subtree updates
meta-openembedded: 5357c7a40e..a47ef04661:
Adrian Fiergolski (1):
python3-matplotlib: add missing dependency
Adrian Freihofer (2):
conntrack-tools: fix postinst script
modemmanager: update to 1.18.8
Akash Hadke (2):
ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g"
iperf: Set CVE_PRODUCT to "iperf_project:iperf"
Armin Kuster (5):
meta-oe-image: fix build depends
meta-python-image: Fix build depends
meta-gnome: fix layer depends.
mariadb: update to 10.7.4
mariadb: Fix i386 Clang builds
Ashish Sharma (1):
netserver: don't change permissions on /dev/null
Aurélien Bertron (1):
fix(syslog-ng): warning about conf version
Bartosz Golaszewski (2):
python3-speedtest-cli: fix RDEPENDS
python3-pybluez: fix a runtime issue with python 3.10
Bassem Boubaker (1):
conntrack-tools: Fix missing capability
Changqing Li (5):
chrony: create /var/lib/chrony by systemd-tmpfiles
redis: upgrade 6.2.6 -> 6.2.7
redis: upgrade 7.0-rc3 -> 7.0.2
apache2: upgrade 2.4.53 -> 2.4.54
zabbix: upgrade 5.2.6 -> 5.4.12
Chen Qi (1):
ntfs-3g-ntfsprogs: upgrade to 2022.5.17
Davide Gardenal (11):
emlog: ignore unrelated CVEs
imagemagick: upgrade 7.0.10-25 -> 7.0.10-62
usrsctp: add CVE_VERSION to correctly check for CVEs
openflow: ignore CVE-2018-1078
ntp: ignore many CVEs
wireshark: upgrade 3.4.11 -> 3.4.12
thrift: add CVE_PRODUCT to fix CVE reporting
spice: ignore patched CVEs
quagga: ignore CVE-2016-4049
freeradius: ignore patched CVEs
openflow: ignore unrelated CVEs
Denys Dmytriyenko (3):
devmem2: reinstate previous patches, removed by mistake
devmem2: add support for different page sizes
devmem2: the source and patches moved to github repo
Diego Sueiro (1):
bats: upgrade 1.6.0 -> 1.6.1
Gianfranco (2):
sdbus-c++-libsystemd: Bump SRCREV to last commit of 250-stable branch
libmtp: Add doxygen-native dependency in case documentation build is enabled in PACKAGECONFIG. This fixes a FTBFS due to missing dependency.
Gianfranco Costamagna (1):
vboxguestdrivers: upgrade 6.1.32 -> 6.1.34
Hitendra Prajapati (1):
cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
Javier Viguera (1):
networkmanager: fix build with enabled ppp
Jeremy Puhlman (1):
freeradius: mutlilib fixes
Jiaqing Zhao (2):
openldap: Remove libgcrypt dependency
openldap: Upgrade 2.5.9 -> 2.5.12
Joerg Vehlow (1):
jq: Fix typo OE_EXTRACONF -> EXTRA_OECONF
Julien STEPHAN (1):
libcamera: fix packaging
Kai Kang (4):
conntrack-tools: fix postinst script
python3-wxgtk4: backport patch to fix svg issue
libportal: add distro features check
graphviz: rrecommends on liberation-fonts
Khem Raj (11):
ufw: Fix packaging errors found with ppc64
libcereal: Enable for glibc/ppc
mimic: Use special rateconv.c license
makedumpfile: Use right TARGET for ppc32
evince: Add dbus to depnedencies on non-x11 builds
evolution-data-server: Do not pass --library-path to gir compiler
python3-wxgtk4: Needs x11 for sip module
unattended-upgrades: Disable auto-detecting modules
sdbus-c++: Link with libatomic on mips/ppc32
sdbus-c++: Link with libatomic for rv32
sdbus-c++-libsystemd: Fix patch fuzz
Markus Volk (1):
minidlna: fix obsolete license warning
Martin Jansa (3):
ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay
leveldb: switch from master branch to main
tesseract-lang: switch from master branch to main
Michael Opdenacker (1):
devmem2: update SRC_URI according to redirect
Mingli Yu (1):
s-nail: Set VAL_MTA
Nicolas Dechesne (1):
imlib2: update SRC_URI
Peter Marko (1):
libgpiod: move test dependencies to ptest package
Richard Neill (1):
bats: Add patch to fix false-negatives caused by teardown code
Wentao Zhang (1):
protobuf-c: update to 1.4.1 fix CVE-2022-33070
Xu Huan (1):
python3-astroid: upgrade 2.11.2 -> 2.11.3
Yi Zhao (4):
frr: inherit autotools-brokensep instead of autotools
networkmanager: fix parallel build failure
dnsmasq: Security fix CVE-2022-0934
strongswan: upgrade 5.9.5 -> 5.9.6
Yue Tao (2):
exo: upgrade 4.16.3 -> 4.16.4
dlt-daemon: upgrade to commit 6a3bd901d8 to fix CVE-2022-31291
wangmy (5):
php: upgrade 8.1.4 -> 8.1.5
php: upgrade 8.1.5 -> 8.1.6
postgresql: upgrade 14.2 -> 14.3
postgresql: upgrade 14.3 -> 14.4
php: upgrade 8.1.6 -> 8.1.7
meta-security: 93f2146211..c79262a30b:
Anton Antonov (1):
Parsec-service: Update installation procedure
Armin Kuster (5):
fscrypt: add distro_check on pam
aide: Update 01.17.4
tpm2-pkcs11: tpm2-pkcs11 module missing
tpm2-tools: Add missing rdepends
oeqa/cases/tpm2: fix and enhance test suite
Davide Gardenal (1):
sssd: ignore CVE-2018-16838
Jeremy A. Puhlman (5):
aide: Add depend on audit when audit is enabled.
lib-perl: prefix man pages to avoid conflicting with base perl
libmhash: add multilib header
python3-privacyidea: add correct path to lib/privacyidea
clamav: make install owner match the added user name
Jose Quaresma (1):
meta-integrity: kernel-modsign: prevents splitting out debug symbols
poky: d84c73d1ef..e4b5c35fd4:
Ahmed Hossam (1):
insane.bbclass: host-user-contaminated: Correct per package home path
Alejandro Hernandez Samaniego (2):
package.bbclass: Fix base directory for debugsource files when using externalsrc
package.bbclass: Fix kernel source handling when not using externalsrc
Alex Kiernan (1):
pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE
Alexander Kanavin (41):
systemd: upgrade 250.4 -> 250.5
mesa: upgrade 22.0.0 -> 22.0.2
bind: upgrade 9.18.1 -> 9.18.2
cronie: upgrade 1.6.0 -> 1.6.1
epiphany: upgrade 42.0 -> 42.2
ffmpeg: upgrade 5.0 -> 5.0.1
fribidi: upgrade 1.0.11 -> 1.0.12
libinput: upgrade 1.19.3 -> 1.19.4
sqlite3: upgrade 3.38.2 -> 3.38.3
webkitgtk: upgrade 2.36.0 -> 2.36.1
xwayland: upgrade 22.1.0 -> 22.1.1
mmc-utils: upgrade to latest revision
gst-devtools: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2
gstreamer1.0: upgrade 1.20.1 -> 1.20.2
gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2
libcgroup: upgrade 2.0.1 -> 2.0.2
mesa: upgrade 22.0.2 -> 22.0.3
mobile-broadband-provider-info: upgrade 20220315 -> 20220511
sqlite3: upgrade 3.38.3 -> 3.38.5
bash: submit patch upstream
valgrind: submit arm patches upstream
zip/unzip: mark all submittable patches as Inactive-Upstream
python3: use built-in distutils for ptest, rather than setuptools' 'fork'
wireless-regdb: upgrade 2022.04.08 -> 2022.06.06
oeqa/sdk: drop the nativesdk-python 2.x test
at: take tarballs from debian
openssl: update 3.0.4 -> 3.0.5
gstreamer1.0: upgrade 1.20.2 -> 1.20.3
weston: update 10.0.0 -> 10.0.1
glib-2.0: upgrade 2.72.2 -> 2.72.3
glib-networking: upgrade 2.72.0 -> 2.72.1
libsoup: upgrade 3.0.6 -> 3.0.7
waffle: correctly request wayland-scanner executable
Aryaman Gupta (1):
e2fsprogs: update upstream status
Bruce Ashfield (48):
linux-yocto/5.10: update to v5.10.110
linux-yocto/5.10: base: enable kernel crypto userspace API
linux-yocto/5.10: update to v5.10.112
linux-yocto/5.15: arm: poky-tiny cleanup and fixes
linux-yocto/5.15: update to v5.15.33
linux-yocto/5.15: base: enable kernel crypto userspace API
linux-yocto/5.15: kasan: fix BUG: sleeping function called from invalid context
linux-yocto/5.15: fix ppc boot
linux-yocto/5.15: netfilter: conntrack: avoid useless indirection during conntrack destruction
linux-yocto/5.15: update to v5.15.35
linux-yocto/5.15: Fix CVE-2022-28796
linux-yocto: enable powerpc debug fragment
linux-yocto/5.15: fix -standard kernel build issue
linux-yocto/5.15: update to v5.15.36
linux-yocto/5.15: fix qemuarm graphical boot
strace: fix ptest failure in landlock
yocto-bsps: update to v5.15.36
linux-yocto/5.15: update to v5.15.37
linux-yocto/5.10: update to v5.10.113
linux-yocto/5.15: update to v5.15.38
linux-yocto/5.10: update to v5.10.114
linux-yocto/5.15: bpf: explicitly disable unpriv eBPF by default
linux-yocto/5.15: update to v5.15.43
linux-yocto/5.10: update to v5.10.118
linux-yocto/5.15: Enable MDIO bus config
linux-yocto/5.15: cfg/xen: Move x86 configs to separate file
linux-yocto/5.15: update to v5.15.44
linux-yocto/5.10: update to v5.10.119
lttng-modules: fix build against 5.18-rc7+
linux-yocto/5.10: update to v5.10.121
linux-yocto/5.10: update to v5.10.123
linux-yocto/5.10: update to v5.10.128
linux-yocto/5.10: fix build_OID_registry/conmakehash buildpaths warning
linux-yocto/5.10: fix buildpaths issue with gen-mach-types
linux-yocto/5.10: update to v5.10.130
linux-yocto/5.10: fix buildpaths issue with pnmtologo
linux-yocto/5.15: update to v5.15.46
linux-yocto/5.15: update to v5.15.48
linux-yocto/5.15: drop obselete GPIO sysfs ABI
linux-yocto/5.15: update to v5.15.52
linux-yocto/5.15: fix qemuppc buildpaths warning
linux-yocto/5.15: fix build_OID_registry buildpaths warning
linux-yocto/5.15: fix buildpaths issue with gen-mach-types
linux-yocto/5.15: update to v5.15.54
linux-yocto/5.15: fix buildpaths issue with pnmtologo
kernel-devsrc: fix reproducibility and buildpaths QA warning
kernel-devsrc: ppc32: fix reproducibility
perf: fix reproducibility in 5.19+
Chanho Park (2):
cargo_common.bbclass: enable bitbake vendoring for externalsrc
externalsrc.bbclass: support crate fetcher on externalsrc
Chen Qi (1):
go-helloworld: remove unused GO_WORKDIR
Christoph Lauer (1):
package.bbclass: Avoid stripping signed kernel modules in splitdebuginfo
Claudius Heine (2):
overlayfs: add docs about skipping QA check & service dependencies
classes: rootfs-postcommands: add skip option to overlayfs_qa_check
David Bagonyi (1):
sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity
Davide Gardenal (14):
cve-check: add JSON format to summary output
cve-check: fix symlinks where link and output path are equal
rootfs-postcommands: fix symlinks where link and output path are equal
openssl: minor security upgrade 3.0.2 -> 3.0.3
freetype: backport patch for CVE-2022-27404
freetype: backport patch for CVE-2022-27405
freetype: backport patch for CVE-2022-27406
qemu: backport patch for CVE-2021-4206
qemu: backport patch for CVE-2021-4207
base-passwd: Disable shell for default users
libpcre2: upgrade 10.39 -> 10.40
ncurses: update to patchlevel 20220423
baremetal-image: fix broken symlink in do_rootfs
efivar: add musl libc compatibility
Dmitry Baryshkov (6):
linux-firmware: upgrade 20220411 -> 20220509
image.bbclass: allow overriding dependency on virtual/kernel:do_deploy
linux-firmware: package new Qualcomm firmware
linux-firmware: split ath3k firmware
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
Ernst Sjöstrand (2):
cve-check: Add helper for symlink handling
cve-check: Only include installed packages for rootfs manifest
Felix Moessbauer (1):
wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions
Gunjan Gupta (1):
bitbake: fetch2/osc: Small fixes for osc fetcher
He Zhe (1):
lttng-modules: Fix build failure for 5.10.119+ and 5.15.44+ kernel
Hitendra Prajapati (1):
pcre2: CVE-2022-1586 Out-of-bounds read
Jack Mitchell (1):
meson.bbclass: add cython binary to cross/native toolchain config
Jeremy Puhlman (1):
gcc: depend on zstd-native
Jiaqing Zhao (8):
libxml2: Upgrade 2.9.13 -> 2.9.14
sed: Specify shell for "nobody" user in run-ptest
strace: Don't run ptest as "nobody"
systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
systemd: Remove __compare_fn_t type in musl-specific patch
systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
systemd: Correct path returned in sd_path_lookup()
systemd: Correct 0001-pass-correct-parameters-to-getdents64.patch
Joerg Vehlow (1):
libseccomp: Add missing files for ptests
Jon Mason (2):
poky-tiny: enable qemuarmv5/qemuarm64 and cleanups
qemuarmv5: use arm-versatile-926ejs KMACHINE
Jose Quaresma (3):
archiver: use bb.note instead of echo
archiver: don't use machine variables in shared recipes
curl: backport openssl fix CN check error code
Justin Bronder (1):
pulseaudio: conditionally depend on alsa-plugins-pulseaudio-conf
Kai Kang (2):
xxhash: fix build with gcc 12
glibc-tests: not clear BBCLASSEXTEND
Khem Raj (11):
kmod: Enable xz support by default
qemu: Add packageconfig for libbpf support
linux-yocto: Enable powerpc-debug fragment for ppc64 LE
systemd: Fix build regression with latest update
ovmf: Fix native build with gcc-12
gcc: Upgrade to 11.3 release
systemd: Drop redundant musl patches
systemd: Document future actions needed for set of musl patches
systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
systemd: Update patch status
libmodule-build-perl: Use env utility to find perl interpreter
Konrad Weihmann (1):
linux-firmware: replace mkdir by install
Lee Chee Yang (1):
ghostscript: fix CVE-2022-2085
Lucas Stach (1):
perf: sort-pmuevents: really keep array terminators
Marcel Ziswiler (1):
alsa-plugins: fix libavtp vs. avtp packageconfig
Markus Volk (2):
mesa.inc: package 00-radv-defaults.conf
python3: Backport patch to fix an issue in subinterpreters
Marta Rybczynska (9):
cve-update-db-native: update the CVE database once a day only
cve-update-db-native: let the user to drive the update interval
cve-check: Fix report generation
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-check: fix return type in check_cves
cve-update-db-native: make it possible to disable database updates
cve-check: add support for Ignored CVEs
oeqa/selftest/cve_check: add tests for Ignored and partial reports
Martin Jansa (9):
staging.bbclass: process direct dependencies in deterministic order
insane.bbclass: make sure to close .patch files
makedevs: Don't use COPYING.patch just to add license file into ${S}
patch.py: make sure that patches/series file exists before quilt pop
lttng-modules: fix shell syntax
buildhistory.bbclass: fix shell syntax when using dash
rootfs.py: close kernel_abi_ver_file
mesa: backport a patch to support compositors without zwp_linux_dmabuf_v1 again
wic: fix WicError message
Matt Madison (1):
bitbake: providers: use local variable for packages_dynamic pattern
Maxime Roussin-Bélanger (1):
libffi: fix native build being not portable
Michael Opdenacker (4):
rootfs-postcommands.bbclass: correct comments
manuals: switch to the sstate mirror shared between all versions
docs: BB_HASHSERVE_UPSTREAM: update to new host
ref-manual: variables: remove sphinx directive from literal block
Ming Liu (3):
udev-extraconf: let automount base directory configurable
udev-extraconf: fix some systemd automount issues
udev-extraconf:mount.sh: fix path mismatching issues
Mingli Yu (2):
perl: Fix build with gcc-12
oescripts: change compare logic in OEListPackageconfigTests
Muhammad Hamza (6):
initramfs-framework: move storage mounts to actual rootfs
udev-extraconf/mount.sh: add LABELs to mountpoints
udev-extraconf/mount.sh: save mount name in our tmp filecache
udev-extraconf/mount.sh: only mount devices on hotplug
udev-extraconf: force systemd-udevd to use shared MountFlags
udev-extraconf/mount.sh: ignore lvm in automount
Naveen Saini (1):
pciutils: avoid lspci conflict with busybox
Nick Potenski (1):
systemd: systemd-systemctl: Support instance conf files during enable
Pascal Bach (1):
bin_package: install into base_prefix
Paul Eggleton (4):
devtool: ignore pn- overrides when determining SRC_URI overrides
patch: handle if S points to a subdirectory of a git repo
devtool: finish: handle patching when S points to subdir of a git repo
oe-selftest: devtool: test modify git recipe building from a subdir
Paulo Neves (2):
python: Avoid shebang overflow on python-config.py
gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2
Pavel Zhukov (3):
bitbake.conf: Make TCLIBC and TCMODE lazy assigned
systemd: update 0008-add-missing-FTW_-macros-for-musl.patch
harfbuzz: Fix compilation with clang
Peter Bergin (1):
rust: fix issue building cross-canadian tools for aarch64 on x86_64
Peter Kjellerstedt (4):
license_image.bbclass: Make QA errors fail the build
libseccomp: Correct LIC_FILES_CHKSUM
license.bbclass: Bound beginline and endline in copy_license_files()
base.bbclass: Correct the test for obsolete license exceptions
Peter Marko (2):
openssl: extract legacy provider module to a separate package
alsa-state: correct license
Pgowda (1):
binutils : CVE-2019-1010204
Portia (1):
volatile-binds: Change DefaultDependencies from false to no
Raju Kumar Pothuraju (1):
kernel-uboot.bbclass: Use vmlinux.initramfs when INITRAMFS_IMAGE_BUNDLE set
Rasmus Villemoes (1):
e2fsprogs: add alternatives handling of lsattr as well
Richard Purdie (79):
bitbake: tests/parse: Fix one test overwriting another
bitbake: server/process: Drop unused import
bitbake: ui/buildinfohelper: Drop unused import
bitbake: cooker: Drop unused loop
bitbake: msg: Drop unused local variable
bitbake: buildinfohelper: Drop unused function
bitbake: fetch2/crate: Drop unused import
bitbake: siggen: Drop pointless break statement
bitbake: ui/knotty: Drop pointless pass statement
bitbake: persist_data: Use a valid exception for missing implementation
bitbake: runqueue: Drop pointless variable assignment
bitbake: buildinfohelper: Drop unused variables
bitbake: fetch2/osc: Add missing parameter
bitbake: runqueue: Fix sig file location when using multiconfig
bitbake: fetch/git : Use cat as pager
lib/sstatesig: Fix find_siginfo to match sstate filename generation
base: Avoid circular references to our own scripts
scripts: Make git intercept global
scripts/git: Ensure we don't have circular references
package: Ensure we track whether PRSERV was active or not
abi_version/sstate: Bump hashequiv and sstate versions due to git changes
build-appliance-image: Update to kirkstone head revision
vim: Upgrade 8.2.4681 -> 8.2.4912
cairo: Add missing GPLv3 license checksum entry
sanity: Don't warn about make 4.2.1 for mint
bitbake: build: Add clean_stamp API function to allow removal of task stamps
staging: Fix rare sysroot corruption issue
selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES
vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
tiff: Add jbig PACKAGECONFIG and clarify CVE-2022-1210
libxslt: Mark CVE-2022-29824 as not applying
cve-extra-exclusions: Add kernel CVEs
cve-check: Allow warnings to be disabled
rust-common: Fix sstate signatures between arm hf and non-hf
rust-common: Drop LLVM_TARGET and simplify
rust-common: Fix native signature dependency issues
lzo: Add further info to a patch and mark as Inactive-Upstream
glib-2.0: upgrade 2.72.1 -> 2.72.2
libxkbcommon: upgrade 1.4.0 -> 1.4.1
gtk+3: upgrade 3.24.33 -> 3.24.34
webkitgtk: upgrade 2.36.1 -> 2.36.3
openssl: Backport fix for ptest cert expiry
gcc-cross-canadian: Add nativesdk-zstd dependency
local.conf.sample: Update sstate url to new 'all' path
sanity: Switch to make 4.0 as a minimum version
perl: Add dependency on make-native to avoid race issues
glibc: Drop make-native dependency
vim: Upgrade 8.2.5034 -> 8.2.5083
uboot-sign: Fix potential index error issues
selftest/multiconfig: Test that multiconfigs in separate layers works
gcc-source: Fix incorrect task dependencies from ${B}
liberror-perl: Update sstate/equiv versions to clean cache
python3: Remove problematic paths from sysroot files
python3: Ensure stale empty python module directories don't break the build
bitbake: server/process: Fix logging issues where only the first message was displayed
build-appliance-image: Update to kirkstone head revision
unzip: Port debian fixes for two CVEs
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
vim: 8.2.5083 -> 9.0.0005
openssl: Upgrade 3.0.3 -> 3.0.4
coreutils: Tweak packaging variable names for coreutils-dev
oeqa/runtime/scp: Disable scp test for dropbear
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
oe-selftest-image: Ensure the image has sftp as well as dropbear
qemu: Avoid accidental librdmacm linkage
glibc-tests: Avoid reproducibility issues
qemu: Fix slirp determinism issue
qemu: Add PACKAGECONFIG for brlapi
gperf: Add a patch to work around reproducibility issues
gperf: Switch to upstream patch
udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist
insane: Fix buildpaths test to work with special devices
lua: Fix multilib buildpath reproducibility issues
vala: Fix on target wrapper buildpaths issue
gtk-doc: Remove hardcoded buildpath
kernel-arch: Fix buildpaths leaking into external module compiles
gcc-runtime: Fix build when using gold
gcc-runtime: Fix missing MLPREFIX in debug mappings
selftest/runtime_test/virgl: Disable for all almalinux
Robert Joslyn (3):
powerpc: Remove invalid GLIBC_EXTRA_OECONF
curl: Backport CVE fixes
curl: Fix multiple CVEs
Robert Yang (1):
bitbake: fetch2/ssh.py: decode path back for ssh
Roland Hieber (1):
bitbake: cache: correctly handle file names containing colons
Ross Burton (12):
cve-check: no need to depend on the fetch task
oeqa/selftest: add test for git working correctly inside pseudo
Revert "bitbake.conf: mark all directories as safe for git to read"
oeqa/selftest/cve_check: add tests for recipe and image reports
tiff: mark CVE-2022-1622 and CVE-2022-1623 as invalid
cups: ignore CVE-2022-26691
busybox: fix CVE-2022-30065
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
tiff: backport the fix for CVE-2022-2056, CVE-2022-2057, and CVE-2022-2058
vim: upgrade to 9.0.0021
perl: don't install Makefile.old into perl-ptest
pulseaudio: add m4-native to DEPENDS
Sakib Sajal (1):
u-boot: fix CVE-2022-34835
Samuli Piippo (1):
binutils: Bump to latest 2.38 release branch
Sean Anderson (1):
rootfs.py: find .ko.zst kernel modules
Stefan Wiehler (1):
kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
Steve Sakoman (11):
scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng
poky.conf: bump version for 4.0.1 release
virgl: skip headless test on alma 8.6
python3: fix reproducibility issue with python3-core
go: upgrade 1.17.8 -> 1.17.10
poky.conf: bump version for 4.0.2
openssh: break dependency on base package for -dev package
dropbear: break dependency on base package for -dev package
ruby: add PACKAGECONFIG for capstone
qemu: add PACKAGECONFIG for capstone
qemu: Avoid accidental libvdeplug linkage
Sundeep KOKKONDA (4):
rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets
rust-common: Fix for target definitions returning 'NoneType' for arm
glibc: stable 2.35 branch updates
binutils : stable 2.38 branch updates
Thomas Roos (1):
recipetool/devtool: Fix python egg whitespace issues in PACKAGECONFIG
Tomasz Dziendzielski (1):
bitbake: data: Do not depend on vardepvalueexclude flag
Wentao Zhang (1):
harfbuzz: fix CVE-2022-33068
Xiaobing Luo (1):
devtool: Fix _copy_file() TypeError
Yi Zhao (2):
popt: fix override syntax in RDEPENDS
git: fix override syntax in RDEPENDS
leimaohui (1):
cve-check.bbclass: Added do_populate_sdk[recrdeptask].
wangmy (15):
librepo: upgrade 1.14.2 -> 1.14.3
cups: upgrade 2.4.1 -> 2.4.2
logrotate: upgrade 3.19.0 -> 3.20.1
iso-codes: upgrade 4.9.0 -> 4.10.0
lttng-ust: upgrade 2.13.2 -> 2.13.3
gst-devtools: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-libav: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-omx: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-bad: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-base: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-good: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-plugins-ugly: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-python: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-rtsp-server: upgrade 1.20.2 -> 1.20.3
gstreamer1.0-vaapi: upgrade 1.20.2 -> 1.20.3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Ie30881bf20846b7311381bed443623fce8912406
diff --git a/poky/meta/lib/oeqa/selftest/cases/git.py b/poky/meta/lib/oeqa/selftest/cases/git.py
new file mode 100644
index 0000000..f12874d
--- /dev/null
+++ b/poky/meta/lib/oeqa/selftest/cases/git.py
@@ -0,0 +1,15 @@
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class GitCheck(OESelftestTestCase):
+ def test_git_intercept(self):
+ """
+ Git binaries with CVE-2022-24765 fixed will refuse to operate on a
+ repository which is owned by a different user. This breaks our
+ do_install task as that runs inside pseudo, so the git repository is
+ owned by the build user but git is running as (fake)root.
+
+ We have an intercept which disables pseudo, so verify that it works.
+ """
+ bitbake("git-submodule-test -c test_git_as_user")
+ bitbake("git-submodule-test -c test_git_as_root")