad70a5c7b47205af3621d8"
+SRC_URI[sha256sum] = "eaaf53224565eaabd505ca39c6d5769719b45795cf532ce1ceb60e1b2ebe99ac"
S = "${WORKDIR}/gst-plugins-bad-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
similarity index 92%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
index 44056b0..3c0cb7d 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.4.bb
@@ -11,7 +11,7 @@
file://0003-viv-fb-Make-sure-config.h-is-included.patch \
file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
"
-SRC_URI[sha256sum] = "1c596289a0d4207380233eba8c36a932c4d1aceba19932937d9b57c24cef89f3"
+SRC_URI[sha256sum] = "292424e82dea170528c42b456f62a89532bcabc0508f192e34672fb86f68e5b8"
S = "${WORKDIR}/gst-plugins-base-${PV}"
@@ -21,7 +21,8 @@
# opengl packageconfig factored out to make it easy for distros
# and BSP layers to choose OpenGL APIs/platforms/window systems
-PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2 egl', '', d)}"
+PACKAGECONFIG_X11 = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'opengl glx', '', d)}"
+PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2 egl ${PACKAGECONFIG_X11}', '', d)}"
PACKAGECONFIG ??= " \
${GSTREAMER_ORC} \
@@ -32,7 +33,7 @@
"
OPENGL_APIS = 'opengl gles2'
-OPENGL_PLATFORMS = 'egl'
+OPENGL_PLATFORMS = 'egl glx'
X11DEPENDS = "virtual/libx11 libsm libxrender libxv"
X11ENABLEOPTS = "-Dx11=enabled -Dxvideo=enabled -Dxshm=enabled"
@@ -61,6 +62,7 @@
# OpenGL platform packageconfigs
PACKAGECONFIG[egl] = ",,virtual/egl"
+PACKAGECONFIG[glx] = ",,virtual/libgl"
# OpenGL window systems (except for X11)
PACKAGECONFIG[gbm] = ",,virtual/libgbm libgudev libdrm"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.4.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.4.bb
index 8de1d1c..0ae1758 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.4.bb
@@ -8,7 +8,7 @@
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch"
-SRC_URI[sha256sum] = "af81154b3a2ef3f4d2feba395f25696feea6fd13ec62c92d3c7a973470710273"
+SRC_URI[sha256sum] = "d7120c1146a9d723d53d5bfe8074da2575a81f0598438752937f39bb7c833b6a"
S = "${WORKDIR}/gst-plugins-good-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.4.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.4.bb
index 21102d5..1b3d3b6 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.4.bb
@@ -14,7 +14,7 @@
SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
"
-SRC_URI[sha256sum] = "3dc98ed5c2293368b3c4e6ce55d89be834a0a62e9bf88ef17928cf03b7d5a360"
+SRC_URI[sha256sum] = "ffb461fda6c06d316c4be5682632cc8901454ed72b1098b1e0221bc55e673cd7"
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.4.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.4.bb
index 0cf1908..e35bef3 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.4.bb
@@ -8,7 +8,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "70bed3fabe634bc622ef6de4e6eb1c33bc9cefd64bdab200f6fa316b468c731c"
+SRC_URI[sha256sum] = "e1302dcc0f2451b64380dcc0dd3b82735795e8951dc812d938d8ba91f388163e"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.4.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.4.bb
index 0f8a89d..29eb4bb 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.4.bb
@@ -10,7 +10,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "d02a39dfa9bdbf99a3dd2d378e17942b3ce42dfe36fb0c27e2d0b01722fc561d"
+SRC_URI[sha256sum] = "4666612d7a99c60dcd6f0bdba1b7a74d2562a0501b2a3e0576f0916bf1d8811b"
S = "${WORKDIR}/${PNREAL}-${PV}"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.4.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.4.bb
index 6e0014c..34c15bb 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.4.bb
@@ -11,7 +11,7 @@
SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "a27867062e8b69305fca5b7d3f13ed7c318b703e7d72756c94395bd305c7b32c"
+SRC_URI[sha256sum] = "967b8e353d82d0081a68dc53639b25d9fb4ca89bfa1e061403e0cd7d23585ba6"
S = "${WORKDIR}/${REALPN}-${PV}"
DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.3.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.4.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.3.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.4.bb
index ca75487..2eadb79 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.3.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.4.bb
@@ -22,7 +22,7 @@
file://0003-tests-use-a-dictionaries-for-environment.patch;striplevel=3 \
file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
"
-SRC_URI[sha256sum] = "9ffeab95053f9f6995eb3b3da225e88f21c129cd60da002d3f795db70d6d5974"
+SRC_URI[sha256sum] = "11cb0498bc16b93d8b99d22f75f829b8d0abfd8254840b2120618db5532dc655"
PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
check \
diff --git a/poky/meta/recipes-multimedia/libpng/libpng_1.6.39.bb b/poky/meta/recipes-multimedia/libpng/libpng_1.6.40.bb
similarity index 80%
rename from poky/meta/recipes-multimedia/libpng/libpng_1.6.39.bb
rename to poky/meta/recipes-multimedia/libpng/libpng_1.6.40.bb
index a6c229f..293bf28 100644
--- a/poky/meta/recipes-multimedia/libpng/libpng_1.6.39.bb
+++ b/poky/meta/recipes-multimedia/libpng/libpng_1.6.40.bb
@@ -5,13 +5,13 @@
HOMEPAGE = "http://www.libpng.org/"
SECTION = "libs"
LICENSE = "Libpng"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=5c900cc124ba35a274073b5de7639b13"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=8f533bc367bfd43f556b6f782234c076"
DEPENDS = "zlib"
LIBV = "16"
SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/${BP}.tar.xz"
-SRC_URI[sha256sum] = "1f4696ce70b4ee5f85f1e1623dc1229b210029fa4b7aee573df3e2ba7b036937"
+SRC_URI[sha256sum] = "535b479b2467ff231a3ec6d92a525906fb8ef27978be4f66dbe05d3f3a01b3a1"
MIRRORS += "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/ ${SOURCEFORGE_MIRROR}/${BPN}/${BPN}${LIBV}/older-releases/"
@@ -32,5 +32,4 @@
BBCLASSEXTEND = "native nativesdk"
-# CVE-2019-17371 is actually a memory leak in gif2png 2.x
-CVE_CHECK_IGNORE += "CVE-2019-17371"
+CVE_STATUS[CVE-2019-17371] = "cpe-incorrect: A memory leak in gif2png 2.x"
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch
deleted file mode 100644
index e356d37..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2022-48281.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-CVE: CVE-2022-48281
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-From 97d65859bc29ee334012e9c73022d8a8e55ed586 Mon Sep 17 00:00:00 2001
-From: Su Laus <sulau@freenet.de>
-Date: Sat, 21 Jan 2023 15:58:10 +0000
-Subject: [PATCH] tiffcrop: Correct simple copy paste error. Fix #488.
-
----
- tools/tiffcrop.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
-index 14fa18da..7db69883 100644
---- a/tools/tiffcrop.c
-+++ b/tools/tiffcrop.c
-@@ -8591,7 +8591,7 @@ static int processCropSelections(struct image_data *image,
- cropsize + NUM_BUFF_OVERSIZE_BYTES);
- else
- {
-- prev_cropsize = seg_buffs[0].size;
-+ prev_cropsize = seg_buffs[i].size;
- if (prev_cropsize < cropsize)
- {
- next_buff = _TIFFrealloc(
---
-GitLab
-
diff --git a/poky/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch b/poky/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch
deleted file mode 100644
index 7db0a35..0000000
--- a/poky/meta/recipes-multimedia/libtiff/files/CVE-2023-2731.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 9be22b639ea69e102d3847dca4c53ef025e9527b Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 29 Apr 2023 12:20:46 +0200
-Subject: [PATCH] LZWDecode(): avoid crash when trying to read again from a
- strip whith a missing end-of-information marker (fixes #548)
-
-CVE: CVE-2023-2731
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/9be22b639ea69e102d3847dca4c53ef025e9527b]
-
----
- libtiff/tif_lzw.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libtiff/tif_lzw.c b/libtiff/tif_lzw.c
-index ba75a07e..d631fa10 100644
---- a/libtiff/tif_lzw.c
-+++ b/libtiff/tif_lzw.c
-@@ -423,6 +423,10 @@ static int LZWDecode(TIFF *tif, uint8_t *op0, tmsize_t occ0, uint16_t s)
-
- if (sp->read_error)
- {
-+ TIFFErrorExtR(tif, module,
-+ "LZWDecode: Scanline %" PRIu32 " cannot be read due to "
-+ "previous error",
-+ tif->tif_row);
- return 0;
- }
-
-@@ -742,6 +746,7 @@ after_loop:
- return (1);
-
- no_eoi:
-+ sp->read_error = 1;
- TIFFErrorExtR(tif, module,
- "LZWDecode: Strip %" PRIu32 " not terminated with EOI code",
- tif->tif_curstrip);
---
-2.34.1
-
diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb
similarity index 77%
rename from poky/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
rename to poky/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb
index ca4a3ef..6171a53 100644
--- a/poky/meta/recipes-multimedia/libtiff/tiff_4.5.0.bb
+++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.5.1.bb
@@ -8,24 +8,14 @@
CVE_PRODUCT = "libtiff"
-SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
- file://CVE-2022-48281.patch \
- file://CVE-2023-2731.patch \
-"
+SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz"
-SRC_URI[sha256sum] = "c7a1d9296649233979fa3eacffef3fa024d73d05d589cb622727b5b08c423464"
+SRC_URI[sha256sum] = "d7f38b6788e4a8f5da7940c5ac9424f494d8a79eba53d555f4a507167dca5e2b"
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
-# Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313
-# and 4.3.0 doesn't have the issue
-CVE_CHECK_IGNORE += "CVE-2015-7313"
-# These issues only affect libtiff post-4.3.0 but before 4.4.0,
-# caused by 3079627e and fixed by b4e79bfa.
-CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623"
-# Issue is in jbig which we don't enable
-CVE_CHECK_IGNORE += "CVE-2022-1210"
+CVE_STATUS[CVE-2015-7313] = "fixed-version: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue"
inherit autotools multilib_header
diff --git a/poky/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch b/poky/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch
deleted file mode 100644
index d293ab9..0000000
--- a/poky/meta/recipes-multimedia/webp/files/CVE-2023-1999.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From a486d800b60d0af4cc0836bf7ed8f21e12974129 Mon Sep 17 00:00:00 2001
-From: James Zern <jzern@google.com>
-Date: Wed, 22 Feb 2023 22:15:47 -0800
-Subject: [PATCH] EncodeAlphaInternal: clear result->bw on error
-
-This avoids a double free should the function fail prior to
-VP8BitWriterInit() and a previous trial result's buffer carried over.
-Previously in ApplyFiltersAndEncode() trial.bw (with a previous
-iteration's buffer) would be freed, followed by best.bw pointing to the
-same buffer.
-
-Since:
-187d379d add a fallback to ALPHA_NO_COMPRESSION
-
-In addition, check the return value of VP8BitWriterInit() in this
-function.
-
-Bug: webp:603
-Change-Id: Ic258381ee26c8c16bc211d157c8153831c8c6910
-
-CVE: CVE-2023-1999
-Upstream-Status: Backport [https://github.com/webmproject/libwebp/commit/a486d800b60d0af4cc0836bf7ed8f21e12974129]
-Signed-off-by: Nikhil R <nikhil.r@kpit.com>
----
- src/enc/alpha_enc.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/enc/alpha_enc.c b/src/enc/alpha_enc.c
-index f7c02690e3..7d205586fe 100644
---- a/src/enc/alpha_enc.c
-+++ b/src/enc/alpha_enc.c
-@@ -13,6 +13,7 @@
-
- #include <assert.h>
- #include <stdlib.h>
-+#include <string.h>
-
- #include "src/enc/vp8i_enc.h"
- #include "src/dsp/dsp.h"
-@@ -148,6 +149,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height,
- }
- } else {
- VP8LBitWriterWipeOut(&tmp_bw);
-+ memset(&result->bw, 0, sizeof(result->bw));
- return 0;
- }
- }
-@@ -162,7 +164,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, int width, int height,
- header = method | (filter << 2);
- if (reduce_levels) header |= ALPHA_PREPROCESSED_LEVELS << 4;
-
-- VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size);
-+ if (!VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size)) ok = 0;
- ok = ok && VP8BitWriterAppend(&result->bw, &header, ALPHA_HEADER_LEN);
- ok = ok && VP8BitWriterAppend(&result->bw, output, output_size);
diff --git a/poky/meta/recipes-multimedia/webp/libwebp_1.3.0.bb b/poky/meta/recipes-multimedia/webp/libwebp_1.3.1.bb
similarity index 93%
rename from poky/meta/recipes-multimedia/webp/libwebp_1.3.0.bb
rename to poky/meta/recipes-multimedia/webp/libwebp_1.3.1.bb
index 7ca67e4..b9e763b 100644
--- a/poky/meta/recipes-multimedia/webp/libwebp_1.3.0.bb
+++ b/poky/meta/recipes-multimedia/webp/libwebp_1.3.1.bb
@@ -14,14 +14,10 @@
file://PATENTS;md5=c6926d0cb07d296f886ab6e0cc5a85b7"
SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz"
-SRC_URI[sha256sum] = "64ac4614db292ae8c5aa26de0295bf1623dbb3985054cb656c55e67431def17c"
+SRC_URI[sha256sum] = "b3779627c2dfd31e3d8c4485962c2efe17785ef975e2be5c8c0c9e6cd3c4ef66"
UPSTREAM_CHECK_URI = "http://downloads.webmproject.org/releases/webp/index.html"
-SRC_URI += " \
- file://CVE-2023-1999.patch \
-"
-
EXTRA_OECONF = " \
--disable-wic \
--enable-libwebpmux \