commit | 821a859c1d68e8cfeea8c50e86f15daa87e71d59 | [log] [tgz] |
---|---|---|
author | Patrick Williams <patrick@stwcx.xyz> | Tue May 02 15:26:54 2023 -0500 |
committer | Patrick Williams <patrick@stwcx.xyz> | Wed May 03 16:04:39 2023 -0500 |
tree | 58306112a24fe4a57c66e3d7a324460bbd52c28f | |
parent | ce7bef12b17859cef0615675e4ad5f6f4f611384 [diff] |
subtree updates meta-openembedded: 744a4b6eda..df452d9d98: Alexander Stein (1): dool: Add patch to fix rebuild Alexander Thoma (1): Fix tigervnc crash due to missing xkbcomp rdepends Andrej Valek (2): grpc: upgrade 1.45.2 -> 1.46.6 grpc: upgrade 1.46.6 -> 1.46.7 Archana Polampalli (2): Nodejs - Upgrade to 16.18.1 Nodejs: Fixed python3 DeprecationWarning BINDU (1): flatbuffers: adapt for cross-compilation environments Carsten Bäcker (1): spdlog: Fix CMake flag Changqing Li (12): zabbix: fix CVE-2022-43515,CVE-2022-46768 redis: 6.2.7 -> 6.2.8 redis: upgrade 7.0.4 to 7.0.5 redis: 7.0.5 -> 7.0.7 liblockfile: fix do_install failure when ldconfig is not installed postgresql: fix CVE-2022-41862 redis: upgrade 7.0.7 -> 7.0.9 redis: upgrade 6.2.8 -> 6.2.11 zabbix: fix CVE-2023-29451 redis: upgrade 6.2.11 -> 6.2.12 redis: upgrade 7.0.9 -> 7.0.10 redis: upgrade 7.0.10 -> 7.0.11 Chase Qi (1): kernel-selftest: install kselftest runner Chee Yang Lee (2): zsh: Fix CVE-2021-45444 cifs-utils: fix CVE-2022-27239 CVE-2022-29869 Dmitry Baryshkov (1): nss: fix cross-compilation error Dragos-Marian Panait (1): phpmyadmin: fix CVE-2023-25727 Gary Huband (1): chrony: add pkgconfig class as pkg-config is explicitly searched for Geoff Parker (1): python3-pillow: add tk to RDEPENDS ptest pkg only if x11 in DISTRO_FEATURES He Zhe (2): protobuf: upgrade 3.19.4 -> 3.19.6 python3-protobuf: upgrade 3.20.0 -> 3.20.3 Hermes Zhang (1): kernel_add_regdb: Change the task order Hitendra Prajapati (5): dhcp: Fix CVE-2022-2928 & CVE-2022-2929 strongswan: CVE-2022-40617 A possible DoS in Using Untrusted URIs for Revocation Checking nginx: CVE-2022-41741, CVE-2022-41742 Memory corruption in the ngx_http_mp4_module net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing Howard Cochran (1): ufw: Fix "could not find required binary 'iptables'" Joe Slater (1): phoronix-test-suite: Fix CVE-2022-40704 Khem Raj (6): mpd: Update to 0.23.8 mpd: Upgrade to 0.23.9 ncmpc: Upgrade to 0.47 mpd: Upgrade to 0.23.12 release monkey: Fix build with musl postfix: Fix build on systems with linux 6.x Manoj Saun (1): postgresql: fix ptest failure of sysviews test Marta Rybczynska (1): jansson: whitelist CVE-2020-36325 Martin Jansa (12): re2: fix branch name from master to main exiv2: fix SRC_URI mdns: use git fetcher monkey: use git fetcher jack: fix compatibility with python-3.11 restinio: fix S variable in multilib builds mongodb: fix chown user for multilib builds pahole: respect libdir lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib lirc: fix do_install with multilib dleyna-{server,renderer}: fix dev-so QA issue with multilib zsh: fix installed-vs-shipped with multilib Mingli Yu (6): php: Upgrade to 8.1.12 mariadb: not use qemu to run cross-compiled binaries mariadb: Upgrade to 10.7.7 php: Upgrade to 8.1.16 mariadb: Upgrade to 10.7.8 mariadb: Fix CVE-2022-47015 Narpat Mali (2): python3-oauthlib: upgrade 3.2.0 -> 3.2.2 Fix collections.abc deprecation warning in downloadutils Warning appears as: Neetika Singh (1): libcroco: Add fix for CVE-2020-12825 Nikhil R (1): duktape: Add ptest Niko Mauno (2): nftables: Fix missing leading whitespace with ':append' Fix missing leading whitespace with ':append' Peter Kjellerstedt (2): chrony: Remove the readline PACKAGECONFIG chrony: Remove the libcap and nss PACKAGECONFIGs Peter Marko (3): ntp: whitelist CVE-2019-11331 c-ares: fix CVE-2022-4904 dnsmasq: fix CVE-2023-28450 Philippe Coval (1): pim435: Relocate sources to eclipse Polampalli, Archana (2): xfce4-settings: 4.16.2 -> 4.16.5 nodejs: Upgrade 16.19.0 -> 16.19.1 Preeti Sachan (1): fluidsynth: update SRC_URI to remove non-existing 2.2.x branch Randy MacLeod (2): python3-pillow: add ptest support python3-pillow: Add distutils, unixadmin for ptest S. Lockwood-Childs (1): multipath-tools: fix QA "dev-so" regression Siddharth Doshi (1): xterm : Fix CVE-2022-45063 code execution via OSC 50 input sequences] CVE-2022-45063 Tim Orling (1): nodejs: upgrade 16.18.1 -> 16.19.0 Tom Hochstein (1): nlohmann-json: Allow empty main package for SDK Urade, Yogita (3): multipath-tools: fix CVE-2022-41974 poppler: fix CVE-2021-30860 dlt-daemon: fix CVE-2023-26257 Wang Mingyu (5): python3-pillow: upgrade 9.2.0 -> 9.3.0 python3-pillow: upgrade 9.3.0 -> 9.4.0 apache2: upgrade 2.4.54 -> 2.4.55 apache2: upgrade 2.4.55 -> 2.4.56 openwsman: Change download branch from master to main. Xu Huan (1): python3-pillow: upgrade 9.0.1 -> 9.1.1 Yi Zhao (5): postfix: upgrade 3.6.5 -> 3.6.7 freeradius: Security fixes for CVE-2022-41860 CVE-2022-41861 frr: Security fix for CVE-2022-42917 apache2: use /run instead of /var/run for systemd volatile config mbedtls: upgrade 2.28.0 -> 2.28.2 Yogita Urade (2): multipath-tools:fix CVE-2022-41973 syslog-ng: fix CVE-2022-38725 Zheng Qiu (1): redis: build with USE_SYSTEMD=yes when systemd is enabled wangmy (1): libcrypt-openssl-rsa-perl: upgrade 0.32 -> 0.33 zhengruoqin (1): python3-pillow: upgrade 9.1.1 -> 9.2.0 meta-raspberrypi: dacad9302a..2a06e4e84b: Zachary T Welch (1): machines: simplify MACHINEOVERRIDES definitions meta-security: c79262a30b..cc20e2af2a: Armin Kuster (2): oeqa/tpm2: fix and cleanup tests oeqa: meta-tpm shut swtpm down before and after testing poky: eaf8ce9d39..4cc0e9438b: Adrian Freihofer (1): own-mirrors: add crate Alejandro Hernandez Samaniego (2): baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES testimage: Fix error message to reflect new syntax Alex Kiernan (3): u-boot: Remove duplicate inherit of cml1 cargo_common.bbclass: Fix typos classes: image: Set empty weak default IMAGE_LINGUAS Alex Stewart (1): lsof: add update-alternatives logic Alexander Kanavin (49): local.conf.sample: correct the location of public hashserv lttng-modules: upgrade 2.13.4 -> 2.13.5 quilt: backport a patch to address grep 3.8 failures lttng-tools: submit determinism.patch upstream groff: submit patches upstream tcl: correct patch status kea: submit patch upstream ovmf: correct patches status libffi: submit patch upstream linux-firmware: upgrade 20220913 -> 20221012 xwayland: upgrade 22.1.3 -> 22.1.4 libffi: upgrade 3.4.2 -> 3.4.4 libical: upgrade 3.0.15 -> 3.0.16 mtd-utils: upgrade 2.1.4 -> 2.1.5 gdk-pixbuf: upgrade 2.42.9 -> 2.42.10 gstreamer1.0: upgrade 1.20.3 -> 1.20.4 libepoxy: convert to git libepoxy: update 1.5.9 -> 1.5.10 vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that gnomebase.bbclass: return the whole version for tarball directory if it is a number libnewt: update 0.52.21 -> 0.52.23 ruby: merge .inc into .bb ruby: update 3.1.2 -> 3.1.3 tzdata: update 2022d -> 2022g devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree libarchive: upgrade 3.6.1 -> 3.6.2 devtool: process local files only for the main branch libksba: update 1.6.2 -> 1.6.3 linux-firmware: upgrade 20221109 -> 20221214 xwayland: upgrade 22.1.5 -> 22.1.7 xserver-xorg: upgrade 21.1.4 -> 21.1.6 selftest/virgl: use pkg-config from the host vulkan-samples: branch rename master -> main gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal diffutils: update 3.8 -> 3.9 lttng-tools: update 2.13.8 -> 2.13.9 apr: update 1.7.0 -> 1.7.2 apr-util: update 1.6.1 -> 1.6.3 bind: upgrade 9.18.10 -> 9.18.11 libjpeg-turbo: upgrade 2.1.4 -> 2.1.5 linux-firmware: upgrade 20221214 -> 20230117 sudo: upgrade 1.9.12p1 -> 1.9.12p2 vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs dbus: upgrade 1.14.4 -> 1.14.6 linux-firmware: upgrade 20230117 -> 20230210 wireless-regdb: upgrade 2022.08.12 -> 2023.02.13 devtool/upgrade: do not delete the workspace/recipes directory patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak Alexandre Belloni (1): oeqa/selftest/bbtests: Update message lookup for test_git_unpack_nonetwork_fail Alexey Smirnov (1): classes: make TOOLCHAIN more permissive for kernel Alexis Lothoré (1): oeqa/selftest/resulttooltests: fix minor typo Antonin Godard (2): busybox: always start do_compile with orig config files busybox: rm temporary files if do_compile was interrupted Armin Kuster (1): lttng-modules: Fix for 5.10.163 kernel version Arnout Vandecappelle (1): python3-pytest: depend on python3-tomli instead of python3-toml Bartosz Golaszewski (1): bluez5: add dbus to RDEPENDS Benoît Mauduit (1): lib/oe/reproducible: Use git log without gpg signature Bernhard Rosenkränzer (1): cmake-native: Fix host tool contamination (Bug: 14951) Bhabu Bindu (5): qemu: Fix CVE-2021-3611 curl: Fix CVE-2022-32221 curl: Fix CVE-2022-42916 curl: Fix CVE-2022-42915 qemu: Fix CVE-2022-4144 Bruce Ashfield (34): linux-yocto/5.10: update to v5.10.147 linux-yocto/5.10: update to v5.10.149 linux-yocto/5.15: update to v5.15.72 kern-tools: fix relative path processing linux-yocto/5.15: update to v5.15.74 linux-yocto/5.15: update to v5.15.76 linux-yocto/5.15: update to v5.15.78 linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings kern-tools: integrate ZFS speedup patch linux-yocto/5.10: update to v5.10.152 linux-yocto/5.10: update to v5.10.154 linux-yocto/5.10: update to v5.10.160 linux-yocto/5.15: ltp and squashfs fixes linux-yocto/5.15: fix perf build with clang linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off linux-yocto/5.15: update to v5.15.84 linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy linux-yocto/5.15: update to v5.15.87 linux-yocto/5.15: update to v5.15.89 linux-yocto/5.15: update to v5.15.91 lttng-modules: fix for kernel 6.2+ linux-yocto/5.15: update to v5.15.94 linux-yocto/5.15: update to v5.15.96 linux-yocto-rt/5.15: update to -rt59 linux-yocto/5.10: update to v5.10.162 linux-yocto/5.10: update to v5.10.164 linux-yocto/5.10: update to v5.10.166 linux-yocto/5.10: update to v5.10.168 linux-yocto/5.10: update to v5.10.170 linux-yocto/5.10: update to v5.10.172 linux-yocto/5.10: update to v5.10.175 lttng-modules: update to v2.13.9 linux-yocto/5.15: update to v5.15.98 linux-yocto/5.15: update to v5.15.103 Carlos Alberto Lopez Perez (1): xwayland: libxshmfence is needed when dri3 is enabled Changqing Li (3): base.bbclass: Fix way to check ccache path apt: fix do_package_qa failure libsdl2: fix CVE-2022-4743 Chee Yang Lee (4): dropbear: fix CVE-2021-36369 git: upgrade to 2.35.6 tiff: fix multiple CVEs git: ignore CVE-2023-22743 Chen Qi (10): image_types_wic.bbclass: fix cross binutils dependency openssl: export necessary env vars in SDK kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild resolvconf: make it work dhcpcd: fix to work with systemd psplash: consider the situation of psplash not exist for systemd bc: extend to nativesdk rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work dhcpcd: backport two patches to fix runtime error libseccomp: fix typo in DESCRIPTION Christian Eggers (1): linux-firmware: split rtl8761 firmware Claus Stovgaard (1): gstreamer1.0-libav: fix errors with ffmpeg 5.x Daniel Gomez (1): gtk-icon-cache: Fix GTKIC_CMD if-else condition Diego Sueiro (1): kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR Dmitry Baryshkov (4): linux-firmware: upgrade 20221012 -> 20221109 linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 linux-firmware: properly set license for all Qualcomm firmware linux-firmware: add yamato fw files to qcom-adreno-a2xx package Ed Tanous (1): openssl: Upgrade 3.0.5 -> 3.0.7 Enrico Jörns (1): sstatesig: emit more helpful error message when not finding sstate manifest Etienne Cordonnier (2): mirrors.bbclass: use shallow tarball for binutils-native bitbake: siggen: Fix inefficient string concatenation Federico Pellegrin (1): curl: fix dependencies when building with ldap/ldaps Florin Diaconescu (1): python3: upgrade 3.10.8 -> 3.10.9 Frank de Brabander (2): cve-update-db-native: add timeout to urlopen() calls bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system Geoffrey GIRY (1): cve-check: Fix false negative version issue Harald Seiler (2): opkg: Set correct info_dir and status_file in opkg.conf bootchart2: Fix usrmerge support He Zhe (3): lttng-tools: Upgrade 2.13.4 -> 2.13.8 lttng-modules: Fix crash on powerpc64 lttng-modules: update 2.13.7 -> 2.13.8 Hitendra Prajapati (14): openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption QEMU: CVE-2022-3165 VNC: integer underflow in vnc_client_cut_text_ext leads to CPU exhaustion systemd: CVE-2022-3821 Fix buffer overrun libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c golang: CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps libxml2: Fix CVE-2022-40303 && CVE-2022-40304 libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long backtrace go: fix CVE-2022-41717 Excessive memory use in got server less: backport the fix for CVE-2022-46663 curl: CVE-2023-27533 TELNET option IAC injection curl: CVE-2023-27534 SFTP path resolving discrepancy ruby: CVE-2023-28756 ReDoS vulnerability in Time screen: CVE-2023-24626 allows sending SIGHUP to arbitrary PIDs Hongxu Jia (1): pkgconf: fix CVE-2023-24056 Jagadeesh Krishnanjanappa (1): qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image Jan Kircher (1): toolchain-scripts: compatibility with unbound variable protection Jan-Simon Moeller (1): buildtools-tarball: export certificates to python and curl Jeremy Puhlman (1): qemu-native: Add PACKAGECONFIG option for jack Jermain Horsman (1): cve-check: write the cve manifest to IMGDEPLOYDIR Joe Slater (4): python3: advance to version 3.10.8 nghttp2: never build python bindings python3: fix CVE-2023-24329 go: fix CVE-2022-41724, 41725 John Edward Broadbent (1): externalsrc: git submodule--helper list unsupported Jose Quaresma (7): kernel-yocto: improve fatal error messages of symbol_why.py archiver: avoid using machine variable as it breaks multiconfig sstatesig: skip the rm_work task signature rm_work: exclude the SSTATETASKS from the rm_work tasks sinature sstate: Allow optimisation of do_deploy_archives task dependencies Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test" gstreamer1.0: Fix race conditions in gstbin tests Joshua Watt (6): runqemu: Do not perturb script environment runqemu: Fix gl-es argument from causing other arguments to be ignored qemu-helper-native: Re-write bridge helper as C program qemu-helper-native: Correctly pass program name as argv[0] scripts: convert-overrides: Allow command-line customizations classes/create-spdx: Add SPDX_PRETTY option KARN JYE LAU (1): freetype:update mirror site. Kai Kang (5): libuv: fixup SRC_URI webkitgtk: 2.36.7 -> 2.36.8 qemu: fix compile error xserver-xorg: 21.1.6 -> 21.1.7 python3-git: fix indent error Keiya Nobuta (2): gnutls: Unified package names to lower-case create-spdx: Remove ";name=..." for downloadLocation Kenfe-Mickael Laventure (3): buildtools-tarball: Handle spaces within user $PATH toolchain-scripts: Handle spaces within user $PATH populate_sdk_ext: Handle spaces within user $PATH Khem Raj (10): perf: Depend on native setuptools3 tiff: Add packageconfig knob for webp libtirpc: Check if file exists before operating on it libusb1: Link with latomic only if compiler has no atomic builtins libusb1: Strip trailing whitespaces scons: Pass MAXLINELENGTH to scons invocation scons.bbclass: Make MAXLINELENGTH overridable systemd.bbclass: Add /usr/lib/systemd to searchpaths as well rsync: Add missing prototypes to function declarations rsync: Turn on -pedantic-errors at the end of 'configure' Konrad Weihmann (1): create-spdx: default share_src for shared sources Lee Chee Yang (2): migration-guides: add release-notes for 4.0.7 migration-guides: add release-notes for 4.0.9 Leon Anavi (1): get_module_deps3.py: Check attribute '__file__' Liam Beguin (1): meson: make wrapper options sub-command specific Louis Rannou (1): oeqa/selftest/locales: Add selftest for locale generation/presence Luis (1): rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively Marek Vasut (3): bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata bitbake: fetch2/git: Clarify the meaning of namespace Marius Kriegerowski (1): bitbake: bitbake-diffsigs: Make PEP8 compliant Mark Hatle (3): insane.bbclass: Allow hashlib version that only accepts on parameter bitbake: utils/ply: Update md5 to better report errors with hashlib openssl: Move microblaze to linux-latomic config Marta Rybczynska (2): efibootmgr: update compilation with musl cve-update-db-native: avoid incomplete updates Martin Jansa (15): vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack externalsrc.bbclass: fix git repo detection libsndfile1: Backport fix for CVE-2021-4156 tiff: refresh with devtool tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch libxml2: fix test data checksums systemd: backport another change from v252 to fix build with CVE-2022-45873.patch ffmpeg: refresh patches to apply cleanly meta: remove True option to getVar and getVarFlag calls (again) bitbake: fetch2/git: show SRCREV and git repo in error message about fixed SRCREV timezone: use 'tz' subdir instead of ${WORKDIR} directly tzdata: use separate B instead of WORKDIR for zic output tzcode-native: fix build with gcc-13 on host selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR bmap-tools: switch to main branch Mateusz Marciniec (1): sstatesig: Improve output hash calculation Mathieu Dubois-Briand (1): dbus: Add missing CVE product name Mauro Queiros (1): image.bbclass: print all QA functions exceptions Michael Halstead (4): uninative: Upgrade to 3.7 to work with glibc 2.36 selftest/runtime_test/virgl: Disable for all Rocky Linux uninative: Upgrade to 3.8.1 to include libgcc uninative: Upgrade to 3.9 to include glibc 2.37 Michael Opdenacker (11): create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED SPDX and CVE documentation updates manuals: add 4.0.5 and 4.0.6 release notes manuals: document SPDX_PRETTY variable dev-manual: fix old override syntax ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT profile-manual: update WireShark hyperlinks bsp-guide: fix broken git URLs and missing word manuals: update patchwork instance URL dev-manual: common-tasks.rst: add link to FOSDEM 2023 video migration-guides: add 4.0.8 release notes Mikko Rapeli (11): common-tasks.rst: fix oeqa runtime test path oeqa context.py: fix --target-ip comment to include ssh port number oeqa ssh.py: move output prints to new line oeqa ssh.py: add connection keep alive options to ssh client oeqa dump.py: add error counter and stop after 5 failures oeqa qemurunner: read more data at a time from serial oeqa qemurunner.py: add timeout to QMP calls oeqa qemurunner.py: try to avoid reading one character at a time oeqa ssh.py: fix hangs in run() runqemu: kill qemu if it hangs oeqa rtc.py: skip if read-only-rootfs Ming Liu (1): linux: inherit pkgconfig in kernel.bbclass Mingli Yu (4): glslang: branch rename master -> main mdadm: Fix testcase 06wrmostly mdadm: fix tests/02lineargrow mdadm: Fix raid0 tests Narpat Mali (12): wayland: fix CVE-2021-3782 python3-mako: backport fix for CVE-2022-40023 ffmpeg: fix for CVE-2022-3964 ffmpeg: fix for CVE-2022-3965 ffmpeg: fix for CVE-2022-3109 python3-setuptools: fix for CVE-2022-40897 python3-wheel: fix for CVE-2022-40898 python3-git: fix for CVE-2022-24439 ffmpeg: fix for CVE-2022-3341 python3-certifi: fix for CVE-2022-23491 libseccomp: fix for the ptest result format libmicrohttpd: upgrade 0.9.75 -> 0.9.76 Nathan Rossi (4): oeqa/selftest/lic_checksum: Cleanup changes to emptytest include oeqa/selftest/minidebuginfo: Create selftest for minidebuginfo glibc-locale: Do not INHIBIT_DEFAULT_DEPS package: Fix handling of minidebuginfo with newer binutils Niko Mauno (2): systemd: Consider PACKAGECONFIG in RRECOMMENDS Fix missing leading whitespace with ':append' Ovidiu Panait (1): kernel.bbclass: remove empty module directories to prevent QA issues Pavel Zhukov (4): bitbake: gitsm: Fix regression in gitsm submodule path parsing oeqa/rpm.py: Increase timeout and add debug output gcc: Refactor linker patches and fix linker on arm with usrmerge wic: Fix usage of fstype=none in wic Pawan Badganchi (2): curl: Add fix for CVE-2023-23914, CVE-2023-23915 tiff: Add fix for CVE-2022-4645 Pawel Zalewski (1): classes/fs-uuid: Fix command output decoding issue Peter Kjellerstedt (2): externalsrc.bbclass: Remove a trailing slash from ${B} devshell: Do not add scripts/git-intercept to PATH Peter Marko (9): systemd: add group render to udev package meta-selftest/staticids: add render group for systemd externalsrc: fix lookup for .gitmodules oeqa/selftest/externalsrc: add test for srctree_hash_files systemd: add group sgx to udev package systemd: fix CVE-2022-4415 gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch package.bbclass: correct check for /build in copydebugsources() go: ignore CVE-2022-41716 Petr Kubizňák (1): harfbuzz: remove bindir only if it exists Piotr Łobacz (1): systemd: fix wrong nobody-group assignment Polampalli, Archana (1): libpam: fix CVE-2022-28321 Poonam (1): python3-setuptools-rust-native: Add direct dependency of native python3 modules Qiu, Zheng (3): tiff: Security fix for CVE-2022-3970 vim: upgrade 9.0.0820 -> 9.0.0947 valgrind: remove most hidden tests for arm64 Quentin Schulz (4): cairo: update patch for CVE-2019-6461 with upstream solution docs: migration-4.0: specify variable name change for kernel inclusion in image recipe docs: kernel-dev: faq: update tip on how to not include kernel in image cairo: fix CVE patches assigned wrong CVE number Randy MacLeod (3): valgrind: skip the boost_thread test on arm vim: upgrade 9.0.0947 -> 9.0.1211 vim: upgrade 9.0.1403 -> 9.0.1429 Ranjitsinh Rathod (3): curl: Correct LICENSE from MIT-open-group to curl curl: Add patch to fix CVE-2022-43551 curl: Add patch to fix CVE-2022-43552 Ravula Adhitya Siddartha (2): linux-yocto/5.10: update genericx86* machines to v5.10.149 linux-yocto/5.15: update genericx86* machines to v5.15.72 Richard Purdie (35): bitbake: tests/fetch: Allow handling of a file:// url within a submodule build-appliance-image: Update to kirkstone head revision openssl: Fix SSL_CERT_FILE to match ca-certs location numactl: upgrade 2.0.14 -> 2.0.15 bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse lttng-modules: upgrade 2.13.5 -> 2.13.7 bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK gcc-shared-source: Fix source date epoch handling gcc-source: Fix gengtypes race gcc-source: Drop gengtype manipulation gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change sanity: Drop data finalize call oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file() build-appliance-image: Update to kirkstone head revision yocto-check-layer: Allow OE-Core to be tested oeqa/concurrencytest: Add number of failures to summary output build-appliance-image: Update to kirkstone head revision native: Drop special variable handling kernel/linux-kernel-base: Fix kernel build artefact determinism issues make-mod-scripts: Ensure kernel build output is deterministic libc-locale: Fix on target locale generation build-appliance-image: Update to kirkstone head revision libssh2: Clean up ptest patch/coverage bitbake: utils: Allow to_boolean to support int values bitbake: cookerdata: Remove incorrect SystemExit usage bitbake: cookerdata: Improve early exception handling bitbake: cookerdata: Drop dubious exception handling code binutils: Fix nativesdk ld.so search oeqa/selftest/prservice: Improve debug output for failure staging: Separate out different multiconfig manifests staging/multilib: Fix manifest corruption glibc: Add missing binutils dependency selftest/recipetool: Stop test corrupting tinfoil class base-files: Drop localhost.localdomain from hosts file pybootchartui: Fix python syntax issue Robert Andersson (1): go-crosssdk: avoid host contamination by GOCACHE Robert Yang (1): bitbake: fetch/git: Fix local clone url to make it work with repo Rodolfo Quesada Zumbado (1): tar: CVE-2022-48303 Romuald Jeanne (1): image_types: fix multiubi var init Ross Burton (37): qemu: fix CVE-2022-2962 lighttpd: fix CVE-2022-41556 expat: backport the fix for CVE-2022-43680 scripts/oe-check-sstate: cleanup scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot opkg-utils: use a git clone, not a dynamic snapshot oe/packagemanager/rpm: don't leak file objects glib-2.0: fix rare GFileInfo test case failure pixman: backport fix for CVE-2022-44638 sanity: check for GNU tar specifically qemu: add io_uring PACKAGECONFIG expat: upgrade to 2.5.0 linux-firmware: don't put the firmware into the sysroot tiff: fix a number of CVEs xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551 lib/buildstats: fix parsing of trees with reduced_proc_pressure directories combo-layer: remove unused import combo-layer: dont use bb.utils.rename combo-layer: add sync-revs command libepoxy: remove upstreamed patch cve-update-db-native: show IP on failure bitbake: bb/utils: include SSL certificate paths in export_proxies ppp: backport fix for CVE-2022-4603 quilt: fix intermittent failure in faildiff.test spirv-headers: set correct branch name quilt: use upstreamed faildiff.test fix git: ignore CVE-2022-41953 buildtools-tarball: set pkg-config search path sdkext/cases/devtool: pass a logger to HTTPService httpserver: add error handler that write to the logger lib/buildstats: handle tasks that never finished shadow: ignore CVE-2016-15024 vim: add missing pkgconfig inherit vim: upgrade to 9.0.1403 vim: set modified-by to the recipe MAINTAINER lib/resulttool: fix typo breaking resulttool log --ptest scripts/lib/buildstats: handle top-level build_stats not being complete Sakib Sajal (3): go: fix CVE-2022-2880 git: upgrade 2.35.6 -> 2.35.7 go: fix CVE-2022-2879 and CVE-2022-41720 Sandeep Gundlupet Raju (2): kernel-fitimage: Adjust order of dtb/dtbo files kernel-fitimage: Allow user to select dtb when multiple dtb exists Saul Wold (3): at: Change when files are copied package.bbclase: Add check for /build in copydebugsources() busybox: Fix depmod patch Schmidt, Adriaan (1): bitbake: bitbake-diffsigs: break on first dependent task difference Sean Anderson (2): kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all uboot-sign: Fix using wrong KEY_REQ_ARGS Sergei Zhmylev (2): wic: honor the SOURCE_DATE_EPOCH in case of updated fstab wic: make ext2/3/4 images reproducible Shubham Kulkarni (3): glibc: Security fix for CVE-2023-0687 go-runtime: Security fix for CVE-2022-41723 go-runtime: Security fix for CVE-2022-41722 Siddharth Doshi (5): openssl: Upgrade 3.0.7 -> 3.0.8 epiphany: Security fix for CVE-2023-26081 harfbuzz: Security fix for CVE-2023-25193 openssl: Security fix for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466 curl: Security fix for CVE-2023-27535, CVE-2023-27536, CVE-2023-27538 Simone Weiss (1): json-c: Add ptest for json-c Steve Sakoman (12): Revert "lttng-tools: Upgrade 2.13.4 -> 2.13.8" poky.conf: bump version for 4.0.5 Revert "expat: backport the fix for CVE-2022-43680" poky.conf: bump version for 4.0.6 Revert "libksba: fix CVE-2022-47629" poky.conf: bump version for 4.0.7 poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder system-requirements.rst: add Fedora 36 and AlmaLinux 8.7 to list of supported distros libgit2: uprade 1.4.3 -> 1.4.4 libgit2: upgrade 1.4.4 -> 1.4.5 poky.conf: bump version for 4.0.8 poky.conf: bump version for 4.0.9 Sundeep KOKKONDA (1): cargo : non vulnerable cve-2022-46176 added to excluded list Teoh Jay Shen (2): tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869 vim: Upgrade 9.0.0598 -> 9.0.0614 Thomas Perrot (2): psplash: add psplash-default in rdepends xserver-xorg: move some recommended dependencies in required Thomas Roos (1): devtool: fix devtool finish when gitmodules file is empty Tim Orling (5): python3: upgrade 3.10.4 -> 3.10.7 git: upgrade 2.35.4 -> 2.35.5 vim: upgrade 9.0.0614 -> 9.0.0820 mirrors.bbclass: update CPAN_MIRROR cracklib: update github branch to 'main' Tom Hochstein (2): meson: Fix wrapper handling of implicit setup command oeqa/sdk: Improve Meson test Trevor Woerner (3): cups: use BUILDROOT instead of DESTDIR cups: check PACKAGECONFIG for pam feature cups: add/fix web interface packaging Ulrich Ölmann (4): recipe_sanity: fix old override syntax lsof: fix old override syntax update-alternatives: fix typos kernel-yocto: fix kernel-meta data detection Vincent Davis Jr (1): linux-firmware: package amdgpu firmware Virendra Thakur (1): qemu: Fix CVE-2021-3750 for qemu Vivek Kumbhar (5): python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs. openssl: fix CVE-2022-3996 double locking leads to denial of service gnutls: fix CVE-2023-0361 timing side-channel in the TLS RSA key exchange code go: fix CVE-2023-24537 Infinite loop in parsing Vyacheslav Yurkov (3): files: overlayfs-etc: refactor preinit template classes: files: Extend overlayfs-etc class overlayfs: Allow not used mount points Wang Mingyu (19): bind: upgrade 9.18.7 -> 9.18.8 socat: upgrade 1.7.4.3 -> 1.7.4.4 libxcrypt: upgrade 4.4.28 -> 4.4.30 xwayland: upgrade 22.1.4 -> 22.1.5 mobile-broadband-provider-info: upgrade 20220725 -> 20221107 babeltrace: upgrade 1.5.8 -> 1.5.11 iso-codes: upgrade 4.11.0 -> 4.12.0 bind: upgrade 9.18.8 -> 9.18.9 mpfr: upgrade 4.1.0 -> 4.1.1 libxcrypt-compat: upgrade 4.4.30 -> 4.4.33 libpng: upgrade 1.6.38 -> 1.6.39 gstreamer1.0: upgrade 1.20.4 -> 1.20.5 bind: upgrade 9.18.9 -> 9.18.10 libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1 xwayland: upgrade 22.1.7 -> 22.1.8 iso-codes: upgrade 4.12.0 -> 4.13.0 lua: Fix install conflict when enable multilib. vala: Fix install conflict when enable multilib. dhcpcd: Fix install conflict when enable multilib. Xiangyu Chen (18): qemu: Backport patches from upstream to support float128 on qemu-ppc64 linux-yocto-dev: add qemuarm64 ltp: backport clock_gettime04 fix from upstream dbus: fix CVE-2022-42010 Check brackets in signature nest correctly dbus: fix CVE-2022-42011 dbus-daemon can be crashed by messages with array length inconsistent with element type dbus: fix CVE-2022-42012 dbus-marshal-byteswap: Byte-swap Unix fd indexes if needed lttng-tools: Upgrade 2.13.4 -> 2.13.8 sudo: upgrade 1.9.10 -> sudo 1.9.12p1 bash: backport patch to fix CVE-2022-3715 grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775 dbus: upgrade 1.14.0 -> 1.14.4 sysstat: fix CVE-2022-39377 grub: backport patches to fix CVE-2022-28736 openssh: remove RRECOMMENDS to rng-tools for sshd package numactl: skip test case when target platform doesn't have 2 CPU node dhcpcd: fix dhcpcd start failure on qemuppc64 sudo: update 1.9.12p2 -> 1.9.13p3 shadow: backport patch to fix CVE-2023-29383 Yash Shinde (5): binutils: stable 2.38 branch updates glibc: stable 2.35 branch updates. glibc: stable 2.35 branch updates. binutils : Fix CVE-2023-22608 binutils : Fix CVE-2023-1579 Yash.Shinde@windriver.com (1): binutils : Fix CVE-2022-4285 Yogita Urade (1): libksba: fix CVE-2022-47629 Zheng Qiu (1): tiff: fix CVE-2022-2953 ciarancourtney (1): wic: swap partitions are not added to fstab pawan (2): Revert "qemu: fix CVE-2021-3507" curl: Add fix for CVE-2023-23916 pgowda (1): binutils : Fix CVE-2022-38128 wangmy (9): ifupdown: upgrade 0.8.37 -> 0.8.39 libcap: upgrade 2.65 -> 2.66 libical: upgrade 3.0.14 -> 3.0.15 numactl: upgrade 2.0.15 -> 2.0.16 wpebackend-fdo: upgrade 1.12.1 -> 1.14.0 libksba: upgrade 1.6.0 -> 1.6.2 lttng-ust: upgrade 2.13.3 -> 2.13.4 lttng-ust: upgrade 2.13.4 -> 2.13.5 lighttpd: upgrade 1.4.66 -> 1.4.67 Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: I80cf3cd933dea72160ce87efb2a42fe4d0e5d7d5
OpenBMC is a Linux distribution for management controllers used in devices such as servers, top of rack switches or RAID appliances. It uses Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your platform.
sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat \ zstd pigz
sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake \ rpcgen perl-Thread-Queue perl-bignum perl-Crypt-OpenSSL-Bignum perl-FindBin sudo dnf groupinstall "C Development Tools and Libraries"
git clone git@github.com:openbmc/openbmc.git cd openbmc
Any build requires an environment set up according to your hardware target. There is a special script in the root of this repository that can be used to configure the environment as needed. The script is called setup
and takes the name of your hardware target as an argument.
The script needs to be sourced while in the top directory of the OpenBMC repository clone, and, if run without arguments, will display the list of supported hardware targets, see the following example:
$ . setup <machine> [build_dir] Target machine must be specified. Use one of: bletchley gsj romulus dl360poc kudo s2600wf e3c246d4i mihawk swift ethanolx mtjade tiogapass evb-ast2500 nicole transformers evb-ast2600 olympus-nuvoton witherspoon evb-npcm750 on5263m5 witherspoon-tacoma f0b p10bmc x11spi fp5280g2 palmetto yosemitev2 g220a qemuarm zaius gbs quanta-q71l
Once you know the target (e.g. romulus), source the setup
script as follows:
. setup romulus
bitbake obmc-phosphor-image
Additional details can be found in the docs repository.
The OpenBMC community maintains a set of tutorials new users can go through to get up to speed on OpenBMC development out here
Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check
directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.
Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.
Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.
Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.
Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.
First, please do a search on the internet. There's a good chance your question has already been asked.
For general questions, please use the openbmc tag on Stack Overflow. Please review the discussion on Stack Overflow licensing before posting any code.
For technical discussions, please see contact info below for Discord and mailing list information. Please don't file an issue to ask a question. You'll get faster results by using the mailing list or Discord.
Feature List
Features In Progress
Features Requested but need help
Dive deeper into OpenBMC by opening the docs repository.
The Technical Steering Committee (TSC) guides the project. Members are: