subtree updates
poky: 8d0ba08aa6..2696bf8cf3:
Adam Johnston (1):
useradd_base: Fix sed command line for passwd-expire
Adrian Freihofer (1):
vscode: add minimal configuration
Alassane Yattara (44):
bitbake: Update toaster-requirements to add django-log-viewer==1.1.7
bitbake: toaster: bug-fix on tests.browser.test_most_recent_builds_states
bitbake: Toaster: Bug-fix failure on tests.browser.test_layerdetails_page
bitbake: Toaster: Fixed javascript issue on tests.browser.test_js_unit_tests
bitbake: Toaster: bug-fix on /toastermain/logs.py
bitbake: Toaster: bug-fix on custom image test cases
bitbake: Toaster: bug-fix on tests/views/test_views.py
bitbake: Toaster: bug-fix on tests.views.test_views.py
bitbake: toaster: Write logs to BUILDDIR/toaster_logs
bitbake: toaster: Add toaster-tests-requirements.txt to add pytest and some plugins
bitbake: toaster: Update orm.models to catch error ProcessLookupError
bitbake: toaster: Bug-fix pytest and Failed: Database access not allowed
bitbake: toaster: fixed pytest error: Database access not allowed, use the "django_db"
bitbake: toaster: Bug-fix django.db.utils.IntegrityError: Problem installing fixture
bitbake: toaster: fixed: Tests fail when executed one after the other out of sequence
bitbake: toaster: Added pytest.ini file
bitbake: toaster: Check info_sign is visible and clickable in landing page
bitbake: toaster: Test documentation link in landing header is displayed
bitbake: toaster: Test jumbotron links visible and clickable
bitbake: toaster: Bug-fix webdriver No parameter named options
bitbake: Toaster: Write UI TestCase create new project
bitbake: Toaster: Test create new project without project name
bitbake: Toaster: Write UI TestCase import new project using
bitbake: toaster/tests: Add UI TestCase to test if 'no build' message is shown
bitbake: toaster/tests: Add UI TestCase to test search box on all build page
bitbake: toaster/tests: Add UI TestCase to test the filtering feature on 'failure tasks' column
bitbake: toaster/tests: Add UI TestCase to test filtering feature on 'completed_on' column
bitbake: toaster/tests: Add UI TestCase to test "edit column" feature show/hide column
bitbake: toaster/tests: Add UI TestCase to test "show rows" feature, change displaying rows in table
bitbake: toaster/tests: Add UI TestCase for deleting project
bitbake: toaster/tests: Add UI TestCase for Visualize all projects
bitbake: toaster/tests: Add UI TestCase for visualize all projects edit column
bitbake: toaster/tests: Add UI TestCase for visualize all projects show rows
bitbake: toaster/tests/create_new_project: Code cleanup
bitbake: toaster/tests: Add UI TestCase - Check project header contains right items
bitbake: toaster/tests: Add UI TestCase - Test edit project name on project page
bitbake: toaster/tests: Add UI TestCase - Test project page has right tabs displayed
bitbake: toaster/tests: Add UI TestCase - Test project config tab navigation:
bitbake: toaster/tests: Add UI TestCase - Test project config tab
bitbake: toaster/tests: Add UI TestCase - Test project page tab import layer
bitbake: toaster/tests: Add UI TestCase - Test project page tab "New custom image"
bitbake: toaster/tests: Add UI TestCase - Test project page section images
bitbake: toaster/tests: Add UI TestCase for the edit column feature in image recipe
bitbake: toaster/tests: Add UI TestCase - Test the show rows feature in image recipe
Alberto Pianon (1):
bitbake: fetch2: Add API for upstream source tracing
Alejandro Hernandez Samaniego (2):
qemuarmv5: Drop QB_DTB conditional for older kernels
baremetal-helloworld: Pull in fix for race condition on x86-64
Alex Stewart (1):
libsndfile1: fix CVE-2022-33065
Alexander Kanavin (10):
scripts/bitbake-whatchanged: remove
selftest/buildoptions: tag the download mirror test with 'yocto-mirrors'
bitbake: runqueue.py: clarify that 'closest' signature means 'most recent' (and not closest in its content)
selftest/sstatetests: add tests for 'bitbake -S printdiff'
lib/oe/sstatesig.py: dump locked.sigs.inc only when explicitly asked via -S lockedsigs
selftest/sstatetests: add a test for CDN sstate cache
populate_sdk_ext.bbclass: do not symlink unfsd from sdk image sysroot into eSDK tools path
meta/lib/oe/copy_buildsystem.py: do not derefence symlinks
scripts/esdk-tools: use a dedicated, static directory for esdk tools
populate_sdk_ext: split copy_buildsystem() into logical steps defined as functions
Alexander Lussier-Cullen (2):
bitbake: toaster/tests: add passthroughs for relevant build environment variables
bitbake: toaster: make django temp directory configurable
Alexandre Belloni (1):
strace: further clean up of ptest folders
Alexis Lothoré (5):
scripts/resulttool: limit the number of changes displayed per test
scripts/resulttool: rearrange regressions report order
scripts/resulttool: make additional info more compact
scripts/yocto_testresults_query: add option to change display limit
scripts/resulttool: group all regressions in regression report
Anuj Mittal (9):
gstreamer1.0: upgrade 1.22.6 -> 1.22.7
gsettings-desktop-schemas: upgrade 44.0 -> 45.0
harfbuzz: upgrade 8.2.2 -> 8.3.0
libnotify: upgrade 0.8.2 -> 0.8.3
libtirpc: upgrade 1.3.3 -> 1.3.4
mmc-utils: upgrade to latest revision
puzzles: upgrade to latest revision
sqlite3: upgrade 3.43.2 -> 3.44.0
vulkan: upgrade 1.3.261.1 -> 1.3.268.0
Archana Polampalli (1):
vim: Upgrade 9.0.2048 -> 9.0.2068
Arne Schwerdt (1):
ref-manual: Warn about COMPATIBLE_MACHINE skipping native recipes
BELHADJ SALEM Talel (8):
bitbake.conf: Drop DEPLOY_DIR_TAR
ref-manual: Fix PACKAGECONFIG term and add an example
dev-manual: layers: Add notes about layer.conf
ref-manual: variables: add RECIPE_SYSROOT and RECIPE_SYSROOT_NATIVE
ref-manual: variables: add TOOLCHAIN_OPTIONS variable
ref-manual: variables: add example for SYSROOT_DIRS variable
bitbake: Fix find_bbfiles string endswith call
overview-manual: concepts: Add Bitbake Tasks Map
Bastian Krause (1):
linux-firmware: add new fw file to ${PN}-rtl8821
Bruce Ashfield (22):
linux-yocto/6.1: update to v6.1.56
linux-yocto/6.5: update to v6.5.6
linux-yocto/6.1: tiny: fix arm 32 boot
linux-yocto/6.5: tiny: fix arm 32 boot
linux-yocto/6.5: update to v6.5.7
linux-yocto/6.1: update to v6.1.57
linux-yocto/6.4: drop recipes
linux-yocto/6.5: avoid serial port suspend issues
linux-yocto/6.5: config: remove VIDEO_STK1160_COMMON
linux-yocto/6.5: serial: core: integrate upstream fixes
linux-yocto/6.5: update to v6.5.8
linux-yocto/6.1: update to v6.1.59
linux-yocto/6.5: update to v6.5.9
linux-yocto/6.1: update to v6.1.60
kern-tools: make lower context patches reproducible
kern-tools: bump SRCREV for queue processing changes
kern-tools: update SRCREV to include SECURITY.md file
kernel-yocto: improve metadata patching
linux-yocto/6.1: cfg: restore CONFIG_DEVMEM
linux-yocto/6.1: update to v6.1.61
linux-yocto/6.5: cfg: restore CONFIG_DEVMEM
linux-yocto/6.5: update to v6.5.10
Chen Qi (2):
kernel.bbclass: add preceding space in appendVar setting
systemd: fix DynamicUser issue
Chris Laplante (4):
bitbake: codeparser: replace deprecated ast.Str and 's'
bitbake: runqueue: set has 'add', not 'append' method
bitbake: codeparser: add missing 'import os'
bitbake: codegen: cleanup deprecated AST usages
Deepthi Hemraj (1):
binutils: Fix CVE-2022-47007
Desone Burns (1):
bitbake: bitbake: fetch2: git: Update Git-LFS download and tests
Dmitry Baryshkov (11):
kernel-arch: drop CCACHE from KERNEL_STRIP definition
meson: use correct targets for rust binaries
linux-firmware: upgrade 20230804 -> 20231030
linux-firmware: add missing depenencies on license packages
linux-firmware: add notice file to sdm845 modem firmware
linux-firmware: add audio topology symlink to the X13's audio package
linux-firmware: package firmware for Qualcomm Adreno a702
linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210
linux-firmware: package Qualcomm Venus 6.0 firmware
linux-firmware: package Robotics RB5 sensors DSP firmware
libdrm: upgrade 2.4.116 -> 2.4.117
Eero Aaltonen (3):
base-files, systemd: add nss-resolve plugin
systemd: add option to use stub-resolv.conf
ref-manual: add systemd-resolved to distro features
Etienne Cordonnier (1):
bitbake: bitbake-worker: add header with length of message
Fabio Estevam (1):
packagegroup-core-tools-profile: Remove PROFILE_TOOLS_X
Fahad Arslan (1):
linux-firmware: create separate packages
Felix Moessbauer (1):
bitbake: fetch2/aws: forward env-vars used in gitlab-ci K8s
Florian Wickert (1):
systemd: fix libnss-mymachines packaging
Glenn Strauss (3):
lighttpd: upgrade 1.4.71 -> 1.4.72
lighttpd: update init script
lighttpd: modernize lighttpd.conf
Javier Tia (1):
kernel-arch: use ccache only for compiler
Jermain Horsman (3):
lib/oe/buildcfg.py: Include missing import
lib/oe/buildcfg.py: Remove unused parameter
lib/bblayers/setupwriters/oe-setup-layers.py: Fix indentation
Joakim Tjernlund (1):
sed -i destroys symlinks
Johannes Schneider (1):
base-files: profile: allow profile.d to set EDITOR
Jon Mason (2):
qemu: drop unreferenced patch
linux-yocto: Update dtb path for qemuarmv5
Jose Quaresma (5):
sstatesig: be more precise and show the full path in exceptions
systemd: sort packages before pn
systemd: add systemd-crypt package
systemd: add cryptsetup-plugins package config
systemd: add p11kit package config
Joshua Watt (24):
goarch: Move Go architecture mapping to a library
bitbake: asyncrpc: Abstract sockets
bitbake: hashserv: Add websocket connection implementation
bitbake: asyncrpc: Add context manager API
bitbake: hashserv: tests: Add external database tests
bitbake: asyncrpc: Prefix log messages with client info
bitbake: bitbake-hashserv: Allow arguments from environment
bitbake: hashserv: Abstract database
bitbake: hashserv: Add SQLalchemy backend
bitbake: hashserv: Implement read-only version of "report" RPC
bitbake: asyncrpc: Add InvokeError
bitbake: asyncrpc: client: Prevent double closing of loop
bitbake: asyncrpc: client: Add disconnect API
bitbake: hashserv: Add user permissions
bitbake: hashserv: Add become-user API
bitbake: hashserv: Add db-usage API
bitbake: hashserv: Add database column query API
bitbake: hashserv: test: Add bitbake-hashclient tests
bitbake: bitbake-hashclient: Output stats in JSON format
bitbake: bitbake-hashserver: Allow anonymous permissions to be space separated
bitbake: hashserv: tests: Allow authentication for external server tests
bitbake: hashserv: Allow self-service deletion
bitbake: hashserv: server: Add owner if user is logged in
bitbake: asyncrpc: Add option to set log level when running as a process
Julien Stephan (10):
oeqa/selftest/devtool: abort if a local workspace already exist
oeqa/selftest/devtool: remove spaces on empty line
recipetool/create_buildsys_python: fix license note
recipetool/create_buildsys_python: prefix created recipes with python3-
recipetool/create_buildsys_python: refactor code for futur PEP517 addition
recipetool/create_buildsys_python: add PEP517 support
oeqa/selftest/recipetool: add selftest for PEP-517 recipe creation
oeqa/selftest/devtool: fix test_devtool_modify_overrides test
bitbake: bitbake: utils: remove spaces on empty lines
bitbake: fetch2: git: add missing destsuffix and subpath parameters in docstrings
Jérémy Rosen (5):
insane: Add unimplemented-ptest infrastructure
insane: Detect python and perl based tests
insane: Detect build-system test harnesses
insane: Add a naive heuristic to detect test subdirectories
ref-manual: Add documentation for the unimplemented-ptest QA warning
Jörg Sommer (3):
libtirpc: Support ipv6 in DISTRO_FEATURES
base-files: Remove localhost ::1 from hosts if ipv6 missing
package_qa_check_rdepends: Allow /usr/bin/sh if usrmerge
Khem Raj (23):
gcompat: Add fcntl64 wrapper
gcompat: Upgrade to 1.1.0 release
python3-urllib3: Update to 2.0.6
llvm: Upgrade to 17.0.3
shared-mime-info: Fix missing sentinel warning
openssl: Match target name for riscv64/riscv32
openssl: Inherit riscv32 config from latomic config on linux
kernel.bbclass: Use strip utility used for kernel build in do_package
python3-urllib3: Upgrade to 2.0.7
qemuriscv: Add to common MACHINE_FEATURES instead of overriding them
meson: Add check for riscv64 in link template
machine-sdk: Add SDK_ARCH for riscv64
uninative.bbclass: Add ldso information for riscv64
rust-cross-canadian: Add riscv64 to cross-canadian hosts
cdrtools: Fix build on riscv64
llvm: Upgrade to 17.0.4 release
systemd: Make libnss-mymachines conditional upon packageconfig
ptest-packagelists: Remove strace/valgrind/lttng-tools on riscv32
libarchive: Add packageconfig knob for libb2
librsvg: Fix build for riscv32
librsvg: Enable 64bit atomics in crossbeam again for riscv32
libsoup: Upgrade to 3.4.2 -> 3.4.4
llvm: Upgrade to 17.0.5
Lee Chee Yang (6):
qemu: ignore RHEL specific CVE-2023-2680
machine: drop obsolete SERIAL_CONSOLES_CHECK
documentation.conf: drop SERIAL_CONSOLES_CHECK
release-notes-4.3: add Repositories / Downloads section
migration-guide: add release notes for 4.0.14
migration-guide: add release notes for 4.2.4
Logan Gunthorpe (1):
runqemu: Add squashfs filesystem types
Lukas Funke (5):
classes: go-vendor: Add go-vendor class
selftest: recipetool: Add test for go recipe handler
recipetool: Ignore *.go files while scanning for licenses
recipetool: Add handler to create go recipes
udev-extraconf: mount.sh: check if filesystem is supported before mounting
Malte Schmidt (3):
systemd: use nonarch libdir for tmpfiles.d
pam: use nonarch libdir for tmpfiles.d
sysstat: use nonarch libdir for tmpfiles.d
Marcus Folkesson (1):
qemuboot.bbclass: fix typos in documentation
Markus Fuchs (1):
systemd: Add 'no-ntp-fallback' PACKAGECONFIG option
Markus Volk (6):
libcroco: drop recipe
gnomebase.bbclass: Use meson as default buildsystem
ghostscript: Build and install shared lib
cups: Upgrade 2.4.6 -> 2.4.7
gtk: Add rdepend on printbackend for cups
ffmpeg: Upgrade 6.0 -> 6.1
Marlon Rodriguez Garcia (6):
bitbake: toaster: updated bootstrap version 3.3.6 -> 3.3.7
bitbake: toaster: Update bootstrap version to 3.4.1
bitbake: toaster: update jquery version 2.0.3 -> 3.7.1
bitbake: toaster: fixed functional test
bitbake: toaster: add tox.ini file to execute test suite
bitbake: toaster: replace deprecated tags ifequal and ifnotequal
Marta Rybczynska (6):
SECURITY.md: add file
bitbake: SECURITY.md: add file
dev-manual: add security team processes
python3-beartype: upgrade 0.16.2 -> 0.16.4
python3-spdx-tools: upgrade 0.8.1 -> 0.8.2
dev-manual: extend the description of CVE patch preparation
Martin Jansa (13):
staging.bbclass: process installed dependencies in deterministic order as well
bitbake.conf: drop ${PE} and ${PR} from -f{file,macro,debug}-prefix-map
ovmf: drop PE, PR from /usr/src/debug paths
go-cross-canadian.inc: drop PE, PR from /usr/src/debug paths
acpica: drop PE, PR from /usr/src/debug paths
libjpeg-turbo: drop PE, PR from /usr/src/debug paths
ffmpeg: drop PE, PR from /usr/src/debug paths
perf: drop PE, PR from /usr/src/debug paths
rust: drop PE, PR from /usr/src/debug paths
vulkan-samples: drop PE, PR from /usr/src/debug paths
valgrind: drop PE, PR from /usr/src/debug paths
python3-cython: drop PE, PR from /usr/src/debug paths
igt-gpu-tools: drop PR from /usr/src/debug paths
Massimiliano Minella (1):
systemd: update LICENSE statement
Max Krummenacher (2):
Revert "bin_package.bbclass: Inhibit the default dependencies"
perf: fix build with latest kernel
Meenali Gupta (5):
avahi: fix CVE-2023-38469
avahi: fix CVE-2023-38470
avahi: fix CVE-2023-38471
avahi: fix CVE-2023-38472
avahi: fix CVE-2023-38473
Michael Halstead (1):
docs: add support for nanbield (4.3) release
Michael Opdenacker (29):
manuals: update linux-yocto append examples
dev-manual: wic: update "wic list images" output
sdk-manual: appendix-obtain: improve and update descriptions
manuals: update list of supported machines
bsp-guide: bsp: skip Intel machines no longer supported in Poky
brief-yoctoprojectqs: use new CDN mirror for sstate
dev-manual: start.rst: remove obsolete reference
local.conf.sample: remove mips edgerouter machine
oeqa/runtime/cases/parselogs: remove "edgerouter" case
manuals: correct "yocto-linux" by "linux-yocto"
test-manual: reproducible-builds: stop mentioning LTO bug
ref-manual: document KERNEL_LOCALVERSION
ref-manual: variables: document OEQA_REPRODUCIBLE_TEST_PACKAGE
migration-guides: updates for 4.3
migration-guides: mention runqemu change in serial port management
ref-manual: document KERNEL_STRIP
migration-guides: further updates for 4.3
manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS
ref-manual: document MESON_TARGET
ref-manual: document cargo_c class
ref-manual: variables: mention new CDN for SSTATE_MIRRORS
ref-manual: variables: add RECIPE_MAINTAINER
ref-manual: variables: remove SERIAL_CONSOLES_CHECK
migration-guides: further updates for release 4.3
bsp-guide: bsp.rst: update beaglebone example
ref-manual: classes: explain cml1 class name
migration-guides: fix empty sections
manuals: fix URL
ref-manual: releases.svg: update nanbield release status
Mickael RAMILISON (1):
scripts/patchreview: Add a custom pattern for finding recipe patches
Mingli Yu (2):
openssh: Add sshd.service
openssh: Don't hardcode the dir in sshd.service
Niko Mauno (6):
package_rpm: Fix some pycodestyle issues
package_rpm: Minor cosmetic and style fixes
package_rpm: Remove unused definitions
package_rpm: Allow compression mode override
image_types.bbclass: Use xz default compression preset level
ccache.conf: Remove obsolete configuration option
Paul Barker (1):
ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults
Paul Eggleton (12):
Remove references to apm in MACHINE_FEATURES
ref-manual: update SDK_NAME variable documentation
ref-manual: remove semicolons from *PROCESS_COMMAND variables
release-notes-4.3: fix some typos
release-notes-4.3: tweaks to existing text
release-notes-4.3: add CVEs, recipe upgrades, license changes, contributors
release-notes-4.3: remove the Distribution section
release-notes-4.3: move new classes to Rust section
release-notes-4.3: feature additions
migration-4.3: remove some unnecessary items
migration-4.3: adjustments to existing text
migration-4.3: additional migration items
Pavel Zhukov (1):
bitbake: tests/fetch.py: Add tests to cover multiple branch/name parameters
Peter Kjellerstedt (5):
bb-matrix-plot.sh: Show underscores correctly in labels
bitbake: command: Make parseRecipeFile() handle virtual recipes correctly
bitbake: cookerdata: Be consistent with what type bb_data represents
bitbake: cache: Simplify virtualfn2realfn()
oeqa/selftest/tinfoil: Add tests that parse virtual recipes
Peter Marko (1):
openssl: Upgrade 3.1.3 -> 3.1.4
Quentin Schulz (2):
recipes-rt: update README to match newer override syntax
ref-manual: variables: provide no-match example for COMPATIBLE_MACHINE
Ragesh Nair (1):
bitbake: fetch2/git: fix lfs fetch with destsuffix param
Randy MacLeod (2):
strace: backport fix for so_peerpidfd-test
strace: upgrade 6.5 -> 6.6
Rasmus Villemoes (3):
perf: lift TARGET_CC_ARCH modification out of security_flags.inc
valgrind: split helper scripts to separate packages, update dependencies
perf: add jevents PACKAGECONFIG item
Richard Purdie (34):
reproducible: Exclude rust for now again
linux/cve-exclusion6.1/6.5: Update to latest kernel point releases
oeqa/qemurunner: Drop newlines serial workaround
local.conf.sample: Document new CDN mirror for sstate
poky.conf: Bump version for 4.3 nanbield release
build-appliance-image: Update to master head revision
poky.conf: Update to post release versioning
base: Ensure recipes using mercurial-native have certificates
qemu: Upgrade 8.1.0 -> 8.1.2
oeqa/selftest: Drop machines support
sstate: Ensure sstate searches update file mtime
insane: Move unpack tests to do_recipe_qa
go-vendor: Minor style tweaks
package/package_write: Improve packagedata code location
debianutils: Fix warnings
bitbake: runqueue: Fix runall option for setscene tasks
bitbake: runqueue: Fix errors when using -S printdiff
oeqa/selftest/sstatetests: Fix intermitttent errors and improve performance
layer.conf: Switch layer to nanbield series only
libdnf: Fix arm arch mapping issues for qemuarmv5
linux/cve-exclusion6.1/6.5: Update to latest kernel point releases
bitbake: Revert "toaster: Bug-fix webdriver No parameter named options"
vim: Improve locale handling
selftest/reproducible: Allow packages exclusion via config
bitbake: runqueue: Move 'cantskip' into sqdata
bitbake: runqueue: Refactor StaleSetSceneTasks event out of build_scenequeue_data
bitbake: toaster/tox.ini: Add py 3.11 and 3.12
bitbake.conf: Drop oldincludedir
bitbake: cooker: Add support for BB_DEFAULT_EVENTLOG
bitbake: cooker: Avoid sideeffects for autorev from getAllKeysWithFlags
oeqa/selftest/sstatetests: Re-enable CDN tests
bitbake.conf: Log events by default using BB_DEFAULT_EVENTLOG
package_ipk: Fix Source: field variable dependency
Revert "binutils: Fix CVE-2022-47007"
Robert P. J. Day (2):
dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section
profile-manual: aesthetic cleanups
Ross Burton (36):
man-db: add RRECOMMENDS on glibc-utils for iconv
man-db: remove inexplicable man_db.conf patch
patchtest: remove unused imports
patchtest: sort when reading patches from a directory
linux-yocto: update CVE exclusions
libxml2: ignore disputed CVE-2023-45322
zlib: ignore CVE-2023-45853
cve-check: sort the package list in the JSON report
cve-check: slightly more verbose warning when adding the same package twice
pixman: ignore CVE-2023-37769
scripts/patchreview: rework patch detection
scripts/contrib/patchreview: add commit and recipe count fields to JSON
scripts/contrib/patchreview: consolidate imports
scripts/contrib/patchreview: fix commit identification
cve-check: don't warn if a patch is remote
migration-guides: add debian 12 to newly supported distros
migration-guides: edgerouter machine removed
migration-guides: QEMU_USE_SLIRP variable removed
migration-guides: remove non-notable change
migration-guides: mention LLVM 17
migration-guides: mention CDN
migration-guides: add kernel notes
migration-guides: remove SERIAL_CONSOLES_CHECK
migration-guides: enabling SPDX only for Poky, not a global default
migration-guides: add testing notes
migration-guides: add utility notes
migration-guides: add BitBake changes
migration-guides: packaging changes
migration-guides: git recipes reword
poky-tiny: fix PACKAGE_EXCLUDE
Revert "xserver-xorg: Fix for CVE-2023-5574"
xwayland: upgrade to 23.2.2
lib/oe/patch: ensure os.chdir restoring always happens
oeqa/selftest/debuginfod: improve selftest
shared-mime-info: embed PV in the filename
rust-llvm: remove python3native dependency
Rouven Czerwinski (1):
glib-2.0: Remove unnecessary assignement
Sean Nyekjaer (3):
rust-cross-canadian: set CARGO_TARGET_<triple>_RUSTFLAGS
rust-cross-canadian: set CARGO_TARGET_<triple>_RUNNER for nativesdk
oeqa/sdk/rust: Add build and run test of rust binary with SDK host
Sergei Zhmylev (1):
classes: Move package RDEPENDS processing out of debian.bbclass
Siddharth Doshi (2):
vim: Upgrade 9.0.1894 -> 9.0.2009
vim: Upgrade 9.0.2009 -> 9.0.2048
Stefan Herbrechtsmeier (2):
glibc: use nonarch libdir for tmpfiles.d
classes: go-mod: do not pack go mod cache
Steve Sakoman (1):
vim: use upstream generated .po files
Stéphane Veyret (2):
volatile-binds: Allow creation of subdirectories
volatile-binds: Calculate the name of the /var/lib service
Thomas Perrot (1):
opensbi: Upgrade to 1.3.1 release
Thomas Wolber (1):
kea: drop unused directory
Tim Orling (9):
recipetool: add python_hatchling support
lsb-release: use https for UPSTREAM_CHECK_URI
bitbake: toaster: drop deprecated USE_L10N from settings
bitbake: toaster: use docs for BitBake link on landing page
bitbake: toaster: fix obsolete use of find_element_by_link_text
bitbake: toaster: test_create_new_project typos, whitespace
python3-hypothesis: upgrade 6.88.3 -> 6.89.0
python3-setuptools-scm: upgrade 7.1.0 -> 8.0.4
python3-poetry-core: upgrade 1.7.0 -> 1.8.1
Trevor Gamblin (30):
patchtest: improve test issue messages
patchtest: clean up test suite
patchtest/requirements.txt: update
patchtest: add supporting modules
patchtest: add scripts to oe-core
patchtest: set default repo and testdir targets
patchtest: update SPDX identifiers
patchtest/selftest: fix command arguments
patchtest: check for untracked changes
patchtest: test regardless of mergeability
patchtest: skip merge test if not targeting master
contributor-guide: add patchtest section
contributor-guide: clarify patchtest usage
patchtest: fix lic_files_chksum test regex
patchtest-send-results: improve subject line
patchtest: disable merge test
patchtest-send-results: check max line length, simplify responses
patchtest/selftest: add XSKIP, update test files
patchtest: simplify test directory structure
patchtest: reduce checksum test output length
patchtest: shorten test result outputs
patchtest-send-results: send results to submitter
patchtest-send-results: add In-Reply-To
patchtest: make pylint tests compatible with 3.x
patchtest: remove test for CVE tag in mbox
patchtest-send-results: fix sender parsing
patchtest: rework license checksum tests
python3-mako: upgrade 1.2.4 -> 1.3.0
python3-trove-classifiers: upgrade 2023.10.18 -> 2023.11.14
python3-numpy: upgrade 1.26.0 -> 1.26.2
Vijay Anusuri (1):
xserver-xorg: Fix for CVE-2023-5574
Vincent Davis Jr (1):
acpica: add nativesdk to BBCLASSEXTEND
Vyacheslav Yurkov (1):
lib/oe/path: Deploy files can start only with a dot
Wang Mingyu (79):
openssh: upgrade 9.4p1 -> 9.5p1
bluez5: upgrade 5.69 -> 5.70
btrfs-tools: upgrade 6.5.1 -> 6.5.2
createrepo-c: upgrade 1.0.0 -> 1.0.1
dhcpcd: upgrade 10.0.2 -> 10.0.3
ell: upgrade 0.58 -> 0.59
kmod: upgrade 30 -> 31
libcomps: upgrade 0.1.19 -> 0.1.20
libsdl2: upgrade 2.28.3 -> 2.28.4
libubootenv: upgrade 0.3.4 -> 0.3.5
ltp: upgrade 20230516 -> 20230929
libva: upgrade 2.19.0 -> 2.20.0
python3-git: upgrade 3.1.36 -> 3.1.37
python3-babel: upgrade 2.12.1 -> 2.13.0
python3-beartype: upgrade 0.15.0 -> 0.16.2
python3-cffi: upgrade 1.15.1 -> 1.16.0
python3-hypothesis: upgrade 6.86.2 -> 6.87.4
python3-iso8601: upgrade 2.0.0 -> 2.1.0
python3-markdown: upgrade 3.4.4 -> 3.5
python3-packaging: upgrade 23.1 -> 23.2
python3-pycairo: upgrade 1.24.0 -> 1.25.0
python3-ruamel-yaml: upgrade 0.17.32 -> 0.17.35
xkeyboard-config: upgrade 2.39 -> 2.40
python3-wcwidth: upgrade 0.2.6 -> 0.2.8
repo: upgrade 2.36.1 -> 2.37
shared-mime-info: upgrade 2.2 -> 2.3
sqlite3: upgrade 3.43.1 -> 3.43.2
stress-ng: upgrade 0.16.05 -> 0.17.00
base-passwd: upgrade 3.6.1 -> 3.6.2
createrepo-c: upgrade 1.0.1 -> 1.0.2
cronie: upgrade 1.6.1 -> 1.7.0
dhcpcd: upgrade 10.0.3 -> 10.0.4
enchant2: upgrade 2.6.1 -> 2.6.2
btrfs-tools: upgrade 6.5.2 -> 6.5.3
debianutils: upgrade 5.13 -> 5.14
gpgme: upgrade 1.22.0 -> 1.23.1
harfbuzz: upgrade 8.2.1 -> 8.2.2
libdnf: upgrade 0.71.0 -> 0.72.0
libical: upgrade 3.0.16 -> 3.0.17
libjpeg-turbo: upgrade 3.0.0 -> 3.0.1
libnewt: upgrade 0.52.23 -> 0.52.24
libnsl2: upgrade 2.0.0 -> 2.0.1
lighttpd: upgrade 1.4.72 -> 1.4.73
msmtp: upgrade 1.8.24 -> 1.8.25
ghostscript: upgrade 10.02.0 -> 10.02.1
glib-2.0: upgrade 2.78.0 -> 2.78.1
python3-pyrsistent: upgrade 0.19.3 -> 0.20.0
python3-babel: upgrade 2.13.0 -> 2.13.1
python3-gitdb: upgrade 4.0.10 -> 4.0.11
python3-git: upgrade 3.1.37 -> 3.1.40
python3-hypothesis: upgrade 6.87.4 -> 6.88.1
python3-pip: upgrade 23.2.1 -> 23.3.1
python3-psutil: upgrade 5.9.5 -> 5.9.6
python3-pycairo: upgrade 1.25.0 -> 1.25.1
python3-pyopenssl: upgrade 23.2.0 -> 23.3.0
python3-pytest: upgrade 7.4.2 -> 7.4.3
python3-setuptools-rust: upgrade 1.7.0 -> 1.8.1
python3-testtools: upgrade 2.6.0 -> 2.7.0
python3-trove-classifiers: upgrade 2023.9.19 -> 2023.10.18
python3-wcwidth: upgrade 0.2.8 -> 0.2.9
python3-wheel: upgrade 0.41.2 -> 0.41.3
shaderc: upgrade 2023.6 -> 2023.7
xserver-xorg: upgrade 21.1.8 -> 21.1.9
python3-cryptography(-vectors): upgrade 41.0.4 -> 41.0.5
dhcpcd: upgrade 10.0.4 -> 10.0.5
diffoscope: upgrade 249 -> 251
git: upgrade 2.42.0 -> 2.42.1
iproute2: upgrade 6.5.0 -> 6.6.0
libsdl2: upgrade 2.28.4 -> 2.28.5
libsolv: upgrade 0.7.25 -> 0.7.26
libuv: upgrade 1.46.0 -> 1.47.0
bash: upgrade 5.2.15 -> 5.2.21
dnf: upgrade 4.17.0 -> 4.18.1
python3-hatch-vcs: upgrade 0.3.0 -> 0.4.0
python3-hypothesis: upgrade 6.88.1 -> 6.88.3
python3-pbr: upgrade 5.11.1 -> 6.0.0
python3-testtools: upgrade 2.7.0 -> 2.7.1
shared-mime-info: upgrade 2.3 -> 2.4
stress-ng: upgrade 0.17.00 -> 0.17.01
William A. Kennington III (1):
kernel: Commit without running hooks
William Lyu (2):
perl: fix intermittent test failure
openssl: improve handshake test error reporting
Xiangyu Chen (4):
linux-yocto: make sure the pahole-native available before do_kernel_configme
grub: Fix for CVE-2023-4692 and CVE-2023-4693
sudo: upgrade 1.9.14p3 -> 1.9.15p2
openssh: add systemd readiness notification support
Yoann Congal (4):
insane: skip unimplemented-ptest on S=WORKDIR recipes
insane: unimplemented-ptest: ignore source file errors
selftest/reproducible: Split a long line
meta-selftest/files: add xuser to static-passwd/-group
david d zuhn (1):
bitbake.conf: remove ${CCACHE} from FORTRAN compiler
luca fancellu (1):
oeqa/ssh: Handle SSHCall timeout error code
meta-arm: e914891eee..1dff3300fb:
Abdellatif El Khlifi (6):
arm-bsp/linux-yocto: corstone1000: bump to v6.5%
arm-bsp/documentation: corstone1000: enable debug-tweaks
arm-bsp/documentation: corstone1000: update the release note
arm-bsp/documentation: corstone1000: update the change log
arm-bsp/documentation: corstone1000: update the user guide
kas: corstone1000: pin the SHAs
Ali Can Ozaslan (1):
arm-bsp/documentation: corstone1000: Update the user guide
Debbie Martin (10):
arm-bsp/u-boot: Divide the U-boot configuration by machine
arm-bsp/fvp-base: Merge fvp-common.inc into fvp-base.conf
arm-bsp/trusted-firmware-a/fvp-base: Add stdout path and virtio net and rng
arm-bsp/u-boot/fvp-base: Configure FVP base U-boot machine and enable U-boot sysreset, CRC-32 and virtio RNG
arm-bsp/fvp-base: Configure grub as the EFI provider
arm/fvp-base: Update the default testsuites
arm-systemready: Introduce the Arm SystemReady layer
arm-bsp/systemready: Bring up the Arm SystemReady IR ACS 2.0 suite on FVP base
kas: Add kas configuration for Arm SystemReady and fvp-base
ci: Add fvpboot to IMAGE_CLASSES
Delane Brandy (1):
arm-bsp/documentation: corstone1000: Update the user guide
Drew Reed (2):
arm-bsp: Enable TF-A test building for the N1SDP
CI: Enable TF-A TFTF test builds
Emekcan Aras (17):
arm-bsp/u-boot: corstone1000: enable on-disk capsule update
arm-bsp/u-boot: corstone1000: fix runtime capsule update flag checks
arm-bsp/trusted-firmware-m: fix capsule update alignment
arm-bsp/trusted-firmware-m: update the upstream status of the out-of-tree patches
arm-bsp/u-boot: corstone1000: scatter gather list workaround for ondisk capsule update
arm-bsp/trusted-services: enable signaled handling interrupts for SPs
arm-bsp/corstone1000: fix synchronization issue on openamp notification
arm/fvp-corstone1000: upgrade to 11.23_25
arm-bsp/corstone1000-fvp: Add virtio-net configuration
arm-bsp/corstone1000-fvp: add unpadded image support for MMC card config
arm-bsp/corstone1000-fvp: Disable Time Annotation
arm-bsp/u-boot: corstone1000: enable virtio-net support for FVP
arm-bsp/documentation: corstone1000: update the architecture document
arm-bsp/documentation: corstone1000: Add EFI system partition section
arm-bsp/documentation: corstone1000: add a note and fix instructions
arm-bsp/documentation: corstone1000: add readthedocs.yaml file
arm-bsp/documentation: corstone1000: fix the requirements.txt and conf.py path
Harsimran Singh Tungal (4):
arm-bsp/u-boot: corstone1000: Remove External system patches
arm-bsp/linux: corstone1000: update the defconfig
arm-bsp/linux: corstone1000: Remove External system patches
arm-bsp/images: corstone1000: Remove the external system test package
Javier Tia (1):
trusted-firmware-a: fix build error when using ccache
Jon Mason (10):
arm-bsp/linux-yocto: add recipe for v6.4 kernel
arm/linux-yocto: remove defconfig patch
CI: add sbsa-acs to recipe report
arm/linux-yocto: remove PHYS_VIRT config frag
arm-bsp/optee: remove 3.18 recipes and patches
arm-bsp/edk2: remove 202211
arm/hafnium: update to v2.9
arm/optee: update to 4.0.0
arm/optee: cleanups from code review
arm/toolchains: update to 13.2.Rel1
Mariam Elshakfy (3):
arm-bsp/n1sdp: Move OP-TEE to DDR4
arm-bsp/n1sdp: Enable OP-TEE cache in N1SDP
arm-bsp/corstone1000: Remove inappropriate kernel delay patch
Ross Burton (24):
arm/oeqa/selftest: tag all tests with "meta-arm"
CI: don't hardcode the selftest tests to run
CI: also run the _qemutiny testcase for poky-tiny
CI: track nanbield branches
arm/fvp-corstone1000: upgrade to 11.22.35, add aarch64 binaries
kas/corstone1000: don't limit the FVP use to x86-64
CI: don't pin corstone1000-fvp to x86-64
CI: build both aarch64 and x86-64 packages for as many FVPs as possible
arm-bsp/u-boot: remove 2023.01
arm/trusted-firmware-a: update mbedtls to recommended release
CI: Add meta-secure-core to pending-upgrades for corstone1000
arm-bsp: corstone1000 depends on meta-efi-secure-boot
arm/generic-arm64: remove obsolete SERIAL_CONSOLES_CHECK
arm/lib/fvp/runner: don't pass '' as cwd
scripts/runfvp: exit code should be the FVP exit code
arm/selftest: add test that DISPLAY is forwarded into the runfvp child
CI: use nanbield branch for meta-virtualization
CI: use nanbield branch of meta-clang
arm/optee: handle CVE-2021-36133 as disputed
arm-bsp/optee-os: backport fix for CVE-2023-41325
arm/fvp-base-a-aem: upgrade to 11.23.9
arm-bsp/fvp-base: upgrade tune to v8.4
arm-bsp/trusted-firmware-a: use v8.4 instructions on fvp-base
arm-bsp/optee-os: update Upstream-Status tags
Vikas Katariya (1):
arm-bsp/corstone1000: Fix RSA key generation issue
Xueliang Zhong (2):
Update Corstone-1000 doc with security issue reporting guideline
arm-bsp/n1sdp: update to linux yocto kernel 6.5
meta-raspberrypi: 482d864b8f..8231f97534:
Andrei Gherzan (1):
docs: Fix ReadTheDocs builds.os requirement
Carlos Alberto Lopez Perez (1):
linux-raspberrypi: stop setting powersave as the default CPU governor
Jose Quaresma (2):
linux-raspberrypi/linux-raspberrypi-v7: drop 5.10 version
rpi-base: Adds EXTRA_IMAGEDEPENDS to fix the image task do_populate_lic_deploy
Khem Raj (1):
linux-raspberrypi_6.1.bb: Update to 6.1.61 release
Leon Anavi (2):
rpi-config: Upgrade to tip of tree
rpi-config: reintroduce start_x
Matthew Draws (1):
rpi-eeprom: Update to 2023.10.18-2712
Vincent Davis Jr (1):
rpidistro-vlc: add new patch po-Fix-typos-in-oc
meta-openembedded: 62039a2c33..991e6852a5:
Akash Hadke (1):
libeigen: Update GPL-3.0-only to GPL-2.0-only
Alex Kiernan (2):
reptyr: Add 0.10.0
mdns: Upgrade 2200.0.8 -> 2200.40.37.0.1
Alper Ak (1):
unionfs-fuse: upgrade 2.2 --> 3.4
Andrew Jeffery (1):
mdio-tools: Add virtual/kernel dependency to avoid stale SPDX reference
Armin Kuster (4):
netkit: Drop old and no upstream
MAINTANERS: drop netkit
README: drop netkit maintainer
pkggrp: drop netkit
Arthur Oliveira (5):
python3-objectpath: Add ObjectPath Python Recipe
python3-flask-restx: Add Flask-RestX Python Recipe
python3-zopeevent: Add Zope.Event Python Recipe
python3-aniso8601: Add ISO 8601 parsing library
python3-flask-restx: Switch dependency from isodate to aniso8601
Bartosz Golaszewski (5):
shunit2: new recipe
libgpiod: update to v2.1
python3-gpiod: update to v2.1.3
python3-gpiod: setup target config in ptest compile
python3-gpiod: fix the required version of libgpiod
Beniamin Sandu (2):
mbedtls: upgrade 3.4.1 -> 3.5.0
unbound: upgrade 1.18.0 -> 1.19.0
Benjamin Bouvier (1):
libsmi: enable native build
Carlos Alberto Lopez Perez (1):
libbacktrace: Update version and enable shared library.
Charles Perry (4):
libosip2: add recipe
libexosip2: add recipe
libexosip2: add c-ares and openssl PACKAGECONFIG
libexosip2: package binaries in a separate package
Chi Xu (1):
re2: Add ptest support
Christian Eggers (1):
python3-gcovr: switch to main branch
Christophe Vu-Brugier (1):
exfatprogs: upgrade 1.2.1 -> 1.2.2
Clément Péron (2):
proj: Upgrade to 9.3.0 release
pcapplusplus: Add recipe for 23.09 release
Daiane Angolini (1):
wireguard-tools: Use PACKAGECONFIG to select wg-quick and bash-completion
Daniel McGregor (1):
python3-pylint: allow native build
Daniel Semkowicz (2):
cockpit: Fix cockpit-askpass path
cockpit: Bump to version 304
David Pierret (3):
libtext: add ptest
cjson: Add ptest
python3-rapidjson: add missing ptest dependency
Edi Feschiyan (1):
libbytesize: update SRC_URI
Etienne Cordonnier (1):
uutils-coreutils: upgrade 0.0.21 -> 0.0.22
Fabien Thomas (2):
klibc/klibc.inc : Add DEBUG_PREFIX_MAP flag.
samba.bb : Disable ad-dc by default
Fabio Estevam (5):
edid-decode: Upgrade to latest master
openocd: Use https for github
python3-piccata: Use https for github
multipath-tools: Use https for github
crucible: Upgrade to 2023.11.02
Gianfranco Costamagna (3):
vbxguestdrivers: upgrade 7.0.10 -> 7.0.12
cpulimit: add DESCRIPTION field
dlt-daemon: cherry-pick another upstream-proposed patch
Hains van den Bosch (1):
libebml: Enable shared libraries
Jamin Lin (1):
Brotli: fix build failed if the path includes "-static"
Jan Claußen (1):
btop: Add recipe
Jan Vermaete (3):
netdata: chown in systemd service with ':' iso '.'
netdata: version bump 1.43.0 -> 1.43.2
README.md: was a Markdown paragraph and should be a list
Jeffrey Pautler (1):
apache2: add vendor to product name used for CVE checking
Joe Slater (2):
python3-pynacl: add RCONFLICTS with python3-nacl
python3-django: move to version 4.2.5
Johannes Kauffmann (1):
open62541: update to v1.3.8
Johnathan Mantey (1):
ipmitool: Update and eliminate unneeded patch
Jonas Gorski (1):
frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}
Jose Quaresma (4):
ostree: Upgrade 2023.5 -> 2023.6
ostree: drop trivial-httpd-cmdline
ostree: add ed25519-openssl
ostree: Upgrade 2023.6 -> 2023.7
Kai Kang (4):
xfce4-panel-profiles: 1.0.13 -> 1.0.14
python3-nacl: drop duplicate recipe
python3-blivet: 3.4.3 -> 3.8.2
python3-blivetgui: 2.3.0 -> 2.4.2
Khem Raj (209):
libnet-idn-encode: Fix build with perl 2.38 and gcc13
poco: Fix data race when create POSIX thread
static-group: Match nogroup id to base-passwd from core.
gutenprint: Upgrade to 5.3.4
meta-perl: Add libtext-diff-perl to fast ptest list
leveldb: Upgrade to 1.23 plus latest git
meta-python: Add python3-rapidjson to PTESTS_FAST_META_PYTHON
leveldb: Print uint64_t with PRI64
network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker versioning patch when using lld only
emlog: Add PV
ccid: upgrade 1.5.2 -> 1.5.4
jack: upgrade 1.19.22 -> 2
abseil-cpp: upgrade 20230802.0 -> 20230802.1
xterm: upgrade 387 -> 388
toybox: upgrade 0.8.8 -> 0.8.10
pahole: upgrade 1.24 -> 1.25
gcab: upgrade 1.4 -> 1.6
feh: upgrade 3.10 -> 3.10.1
xmlsec1: upgrade 1.2.37 -> 1.3.2
xmlsec1: Fix the key name in verify2 test
ctags: upgrade 6.0.20231001.0 -> 6.0.20231029.0
googlebenchmark: upgrade 1.8.0 -> 1.8.3
opencl-headers: upgrade 04.17 -> 2023.04.17
thingsboard-gateway: upgrade 3.4.1 -> 3.4.2
neatvnc: upgrade 0.6.0 -> 0.7.0
lastlog2: upgrade 1.1.0 -> 1.2.0
libmbim: upgrade 1.30.0 -> 1.31.1
ser2net: upgrade 4.3.13 -> 4.5.0
fio: upgrade 3.32 -> 2022
libosinfo: upgrade 1.10 -> 1.11.0
webkitgtk3: upgrade 2.42.0 -> 2.42.1
mstpd: upgrade 0.1 -> 0.05
smarty: upgrade 4.3.0 -> 4.3.4
geos: upgrade 3.12.0 -> 3.12.0beta2
wtmpdb: upgrade 0.7.1 -> 0.9.3
lsscsi: upgrade 0.32 -> 030
glibmm-2.68: upgrade 2.74.0 -> 2.78.0
mcelog: upgrade 194 -> 196
libfastjson: upgrade 0.99.9 -> 1.2304.0
libraw: upgrade 0.20.2 -> 0.21.1
cairomm-1.16: upgrade 1.16.2 -> 1.18.0
libbpf: upgrade 1.2.0 -> 1.2.2
libtorrent: upgrade 0.13.8 -> 1
modemmanager: upgrade 1.22.0 -> 1.23.1
c-ares: upgrade 1.20.1 -> 1.21.0
pmdk: upgrade 1.12.1 -> 2.0.0
hwdata: upgrade 0.370 -> 0.375
mksh: upgrade 59 -> R59c
sdbus-c++: upgrade 1.3.0 -> 1.4.0
cjson: upgrade 1.7.15 -> 1.7.16
uftrace: upgrade 0.13.1 -> 0.14
python3-trustme: upgrade 0.9.0 -> 1.1.0
python3-eth-utils: upgrade 2.2.2 -> 2.3.0
python3-xstatic-font-awesome: upgrade 4.7.0.0 -> 6.2.1.1
python3-process-tests: upgrade 2.1.2 -> 3.0.0
python3-pyperf: upgrade 2.6.1 -> 2.6.2
python3-sentry-sdk: upgrade 1.26.0 -> 1.34.0
python3-websockets: upgrade 11.0.3 -> 12.0
python3-alembic: upgrade 1.12.0 -> 1.12.1
python3-pymisp: upgrade 2.4.176 -> 2.4.178
python3-traitlets: upgrade 5.11.2 -> 5.13.0
python3-pytest-mock: upgrade 3.11.1 -> 3.12.0
python3-kivy: upgrade 2.1.0 -> 2.2.1
python3-web3: upgrade 6.11.1 -> 6.11.2
python3-m2crypto: upgrade 0.39.0 -> 0.40.1
python3-rapidjson: upgrade 1.12 -> 1.13
python3-eth-typing: upgrade 3.5.0 -> 3.5.1
python3-email-validator: upgrade 2.0.0 -> 2.1.0
python3-icu: upgrade 2.11 -> 2.12
python3-virtualenv: upgrade 20.24.5 -> 20.24.6
python3-tzlocal: upgrade 5.1 -> 5.2
python3-cantools: upgrade 39.2.0 -> 39.3.0
python3-flask-login: upgrade 0.6.2 -> 0.6.3
python3-argcomplete: upgrade 3.1.2 -> 3.1.4
python3-wxgtk4: upgrade 4.2.0 -> 4.2.1
python3-meson-python: upgrade 0.14.0 -> 0.15.0
python3-pymongo: upgrade 4.5.0 -> 4.6.0
python3-imgtool: upgrade 1.10.0 -> 2.0.0
python3-google-api-python-client: upgrade 2.104.0 -> 2.106.0
python3-tornado: upgrade 6.3 -> 6.3.3
python3-imageio: upgrade 2.31.5 -> 2.31.6
python3-blinker: upgrade 1.6.3 -> 1.7.0
python3-pyhamcrest: upgrade 2.0.4 -> 2.1.0
python3-pytest-asyncio: upgrade 0.21.1 -> 0.22.0
python3-pyjwt: upgrade 2.7.0 -> 2.8.0
python3-bitstruct: upgrade 8.18.0 -> 8.19.0
python3-filelock: upgrade 3.12.4 -> 3.13.1
python3-sqlalchemy: upgrade 2.0.22 -> 2.0.23
python3-greenlet: upgrade 2.0.2 -> 3.0.1
python3-charset-normalizer: upgrade 3.3.0 -> 3.3.2
python3-cbor2: upgrade 5.4.6 -> 5.5.1
python3-cbor2: Add missing hypothesis rdep for ptests
python3-asttokens: upgrade 2.4.0 -> 2.4.1
python3-xlsxwriter: upgrade 3.1.8 -> 3.1.9
python3-cachetools: upgrade 5.3.1 -> 5.3.2
python3-paramiko: upgrade 3.2.0 -> 3.3.1
python3-tomlkit: upgrade 0.12.1 -> 0.12.2
python3-eth-account: upgrade 0.9.0 -> 0.10.0
python3-reedsolo: upgrade 1.7.0 -> 2.0.13
python3-shellingham: upgrade 1.5.3 -> 1.5.4
python3-ipython: upgrade 8.16.1 -> 8.17.2
python3-argh: upgrade 0.29.4 -> 0.30.3
python3-executing: upgrade 2.0.0 -> 2.0.1
python3-pylint: upgrade 3.0.1 -> 3.0.2
python3-google-auth: upgrade 2.23.3 -> 2.23.4
libtest-harness-perl: upgrade 3.47 -> 3.48
libmodule-build-tiny-perl: upgrade 0.046 -> 0.047
libdbd-sqlite-perl: upgrade 1.72 -> 1.74
libconfig-tiny-perl: upgrade 2.29 -> 2.30
libcgi-perl: upgrade 4.57 -> 4.60
ipset: upgrade 7.15 -> 7.19
openvpn: upgrade 2.6.3 -> 2.6.6
nng: upgrade 1.5.2 -> 12
usrsctp: upgrade to latest revision
python3-scapy: upgrade to latest revision
wolfssl: upgrade 5.5.4 -> 5.6.4
tnftp: upgrade 20210827 -> 20230507
fluidsynth: upgrade 2.3.2 -> 2.3.4
libuvc: upgrade 0.0.6 -> 0.0.7
libdc1394: upgrade 2.2.6 -> 2.2.7
ncmpc: upgrade 0.47 -> 0.49
gerbera: upgrade 1.11.0 -> 1.12.1
gst-shark: upgrade 0.7.3.1 -> 0.8.1
gupnp-av: upgrade 0.14.0 -> 0.14.1
libmediaart-2.0: upgrade 1.9.5 -> 1.9.6
libdvbpsi: upgrade 1.3.0 -> 1.3.3
fdk-aac: upgrade 2.0.1 -> 2.0.2
libavif: upgrade 0.11.1 -> 1.0.1
libdvdcss: upgrade 1.4.2 -> 1.4.3
aom: upgrade 3.6.1 -> 3.7.0
aom: Disable neon when building on arm
dav1d: upgrade 1.2.0 -> 1.3.0
network-manager-applet: upgrade 1.32.0 -> 1.34.0
gvfs: upgrade 1.52.0 -> 1.52.1
gnome-text-editor: upgrade 45.0 -> 45.1
libwacom: upgrade 2.6.0 -> 2.8.0
evolution-data-server: upgrade 3.50.0 -> 3.50.1
orage: upgrade 4.16.0 -> 4.18.0
xfce4-systemload-plugin: upgrade 1.3.1 -> 1.3.2
xfce4-screenshooter: upgrade 1.10.3 -> 1.10.4
xfce4-appfinder: upgrade 4.18.0 -> 4.19.1
xfce4-netload-plugin: upgrade 1.4.0 -> 1.4.1
thunar-shares-plugin: upgrade 0.3.1 -> 0.3.2
xfce4-battery-plugin: upgrade 1.1.4 -> 1.1.5
xfce4-places-plugin: upgrade 1.8.1 -> 1.8.3
libxfce4util: upgrade 4.18.1 -> 4.19.2
xfce4-notes-plugin: upgrade 1.9.0 -> 1.10.0
xfce4-weather-plugin: upgrade 0.11.0 -> 0.11.1
thunar: upgrade 4.18.4 -> 4.19.0
catfish: upgrade 4.16.3 -> 4.18.0
xfce4-time-out-plugin: upgrade 1.1.2 -> 1.1.3
thunar-archive-plugin: upgrade 0.5.1 -> 0.5.2
xfce4-timer-plugin: upgrade 1.7.1 -> 1.7.2
xfce4-calculator-plugin: upgrade 0.7.1 -> 0.7.2
xfmpc: upgrade 0.3.0 -> 0.3.1
garcon: upgrade 4.18.1 -> 4.19.0
xfce4-genmon-plugin: upgrade 4.1.1 -> 4.2.0
xfce4-fsguard-plugin: upgrade 1.1.2 -> 1.1.3
xfce4-cpugraph-plugin: upgrade 1.2.7 -> 1.2.8
parole: upgrade 4.16.0 -> 4.18.0
xfce4-datetime-plugin: upgrade 0.8.1 -> 0.8.3
menulibre: upgrade 2.2.3 -> 2.3.2
xfce4-pulseaudio-plugin: upgrade 0.4.3 -> 0.4.8
libxfce4ui: upgrade 4.18.3 -> 4.19.3
xfce4-taskmanager: upgrade 1.5.5 -> 1.5.6
xfce4-mpc-plugin: upgrade 0.5.2 -> 0.5.3
mousepad: upgrade 0.5.9 -> 0.6.1
gigolo: upgrade 0.5.2 -> 0.5.3
xfce4-verve-plugin: upgrade 2.0.1 -> 2.0.3
exo: upgrade 4.18.0 -> 4.19.0
xfce4-mailwatch-plugin: upgrade 1.3.0 -> 1.3.1
xarchiver: upgrade 0.5.4.17 -> 0.5.4.21
xfsprogs: upgrade 6.1.1 -> 6.5.0
xfstests: upgrade 2023.03.05 -> 2023.10.29
xfstests: Fix build with clang17
xfstests: Fix build on musl
ufs-utils: upgrade to latest revision
xfce4-systemload-plugin: Fix build on 32bit machines
libsodium: upgrade 1.0.18 -> 1.0.19
libsodium: Fix build with clang on aarch64
Revert "modemmanager: upgrade 1.22.0 -> 1.23.1"
modemmanager: inherit upstream-version-is-even
Revert "geos: upgrade 3.12.0 -> 3.12.0beta2"
emlog: Drop SRCPV
makedumpfile: Change COMPATIBLE_HOST check to exclude unsupported arches
packagegroup-meta-oe: Update makedumpfile architecture support list
gupnp: Add missing rdep on python3-core
vte9: Upgrade to 0.74.1
rygel: Upgrade to 0.40.4 -> 0.42.4
vte9: Add knob for enabling systemd
meta-networking: Use autotools make system
meta-oe: Use autotools make system
toscoterm: Skip recipe, slated for removal
loudmouth: Upgrade to 1.5.4
toscoterm: Delete recipe
librest: Use autotools make system
cannelloni: Fix build with clang and libc++ runtime
gnome-console: Add missing dependency on gtk4-native
gnome-terminal: Add missing dependency on libhandy
dleyna-core: Update to tip of master
dleyna: Skip all dleyna recipes, slated for removal
packagegroup-meta-multimedia: Remove dleyna recipes
beep: Upgrade to 1.4.12
yelp: Use autotools for build system
gstd: Upgrade to 0.15.0
gimp: Update to 2.10.36
projucer: Refresh patch to apply cleanly
ledmon: Fix systemd unit install
libxml++-5.0: Make use of gnomebase bbclass
LI Qingwu (1):
kmsxx: Add recipe
Lei Maohui (1):
gexiv2: Fix do_package QA issue when usrmerge enabled.
Leon Anavi (32):
sip: upgrade 6.7.11 -> 6.7.12
python3-rarfile: add recipe
python3-colorclass: add recipe
python3-inflate64: add recipe
python3-jsbeautifier: add recipe
python3-pymemcache: add recipe
python3-multivolumefile: add recipe
python3-oletools: add recipe
python3-olefile: add recipe
python3-pcodedmp: add recipe
python3-screeninfo: add recipe
python3-unoconv: add recipe
python3-pybcj: add recipe
python3-pyppmd: add recipe
python3-py7zr: add recipe
python3-wand: add recipe
python3-pdm-backend: add recipe
python3-pdm: add recipe
python3-jsonref: Upgrade 1.0.1 -> 1.1.0
imlib2: Upgrade 1.7.1 -> 1.12.1
libblockdev: Upgrade 3.0.3 -> 3.0.4
exiftool: add recipe
bindfs: add recipe
qpdf: Update 10.6.3 -> 11.6.3
python3-file-magic: add recipe
python3-wrapt: Upgrade 1.15.0 -> 1.16.0
python3-bitarray: Upgrade 2.8.2 -> 2.8.3
python3-pillow: Upgrade 10.0.1 -> 10.1.0
python3-polyline: upgrade 1.4.0 -> 2.0.1
python3-py7zr: Upgrade 0.20.7 -> 0.20.8
python3-zeroconf: upgrade 0.120.0 -> 0.126.0
python3-pystemd: upgrade 0.10.0 -> 0.13.2
Luca Fancellu (5):
linuxptp: update linuxptp recipe to 4.1
linuxptp: install default configuration file in sysconfdir
linuxptp: add systemd services
linuxptp: Drop unneeded downstream patches
linuxptp: Use templates for the systemd services
Marek Vasut (2):
lvgl: lv-drivers: Allow empty package
lvgl: Allow empty package
Markus Fuchs (1):
remove unused AUTHOR variable
Markus Volk (52):
libdecor: Upgrade 0.1.99 -> 0.2.0
wireplumber: Upgrade 0.4.14 -> 0.4.15
pipewire: Update 0.3.81 -> 0.3.83
gnome-software: Update 45.0 -> 45.1
gnome-calendar: Update 45.0 -> 45.1
gnome-disk-utility: Update 44.0 -> 45.0
gnome-control-center: Update 45.0 -> 45.1
eog: Update 45.0 -> 45.1
gnome-remote-desktop: Update 45.0 -> 45.1
gnome-shell: Add missing dependency on pipewire
gnome-shell: Remove deprecated libcroco dependency
openbox: Drop deprecated libcroco dependency
pipewire: Update 0.3.83 -> 0.3.84
tracker-miners: Upgrade 3.6.0 -> 3.6.2
libgweather4: Upgrade 4.2.0 -> 4.4.0
gtksourceview5: Upgrade 5.7.1 -> 5.10.0
openal-soft: Upgrade 1.20.1 -> 1.23.1
gnome-shell: Upgrade 45.0 -> 45.1
mutter: Upgrade 45.0 -> 45.1
dconf-editor: Upgrade 43 -> 45.0.1
libgsf: Upgrade 1.14.50 -> 1.14.51
xdg-desktop-portal: Upgrade 1.18.0 -> 1.18.1
xdg-desktop-portal-gtk: Upgrade 1.14.1 -> 1.15.1
rest: Upgrade 0.9.0 -> 0.9.1
nv-codec-headers: Upgrade 12.0.16.0 -> 12.1.14.0
webp-pixbuf-loader: Upgrade 0.2.4 -> 0.2.5
libchamplain: Upgrade 0.12.20 -> 0.12.21
rest: Add packageconfigs for examples and tests
gssdp: Fix build with api-documentation enabled
gupnp: Upgrade 0.10.2 -> 0.12.1
Gupnp-tools upgrade 0.10.2 -> 0.12.1
gupnp-idg: Upgrade 1.2.0 -> 1.6.0
gssdp: Upgrade 1.4.0.1 -> 1.6.3
ghex: Upgrade 3.18.4 -> 45.0
Adjust vala build according to changes in vala.bbclass
drop GNOMEBASEBUILDCLASS = "meson"
gnome-shell-extensions: Upgrade 44.1 -> 45.1
cups-filters: Fix for current gcc
gnome-console: Add recipe
vte9: Fix build with api-documentation enabled
gnome-terminal: Upgrade 3.48.1 -> 3.50.1
cups-filters: Upgrade 1.28.17 -> 2.0.0
gnome-terminal: Remove recommendation on vte-prompt
ghex: backport patch to fix build for clang
qpdf: cleanup
gtksourceview4: Upgrade 4.8.2 -> 4.8.4
gnome-control-center: Add rdepends
system-config-printer: Add cups to rdepends
pipewire: Upgrade 0.3.84 -> 0.3.85
flatpak: Upgrade 1.15.4 -> 1.15.6
flatpak: Add packageconfigs for man and docbook docs
musicpd: unbreak build with ffmpeg 6.1
Martin Jansa (12):
nodejs: update to latest v20 version 20.8.1
nodejs: Revert io_uring support from bundled libuv-1.46.0
opencv: refresh protobuf-v22 compatibility patch with backported version
leveldb: prevent installing gtest
android-tools: drop ${PE}, ${PR} from /usr/src/debug paths
minifi-cpp: drop ${PE}, ${PR} from /usr/src/debug paths
xmlrcp-c: drop ${PE}, ${PR} from /usr/src/debug paths
fluentbit: drop ${PE}, ${PR} from /usr/src/debug paths
ntpsec, net-snmp: drop ${PE}, ${PR} from /usr/src/debug paths
aom, x265: drop ${PE}, ${PR} from /usr/src/debug paths
python3-{h5py,pandas}: drop ${PE}, ${PR} from /usr/src/debug paths
evince, gnome-calendar, tracker: drop ${PE}, ${PR} from /usr/src/debug paths
Martin Maurer (1):
libqmi: Upgrade 1.32.4 -> 1.34.0
Matthias Klein (1):
paho-mqtt-c: upgrade 1.3.12 -> 1.3.13
Mingli Yu (3):
vboxguestdrivers: Remove the buildpath
nlohmann-json: Add ptest support
ptest-packagelists-meta-oe.inc: Add nlohmann-json
Peter Kjellerstedt (18):
libwebsockets: Support building for native
mosquitto: Support building for native again
jack: Revert to 1.9.22
pahole: Correct the version in the recipe file name
neatvnc: Specify the version in the recipe file name
mstpd: Update to 0.1.0+
Revert "libtorrent: upgrade 0.13.8 -> 1"
libtorrent: Add UPSTREAM_CHECK_GITTAGREGEX
mksh: Update to 59c properly
fluidsynth: Specify the version in the recipe file name
libuvc: Specify the version in the recipe file name
gst-shark: Update to 0.8.1 properly
xarchiver: Specify the version in the recipe file name
python3-kivy: Move a comment so it makes more sense
python3-greenlet: Avoid duplicate URI in SRC_URI
python3-pylint: Only set SRCREV once
python3-pytest-mock: Only set SRCREV once
zeromq: Update to 4.3.5
Peter Marko (1):
grpc: Upgrade 1.56.2 -> 1.59.2
Petr Gotthard (2):
libmbim: upgrade 1.28.4 -> 1.30.0
modemmanager: upgrade 1.20.6 -> 1.22.0
Poonam Jadhav (1):
sdbus-c++: Update ptest path
Potin Lai (2):
libplist: Upgrade to latest master
idevicerestore: Upgrade to latest master
Richard Purdie (4):
meta-python: Drop broken BBCLASSEXTEND variants
meta-oe: Drop broken BBCLASSEXTEND variants
meta-networking: Drop broken BBCLASSEXTEND variants
meta-perl: Drop broken BBCLASSEXTEND variants
Ross Burton (1):
yajl: fix CVE-2017-16516, CVE-2022-24795, CVE-2023-33460
Sam Van Den Berge (1):
netdata: Upgrade 1.36.1 -> 1.43.0
Samuli Piippo (2):
abseil-cpp: fix mingw build
protobuf: stage protoc binary to sysroot
Thomas Gessler (1):
influxdb: Add start script used by systemd service
Tim Orling (2):
po4a: remove old recipe
debsums: remove old recipe
Trevor Gamblin (5):
python-git-pw: add from meta-patchtest
python3-py-cpuinfo: disable broken ptests
python3-arrow: add from meta-patchtest
python3-pytest-mock: disable broken ptests
meta-python: update ptests status for py-cpuinfo, pytest-mock
Wang Mingyu (149):
dnf-plugin-tui: create symlinks from /usr/ to /.
c-ares: upgrade 1.19.1 -> 1.20.1
adw-gtk3: upgrade 4.9 -> 5.1
ctags: upgrade 6.0.20230917.0 -> 6.0.20231001.0
dialog: upgrade 1.3-20230209 -> 1.3-20231002
freerdp: upgrade 2.11.1 -> 2.11.2
gnome-backgrounds: upgrade 44.0 -> 45.0
gnome-calculator: upgrade 45.0 -> 45.0.2
gnome-font-viewer: upgrade 44.0 -> 45.0
ipc-run: upgrade 20220807.0 -> 20231003.0
libbytesize: upgrade 2.9 -> 2.10
libcoap: upgrade 4.3.3 -> 4.3.4
libyang: upgrade 2.1.111 -> 2.1.128
lvgl: upgrade 8.3.9 -> 8.3.10
metacity: upgrade 3.46.1 -> 3.50.0
nautilus: upgrade 45.0 -> 45.1
ceres-solver: upgrade 2.1.0 -> 2.2.0
python3-eth-abi: upgrade 3.0.1 -> 4.2.1
python3-mypy: upgrade 1.5.1 -> 1.6.1
python3-pylint: upgrade 3.0.0 -> 3.0.1
python3-aiodns: upgrade 3.0.0 -> 3.1.1
python3-aiohttp: upgrade 3.8.5 -> 3.8.6
python3-astroid: upgrade 3.0.0 -> 3.0.1
python3-bitarray: upgrade 2.8.1 -> 2.8.2
python3-bitstruct: upgrade 8.17.0 -> 8.18.0
python3-blinker: upgrade 1.6.2 -> 1.6.3
python3-charset-normalizer: upgrade 3.2.0 -> 3.3.0
python3-cmake: upgrade 3.27.5 -> 3.27.7
python3-coverage: upgrade 7.3.1 -> 7.3.2
python3-croniter: upgrade 1.4.1 -> 2.0.1
python3-dbus-fast: upgrade 1.85.0 -> 2.12.0
python3-email-validator: upgrade 1.3.1 -> 2.0.0
python3-engineio: upgrade 4.7.1 -> 4.8.0
python3-eth-typing: upgrade 3.4.0 -> 3.5.0
python3-eth-utils: upgrade 2.2.1 -> 2.2.2
python3-executing: upgrade 1.2.0 -> 2.0.0
python3-flask-babel: upgrade 3.1.0 -> 4.0.0
python3-flask-jwt-extended: upgrade 4.5.2 -> 4.5.3
python3-google-api-python-client: upgrade 2.101.0 -> 2.104.0
python3-googleapis-common-protos: upgrade 1.60.0 -> 1.61.0
python3-google-auth: upgrade 2.23.1 -> 2.23.3
python3-h5py: upgrade 3.9.0 -> 3.10.0
python3-huey: upgrade 2.4.5 -> 2.5.0
python3-imageio: upgrade 2.31.3 -> 2.31.5
python3-ipython: upgrade 8.15.0 -> 8.16.1
python3-jedi: upgrade 0.19.0 -> 0.19.1
python3-meson-python: upgrade 0.13.1 -> 0.14.0
python3-msgpack: upgrade 1.0.6 -> 1.0.7
python3-platformdirs: upgrade 3.10.0 -> 3.11.0
python3-prompt-toolkit: upgrade 3.0.36 -> 3.0.39
python3-protobuf: upgrade 4.24.3 -> 4.24.4
python3-pycares: upgrade 4.3.0 -> 4.4.0
python3-pycodestyle: upgrade 2.11.0 -> 2.11.1
python3-pydantic: upgrade 2.4.1 -> 2.4.2
python3-pyephem: upgrade 4.1.4 -> 4.1.5
python3-pytest-timeout: upgrade 2.1.0 -> 2.2.0
python3-rapidjson: upgrade 1.11 -> 1.12
python3-regex: upgrade 2023.8.8 -> 2023.10.3
python3-rich: upgrade 13.5.3 -> 13.6.0
python3-schedule: upgrade 1.2.0 -> 1.2.1
python3-semver: upgrade 3.0.1 -> 3.0.2
python3-simplejson: upgrade 3.19.1 -> 3.19.2
python3-socketio: upgrade 5.9.0 -> 5.10.0
python3-sqlalchemy: upgrade 2.0.21 -> 2.0.22
python3-stack-data: upgrade 0.6.2 -> 0.6.3
python3-texttable: upgrade 1.6.7 -> 1.7.0
python3-traitlets: upgrade 5.10.1 -> 5.11.2
python3-types-psutil: upgrade 5.9.5.16 -> 5.9.5.17
python3-tzlocal: upgrade 5.0.1 -> 5.1
python3-web3: upgrade 6.10.0 -> 6.11.1
python3-websocket-client: upgrade 1.6.3 -> 1.6.4
python3-xlsxwriter: upgrade 3.1.3 -> 3.1.8
python3-xxhash: upgrade 3.3.0 -> 3.4.1
python3-zeroconf: upgrade 0.112.0 -> 0.119.0
python3-zopeinterface: upgrade 6.0 -> 6.1
rdma-core: upgrade 47.0 -> 48.0
redis: upgrade 7.2.1 -> 7.2.2
remmina: upgrade 1.4.32 -> 1.4.33
tesseract: upgrade 5.3.2 -> 5.3.3
thingsboard-gateway: upgrade 3.3 -> 3.4.1
tio: upgrade 2.6 -> 2.7
wireshark: upgrade 4.0.8 -> 4.0.10
xterm: upgrade 384 -> 387
zchunk: upgrade 1.3.1 -> 1.3.2
hdf5: Fix install conflict when enable multilib.
dnf-plugin-tui: Recover BBCLASSEXTEND variants
gensio: upgrade 2.7.6 -> 2.7.7
hwdata: upgrade 0.375 -> 0.376
libio-socket-ssl-perl: upgrade 2.083 -> 2.084
makedumpfile: upgrade 1.7.3 -> 1.7.4
gnome-remote-desktop: move from meta-virtualization to meta-security
ctags: upgrade 6.0.20231029.0 -> 6.0.20231105.0
function2: upgrade 4.2.3 -> 4.2.4
neatvnc: upgrade 0.7.0 -> 0.7.1
python3-argh: upgrade 0.30.3 -> 0.30.4
python3-geojson: upgrade 3.0.1 -> 3.1.0
python3-imageio: upgrade 2.31.6 -> 2.32.0
python3-inflate64: upgrade 0.3.1 -> 1.0.0
python3-jsbeautifier: upgrade 1.14.9 -> 1.14.11
python3-lru-dict: upgrade 1.2.0 -> 1.3.0
python3-python-vlc: upgrade 3.0.18122 -> 3.0.20123
python3-zeroconf: upgrade 0.119.0 -> 0.120.0
c-ares: upgrade 1.21.0 -> 1.22.0
ctags: upgrade 6.0.20231105.0 -> 6.0.20231112.0
libencode-perl: upgrade 3.19 -> 3.20
bindfs: upgrade 1.17.5 -> 1.17.6
python3-hexbytes: upgrade 0.3.1 -> 1.0.0
python3-linux-procfs: upgrade 0.7.1 -> 0.7.3
openvpn: upgrade 2.6.6 -> 2.6.7
python3-argcomplete: upgrade 3.1.4 -> 3.1.6
python3-awesomeversion: upgrade 23.8.0 -> 23.11.0
python3-dbus-fast: upgrade 2.12.0 -> 2.14.0
python3-eth-typing: upgrade 3.5.1 -> 3.5.2
python3-eth-utils: upgrade 2.3.0 -> 2.3.1
python3-geomet: upgrade 1.0.0 -> 1.1.0
python3-google-api-core: upgrade 2.12.0 -> 2.14.0
python3-google-api-python-client: upgrade 2.106.0 -> 2.108.0
python3-mypy: upgrade 1.6.1 -> 1.7.0
python3-platformdirs: upgrade 3.11.0 -> 4.0.0
python3-prompt-toolkit: upgrade 3.0.39 -> 3.0.41
python3-pyaudio: upgrade 0.2.13 -> 0.2.14
python3-pydantic: upgrade 2.4.2 -> 2.5.0
python3-pymetno: upgrade 0.11.0 -> 0.12.0
python3-pytest-xdist: upgrade 3.3.1 -> 3.4.0
python3-sentry-sdk: upgrade 1.34.0 -> 1.35.0
python3-tomlkit: upgrade 0.12.2 -> 0.12.3
python3-types-setuptools: upgrade 68.2.0.0 -> 68.2.0.1
python3-web3: upgrade 6.11.2 -> 6.11.3
python3-zeroconf: upgrade 0.126.0 -> 0.127.0
ser2net: upgrade 4.5.0 -> 4.5.1
uftp: upgrade 5.0.1 -> 5.0.2
webkitgtk3: upgrade 2.42.1 -> 2.42.2
imlib2: delete non-existent file
c-ares: upgrade 1.22.0 -> 1.22.1
ctags: upgrade 6.0.20231112.0 -> 6.0.20231119.0
exiftool: upgrade 12.69 -> 12.70
gnome-bluetooth: upgrade 42.6 -> 42.7
libextutils-cppguess-perl: upgrade 0.26 -> 0.27
libwebsockets: upgrade 4.3.2 -> 4.3.3
python3-aiohttp: upgrade 3.8.6 -> 3.9.0
python3-dateparser: upgrade 1.1.8 -> 1.2.0
python3-django: upgrade 4.2.5 -> 4.2.7
python3-imageio: upgrade 2.32.0 -> 2.33.0
python3-ldap: upgrade 3.4.3 -> 3.4.4
python3-pastedeploy: upgrade 3.0.1 -> 3.1.0
python3-pdm: upgrade 2.10.1 -> 2.10.3
python3-pydantic: upgrade 2.5.0 -> 2.5.1
python3-rich: upgrade 13.6.0 -> 13.7.0
strongswan: upgrade 5.9.11 -> 5.9.12
Yi Zhao (6):
samba: upgrade 4.18.6 -> 4.18.8
samba: use external cmocka instead of bundled cmocka
libtevent: fix ptest
libldb: add ptest
conntrack-tools: upgrade 1.4.7 -> 1.4.8
nftables: upgrade 1.0.8 -> 1.0.9
Yoann Congal (5):
emlog: ignore CVE-2022-3968 & CVE-2023-43291
juce/projucer: Backport a fix for the compilation under recent GCC
meta-oe/static-ids: Change postgres to 28 to match forced id in recipe
static-id: add missing netdata group
python3-soupsieve: Break circular dependency with beautifulsoup4
Zoltán Böszörményi (3):
python3-ninja-syntax: Set BBCLASSEXTEND = "native nativesdk"
python3-ninja: Set BBCLASSEXTEND = "native nativesdk"
geos: Fix packaging
alperak (39):
xdebug: upgrade 3.2.0 -> 3.2.2
catch2: upgrade 2.13.7 -> 2.13.10
tuna: upgrade 0.18 -> 0.19
libsrtp: upgrade 2.4.2 -> 2.5.0
libupnp: upgrade 1.14.6 -> 1.14.18
libisofs: upgrade 1.5.4 -> 1.5.6
libisoburn: 1.5.4 -> 1.5.6
fuse-exfat: upgrade 1.3.0 -> 1.4.0
fuse3: upgrade 3.15.1 -> 3.16.2
ufs-utils: upgrade 3.12.3 -> 4.13.5
libebml: upgrade 1.3.0 -> 1.4.4
libmatroska: upgrade 1.4.1 -> 1.7.1
libde265: upgrade 1.0.5 -> 1.0.12
libopenmpt: upgrade 0.6.2 -> 0.7.3
mpd: upgrade 0.23.12 -> 0.23.14
opencore-amr: upgrade 0.1.3 -> 0.1.6
tinyalsa: upgrade 1.1.1 -> 2.0.0
cannelloni: upgrade 1.0.0 -> 1.1.0
civetweb: upgrade 1.12 -> 1.16
libdnet: upgrade 1.16.3 -> 1.17.0
openfortivpn: upgrade 1.20.5 -> 1.21.0
fuse-exfat: Dropped md5sum
libopenmpt: Added license change reason and dropped md5sum
bolt: upgrade 0.9.5 -> 0.9.6
irssi: upgrade 1.4.4 -> 1.4.5
libmtp: upgrade 1.1.20 -> 1.1.21
libsigc++-2.0: upgrade 2.10.7 -> 2.12.1
libsigc++-3: upgrade 3.2.0 -> 3.6.0
ocl-icd: upgrade 2.3.1 -> 2.3.2
opencl-icd-loader: upgrade v2022.01.04 -> v2023.04.17
uutils-coreutils: upgrade 0.0.22 -> 0.0.23
botan: upgrade 2.19.3 -> 3.2.0
capnproto: upgrade 0.10.4 -> 1.0.1
cloc: upgrade 1.94 -> 1.98
cpuid: upgrade 20211129 -> 20230614
gst-editing-services: upgrade 1.20.5 -> 1.22.7
luaposix: upgrade 35.1 -> 36.2.1
mercurial: upgrade 6.1 -> 6.5
ledmon: upgrade 0.93 -> 0.97
skandigraun (1):
libvpx: don't specify armv5 and armv6 toolchains explicitly
meta-security: 3f7d40b0fc..070a1e82cc:
Gowtham Suresh Kumar (1):
Update parsec recipes
Mingli Yu (1):
samhain: remove the buildpath
Stefan Berger (1):
ima,evm: Add two variables to write filenames and signatures into
Change-Id: Ib809aa0df4162c50a06c542a94a0b06cdc149a2d
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
index 4c830cc..910da3c 100644
--- a/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -26,6 +26,11 @@
file://handle-hup.patch \
file://local-ping.patch \
file://invalid-service.patch \
+ file://CVE-2023-38469.patch \
+ file://CVE-2023-38470.patch \
+ file://CVE-2023-38471.patch \
+ file://CVE-2023-38472.patch \
+ file://CVE-2023-38473.patch \
"
GITHUB_BASE_URI = "https://github.com/lathiat/avahi/releases/"
diff --git a/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch
new file mode 100644
index 0000000..a078f66
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch
@@ -0,0 +1,48 @@
+From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001
+From: Evgeny Vereshchagin <evvers@ya.ru>
+Date: Mon, 23 Oct 2023 20:29:31 +0000
+Subject: [PATCH] avahi: core: reject overly long TXT resource records
+
+Closes https://github.com/lathiat/avahi/issues/455
+
+Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf]
+CVE: CVE-2023-38469
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ avahi-core/rr.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-core/rr.c b/avahi-core/rr.c
+index 7fa0bee..b03a24c 100644
+--- a/avahi-core/rr.c
++++ b/avahi-core/rr.c
+@@ -32,6 +32,7 @@
+ #include <avahi-common/malloc.h>
+ #include <avahi-common/defs.h>
+
++#include "dns.h"
+ #include "rr.h"
+ #include "log.h"
+ #include "util.h"
+@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
+ case AVAHI_DNS_TYPE_TXT: {
+
+ AvahiStringList *strlst;
++ size_t used = 0;
+
+- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
++ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
+ if (strlst->size > 255 || strlst->size <= 0)
+ return 0;
+
++ used += 1+strlst->size;
++ if (used > AVAHI_DNS_RDATA_MAX)
++ return 0;
++ }
++
+ return 1;
+ }
+ }
+--
+2.40.0
diff --git a/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch
new file mode 100644
index 0000000..91f9e67
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch
@@ -0,0 +1,59 @@
+From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
+Date: Tue, 11 Apr 2023 15:29:59 +0200
+Subject: [PATCH] avahi: Ensure each label is at least one byte long
+
+The only allowed exception is single dot, where it should return empty
+string.
+
+Fixes #454.
+
+Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c]
+CVE: CVE-2023-38470
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ avahi-common/domain-test.c | 14 ++++++++++++++
+ avahi-common/domain.c | 2 +-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
+index cf763ec..3acc1c1 100644
+--- a/avahi-common/domain-test.c
++++ b/avahi-common/domain-test.c
+@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+ printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
+ avahi_free(s);
+
++ printf("%s\n", s = avahi_normalize_name_strdup("."));
++ avahi_free(s);
++
++ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
++ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
++ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
++ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
++ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
++ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
++ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
++ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
++ "}.?.?.?.}.=.?.?.}");
++ assert(s == NULL);
++
+ printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
+ printf("%i\n", avahi_domain_equal("A", "a"));
+
+diff --git a/avahi-common/domain.c b/avahi-common/domain.c
+index 3b1ab68..e66d241 100644
+--- a/avahi-common/domain.c
++++ b/avahi-common/domain.c
+@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
+ }
+
+ if (!empty) {
+- if (size < 1)
++ if (size < 2)
+ return NULL;
+
+ *(r++) = '.';
+--
+2.40.0
diff --git a/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch
new file mode 100644
index 0000000..b3f7164
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch
@@ -0,0 +1,73 @@
+From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Mon, 23 Oct 2023 13:38:35 +0200
+Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label()
+
+Previously we could create invalid escape sequence when we split the
+string on dot. For example, from valid host name "foo\\.bar" we have
+created invalid name "foo\\" and tried to set that as the host name
+which crashed the daemon.
+
+Fixes #453
+
+Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09]
+CVE: CVE-2023-38471
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ avahi-core/server.c | 27 +++++++++++++++++++++------
+ 1 file changed, 21 insertions(+), 6 deletions(-)
+
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index e507750..40f1d68 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) {
+ }
+
+ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
+- char *hn = NULL;
++ char label_escaped[AVAHI_LABEL_MAX*4+1];
++ char label[AVAHI_LABEL_MAX];
++ char *hn = NULL, *h;
++ size_t len;
++
+ assert(s);
+
+ AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
+@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
+ else
+ hn = avahi_normalize_name_strdup(host_name);
+
+- hn[strcspn(hn, ".")] = 0;
++ h = hn;
++ if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
++ avahi_free(h);
++ return AVAHI_ERR_INVALID_HOST_NAME;
++ }
++
++ avahi_free(h);
++
++ h = label_escaped;
++ len = sizeof(label_escaped);
++ if (!avahi_escape_label(label, strlen(label), &h, &len))
++ return AVAHI_ERR_INVALID_HOST_NAME;
+
+- if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
+- avahi_free(hn);
++ if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
+ return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
+- }
+
+ withdraw_host_rrs(s);
+
+ avahi_free(s->host_name);
+- s->host_name = hn;
++ s->host_name = avahi_strdup(label_escaped);
++ if (!s->host_name)
++ return AVAHI_ERR_NO_MEMORY;
+
+ update_fqdn(s);
+
+--
+2.40.0
diff --git a/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch
new file mode 100644
index 0000000..a1de8e2
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch
@@ -0,0 +1,46 @@
+From 8cf606779dc356768afc6b70e53f2808a9655143 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Thu, 19 Oct 2023 17:36:44 +0200
+Subject: [PATCH] avahi: core: make sure there is rdata to process before
+ parsing it
+
+Fixes #452
+
+Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40]
+CVE: CVE-2023-38472
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ avahi-client/client-test.c | 3 +++
+ avahi-daemon/dbus-entry-group.c | 2 +-
+ 2 files changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c
+index 7d04a6a..57750a4 100644
+--- a/avahi-client/client-test.c
++++ b/avahi-client/client-test.c
+@@ -258,6 +258,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+ printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL)));
+ printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6));
+
++ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
++ assert(error != AVAHI_OK);
++
+ avahi_entry_group_commit (group);
+
+ domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
+diff --git a/avahi-daemon/dbus-entry-group.c b/avahi-daemon/dbus-entry-group.c
+index 4e879a5..aa23d4b 100644
+--- a/avahi-daemon/dbus-entry-group.c
++++ b/avahi-daemon/dbus-entry-group.c
+@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_group_impl(DBusConnection *c, DBusMessage
+ if (!(r = avahi_record_new_full (name, clazz, type, ttl)))
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL);
+
+- if (avahi_rdata_parse (r, rdata, size) < 0) {
++ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) {
+ avahi_record_unref (r);
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL);
+ }
+--
+2.40.0
diff --git a/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch
new file mode 100644
index 0000000..707acb6
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch
@@ -0,0 +1,110 @@
+From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Wed, 11 Oct 2023 17:45:44 +0200
+Subject: [PATCH] avahi: common: derive alternative host name from its
+ unescaped version
+
+Normalization of input makes sure we don't have to deal with special
+cases like unescaped dot at the end of label.
+
+Fixes #451 #487
+
+Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797]
+CVE: CVE-2023-38473
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ avahi-common/alternative-test.c | 3 +++
+ avahi-common/alternative.c | 27 +++++++++++++++++++--------
+ 2 files changed, 22 insertions(+), 8 deletions(-)
+
+diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c
+index 9255435..681fc15 100644
+--- a/avahi-common/alternative-test.c
++++ b/avahi-common/alternative-test.c
+@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
+ const char* const test_strings[] = {
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü",
++ ").",
++ "\\.",
++ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\",
+ "gurke",
+ "-",
+ " #",
+diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c
+index b3d39f0..a094e6d 100644
+--- a/avahi-common/alternative.c
++++ b/avahi-common/alternative.c
+@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) {
+ }
+
+ char *avahi_alternative_host_name(const char *s) {
++ char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1];
++ char *alt, *r, *ret;
+ const char *e;
+- char *r;
++ size_t len;
+
+ assert(s);
+
+ if (!avahi_is_valid_host_name(s))
+ return NULL;
+
+- if ((e = strrchr(s, '-'))) {
++ if (!avahi_unescape_label(&s, label, sizeof(label)))
++ return NULL;
++
++ if ((e = strrchr(label, '-'))) {
+ const char *p;
+
+ e++;
+@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) {
+
+ if (e) {
+ char *c, *m;
+- size_t l;
+ int n;
+
+ n = atoi(e)+1;
+ if (!(m = avahi_strdup_printf("%i", n)))
+ return NULL;
+
+- l = e-s-1;
++ len = e-label-1;
+
+- if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1)
+- l = AVAHI_LABEL_MAX-1-strlen(m)-1;
++ if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1)
++ len = AVAHI_LABEL_MAX-1-strlen(m)-1;
+
+- if (!(c = avahi_strndup(s, l))) {
++ if (!(c = avahi_strndup(label, len))) {
+ avahi_free(m);
+ return NULL;
+ }
+@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) {
+ } else {
+ char *c;
+
+- if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2)))
++ if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2)))
+ return NULL;
+
+ drop_incomplete_utf8(c);
+@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) {
+ avahi_free(c);
+ }
+
++ alt = alternative;
++ len = sizeof(alternative);
++ ret = avahi_escape_label(r, strlen(r), &alt, &len);
++
++ avahi_free(r);
++ r = avahi_strdup(ret);
++
+ assert(avahi_is_valid_host_name(r));
+
+ return r;
+--
+2.40.0
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.69.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.70.bb
similarity index 94%
rename from poky/meta/recipes-connectivity/bluez5/bluez5_5.69.bb
rename to poky/meta/recipes-connectivity/bluez5/bluez5_5.70.bb
index 4673000..2e3b782 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.69.bb
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.70.bb
@@ -1,6 +1,6 @@
require bluez5.inc
-SRC_URI[sha256sum] = "bc5a35ddc7c72d0d3999a0d7b2175c8b7d57ab670774f8b5b4900ff38a2627fc"
+SRC_URI[sha256sum] = "37e372e916955e144cb882f888e4be40898f10ae3b7c213ddcdd55ee9c009278"
CVE_STATUS[CVE-2020-24490] = "cpe-incorrect: This issue has kernel fixes rather than bluez fixes"
diff --git a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.5.bb
similarity index 93%
rename from poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
rename to poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.5.bb
index 0966edd..c2dee26 100644
--- a/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb
+++ b/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.5.bb
@@ -15,10 +15,9 @@
file://dhcpcd.service \
file://dhcpcd@.service \
file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \
- file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \
"
-SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30"
+SRCREV = "6baf4df467aaae89b026a089122d155c6eec3f19"
S = "${WORKDIR}/git"
inherit pkgconfig autotools-brokensep systemd useradd
diff --git a/poky/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch b/poky/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
deleted file mode 100644
index d4fb173..0000000
--- a/poky/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001
-From: Tobias Heider <tobhe@users.noreply.github.com>
-Date: Tue, 15 Aug 2023 18:06:48 +0200
-Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239)
-
-When running our Ubuntu tests with libc6 and strlcpy overflow checks
-enabled we found that the wrong size is passed to strlcpy resulting
-in a crash because of an overflow.
-
-Upstream-Status: Backport
-[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- src/privsep.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/privsep.c b/src/privsep.c
-index b11c0351..cfe54742 100644
---- a/src/privsep.c
-+++ b/src/privsep.c
-@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid)
- #endif
-
- if (!(ctx->options & DHCPCD_MANAGER))
-- strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name));
-+ strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname));
- TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next);
- return psp;
- }
---
-2.25.1
-
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_6.5.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_6.6.0.bb
similarity index 97%
rename from poky/meta/recipes-connectivity/iproute2/iproute2_6.5.0.bb
rename to poky/meta/recipes-connectivity/iproute2/iproute2_6.6.0.bb
index 2b28b10..417702e 100644
--- a/poky/meta/recipes-connectivity/iproute2/iproute2_6.5.0.bb
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2_6.6.0.bb
@@ -15,7 +15,7 @@
file://0001-libc-compat.h-add-musl-workaround.patch \
"
-SRC_URI[sha256sum] = "a70179085fa1b96d3c33b040c809b75e2b57563adc505a4ad05e2609df373463"
+SRC_URI[sha256sum] = "8738c804afd09f0bf756937f0c3de23117832a98d8cbbf50386cf5005cd613ce"
inherit update-alternatives bash-completion pkgconfig
diff --git a/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service b/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service
index 91aa2eb..f6059d7 100644
--- a/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service
+++ b/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service
@@ -6,7 +6,6 @@
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
-ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/kea
ExecStart=@SBINDIR@/kea-dhcp-ddns -c @SYSCONFDIR@/kea/kea-dhcp-ddns.conf
[Install]
diff --git a/poky/meta/recipes-connectivity/libuv/libuv_1.46.0.bb b/poky/meta/recipes-connectivity/libuv/libuv_1.47.0.bb
similarity index 93%
rename from poky/meta/recipes-connectivity/libuv/libuv_1.46.0.bb
rename to poky/meta/recipes-connectivity/libuv/libuv_1.47.0.bb
index c9aa25c..50ad6ba 100644
--- a/poky/meta/recipes-connectivity/libuv/libuv_1.46.0.bb
+++ b/poky/meta/recipes-connectivity/libuv/libuv_1.47.0.bb
@@ -6,7 +6,7 @@
LIC_FILES_CHKSUM = "file://LICENSE;md5=74b6f2f7818a4e3a80d03556f71b129b \
file://LICENSE-extra;md5=f9307417749e19bd1d6d68a394b49324"
-SRCREV = "f0bb7e40f0508bedf6fad33769b3f87bb8aedfa6"
+SRCREV = "be6b81a352d17513c95be153afcb3148f1a451cd"
SRC_URI = "git://github.com/libuv/libuv.git;branch=v1.x;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch b/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch
new file mode 100644
index 0000000..acda8f1
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch
@@ -0,0 +1,99 @@
+From be187435911cde6cc3cef6982a508261074f1e56 Mon Sep 17 00:00:00 2001
+From: Matt Jolly <Matt.Jolly@footclan.ninja>
+Date: Thu, 2 Feb 2023 21:05:40 +1100
+Subject: [PATCH] systemd: Add optional support for systemd `sd_notify`
+
+This is a rebase of Dennis Lamm's <expeditioneer@gentoo.org>
+patch based on Jakub Jelen's <jjelen@redhat.com> original patch
+
+Upstream-Status: Submitted [https://github.com/openssh/openssh-portable/pull/375/commits/be187435911cde6cc3cef6982a508261074f1e56]
+
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+---
+ configure.ac | 24 ++++++++++++++++++++++++
+ sshd.c | 13 +++++++++++++
+ 2 files changed, 37 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 22fee70f..486c189f 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -4835,6 +4835,29 @@ AC_SUBST([GSSLIBS])
+ AC_SUBST([K5LIBS])
+ AC_SUBST([CHANNELLIBS])
+
++# Check whether user wants systemd support
++SYSTEMD_MSG="no"
++AC_ARG_WITH(systemd,
++ [ --with-systemd Enable systemd support],
++ [ if test "x$withval" != "xno" ; then
++ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
++ if test "$PKGCONFIG" != "no"; then
++ AC_MSG_CHECKING([for libsystemd])
++ if $PKGCONFIG --exists libsystemd; then
++ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
++ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
++ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
++ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
++ AC_MSG_RESULT([yes])
++ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
++ SYSTEMD_MSG="yes"
++ else
++ AC_MSG_RESULT([no])
++ fi
++ fi
++ fi ]
++)
++
+ # Looking for programs, paths and files
+
+ PRIVSEP_PATH=/var/empty
+@@ -5634,6 +5657,7 @@ echo " libldns support: $LDNS_MSG"
+ echo " Solaris process contract support: $SPC_MSG"
+ echo " Solaris project support: $SP_MSG"
+ echo " Solaris privilege support: $SPP_MSG"
++echo " systemd support: $SYSTEMD_MSG"
+ echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
+ echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
+ echo " BSD Auth support: $BSD_AUTH_MSG"
+diff --git a/sshd.c b/sshd.c
+index 6321936c..859d6a0b 100644
+--- a/sshd.c
++++ b/sshd.c
+@@ -88,6 +88,10 @@
+ #include <prot.h>
+ #endif
+
++#ifdef HAVE_SYSTEMD
++#include <systemd/sd-daemon.h>
++#endif
++
+ #include "xmalloc.h"
+ #include "ssh.h"
+ #include "ssh2.h"
+@@ -310,6 +314,10 @@ static void
+ sighup_restart(void)
+ {
+ logit("Received SIGHUP; restarting.");
++#ifdef HAVE_SYSTEMD
++ /* Signal systemd that we are reloading */
++ sd_notify(0, "RELOADING=1");
++#endif
+ if (options.pid_file != NULL)
+ unlink(options.pid_file);
+ platform_pre_restart();
+@@ -2086,6 +2094,11 @@ main(int ac, char **av)
+ }
+ }
+
++#ifdef HAVE_SYSTEMD
++ /* Signal systemd that we are ready to accept connections */
++ sd_notify(0, "READY=1");
++#endif
++
+ /* Accept a connection and return in a forked child */
+ server_accept_loop(&sock_in, &sock_out,
+ &newsock, config_s);
+--
+2.25.1
+
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd.service b/poky/meta/recipes-connectivity/openssh/openssh/sshd.service
new file mode 100644
index 0000000..2a997b6
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=OpenSSH server daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+
+[Service]
+Environment="SSHD_OPTS="
+EnvironmentFile=-/etc/default/ssh
+ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd
+ExecStart=-@SBINDIR@/sshd -D $SSHD_OPTS
+ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+RestartSec=42s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_9.5p1.bb
similarity index 92%
rename from poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb
rename to poky/meta/recipes-connectivity/openssh/openssh_9.5p1.bb
index e2508aa..bbb8fb0 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_9.5p1.bb
@@ -16,6 +16,7 @@
file://ssh_config \
file://init \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
+ file://sshd.service \
file://sshd.socket \
file://sshd@.service \
file://sshdgenkeys.service \
@@ -25,8 +26,9 @@
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \
+ file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \
"
-SRC_URI[sha256sum] = "3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85"
+SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b"
CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here."
@@ -48,9 +50,10 @@
INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9"
SYSTEMD_PACKAGES = "${PN}-sshd"
-SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket"
+SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket sshd.service"
-inherit autotools-brokensep ptest
+inherit autotools-brokensep ptest pkgconfig
+DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
PACKAGECONFIG ??= ""
PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5"
@@ -68,6 +71,7 @@
--sysconfdir=${sysconfdir}/ssh \
--with-xauth=${bindir}/xauth \
--disable-strip \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemd', '--without-systemd', d)} \
"
# musl doesn't implement wtmp/utmp and logwtmp
@@ -122,6 +126,7 @@
install -d ${D}${systemd_system_unitdir}
install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_system_unitdir}
+ install -c -m 0644 ${WORKDIR}/sshd.service ${D}${systemd_system_unitdir}
install -c -m 0644 ${WORKDIR}/sshd@.service ${D}${systemd_system_unitdir}
install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_system_unitdir}
sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch
new file mode 100644
index 0000000..aa2e5bb
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-Added-handshake-history-reporting-when-test-fails.patch
@@ -0,0 +1,374 @@
+From 5ba65051fea0513db0d997f0ab7cafb9826ed74a Mon Sep 17 00:00:00 2001
+From: William Lyu <William.Lyu@windriver.com>
+Date: Fri, 20 Oct 2023 16:22:37 -0400
+Subject: [PATCH] Added handshake history reporting when test fails
+
+Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22481]
+
+Signed-off-by: William Lyu <William.Lyu@windriver.com>
+---
+ test/helpers/handshake.c | 139 +++++++++++++++++++++++++++++----------
+ test/helpers/handshake.h | 70 +++++++++++++++++++-
+ test/ssl_test.c | 44 +++++++++++++
+ 3 files changed, 218 insertions(+), 35 deletions(-)
+
+diff --git a/test/helpers/handshake.c b/test/helpers/handshake.c
+index e0422469e4..ae2ad59dd4 100644
+--- a/test/helpers/handshake.c
++++ b/test/helpers/handshake.c
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
++ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+@@ -24,6 +24,102 @@
+ #include <netinet/sctp.h>
+ #endif
+
++/* Shamelessly copied from test/helpers/ssl_test_ctx.c */
++/* Maps string names to various enumeration type */
++typedef struct {
++ const char *name;
++ int value;
++} enum_name_map;
++
++static const enum_name_map connect_phase_names[] = {
++ {"Handshake", HANDSHAKE},
++ {"RenegAppData", RENEG_APPLICATION_DATA},
++ {"RenegSetup", RENEG_SETUP},
++ {"RenegHandshake", RENEG_HANDSHAKE},
++ {"AppData", APPLICATION_DATA},
++ {"Shutdown", SHUTDOWN},
++ {"ConnectionDone", CONNECTION_DONE}
++};
++
++static const enum_name_map peer_status_names[] = {
++ {"PeerSuccess", PEER_SUCCESS},
++ {"PeerRetry", PEER_RETRY},
++ {"PeerError", PEER_ERROR},
++ {"PeerWaiting", PEER_WAITING},
++ {"PeerTestFail", PEER_TEST_FAILURE}
++};
++
++static const enum_name_map handshake_status_names[] = {
++ {"HandshakeSuccess", HANDSHAKE_SUCCESS},
++ {"ClientError", CLIENT_ERROR},
++ {"ServerError", SERVER_ERROR},
++ {"InternalError", INTERNAL_ERROR},
++ {"HandshakeRetry", HANDSHAKE_RETRY}
++};
++
++/* Shamelessly copied from test/helpers/ssl_test_ctx.c */
++static const char *enum_name(const enum_name_map *enums, size_t num_enums,
++ int value)
++{
++ size_t i;
++ for (i = 0; i < num_enums; i++) {
++ if (enums[i].value == value) {
++ return enums[i].name;
++ }
++ }
++ return "InvalidValue";
++}
++
++const char *handshake_connect_phase_name(connect_phase_t phase)
++{
++ return enum_name(connect_phase_names, OSSL_NELEM(connect_phase_names),
++ (int)phase);
++}
++
++const char *handshake_status_name(handshake_status_t handshake_status)
++{
++ return enum_name(handshake_status_names, OSSL_NELEM(handshake_status_names),
++ (int)handshake_status);
++}
++
++const char *handshake_peer_status_name(peer_status_t peer_status)
++{
++ return enum_name(peer_status_names, OSSL_NELEM(peer_status_names),
++ (int)peer_status);
++}
++
++static void save_loop_history(HANDSHAKE_HISTORY *history,
++ connect_phase_t phase,
++ handshake_status_t handshake_status,
++ peer_status_t server_status,
++ peer_status_t client_status,
++ int client_turn_count,
++ int is_client_turn)
++{
++ HANDSHAKE_HISTORY_ENTRY *new_entry = NULL;
++
++ /*
++ * Create a new history entry for a handshake loop with statuses given in
++ * the arguments. Potentially evicting the oldest entry when the
++ * ring buffer is full.
++ */
++ ++(history->last_idx);
++ history->last_idx &= MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
++
++ new_entry = &((history->entries)[history->last_idx]);
++ new_entry->phase = phase;
++ new_entry->handshake_status = handshake_status;
++ new_entry->server_status = server_status;
++ new_entry->client_status = client_status;
++ new_entry->client_turn_count = client_turn_count;
++ new_entry->is_client_turn = is_client_turn;
++
++ /* Evict the oldest handshake loop entry when the ring buffer is full. */
++ if (history->entry_count < MAX_HANDSHAKE_HISTORY_ENTRY) {
++ ++(history->entry_count);
++ }
++}
++
+ HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void)
+ {
+ HANDSHAKE_RESULT *ret;
+@@ -719,15 +815,6 @@ static void configure_handshake_ssl(SSL *server, SSL *client,
+ SSL_set_post_handshake_auth(client, 1);
+ }
+
+-/* The status for each connection phase. */
+-typedef enum {
+- PEER_SUCCESS,
+- PEER_RETRY,
+- PEER_ERROR,
+- PEER_WAITING,
+- PEER_TEST_FAILURE
+-} peer_status_t;
+-
+ /* An SSL object and associated read-write buffers. */
+ typedef struct peer_st {
+ SSL *ssl;
+@@ -1074,17 +1161,6 @@ static void do_shutdown_step(PEER *peer)
+ }
+ }
+
+-typedef enum {
+- HANDSHAKE,
+- RENEG_APPLICATION_DATA,
+- RENEG_SETUP,
+- RENEG_HANDSHAKE,
+- APPLICATION_DATA,
+- SHUTDOWN,
+- CONNECTION_DONE
+-} connect_phase_t;
+-
+-
+ static int renegotiate_op(const SSL_TEST_CTX *test_ctx)
+ {
+ switch (test_ctx->handshake_mode) {
+@@ -1162,19 +1238,6 @@ static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer,
+ }
+ }
+
+-typedef enum {
+- /* Both parties succeeded. */
+- HANDSHAKE_SUCCESS,
+- /* Client errored. */
+- CLIENT_ERROR,
+- /* Server errored. */
+- SERVER_ERROR,
+- /* Peers are in inconsistent state. */
+- INTERNAL_ERROR,
+- /* One or both peers not done. */
+- HANDSHAKE_RETRY
+-} handshake_status_t;
+-
+ /*
+ * Determine the handshake outcome.
+ * last_status: the status of the peer to have acted last.
+@@ -1539,6 +1602,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
+
+ start = time(NULL);
+
++ save_loop_history(&(ret->history),
++ phase, status, server.status, client.status,
++ client_turn_count, client_turn);
++
+ /*
+ * Half-duplex handshake loop.
+ * Client and server speak to each other synchronously in the same process.
+@@ -1560,6 +1627,10 @@ static HANDSHAKE_RESULT *do_handshake_internal(
+ 0 /* server went last */);
+ }
+
++ save_loop_history(&(ret->history),
++ phase, status, server.status, client.status,
++ client_turn_count, client_turn);
++
+ switch (status) {
+ case HANDSHAKE_SUCCESS:
+ client_turn_count = 0;
+diff --git a/test/helpers/handshake.h b/test/helpers/handshake.h
+index 78b03f9f4b..b9967c2623 100644
+--- a/test/helpers/handshake.h
++++ b/test/helpers/handshake.h
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
++ * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+@@ -12,6 +12,11 @@
+
+ #include "ssl_test_ctx.h"
+
++#define MAX_HANDSHAKE_HISTORY_ENTRY_BIT 4
++#define MAX_HANDSHAKE_HISTORY_ENTRY (1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT)
++#define MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK \
++ ((1 << MAX_HANDSHAKE_HISTORY_ENTRY_BIT) - 1)
++
+ typedef struct ctx_data_st {
+ unsigned char *npn_protocols;
+ size_t npn_protocols_len;
+@@ -22,6 +27,63 @@ typedef struct ctx_data_st {
+ char *session_ticket_app_data;
+ } CTX_DATA;
+
++typedef enum {
++ HANDSHAKE,
++ RENEG_APPLICATION_DATA,
++ RENEG_SETUP,
++ RENEG_HANDSHAKE,
++ APPLICATION_DATA,
++ SHUTDOWN,
++ CONNECTION_DONE
++} connect_phase_t;
++
++/* The status for each connection phase. */
++typedef enum {
++ PEER_SUCCESS,
++ PEER_RETRY,
++ PEER_ERROR,
++ PEER_WAITING,
++ PEER_TEST_FAILURE
++} peer_status_t;
++
++typedef enum {
++ /* Both parties succeeded. */
++ HANDSHAKE_SUCCESS,
++ /* Client errored. */
++ CLIENT_ERROR,
++ /* Server errored. */
++ SERVER_ERROR,
++ /* Peers are in inconsistent state. */
++ INTERNAL_ERROR,
++ /* One or both peers not done. */
++ HANDSHAKE_RETRY
++} handshake_status_t;
++
++/* Stores the various status information in a handshake loop. */
++typedef struct handshake_history_entry_st {
++ connect_phase_t phase;
++ handshake_status_t handshake_status;
++ peer_status_t server_status;
++ peer_status_t client_status;
++ int client_turn_count;
++ int is_client_turn;
++} HANDSHAKE_HISTORY_ENTRY;
++
++typedef struct handshake_history_st {
++ /* Implemented using ring buffer. */
++ /*
++ * The valid entries are |entries[last_idx]|, |entries[last_idx-1]|,
++ * ..., etc., going up to |entry_count| number of entries. Note that when
++ * the index into the array |entries| becomes < 0, we wrap around to
++ * the end of |entries|.
++ */
++ HANDSHAKE_HISTORY_ENTRY entries[MAX_HANDSHAKE_HISTORY_ENTRY];
++ /* The number of valid entries in |entries| array. */
++ size_t entry_count;
++ /* The index of the last valid entry in the |entries| array. */
++ size_t last_idx;
++} HANDSHAKE_HISTORY;
++
+ typedef struct handshake_result {
+ ssl_test_result_t result;
+ /* These alerts are in the 2-byte format returned by the info_callback. */
+@@ -77,6 +139,8 @@ typedef struct handshake_result {
+ char *cipher;
+ /* session ticket application data */
+ char *result_session_ticket_app_data;
++ /* handshake loop history */
++ HANDSHAKE_HISTORY history;
+ } HANDSHAKE_RESULT;
+
+ HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void);
+@@ -95,4 +159,8 @@ int configure_handshake_ctx_for_srp(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
+ CTX_DATA *server2_ctx_data,
+ CTX_DATA *client_ctx_data);
+
++const char *handshake_connect_phase_name(connect_phase_t phase);
++const char *handshake_status_name(handshake_status_t handshake_status);
++const char *handshake_peer_status_name(peer_status_t peer_status);
++
+ #endif /* OSSL_TEST_HANDSHAKE_HELPER_H */
+diff --git a/test/ssl_test.c b/test/ssl_test.c
+index ea608518f9..9d6b093c81 100644
+--- a/test/ssl_test.c
++++ b/test/ssl_test.c
+@@ -26,6 +26,44 @@ static OSSL_LIB_CTX *libctx = NULL;
+ /* Currently the section names are of the form test-<number>, e.g. test-15. */
+ #define MAX_TESTCASE_NAME_LENGTH 100
+
++static void print_handshake_history(const HANDSHAKE_HISTORY *history)
++{
++ size_t first_idx;
++ size_t i;
++ size_t cur_idx;
++ const HANDSHAKE_HISTORY_ENTRY *cur_entry;
++ const char header_template[] = "|%14s|%16s|%16s|%16s|%17s|%14s|";
++ const char body_template[] = "|%14s|%16s|%16s|%16s|%17d|%14s|";
++
++ TEST_info("The following is the server/client state "
++ "in the most recent %d handshake loops.",
++ MAX_HANDSHAKE_HISTORY_ENTRY);
++
++ TEST_note("=================================================="
++ "==================================================");
++ TEST_note(header_template,
++ "phase", "handshake status", "server status",
++ "client status", "client turn count", "is client turn");
++ TEST_note("+--------------+----------------+----------------"
++ "+----------------+-----------------+--------------+");
++
++ first_idx = (history->last_idx - history->entry_count + 1) &
++ MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
++ for (i = 0; i < history->entry_count; ++i) {
++ cur_idx = (first_idx + i) & MAX_HANDSHAKE_HISTORY_ENTRY_IDX_MASK;
++ cur_entry = &(history->entries)[cur_idx];
++ TEST_note(body_template,
++ handshake_connect_phase_name(cur_entry->phase),
++ handshake_status_name(cur_entry->handshake_status),
++ handshake_peer_status_name(cur_entry->server_status),
++ handshake_peer_status_name(cur_entry->client_status),
++ cur_entry->client_turn_count,
++ cur_entry->is_client_turn ? "true" : "false");
++ }
++ TEST_note("=================================================="
++ "==================================================");
++}
++
+ static const char *print_alert(int alert)
+ {
+ return alert ? SSL_alert_desc_string_long(alert) : "no alert";
+@@ -388,6 +426,12 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx)
+ ret &= check_client_sign_type(result, test_ctx);
+ ret &= check_client_ca_names(result, test_ctx);
+ }
++
++ /* Print handshake loop history if any check fails. */
++ if (!ret) {
++ print_handshake_history(&(result->history));
++ }
++
+ return ret;
+ }
+
+--
+2.25.1
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Link-libatomic-on-riscv32.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Link-libatomic-on-riscv32.patch
new file mode 100644
index 0000000..2c54d8f
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-Link-libatomic-on-riscv32.patch
@@ -0,0 +1,35 @@
+From 73266b8573c71e6720453c4c5a9e6e8fa4daec65 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 21 Oct 2023 13:03:52 -0700
+Subject: [PATCH] Link libatomic on riscv32
+
+GCC toolchains on linux are not able to build libcrypto without linking
+to libatomic as it does not have all needed atomics implemented as
+intrinsics
+
+Fixes errors like
+
+| ld: ./libcrypto.so: undefined reference to `__atomic_is_lock_free'
+
+Upstream-Status: Submitted [https://github.com/openssl/openssl/pull/22460]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ Configurations/10-main.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
+index 46094f59c2..d1a15a1152 100644
+--- a/Configurations/10-main.conf
++++ b/Configurations/10-main.conf
+@@ -816,7 +816,7 @@ my %targets = (
+ },
+
+ "linux32-riscv32" => {
+- inherit_from => [ "linux-generic32"],
++ inherit_from => [ "linux-latomic" ],
+ perlasm_scheme => "linux32",
+ asm_arch => 'riscv32',
+ },
+--
+2.42.0
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_3.1.3.bb b/poky/meta/recipes-connectivity/openssl/openssl_3.1.4.bb
similarity index 96%
rename from poky/meta/recipes-connectivity/openssl/openssl_3.1.3.bb
rename to poky/meta/recipes-connectivity/openssl/openssl_3.1.4.bb
index cc9452c..c6c70a1 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl_3.1.3.bb
+++ b/poky/meta/recipes-connectivity/openssl/openssl_3.1.4.bb
@@ -12,13 +12,15 @@
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
file://fix_random_labels.patch \
+ file://0001-Link-libatomic-on-riscv32.patch \
+ file://0001-Added-handshake-history-reporting-when-test-fails.patch \
"
SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "f0316a2ebd89e7f2352976445458689f80302093788c466692fb2a188b2eacf6"
+SRC_URI[sha256sum] = "840af5366ab9b522bde525826be3ef0fb0af81c6a9ebd84caa600fea1731eee3"
inherit lib_package multilib_header multilib_script ptest perlnative manpages
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -119,10 +121,10 @@
target=linux-ppc64le
;;
linux-riscv32)
- target=linux-latomic
+ target=linux32-riscv32
;;
linux-riscv64)
- target=linux-generic64
+ target=linux64-riscv64
;;
linux-sparc | linux-supersparc)
target=linux-sparcv9