Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / 821a859c1d68e8cfeea8c50e86f15daa87e71d59
commit821a859c1d68e8cfeea8c50e86f15daa87e71d59[log] [tgz]
authorPatrick Williams <patrick@stwcx.xyz>Tue May 02 15:26:54 2023 -0500
committerPatrick Williams <patrick@stwcx.xyz>Wed May 03 16:04:39 2023 -0500
tree58306112a24fe4a57c66e3d7a324460bbd52c28f
parentce7bef12b17859cef0615675e4ad5f6f4f611384 [diff]
subtree updates

meta-openembedded: 744a4b6eda..df452d9d98:
  Alexander Stein (1):
        dool: Add patch to fix rebuild

  Alexander Thoma (1):
        Fix tigervnc crash due to missing xkbcomp rdepends

  Andrej Valek (2):
        grpc: upgrade 1.45.2 -> 1.46.6
        grpc: upgrade 1.46.6 -> 1.46.7

  Archana Polampalli (2):
        Nodejs - Upgrade to 16.18.1
        Nodejs: Fixed python3 DeprecationWarning

  BINDU (1):
        flatbuffers: adapt for cross-compilation environments

  Carsten Bäcker (1):
        spdlog: Fix CMake flag

  Changqing Li (12):
        zabbix: fix CVE-2022-43515,CVE-2022-46768
        redis: 6.2.7 -> 6.2.8
        redis: upgrade 7.0.4 to 7.0.5
        redis: 7.0.5 -> 7.0.7
        liblockfile: fix do_install failure when ldconfig is not installed
        postgresql: fix CVE-2022-41862
        redis: upgrade 7.0.7 -> 7.0.9
        redis: upgrade 6.2.8 -> 6.2.11
        zabbix: fix CVE-2023-29451
        redis: upgrade 6.2.11 -> 6.2.12
        redis: upgrade 7.0.9 -> 7.0.10
        redis: upgrade 7.0.10 -> 7.0.11

  Chase Qi (1):
        kernel-selftest: install kselftest runner

  Chee Yang Lee (2):
        zsh: Fix CVE-2021-45444
        cifs-utils: fix CVE-2022-27239 CVE-2022-29869

  Dmitry Baryshkov (1):
        nss: fix cross-compilation error

  Dragos-Marian Panait (1):
        phpmyadmin: fix CVE-2023-25727

  Gary Huband (1):
        chrony: add pkgconfig class as pkg-config is explicitly searched for

  Geoff Parker (1):
        python3-pillow: add tk to RDEPENDS ptest pkg only if x11 in DISTRO_FEATURES

  He Zhe (2):
        protobuf: upgrade 3.19.4 -> 3.19.6
        python3-protobuf: upgrade 3.20.0 -> 3.20.3

  Hermes Zhang (1):
        kernel_add_regdb: Change the task order

  Hitendra Prajapati (5):
        dhcp: Fix CVE-2022-2928 & CVE-2022-2929
        strongswan: CVE-2022-40617 A possible DoS in Using Untrusted URIs for Revocation Checking
        nginx: CVE-2022-41741, CVE-2022-41742 Memory corruption in the ngx_http_mp4_module
        net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
        krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing

  Howard Cochran (1):
        ufw: Fix "could not find required binary 'iptables'"

  Joe Slater (1):
        phoronix-test-suite: Fix CVE-2022-40704

  Khem Raj (6):
        mpd: Update to 0.23.8
        mpd: Upgrade to 0.23.9
        ncmpc: Upgrade to 0.47
        mpd: Upgrade to 0.23.12 release
        monkey: Fix build with musl
        postfix: Fix build on systems with linux 6.x

  Manoj Saun (1):
        postgresql: fix ptest failure of sysviews test

  Marta Rybczynska (1):
        jansson: whitelist CVE-2020-36325

  Martin Jansa (12):
        re2: fix branch name from master to main
        exiv2: fix SRC_URI
        mdns: use git fetcher
        monkey: use git fetcher
        jack: fix compatibility with python-3.11
        restinio: fix S variable in multilib builds
        mongodb: fix chown user for multilib builds
        pahole: respect libdir
        lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
        lirc: fix do_install with multilib
        dleyna-{server,renderer}: fix dev-so QA issue with multilib
        zsh: fix installed-vs-shipped with multilib

  Mingli Yu (6):
        php: Upgrade to 8.1.12
        mariadb: not use qemu to run cross-compiled binaries
        mariadb: Upgrade to 10.7.7
        php: Upgrade to 8.1.16
        mariadb: Upgrade to 10.7.8
        mariadb: Fix CVE-2022-47015

  Narpat Mali (2):
        python3-oauthlib: upgrade 3.2.0 -> 3.2.2
        Fix collections.abc deprecation warning in downloadutils Warning appears as:

  Neetika Singh (1):
        libcroco: Add fix for CVE-2020-12825

  Nikhil R (1):
        duktape: Add ptest

  Niko Mauno (2):
        nftables: Fix missing leading whitespace with ':append'
        Fix missing leading whitespace with ':append'

  Peter Kjellerstedt (2):
        chrony: Remove the readline PACKAGECONFIG
        chrony: Remove the libcap and nss PACKAGECONFIGs

  Peter Marko (3):
        ntp: whitelist CVE-2019-11331
        c-ares: fix CVE-2022-4904
        dnsmasq: fix CVE-2023-28450

  Philippe Coval (1):
        pim435: Relocate sources to eclipse

  Polampalli, Archana (2):
        xfce4-settings: 4.16.2 -> 4.16.5
        nodejs: Upgrade 16.19.0 -> 16.19.1

  Preeti Sachan (1):
        fluidsynth: update SRC_URI to remove non-existing 2.2.x branch

  Randy MacLeod (2):
        python3-pillow: add ptest support
        python3-pillow: Add distutils, unixadmin for ptest

  S. Lockwood-Childs (1):
        multipath-tools: fix QA "dev-so" regression

  Siddharth Doshi (1):
        xterm : Fix CVE-2022-45063 code execution via OSC 50 input sequences] CVE-2022-45063

  Tim Orling (1):
        nodejs: upgrade 16.18.1 -> 16.19.0

  Tom Hochstein (1):
        nlohmann-json: Allow empty main package for SDK

  Urade, Yogita (3):
        multipath-tools: fix CVE-2022-41974
        poppler: fix CVE-2021-30860
        dlt-daemon: fix CVE-2023-26257

  Wang Mingyu (5):
        python3-pillow: upgrade 9.2.0 -> 9.3.0
        python3-pillow: upgrade 9.3.0 -> 9.4.0
        apache2: upgrade 2.4.54 -> 2.4.55
        apache2: upgrade 2.4.55 -> 2.4.56
        openwsman: Change download branch from master to main.

  Xu Huan (1):
        python3-pillow: upgrade 9.0.1 -> 9.1.1

  Yi Zhao (5):
        postfix: upgrade 3.6.5 -> 3.6.7
        freeradius: Security fixes for CVE-2022-41860 CVE-2022-41861
        frr: Security fix for CVE-2022-42917
        apache2: use /run instead of /var/run for systemd volatile config
        mbedtls: upgrade 2.28.0 -> 2.28.2

  Yogita Urade (2):
        multipath-tools:fix CVE-2022-41973
        syslog-ng: fix CVE-2022-38725

  Zheng Qiu (1):
        redis: build with USE_SYSTEMD=yes when systemd is enabled

  wangmy (1):
        libcrypt-openssl-rsa-perl: upgrade 0.32 -> 0.33

  zhengruoqin (1):
        python3-pillow: upgrade 9.1.1 -> 9.2.0

meta-raspberrypi: dacad9302a..2a06e4e84b:
  Zachary T Welch (1):
        machines: simplify MACHINEOVERRIDES definitions

meta-security: c79262a30b..cc20e2af2a:
  Armin Kuster (2):
        oeqa/tpm2: fix and cleanup tests
        oeqa: meta-tpm shut swtpm down before and after testing

poky: eaf8ce9d39..4cc0e9438b:
  Adrian Freihofer (1):
        own-mirrors: add crate

  Alejandro Hernandez Samaniego (2):
        baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES
        testimage: Fix error message to reflect new syntax

  Alex Kiernan (3):
        u-boot: Remove duplicate inherit of cml1
        cargo_common.bbclass: Fix typos
        classes: image: Set empty weak default IMAGE_LINGUAS

  Alex Stewart (1):
        lsof: add update-alternatives logic

  Alexander Kanavin (49):
        local.conf.sample: correct the location of public hashserv
        lttng-modules: upgrade 2.13.4 -> 2.13.5
        quilt: backport a patch to address grep 3.8 failures
        lttng-tools: submit determinism.patch upstream
        groff: submit patches upstream
        tcl: correct patch status
        kea: submit patch upstream
        ovmf: correct patches status
        libffi: submit patch upstream
        linux-firmware: upgrade 20220913 -> 20221012
        xwayland: upgrade 22.1.3 -> 22.1.4
        libffi: upgrade 3.4.2 -> 3.4.4
        libical: upgrade 3.0.15 -> 3.0.16
        mtd-utils: upgrade 2.1.4 -> 2.1.5
        gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
        gstreamer1.0: upgrade 1.20.3 -> 1.20.4
        libepoxy: convert to git
        libepoxy: update 1.5.9 -> 1.5.10
        vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that
        gnomebase.bbclass: return the whole version for tarball directory if it is a number
        libnewt: update 0.52.21 -> 0.52.23
        ruby: merge .inc into .bb
        ruby: update 3.1.2 -> 3.1.3
        tzdata: update 2022d -> 2022g
        devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree
        libarchive: upgrade 3.6.1 -> 3.6.2
        devtool: process local files only for the main branch
        libksba: update 1.6.2 -> 1.6.3
        linux-firmware: upgrade 20221109 -> 20221214
        xwayland: upgrade 22.1.5 -> 22.1.7
        xserver-xorg: upgrade 21.1.4 -> 21.1.6
        selftest/virgl: use pkg-config from the host
        vulkan-samples: branch rename master -> main
        gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests
        oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal
        diffutils: update 3.8 -> 3.9
        lttng-tools: update 2.13.8 -> 2.13.9
        apr: update 1.7.0 -> 1.7.2
        apr-util: update 1.6.1 -> 1.6.3
        bind: upgrade 9.18.10 -> 9.18.11
        libjpeg-turbo: upgrade 2.1.4 -> 2.1.5
        linux-firmware: upgrade 20221214 -> 20230117
        sudo: upgrade 1.9.12p1 -> 1.9.12p2
        vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
        dbus: upgrade 1.14.4 -> 1.14.6
        linux-firmware: upgrade 20230117 -> 20230210
        wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
        devtool/upgrade: do not delete the workspace/recipes directory
        patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak

  Alexandre Belloni (1):
        oeqa/selftest/bbtests: Update message lookup for test_git_unpack_nonetwork_fail

  Alexey Smirnov (1):
        classes: make TOOLCHAIN more permissive for kernel

  Alexis Lothoré (1):
        oeqa/selftest/resulttooltests: fix minor typo

  Antonin Godard (2):
        busybox: always start do_compile with orig config files
        busybox: rm temporary files if do_compile was interrupted

  Armin Kuster (1):
        lttng-modules: Fix for 5.10.163 kernel version

  Arnout Vandecappelle (1):
        python3-pytest: depend on python3-tomli instead of python3-toml

  Bartosz Golaszewski (1):
        bluez5: add dbus to RDEPENDS

  Benoît Mauduit (1):
        lib/oe/reproducible: Use git log without gpg signature

  Bernhard Rosenkränzer (1):
        cmake-native: Fix host tool contamination (Bug: 14951)

  Bhabu Bindu (5):
        qemu: Fix CVE-2021-3611
        curl: Fix CVE-2022-32221
        curl: Fix CVE-2022-42916
        curl: Fix CVE-2022-42915
        qemu: Fix CVE-2022-4144

  Bruce Ashfield (34):
        linux-yocto/5.10: update to v5.10.147
        linux-yocto/5.10: update to v5.10.149
        linux-yocto/5.15: update to v5.15.72
        kern-tools: fix relative path processing
        linux-yocto/5.15: update to v5.15.74
        linux-yocto/5.15: update to v5.15.76
        linux-yocto/5.15: update to v5.15.78
        linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
        kern-tools: integrate ZFS speedup patch
        linux-yocto/5.10: update to v5.10.152
        linux-yocto/5.10: update to v5.10.154
        linux-yocto/5.10: update to v5.10.160
        linux-yocto/5.15: ltp and squashfs fixes
        linux-yocto/5.15: fix perf build with clang
        linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off
        linux-yocto/5.15: update to v5.15.84
        linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy
        linux-yocto/5.15: update to v5.15.87
        linux-yocto/5.15: update to v5.15.89
        linux-yocto/5.15: update to v5.15.91
        lttng-modules: fix for kernel 6.2+
        linux-yocto/5.15: update to v5.15.94
        linux-yocto/5.15: update to v5.15.96
        linux-yocto-rt/5.15: update to -rt59
        linux-yocto/5.10: update to v5.10.162
        linux-yocto/5.10: update to v5.10.164
        linux-yocto/5.10: update to v5.10.166
        linux-yocto/5.10: update to v5.10.168
        linux-yocto/5.10: update to v5.10.170
        linux-yocto/5.10: update to v5.10.172
        linux-yocto/5.10: update to v5.10.175
        lttng-modules: update to v2.13.9
        linux-yocto/5.15: update to v5.15.98
        linux-yocto/5.15: update to v5.15.103

  Carlos Alberto Lopez Perez (1):
        xwayland: libxshmfence is needed when dri3 is enabled

  Changqing Li (3):
        base.bbclass: Fix way to check ccache path
        apt: fix do_package_qa failure
        libsdl2: fix CVE-2022-4743

  Chee Yang Lee (4):
        dropbear: fix CVE-2021-36369
        git: upgrade to 2.35.6
        tiff: fix multiple CVEs
        git: ignore CVE-2023-22743

  Chen Qi (10):
        image_types_wic.bbclass: fix cross binutils dependency
        openssl: export necessary env vars in SDK
        kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
        resolvconf: make it work
        dhcpcd: fix to work with systemd
        psplash: consider the situation of psplash not exist for systemd
        bc: extend to nativesdk
        rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work
        dhcpcd: backport two patches to fix runtime error
        libseccomp: fix typo in DESCRIPTION

  Christian Eggers (1):
        linux-firmware: split rtl8761 firmware

  Claus Stovgaard (1):
        gstreamer1.0-libav: fix errors with ffmpeg 5.x

  Daniel Gomez (1):
        gtk-icon-cache: Fix GTKIC_CMD if-else condition

  Diego Sueiro (1):
        kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR

  Dmitry Baryshkov (4):
        linux-firmware: upgrade 20221012 -> 20221109
        linux-firmware: add new fw file to ${PN}-qcom-adreno-a530
        linux-firmware: properly set license for all Qualcomm firmware
        linux-firmware: add yamato fw files to qcom-adreno-a2xx package

  Ed Tanous (1):
        openssl: Upgrade 3.0.5 -> 3.0.7

  Enrico Jörns (1):
        sstatesig: emit more helpful error message when not finding sstate manifest

  Etienne Cordonnier (2):
        mirrors.bbclass: use shallow tarball for binutils-native
        bitbake: siggen: Fix inefficient string concatenation

  Federico Pellegrin (1):
        curl: fix dependencies when building with ldap/ldaps

  Florin Diaconescu (1):
        python3: upgrade 3.10.8 -> 3.10.9

  Frank de Brabander (2):
        cve-update-db-native: add timeout to urlopen() calls
        bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system

  Geoffrey GIRY (1):
        cve-check: Fix false negative version issue

  Harald Seiler (2):
        opkg: Set correct info_dir and status_file in opkg.conf
        bootchart2: Fix usrmerge support

  He Zhe (3):
        lttng-tools: Upgrade 2.13.4 -> 2.13.8
        lttng-modules: Fix crash on powerpc64
        lttng-modules: update 2.13.7 -> 2.13.8

  Hitendra Prajapati (14):
        openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption
        QEMU: CVE-2022-3165 VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion
        systemd: CVE-2022-3821 Fix buffer overrun
        libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c
        golang: CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
        libxml2: Fix CVE-2022-40303 && CVE-2022-40304
        libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak
        systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long backtrace
        go: fix CVE-2022-41717 Excessive memory use in got server
        less: backport the fix for CVE-2022-46663
        curl: CVE-2023-27533 TELNET option IAC injection
        curl: CVE-2023-27534 SFTP path resolving discrepancy
        ruby: CVE-2023-28756 ReDoS vulnerability in Time
        screen: CVE-2023-24626 allows sending SIGHUP to arbitrary PIDs

  Hongxu Jia (1):
        pkgconf: fix CVE-2023-24056

  Jagadeesh Krishnanjanappa (1):
        qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image

  Jan Kircher (1):
        toolchain-scripts: compatibility with unbound variable protection

  Jan-Simon Moeller (1):
        buildtools-tarball: export certificates to python and curl

  Jeremy Puhlman (1):
        qemu-native: Add PACKAGECONFIG option for jack

  Jermain Horsman (1):
        cve-check: write the cve manifest to IMGDEPLOYDIR

  Joe Slater (4):
        python3: advance to version 3.10.8
        nghttp2: never build python bindings
        python3: fix CVE-2023-24329
        go: fix CVE-2022-41724, 41725

  John Edward Broadbent (1):
        externalsrc: git submodule--helper list unsupported

  Jose Quaresma (7):
        kernel-yocto: improve fatal error messages of symbol_why.py
        archiver: avoid using machine variable as it breaks multiconfig
        sstatesig: skip the rm_work task signature
        rm_work: exclude the SSTATETASKS from the rm_work tasks sinature
        sstate: Allow optimisation of do_deploy_archives task dependencies
        Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test"
        gstreamer1.0: Fix race conditions in gstbin tests

  Joshua Watt (6):
        runqemu: Do not perturb script environment
        runqemu: Fix gl-es argument from causing other arguments to be ignored
        qemu-helper-native: Re-write bridge helper as C program
        qemu-helper-native: Correctly pass program name as argv[0]
        scripts: convert-overrides: Allow command-line customizations
        classes/create-spdx: Add SPDX_PRETTY option

  KARN JYE LAU (1):
        freetype:update mirror site.

  Kai Kang (5):
        libuv: fixup SRC_URI
        webkitgtk: 2.36.7 -> 2.36.8
        qemu: fix compile error
        xserver-xorg: 21.1.6 -> 21.1.7
        python3-git: fix indent error

  Keiya Nobuta (2):
        gnutls: Unified package names to lower-case
        create-spdx: Remove ";name=..." for downloadLocation

  Kenfe-Mickael Laventure (3):
        buildtools-tarball: Handle spaces within user $PATH
        toolchain-scripts: Handle spaces within user $PATH
        populate_sdk_ext: Handle spaces within user $PATH

  Khem Raj (10):
        perf: Depend on native setuptools3
        tiff: Add packageconfig knob for webp
        libtirpc: Check if file exists before operating on it
        libusb1: Link with latomic only if compiler has no atomic builtins
        libusb1: Strip trailing whitespaces
        scons: Pass MAXLINELENGTH to scons invocation
        scons.bbclass: Make MAXLINELENGTH overridable
        systemd.bbclass: Add /usr/lib/systemd to searchpaths as well
        rsync: Add missing prototypes to function declarations
        rsync: Turn on -pedantic-errors at the end of 'configure'

  Konrad Weihmann (1):
        create-spdx: default share_src for shared sources

  Lee Chee Yang (2):
        migration-guides: add release-notes for 4.0.7
        migration-guides: add release-notes for 4.0.9

  Leon Anavi (1):
        get_module_deps3.py: Check attribute '__file__'

  Liam Beguin (1):
        meson: make wrapper options sub-command specific

  Louis Rannou (1):
        oeqa/selftest/locales: Add selftest for locale generation/presence

  Luis (1):
        rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively

  Marek Vasut (3):
        bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware
        bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata
        bitbake: fetch2/git: Clarify the meaning of namespace

  Marius Kriegerowski (1):
        bitbake: bitbake-diffsigs: Make PEP8 compliant

  Mark Hatle (3):
        insane.bbclass: Allow hashlib version that only accepts on parameter
        bitbake: utils/ply: Update md5 to better report errors with hashlib
        openssl: Move microblaze to linux-latomic config

  Marta Rybczynska (2):
        efibootmgr: update compilation with musl
        cve-update-db-native: avoid incomplete updates

  Martin Jansa (15):
        vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack
        externalsrc.bbclass: fix git repo detection
        libsndfile1: Backport fix for CVE-2021-4156
        tiff: refresh with devtool
        tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
        libxml2: fix test data checksums
        systemd: backport another change from v252 to fix build with CVE-2022-45873.patch
        ffmpeg: refresh patches to apply cleanly
        meta: remove True option to getVar and getVarFlag calls (again)
        bitbake: fetch2/git: show SRCREV and git repo in error message about fixed SRCREV
        timezone: use 'tz' subdir instead of ${WORKDIR} directly
        tzdata: use separate B instead of WORKDIR for zic output
        tzcode-native: fix build with gcc-13 on host
        selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR
        bmap-tools: switch to main branch

  Mateusz Marciniec (1):
        sstatesig: Improve output hash calculation

  Mathieu Dubois-Briand (1):
        dbus: Add missing CVE product name

  Mauro Queiros (1):
        image.bbclass: print all QA functions exceptions

  Michael Halstead (4):
        uninative: Upgrade to 3.7 to work with glibc 2.36
        selftest/runtime_test/virgl: Disable for all Rocky Linux
        uninative: Upgrade to 3.8.1 to include libgcc
        uninative: Upgrade to 3.9 to include glibc 2.37

  Michael Opdenacker (11):
        create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED
        SPDX and CVE documentation updates
        manuals: add 4.0.5 and 4.0.6 release notes
        manuals: document SPDX_PRETTY variable
        dev-manual: fix old override syntax
        ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT
        profile-manual: update WireShark hyperlinks
        bsp-guide: fix broken git URLs and missing word
        manuals: update patchwork instance URL
        dev-manual: common-tasks.rst: add link to FOSDEM 2023 video
        migration-guides: add 4.0.8 release notes

  Mikko Rapeli (11):
        common-tasks.rst: fix oeqa runtime test path
        oeqa context.py: fix --target-ip comment to include ssh port number
        oeqa ssh.py: move output prints to new line
        oeqa ssh.py: add connection keep alive options to ssh client
        oeqa dump.py: add error counter and stop after 5 failures
        oeqa qemurunner: read more data at a time from serial
        oeqa qemurunner.py: add timeout to QMP calls
        oeqa qemurunner.py: try to avoid reading one character at a time
        oeqa ssh.py: fix hangs in run()
        runqemu: kill qemu if it hangs
        oeqa rtc.py: skip if read-only-rootfs

  Ming Liu (1):
        linux: inherit pkgconfig in kernel.bbclass

  Mingli Yu (4):
        glslang: branch rename master -> main
        mdadm: Fix testcase 06wrmostly
        mdadm: fix tests/02lineargrow
        mdadm: Fix raid0 tests

  Narpat Mali (12):
        wayland: fix CVE-2021-3782
        python3-mako: backport fix for CVE-2022-40023
        ffmpeg: fix for CVE-2022-3964
        ffmpeg: fix for CVE-2022-3965
        ffmpeg: fix for CVE-2022-3109
        python3-setuptools: fix for CVE-2022-40897
        python3-wheel: fix for CVE-2022-40898
        python3-git: fix for CVE-2022-24439
        ffmpeg: fix for CVE-2022-3341
        python3-certifi: fix for CVE-2022-23491
        libseccomp: fix for the ptest result format
        libmicrohttpd: upgrade 0.9.75 -> 0.9.76

  Nathan Rossi (4):
        oeqa/selftest/lic_checksum: Cleanup changes to emptytest include
        oeqa/selftest/minidebuginfo: Create selftest for minidebuginfo
        glibc-locale: Do not INHIBIT_DEFAULT_DEPS
        package: Fix handling of minidebuginfo with newer binutils

  Niko Mauno (2):
        systemd: Consider PACKAGECONFIG in RRECOMMENDS
        Fix missing leading whitespace with ':append'

  Ovidiu Panait (1):
        kernel.bbclass: remove empty module directories to prevent QA issues

  Pavel Zhukov (4):
        bitbake: gitsm: Fix regression in gitsm submodule path parsing
        oeqa/rpm.py: Increase timeout and add debug output
        gcc: Refactor linker patches and fix linker on arm with usrmerge
        wic: Fix usage of fstype=none in wic

  Pawan Badganchi (2):
        curl: Add fix for CVE-2023-23914, CVE-2023-23915
        tiff: Add fix for CVE-2022-4645

  Pawel Zalewski (1):
        classes/fs-uuid: Fix command output decoding issue

  Peter Kjellerstedt (2):
        externalsrc.bbclass: Remove a trailing slash from ${B}
        devshell: Do not add scripts/git-intercept to PATH

  Peter Marko (9):
        systemd: add group render to udev package
        meta-selftest/staticids: add render group for systemd
        externalsrc: fix lookup for .gitmodules
        oeqa/selftest/externalsrc: add test for srctree_hash_files
        systemd: add group sgx to udev package
        systemd: fix CVE-2022-4415
        gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch
        package.bbclass: correct check for /build in copydebugsources()
        go: ignore CVE-2022-41716

  Petr Kubizňák (1):
        harfbuzz: remove bindir only if it exists

  Piotr Łobacz (1):
        systemd: fix wrong nobody-group assignment

  Polampalli, Archana (1):
        libpam: fix CVE-2022-28321

  Poonam (1):
        python3-setuptools-rust-native: Add direct dependency of native python3 modules

  Qiu, Zheng (3):
        tiff: Security fix for CVE-2022-3970
        vim: upgrade 9.0.0820 -> 9.0.0947
        valgrind: remove most hidden tests for arm64

  Quentin Schulz (4):
        cairo: update patch for CVE-2019-6461 with upstream solution
        docs: migration-4.0: specify variable name change for kernel inclusion in image recipe
        docs: kernel-dev: faq: update tip on how to not include kernel in image
        cairo: fix CVE patches assigned wrong CVE number

  Randy MacLeod (3):
        valgrind: skip the boost_thread test on arm
        vim: upgrade 9.0.0947 -> 9.0.1211
        vim: upgrade 9.0.1403 -> 9.0.1429

  Ranjitsinh Rathod (3):
        curl: Correct LICENSE from MIT-open-group to curl
        curl: Add patch to fix CVE-2022-43551
        curl: Add patch to fix CVE-2022-43552

  Ravula Adhitya Siddartha (2):
        linux-yocto/5.10: update genericx86* machines to v5.10.149
        linux-yocto/5.15: update genericx86* machines to v5.15.72

  Richard Purdie (35):
        bitbake: tests/fetch: Allow handling of a file:// url within a submodule
        build-appliance-image: Update to kirkstone head revision
        openssl: Fix SSL_CERT_FILE to match ca-certs location
        numactl: upgrade 2.0.14 -> 2.0.15
        bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse
        lttng-modules: upgrade 2.13.5 -> 2.13.7
        bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK
        gcc-shared-source: Fix source date epoch handling
        gcc-source: Fix gengtypes race
        gcc-source: Drop gengtype manipulation
        gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change
        sanity: Drop data finalize call
        oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file()
        build-appliance-image: Update to kirkstone head revision
        yocto-check-layer: Allow OE-Core to be tested
        oeqa/concurrencytest: Add number of failures to summary output
        build-appliance-image: Update to kirkstone head revision
        native: Drop special variable handling
        kernel/linux-kernel-base: Fix kernel build artefact determinism issues
        make-mod-scripts: Ensure kernel build output is deterministic
        libc-locale: Fix on target locale generation
        build-appliance-image: Update to kirkstone head revision
        libssh2: Clean up ptest patch/coverage
        bitbake: utils: Allow to_boolean to support int values
        bitbake: cookerdata: Remove incorrect SystemExit usage
        bitbake: cookerdata: Improve early exception handling
        bitbake: cookerdata: Drop dubious exception handling code
        binutils: Fix nativesdk ld.so search
        oeqa/selftest/prservice: Improve debug output for failure
        staging: Separate out different multiconfig manifests
        staging/multilib: Fix manifest corruption
        glibc: Add missing binutils dependency
        selftest/recipetool: Stop test corrupting tinfoil class
        base-files: Drop localhost.localdomain from hosts file
        pybootchartui: Fix python syntax issue

  Robert Andersson (1):
        go-crosssdk: avoid host contamination by GOCACHE

  Robert Yang (1):
        bitbake: fetch/git: Fix local clone url to make it work with repo

  Rodolfo Quesada Zumbado (1):
        tar: CVE-2022-48303

  Romuald Jeanne (1):
        image_types: fix multiubi var init

  Ross Burton (37):
        qemu: fix CVE-2022-2962
        lighttpd: fix CVE-2022-41556
        expat: backport the fix for CVE-2022-43680
        scripts/oe-check-sstate: cleanup
        scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot
        opkg-utils: use a git clone, not a dynamic snapshot
        oe/packagemanager/rpm: don't leak file objects
        glib-2.0: fix rare GFileInfo test case failure
        pixman: backport fix for CVE-2022-44638
        sanity: check for GNU tar specifically
        qemu: add io_uring PACKAGECONFIG
        expat: upgrade to 2.5.0
        linux-firmware: don't put the firmware into the sysroot
        tiff: fix a number of CVEs
        xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
        lib/buildstats: fix parsing of trees with reduced_proc_pressure directories
        combo-layer: remove unused import
        combo-layer: dont use bb.utils.rename
        combo-layer: add sync-revs command
        libepoxy: remove upstreamed patch
        cve-update-db-native: show IP on failure
        bitbake: bb/utils: include SSL certificate paths in export_proxies
        ppp: backport fix for CVE-2022-4603
        quilt: fix intermittent failure in faildiff.test
        spirv-headers: set correct branch name
        quilt: use upstreamed faildiff.test fix
        git: ignore CVE-2022-41953
        buildtools-tarball: set pkg-config search path
        sdkext/cases/devtool: pass a logger to HTTPService
        httpserver: add error handler that write to the logger
        lib/buildstats: handle tasks that never finished
        shadow: ignore CVE-2016-15024
        vim: add missing pkgconfig inherit
        vim: upgrade to 9.0.1403
        vim: set modified-by to the recipe MAINTAINER
        lib/resulttool: fix typo breaking resulttool log --ptest
        scripts/lib/buildstats: handle top-level build_stats not being complete

  Sakib Sajal (3):
        go: fix CVE-2022-2880
        git: upgrade 2.35.6 -> 2.35.7
        go: fix CVE-2022-2879 and CVE-2022-41720

  Sandeep Gundlupet Raju (2):
        kernel-fitimage: Adjust order of dtb/dtbo files
        kernel-fitimage: Allow user to select dtb when multiple dtb exists

  Saul Wold (3):
        at: Change when files are copied
        package.bbclase: Add check for /build in copydebugsources()
        busybox: Fix depmod patch

  Schmidt, Adriaan (1):
        bitbake: bitbake-diffsigs: break on first dependent task difference

  Sean Anderson (2):
        kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all
        uboot-sign: Fix using wrong KEY_REQ_ARGS

  Sergei Zhmylev (2):
        wic: honor the SOURCE_DATE_EPOCH in case of updated fstab
        wic: make ext2/3/4 images reproducible

  Shubham Kulkarni (3):
        glibc: Security fix for CVE-2023-0687
        go-runtime: Security fix for CVE-2022-41723
        go-runtime: Security fix for CVE-2022-41722

  Siddharth Doshi (5):
        openssl: Upgrade 3.0.7 -> 3.0.8
        epiphany: Security fix for CVE-2023-26081
        harfbuzz: Security fix for CVE-2023-25193
        openssl: Security fix for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
        curl: Security fix for CVE-2023-27535, CVE-2023-27536, CVE-2023-27538

  Simone Weiss (1):
        json-c: Add ptest for json-c

  Steve Sakoman (12):
        Revert "lttng-tools: Upgrade 2.13.4 -> 2.13.8"
        poky.conf: bump version for 4.0.5
        Revert "expat: backport the fix for CVE-2022-43680"
        poky.conf: bump version for 4.0.6
        Revert "libksba: fix CVE-2022-47629"
        poky.conf: bump version for 4.0.7
        poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
        system-requirements.rst: add Fedora 36 and AlmaLinux 8.7 to list of supported distros
        libgit2: uprade 1.4.3 -> 1.4.4
        libgit2: upgrade 1.4.4 -> 1.4.5
        poky.conf: bump version for 4.0.8
        poky.conf: bump version for 4.0.9

  Sundeep KOKKONDA (1):
        cargo : non vulnerable cve-2022-46176 added to excluded list

  Teoh Jay Shen (2):
        tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869
        vim: Upgrade 9.0.0598 -> 9.0.0614

  Thomas Perrot (2):
        psplash: add psplash-default in rdepends
        xserver-xorg: move some recommended dependencies in required

  Thomas Roos (1):
        devtool: fix devtool finish when gitmodules file is empty

  Tim Orling (5):
        python3: upgrade 3.10.4 -> 3.10.7
        git: upgrade 2.35.4 -> 2.35.5
        vim: upgrade 9.0.0614 -> 9.0.0820
        mirrors.bbclass: update CPAN_MIRROR
        cracklib: update github branch to 'main'

  Tom Hochstein (2):
        meson: Fix wrapper handling of implicit setup command
        oeqa/sdk: Improve Meson test

  Trevor Woerner (3):
        cups: use BUILDROOT instead of DESTDIR
        cups: check PACKAGECONFIG for pam feature
        cups: add/fix web interface packaging

  Ulrich Ölmann (4):
        recipe_sanity: fix old override syntax
        lsof: fix old override syntax
        update-alternatives: fix typos
        kernel-yocto: fix kernel-meta data detection

  Vincent Davis Jr (1):
        linux-firmware: package amdgpu firmware

  Virendra Thakur (1):
        qemu: Fix CVE-2021-3750 for qemu

  Vivek Kumbhar (5):
        python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method
        sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.
        openssl: fix CVE-2022-3996 double locking leads to denial of service
        gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code
        go: fix CVE-2023-24537 Infinite loop in parsing

  Vyacheslav Yurkov (3):
        files: overlayfs-etc: refactor preinit template
        classes: files: Extend overlayfs-etc class
        overlayfs: Allow not used mount points

  Wang Mingyu (19):
        bind: upgrade 9.18.7 -> 9.18.8
        socat: upgrade 1.7.4.3 -> 1.7.4.4
        libxcrypt: upgrade 4.4.28 -> 4.4.30
        xwayland: upgrade 22.1.4 -> 22.1.5
        mobile-broadband-provider-info: upgrade 20220725 -> 20221107
        babeltrace: upgrade 1.5.8 -> 1.5.11
        iso-codes: upgrade 4.11.0 -> 4.12.0
        bind: upgrade 9.18.8 -> 9.18.9
        mpfr: upgrade 4.1.0 -> 4.1.1
        libxcrypt-compat: upgrade 4.4.30 -> 4.4.33
        libpng: upgrade 1.6.38 -> 1.6.39
        gstreamer1.0: upgrade 1.20.4 -> 1.20.5
        bind: upgrade 9.18.9 -> 9.18.10
        libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
        xwayland: upgrade 22.1.7 -> 22.1.8
        iso-codes: upgrade 4.12.0 -> 4.13.0
        lua: Fix install conflict when enable multilib.
        vala: Fix install conflict when enable multilib.
        dhcpcd: Fix install conflict when enable multilib.

  Xiangyu Chen (18):
        qemu: Backport patches from upstream to support float128 on qemu-ppc64
        linux-yocto-dev: add qemuarm64
        ltp: backport clock_gettime04 fix from upstream
        dbus: fix CVE-2022-42010 Check brackets in signature nest correctly
        dbus: fix CVE-2022-42011 dbus-daemon can be crashed by messages with array length inconsistent with element type
        dbus: fix CVE-2022-42012 dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed
        lttng-tools: Upgrade 2.13.4 -> 2.13.8
        sudo: upgrade 1.9.10 -> sudo 1.9.12p1
        bash: backport patch to fix CVE-2022-3715
        grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
        dbus: upgrade 1.14.0 -> 1.14.4
        sysstat: fix CVE-2022-39377
        grub: backport patches to fix CVE-2022-28736
        openssh: remove RRECOMMENDS to rng-tools for sshd package
        numactl: skip test case when target platform doesn't have 2 CPU node
        dhcpcd: fix dhcpcd start failure on qemuppc64
        sudo: update 1.9.12p2 -> 1.9.13p3
        shadow: backport patch to fix CVE-2023-29383

  Yash Shinde (5):
        binutils: stable 2.38 branch updates
        glibc: stable 2.35 branch updates.
        glibc: stable 2.35 branch updates.
        binutils : Fix CVE-2023-22608
        binutils : Fix CVE-2023-1579

  Yash.Shinde@windriver.com (1):
        binutils : Fix CVE-2022-4285

  Yogita Urade (1):
        libksba: fix CVE-2022-47629

  Zheng Qiu (1):
        tiff: fix CVE-2022-2953

  ciarancourtney (1):
        wic: swap partitions are not added to fstab

  pawan (2):
        Revert "qemu: fix CVE-2021-3507"
        curl: Add fix for CVE-2023-23916

  pgowda (1):
        binutils : Fix CVE-2022-38128

  wangmy (9):
        ifupdown: upgrade 0.8.37 -> 0.8.39
        libcap: upgrade 2.65 -> 2.66
        libical: upgrade 3.0.14 -> 3.0.15
        numactl: upgrade 2.0.15 -> 2.0.16
        wpebackend-fdo: upgrade 1.12.1 -> 1.14.0
        libksba: upgrade 1.6.0 -> 1.6.2
        lttng-ust: upgrade 2.13.3 -> 2.13.4
        lttng-ust: upgrade 2.13.4 -> 2.13.5
        lighttpd: upgrade 1.4.66 -> 1.4.67

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I80cf3cd933dea72160ce87efb2a42fe4d0e5d7d5
721 files changed
tree: 58306112a24fe4a57c66e3d7a324460bbd52c28f
  1. .github/
  2. meta-amd/
  3. meta-ampere/
  4. meta-aspeed/
  5. meta-asrock/
  6. meta-bytedance/
  7. meta-evb/
  8. meta-facebook/
  9. meta-fii/
  10. meta-google/
  11. meta-hpe/
  12. meta-ibm/
  13. meta-ingrasys/
  14. meta-inspur/
  15. meta-intel-openbmc/
  16. meta-inventec/
  17. meta-nuvoton/
  18. meta-openembedded/
  19. meta-openpower/
  20. meta-phosphor/
  21. meta-quanta/
  22. meta-raspberrypi/
  23. meta-security/
  24. meta-supermicro/
  25. meta-tyan/
  26. meta-wistron/
  27. meta-yadro/
  28. poky/
  29. bitbakepoky/bitbake/
  30. LICENSEpoky/LICENSE
  31. metapoky/meta
  32. meta-pokypoky/meta-poky/
  33. meta-skeletonpoky/meta-skeleton
  34. oe-init-build-envpoky/oe-init-build-env
  35. scriptspoky/scripts/
  36. .eslintrc.json
  37. .gitignore
  38. .gitreview
  39. .templateconf
  40. openbmc-env
  41. OWNERS
  42. README.md
  43. setup
README.md

OpenBMC

Build Status

OpenBMC is a Linux distribution for management controllers used in devices such as servers, top of rack switches or RAID appliances. It uses Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your platform.

Setting up your OpenBMC project

1) Prerequisite

  • Ubuntu 14.04
sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat \
    zstd pigz
  • Fedora 28
sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake \
    rpcgen perl-Thread-Queue perl-bignum perl-Crypt-OpenSSL-Bignum perl-FindBin
sudo dnf groupinstall "C Development Tools and Libraries"

2) Download the source

git clone git@github.com:openbmc/openbmc.git
cd openbmc

3) Target your hardware

Any build requires an environment set up according to your hardware target. There is a special script in the root of this repository that can be used to configure the environment as needed. The script is called setup and takes the name of your hardware target as an argument.

The script needs to be sourced while in the top directory of the OpenBMC repository clone, and, if run without arguments, will display the list of supported hardware targets, see the following example:

$ . setup <machine> [build_dir]
Target machine must be specified. Use one of:

bletchley               gsj                     romulus
dl360poc                kudo                    s2600wf
e3c246d4i               mihawk                  swift
ethanolx                mtjade                  tiogapass
evb-ast2500             nicole                  transformers
evb-ast2600             olympus-nuvoton         witherspoon
evb-npcm750             on5263m5                witherspoon-tacoma
f0b                     p10bmc                  x11spi
fp5280g2                palmetto                yosemitev2
g220a                   qemuarm                 zaius
gbs                     quanta-q71l

Once you know the target (e.g. romulus), source the setup script as follows:

. setup romulus

4) Build

bitbake obmc-phosphor-image

Additional details can be found in the docs repository.

OpenBMC Development

The OpenBMC community maintains a set of tutorials new users can go through to get up to speed on OpenBMC development out here

Build Validation and Testing

Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.

Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.

Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.

Submitting Patches

Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.

Bug Reporting

Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.

Questions

First, please do a search on the internet. There's a good chance your question has already been asked.

For general questions, please use the openbmc tag on Stack Overflow. Please review the discussion on Stack Overflow licensing before posting any code.

For technical discussions, please see contact info below for Discord and mailing list information. Please don't file an issue to ask a question. You'll get faster results by using the mailing list or Discord.

Features of OpenBMC

Feature List

  • Host management: Power, Cooling, LEDs, Inventory, Events, Watchdog
  • Full IPMI 2.0 Compliance with DCMI
  • Code Update Support for multiple BMC/BIOS images
  • Web-based user interface
  • REST interfaces
  • D-Bus based interfaces
  • SSH based SOL
  • Remote KVM
  • Hardware Simulation
  • Automated Testing
  • User management
  • Virtual media

Features In Progress

  • OpenCompute Redfish Compliance
  • Verified Boot

Features Requested but need help

  • OpenBMC performance monitoring

Finding out more

Dive deeper into OpenBMC by opening the docs repository.

Technical Steering Committee

The Technical Steering Committee (TSC) guides the project. Members are:

  • Roxanne Clarke, IBM
  • Nancy Yuen, Google
  • Sai Dasari, Facebook
  • Terry Duncan, Intel
  • Sagar Dharia, Microsoft
  • Samer El-Haj-Mahmoud, Arm

Contact