subtree updates: openembedded poky

poky: aa6cd06a9f..fb1853c66c:
  Adrian Freihofer (1):
        bblayers/setupwriters/oe-setup-layers: create dir if not exists

  Alexander Kanavin (48):
        bblayers/makesetup: skip git repos that are submodules
        scripts/oe-setup-layers: print a note about submodules if present
        go: update 1.19.4 -> 1.20
        go-cross-canadian: use gcc-crosssdk, not gcc-native
        vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
        gstreamer1.0: update 1.20.5 -> 1.22.0
        mesa: update 22.3.3 -> 22.3.5
        meta/conf: move default configuration templates into meta/conf/templates/default
        scripts/oe-setup-layers: correct variable names - layers should be called repos
        scripts/oe-setup-layers: do not clobber json module with a variable named 'json'
        gcr: enable vala .vapi generation only when gobject introspection is also enabled
        gstreamer1.0-python: do not require introspection during builds
        go: update 1.20 -> 1.20.1
        rust: update 1.67.0 -> 1.67.1
        freetype: update 2.12.1 -> 2.13.0
        gnutls: update 3.7.8 -> 3.8.0
        vulkan-samples: update to latest revision
        gnu-config: update to latest revision
        puzzles: upgrade to latest revision
        python3: upgrade 3.11.1 -> 3.11.2
        nghttp2: upgrade 1.51.0 -> 1.52.0
        log4cplus: upgrade 2.0.8 -> 2.1.0
        dos2unix: upgrade 7.4.3 -> 7.4.4
        webkitgtk: upgrade 2.38.4 -> 2.38.5
        man-pages: upgrade 6.02 -> 6.03
        util-macros: upgrade 1.19.3 -> 1.20.0
        dpkg: upgrade 1.21.19 -> 1.21.20
        ruby: upgrade 3.2.0 -> 3.2.1
        libwpe: upgrade 1.14.0 -> 1.14.1
        vala: upgrade 0.56.3 -> 0.56.4
        dbus: upgrade 1.14.4 -> 1.14.6
        linux-firmware: upgrade 20230117 -> 20230210
        zstd: upgrade 1.5.2 -> 1.5.4
        python3-setuptools: upgrade 67.2.0 -> 67.3.1
        mmc-utils: upgrade to latest revision
        harfbuzz: upgrade 6.0.0 -> 7.0.0
        libhandy: upgrade 1.8.0 -> 1.8.1
        diffoscope: upgrade 234 -> 235
        wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
        libcap: upgrade 2.66 -> 2.67
        e2fsprogs: upgrade 1.46.5 -> 1.47.0
        git: upgrade 2.39.1 -> 2.39.2
        piglit: upgrade to latest revision
        python3-hatchling: upgrade 1.12.2 -> 1.13.0
        devtool: ignore patch-fuzz errors when extracting source
        gcr: correctly configure vala against introspection data
        selftest: do not check for dri.pc in the headless test
        scripts/runqemu: move render nodes check to runqemu from selftest

  Alexis Lothoré (8):
        oeqa/selftest/resulttooltests: fix minor typo
        scripts/oe-selftest: append metadata to tests results
        scripts/resulttool/regression: remove unused import
        scripts/resulttool/regression: add metadata filtering for oeselftest
        scripts: add new helper for regression report generation
        oeqa/selftest: add test for yocto_testresults_query.py
        scripts/yoct_testresults_query: manage base/target revision not found
        oeqa/selftest/resulttool: add test for metadata filtering on regression

  Bruce Ashfield (11):
        linux-yocto/5.19: drop recipes
        yocto-bsps: remove 5.19 bbappend
        lttng-modules: fix for kernel 6.2+
        linux-yocto-rt/6.1: fix compilation issue with per cpu stats
        linux-yocto-dev: bump to v6.2
        linux-yocto/6.1: update to v6.1.12
        linux-yocto/5.15: update to v5.15.94
        linux-yocto/6.1: update to v6.1.14
        linux-yocto/5.15: update to v5.15.96
        linux-yocto-rt/6.1: update to -rt7
        linux-yocto-rt/5.15: update to -rt59

  Caner Altinbasak (1):
        bitbake: fetch2: Add GIT_CACHE_PATH and SSL_CERT_DIR into FETCH_EXPORT_VARS

  Chee Yang Lee (2):
        tar: Fix CVE-2022-48303
        checklayer: check for patch file upstream status

  Chen Qi (1):
        gpgme: fix python setuptools invalid version issue

  Denys Zagorui (1):
        kernel-devsrc: powerpc: add missed dependency for modules_prepare

  Dmitry Baryshkov (4):
        linux-firmware: properly set license for all Qualcomm firmware
        linux-firmware: add yamato fw files to qcom-adreno-a2xx package
        mesa: provide support for packing development and testing tools
        ffmpeg: fix build failure when vulkan is enabled

  Fawzi KHABER (1):
        ref-manual: update DEV_PKG_DEPENDENCY in variables

  Federico Pellegrin (1):
        curl: fix dependencies when building with ldap/ldaps

  Geoffrey GIRY (1):
        cve-extra-exclusions: ignore inapplicable linux-yocto CVEs

  Joe Slater (1):
        tar: Update fix for CVE-2022-48303 to upstream version

  Joel Stanley (1):
        qemu: Fix building with 6.2 kernel headers

  Jose Quaresma (2):
        bluez5: refresh patches with devtool
        icecc: enable the network only when ICECC_DISABLED is not set

  Joshua Watt (4):
        classes/populate_sdk_base: Append cleandirs
        classes/create-sdpx-2.2: Remove image SPDX and index from deploydir
        classes/create-spdx-2.2: Report downloads as separate packages
        weston: Add kiosk shell

  Kai Kang (2):
        xserver-xorg: 21.1.6 -> 21.1.7
        webkitgtk: 2.38.3 -> 2.38.4

  Khem Raj (12):
        unfs3: Add missing header files
        stress-ng: Add missing header files for clock_adjtime
        gstreamer1.0-plugins-good: Fix build with musl
        elfutils: Backport fix for DW_TAG_unspecified_type handling
        tune-riscv.inc: Add riscv64nc to available tunes list
        grub: Handle R_RISCV_CALL_PLT reloc
        gdb: Upgrade to 13.1
        musl: Update to tip of trunk
        kernel: Add kernel specific OBJDUMP
        opensbi: Do not add dependencies if RISCV_SBI_FDT is not set
        opensbi: Upgrade to 1.2 release
        vte: Fix -Wenum-constexpr-conversion warning

  Lee Chee Yang (1):
        migration-guides: add release-notes for 4.0.7

  Luca Boccassi (1):
        systemd: add user for systemd-oomd if enabled

  Marek Vasut (1):
        systemd-systemctl: Create machine-id with "uninitialized" text in it

  Mark Asselstine (1):
        bitbake: fetch/npmsw: add more short forms for git operations

  Markus Volk (3):
        graphene: add a PACKAGECONFIG for arm_neon
        libportal: allow to build without gtk4 backend
        libsdl2: add missing libdecor RDEPEND

  Martin Jansa (3):
        python3-numpy: upgrade to 1.24.2
        insane.bbclass: use 4 spaces for indentation
        insane.bbclass: move Upstream-Status logic to oe.qa

  Mateusz Marciniec (1):
        sstatesig: Improve output hash calculation

  Michael Opdenacker (17):
        migration-guides/migration-4.2.rst: fix minor issues
        ref-manual: variables.rst: fix broken hyperlink
        profile-manual: update WireShark hyperlinks
        manuals: replace unnecessary uses of 'yocto_docs' by internal references
        bsp-guide: fix broken git URLs and missing word
        ref-manual: improve "devtool check-upgrade-status" explanations
        ref-manual: document Rust classes
        manuals: update patchwork instance URL
        ref-manual: classes.rst: add python-setuptools3_rust and python_pyo3 classes
        dev-manual: new-recipe.rst: restructure examples
        ref-manual: classes.rst: improvements to cmake class documentation
        ref-manual: document meson class and variables
        dev-manual: sbom.rst: add link to FOSDEM 2023 video
        manuals: document COMMERCIAL_[AUDIO|VIDEO]_PLUGINS variables
        ref-manual: system-requirements.rst: update supported distros
        dev-manual: new-recipe.rst: add Meson example recipe
        dev-manual: new-recipe.rst: add references to subsections in Examples section

  Mike Crowe (1):
        bitbake: gitsm: Fix path construction for relative submodule URI

  Mikko Rapeli (8):
        oeqa ssh.py: move output prints to new line
        oeqa ssh.py: add connection keep alive options to ssh client
        oeqa dump.py: add error counter and stop after 5 failures
        oeqa qemurunner: read more data at a time from serial
        oeqa qemurunner.py: add timeout to QMP calls
        oeqa qemurunner.py: try to avoid reading one character at a time
        oeqa ssh.py: fix hangs in run()
        runqemu: kill qemu if it hangs

  Mingli Yu (1):
        mc: set ac_cv_path_PERL_FOR_BUILD

  Narpat Mali (1):
        libseccomp: fix for the ptest result format

  Niko Mauno (1):
        ref-manual: Fix invalid feature name

  Paulo Neves (4):
        bitbake: tests/fetch: git-lfs restore _find_git_lfs
        bitbake: tests/fetch: Add real git lfs tests and decorator
        bitbake: fetch/git: Removed unused variables in _contains_lfs
        bitbake: fetch/git: Replace mkdtemp with TemporaryDirectory and avoid exception masking

  Pavel Zhukov (4):
        wic: Fix usage of fstype=none in wic
        u-boot: Map arm64 into map for u-boot dts installation
        wic: Fix populating of IMAGE_EFI_BOOT_FILES with uefi-kernel
        oeqa/selftest/wic: Add test for uefi-kernel loader

  Pedro Baptista (3):
        bitbake: action.py: add topdir in bblayers_conf path for add-layer
        bitbake: action.py: add topdir in bblayers_conf path for remove-layer
        create.py: add command arg to add layer to bblayers.conf

  Peter Kjellerstedt (1):
        devshell: Do not add scripts/git-intercept to PATH

  Peter Marko (1):
        systemd: add group sgx to udev package

  Petr Kubizňák (1):
        graphene: remove introspection from PACKAGECONFIG

  Richard Elberger (2):
        docbook-xml: Switch from debian packages to upstream docbook sources
        bitbake: documentation: bitbake: add file-checksums to varflags section

  Richard Leitner (1):
        ref-manual: variables: FIT_KERNEL_COMP_ALG: add lzo

  Richard Purdie (20):
        bitbake: cookerdata: Remove incorrect SystemExit usage
        libssh2: Clean up ptest patch/coverage
        bitbake: data: Evaluate the value of export/unexport/network flags
        poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
        bitbake: cookerdata: Improve early exception handling
        bitbake: cookerdata: Drop dubious exception handling code
        bitbake: runqueue: Drop SystemExit usage
        bitbake: cooker: Ensure lock is held with changing notifier
        bitbake: server/process: Improve idle thread exception handling
        bitbake: event/cooker/runqueue: Add ability to interrupt longer running code
        bitbake: bitbake: Bump to version 2.3.1
        sstate: Add check_for_interrupts() call functionality added in bitbake
        binutils: Fix nativesdk ld.so search
        oeqa/selftest/prservice: Improve debug output for failure
        bitbake: cooker: Fix memory resident cache invalidation issue
        bitbake: fetch2/wget: Drop unused import
        bitbake: utils: Use internal fetcher function to avoid duplication
        resulttool/regression: Ensure LTP results are only compared against other LTP runs
        resulttool/regression: Improve matching of poor ptest test names
        build-appliance-image: Update to master head revision

  Robert Joslyn (1):
        curl: Update 7.87.0 to 7.88.0

  Ross Burton (17):
        lib/buildstats: handle tasks that never finished
        cml1: remove redundant addtask
        bitbake: fetch2/wget: clean up netrc usage
        libcgroup: clean up musl DEPENDS
        pkgconfig: use system glib for nativesdk builds
        site: remove glib site values
        less: backport the fix for CVE-2022-46663
        tiff: backport fix for CVE-2022-48281
        python3-atomicwrites: add BBCLASSEXTEND
        python3-iniconfig: add BBCLASSEXTEND
        python3-pytest: set RDEPENDS globally, not just target
        bitbake: lib/bb/siggen: fix debug() call
        ptest-runner: add non-root ptest user for tests to run as
        meta-selftest/files: add ptest to static-passwd/-group
        quilt: run tests as ptest user, and let that user write into the tests
        glibc: add ignore for CVE-2023-25139
        glibc: remove obsolete CVE ignores

  Saul Wold (2):
        busybox: Fix depmod patch
        create-spdx-2.2: Add support for custom Annotations

  Siddharth Doshi (1):
        openssl: Upgrade 3.0.7 -> 3.0.8

  Tim Orling (7):
        python3-hypothesis: upgrade 6.66.0 -> 6.68.1
        python3-typing-extensions: upgrade 4.4.0 -> 4.5.0
        python3-cryptography{-vectors}: 39.0.0 -> 39.0.1
        python3-more-itertools: upgrade 9.0.0 -> 9.1.0
        python3-zipp: upgrade 3.14.0 -> 3.15.0
        python3-hypothesis: upgrade 6.68.1 -> 6.68.2
        python3-babel: upgrade 2.11.0 -> 2.12.1

  Trevor Woerner (12):
        packagegroup-self-hosted: alphabetize
        packagegroup-self-hosted: add zstd
        build-appliance-image: set TERM
        build-appliance-image kernel: linux-yocto: qemuall: add taskstats
        build-appliance-image: add /lib64 symlink
        build-appliance-image: QB_MEM: allow user config
        QB_SMP: allow user modification
        build-appliance-image: check for xattr feature
        dtc: update DESCRIPTION
        dtc: update license checks
        build-appliance-image: fix HOMEPAGE
        VOLATILE_TMP_DIR: add

  Ulrich Ölmann (5):
        dev-manual: fix old override syntax
        kernel-yocto: fix kernel-meta data detection
        kernel-dev,ref-manual: fix old override syntax
        ref-manual: refer to MACHINE variable instead of KMACHINE
        kernel-dev: harmonize example with ref-manual

  Wang Mingyu (21):
        libdrm: upgrade 2.4.114 -> 2.4.115
        libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
        libsdl2: upgrade 2.26.2 -> 2.26.3
        lighttpd: upgrade 1.4.68 -> 1.4.69
        openssh: upgrade 9.1p1 -> 9.2p1
        python3-sphinx-rtd-theme: upgrade 1.1.1 -> 1.2.0
        python3-zipp: upgrade 3.12.0 -> 3.13.0
        xkeyboard-config: upgrade 2.37 -> 2.38
        xwayland: upgrade 22.1.7 -> 22.1.8
        libx11: 1.8.3 -> 1.8.4
        dtc: upgrade 1.6.1 -> 1.7.0
        liburcu: upgrade 0.13.2 -> 0.14.0
        curl: upgrade 7.88.0 -> 7.88.1
        harfbuzz: upgrade 7.0.0 -> 7.0.1
        libx11-compose-data: 1.8.3 -> 1.8.4
        python3-pip: update 23.0 -> 23.0.1
        python3-poetry-core: upgrade 1.5.0 -> 1.5.1
        python3-pytest-subtests: upgrade 0.9.0 -> 0.10.0
        python3-zipp: upgrade 3.13.0 -> 3.14.0
        python3-setuptools: upgrade 67.3.1 -> 67.3.3
        diffoscope: upgrade 235 -> 236

  Xiangyu Chen (1):
        dhcpcd: fix dhcpcd start failure on qemuppc64

  Yash Shinde (1):
        glibc: stable 2.37 branch updates.

  Yi Zhao (1):
        glibc: unify wordsize.h between arm and aarch64

  leimaohui (2):
        gnutls: Updated ther patch which fixes build error for fips enabled.
        nghttp2: Deleted the entries for -client and -server, and removed a dependency on them from the main package.

  yanxk (1):
        cpio: Add ptest support

meta-openembedded: cba6df61c7..a9b2d1303b:
  Alex Kiernan (1):
        ostree: Upgrade 2022.7 -> 2023.1

  Arash Partow (1):
        ExprTk: Update package to release/0.0.2

  Archana Polampalli (1):
        Nodejs: fix buildpaths warning

  Bartosz Golaszewski (5):
        libgpiod: update to v1.6.4
        libgpiod: add a recipe for libgpiod v2.0-rc2
        python3-gpiod: new package
        libgpiod: bump version to v2.0-rc3
        python3-gpiod: bump version to v2.0-rc3

  Catalin Enache (1):
        plocate: add recipe

  Changqing Li (1):
        liblockfile: fix do_install failure when ldconfig is not installed

  Chee Yang Lee (2):
        tinyproxy: fix CVE-2022-40468
        tmux: update to tmux_3.3a

  Chen Qi (1):
        nodejs: add CVE_PRODUCT

  Cook, Samuel (1):
        python-systemd: update from v234 to v235

  Craig Comstock (1):
        cfengine: upgrade to 3.21.0

  Denys Dmytriyenko (2):
        lmbench: set up /usr/bin/hello as alternative
        mbedtls: set up /usr/bin/hello as alternative

  Fabio Estevam (2):
        spice-gtk: Update to version 0.42
        glmark2: Update to 2023.01

  Jan Luebbe (5):
        add signing.bbclass as infrastructure for build artifact signing
        smemstat: add recipe
        linux-serial-test: add recipe
        atftp: upgrade from 0.7.5 to 0.8.0
        atftp: use https for git repository access

  Joe Slater (1):
        phoronix-test-suite: fix CVE-2022-40704

  Joshua Watt (2):
        libvpx: Explicitly link with pthread support
        libvpx: Enable native support

  Khem Raj (7):
        python3-cson: Make PEP440 compatible version scheme
        python3-grpcio: Add missing include for close/open APIs
        graphene: Delete recipe
        glog: Link with libatomics on mips.
        glog: Fix build with clang on 32bit platforms
        networkmanager: Fix build with musl
        liburing: Update to latest tip of tree

  Lei Maohui (1):
        libiodbc: Fix install conflict when enable multilib.

  Marek Vasut (1):
        v4l-utils: Update 1.23.0+fd544473 -> 1.23.0+9431e4b2

  Markus Volk (10):
        iwd: update 2.0 -> 2.3
        libdeflate: add recipe
        pipewire-media-session: update 0.4.1 -> 0.4.2
        gnome-software: update 43.2 -> 43.4
        fwupd: fix polkit rules.d permissions
        pipewire: update 0.3.65 -> 0.3.66
        appstream: update 0.15.5 -> 0.16.1
        flatpak: update 1.15.1 -> 1.15.3
        gparted: update 1.4.0 -> 1.5.0
        webp-pixbuf-loader: update 0.0.7 -> 0.2.0

  Martin Jansa (4):
        nodejs: fix do_install failure with 'shared' PACKAGECONFIG
        nodejs: add Upstream-Status
        openhpi, uw-imag, python3-m2crypto: replace Unknown Upstream-Status with Pending
        .patch: fix Upstream-Status formatting issues reported by patchreview tool from oe-core

  Michael Haener (1):
        usb-modeswitch: update 2.6.0 -> 2.6.1

  Michael Opdenacker (1):
        ipcalc: update to 1.0.2

  Mingli Yu (2):
        opencv: disable intel IPP
        mariadb: Upgrade to 10.11.2

  Narpat Mali (1):
        net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception

  Pablo Saavedra (1):
        graphene: disable neon support on arm 32bits

  Petr Gotthard (5):
        libqmi: upgrade 1.30.8 -> 1.32.2
        libmbim: upgrade 1.26.4 -> 1.28.2
        modemmanager: upgrade 1.18.12 -> 1.20.4
        openvpn: upgrade 2.5.8 -> 2.6.0
        python3-scapy: upgrade 2.4.5 -> 2.5.0

  Randy MacLeod (1):
        python3-pillow: Add distutils, unixadmin for ptest

  Ross Burton (10):
        python3-simpleeval: update patch status
        nodejs: remove redundant expand=True to getVar()
        nodejs: run configure.py in verbose mode
        nodejs: use a postfunc to prune source tree
        nodejs: don't force cross-compilation in native builds
        nodejs: remove LD assignment
        nodejs: no need to stage binaries for target
        nodejs: remove redundant comment
        zchunk: upgrade to 1.2.4
        liburing: enable native/nativesdk builds

  Stefano Babic (1):
        zchunk: upgrade 1.2.4 -> 1.3.0

  Tom Hochstein (1):
        nlohmann-json: Allow empty main package for SDK

  Ulrich Ölmann (1):
        tnftp: switch to using variable flags for alternatives

  Wang Mingyu (104):
        python3-apt: upgrade 2.5.0 -> 2.5.2
        python3-aspectlib: upgrade 1.5.2 -> 2.0.0
        python3-aiohttp-jinja2: upgrade 1.5 -> 1.5.1
        python3-astroid: upgrade 2.13.2 -> 2.14.1
        python3-bitarray: upgrade 2.6.2 -> 2.7.0
        python3-cantools: upgrade 38.0.1 -> 38.0.2
        python3-coverage: upgrade 7.0.5 -> 7.1.0
        python3-cmd2: upgrade 2.4.2 -> 2.4.3
        python3-django: upgrade 4.1.3 -> 4.1.6
        python3-dateparser: upgrade 1.1.6 -> 1.1.7
        python3-elementpath: upgrade 3.0.2 -> 4.0.1
        python3-evdev: upgrade 1.6.0 -> 1.6.1
        python3-flask-wtf: upgrade 1.1.0 -> 1.1.1
        python3-fastnumbers: upgrade 3.2.1 -> 4.0.1
        python3-flask-migrate: upgrade 4.0.1 -> 4.0.4
        python3-luma-oled: upgrade 3.9.0 -> 3.11.0
        python3-google-api-python-client: upgrade 2.72.0 -> 2.77.0
        python3-ipython: upgrade 8.8.0 -> 8.9.0
        python3-icu: upgrade 2.8.1 -> 2.10.2
        python3-license-expression: upgrade 30.0.0 -> 30.1.0
        python3-meh: upgrade 0.50.1 -> 0.51
        python3-portalocker: upgrade 2.6.0 -> 2.7.0
        python3-pandas: upgrade 1.5.2 -> 1.5.3
        python3-openpyxl: upgrade 3.0.10 -> 3.1.0
        python3-paramiko: upgrade 2.12.0 -> 3.0.0
        python3-portion: Upgrade 2.3.0 -> 2.3.1
        python3-pymisp: upgrade 2.4.167 -> 2.4.168
        python3-pymodbus: upgrade 3.1.0 -> 3.1.3
        python3-pykickstart: upgrade 3.34 -> 3.43
        python3-pyscaffold: upgrade 4.3.1 -> 4.4
        python3-pywbem: upgrade 1.5.0 -> 1.6.0
        python3-sentry-sdk: upgrade 1.13.0 -> 1.15.0
        python3-qrcode: upgrade 7.3.1 -> 7.4.2
        python3-reedsolo: upgrade 1.6.1 -> 1.7.0
        python3-simplejson: upgrade 3.18.1 -> 3.18.3
        python3-traitlets: upgrade 5.8.1 -> 5.9.0
        python3-sqlalchemy: upgrade 1.4.46 -> 2.0.3
        python3-websocket-client: upgrade 1.4.2 -> 1.5.1
        python3-xlsxwriter: upgrade 3.0.7 -> 3.0.8
        python3-xmlschema: upgrade 2.1.1 -> 2.2.1
        ctags: upgrade 6.0.20230115.0 -> 6.0.20230212.0
        ddrescue: upgrade 1.26 -> 1.27
        editorconfig-core-c: upgrade 0.12.5 -> 0.12.6
        htpdate: upgrade 1.3.6 -> 1.3.7
        iscsi-initiator-utils: upgrade 2.1.7 -> 2.1.8
        geoclue: upgrade 2.6.0 -> 2.7.0
        htop: upgrade 3.2.1 -> 3.2.2
        hwdata: upgrade 0.366 -> 0.367
        glog: upgrade 0.5.0 -> 0.6.0
        libtevent: upgrade 0.13.0 -> 0.14.1
        libtdb: upgrade 1.4.7 -> 1.4.8
        libtalloc: upgrade 2.3.4 -> 2.4.0
        jack: upgrade 1.19.21 -> 1.19.22
        jsonrpc: upgrade 1.3.0 -> 1.4.1
        liburing: upgrade 2.2 -> 2.3
        libusb-compat: upgrade 0.1.7 -> 0.1.8
        networkmanager: upgrade 1.40.10 -> 1.42.0
        minicoredumper: upgrade 2.0.2 -> 2.0.3
        neon: upgrade 0.32.4 -> 0.32.5
        nano: upgrade 7.1 -> 7.2
        netplan: upgrade 0.104 -> 0.106
        rdma-core: upgrade 42.0 -> 44.0
        pcsc-tools: upgrade 1.6.1 -> 1.6.2
        poppler-data: upgrade 0.4.11 -> 0.4.12
        sshpass: upgrade 1.09 -> 1.10
        poppler: upgrade 23.01.0 -> 23.02.0
        postgresql: upgrade 14.5 -> 15.2
        sip: upgrade 6.7.5 -> 6.7.7
        uchardet: upgrade 0.0.7 -> 0.0.8
        zabbix: upgrade 6.2.6 -> 6.2.7
        uftrace: upgrade 0.13 -> 0.13.1
        krb5: Fix install conflict when enable multilib.
        libnet: Fix install conflict when enable multilib.
        imlib2: Fix install conflict when enable multilib.
        python3-aiofiles: upgrade 22.1.0 -> 23.1.0
        python3-aiohttp: upgrade 3.8.3 -> 3.8.4
        python3-alembic: upgrade 1.9.2 -> 1.9.4
        python3-antlr4-runtime: upgrade 4.11.1 -> 4.12.0
        python3-astroid: upgrade 2.14.1 -> 2.14.2
        python3-autobahn: upgrade 23.1.1 -> 23.1.2
        python3-bitstruct: upgrade 8.15.1 -> 8.17.0
        python3-bitarray: upgrade 2.7.0 -> 2.7.3
        python3-django: upgrade 4.1.6 -> 4.1.7
        python3-google-api-python-client: upgrade 2.77.0 -> 2.79.0
        python3-flask: upgrade 2.2.2 -> 2.2.3
        python3-huey: upgrade 2.4.4 -> 2.4.5
        python3-google-auth: upgrade 2.16.0 -> 2.16.1
        python3-ipython: upgrade 8.9.0 -> 8.10.0
        python3-imageio: upgrade 2.25.0 -> 2.25.1
        python3-openpyxl: upgrade 3.1.0 -> 3.1.1
        python3-pykickstart: upgrade 3.43 -> 3.44
        python3-pydantic: upgrade 1.10.4 -> 1.10.5
        python3-pytest-forked: upgrade 1.4.0 -> 1.6.0
        python3-pytest-xdist: upgrade 3.1.0 -> 3.2.0
        python3-redis: upgrade 4.4.2 -> 4.5.1
        python3-soupsieve: upgrade 2.3.2.post1 -> 2.4
        python3-simpleeval: upgrade 0.9.12 -> 0.9.13
        python3-stevedore: upgrade 4.1.1 -> 5.0.0
        python3-sqlalchemy: upgrade 2.0.3 -> 2.0.4
        python3-watchdog: upgrade 2.2.1 -> 2.3.0
        python3-werkzeug: upgrade 2.2.2 -> 2.2.3
        python3-zeroconf: upgrade 0.47.1 -> 0.47.3
        python3-coverage: upgrade 7.1.0 -> 7.2.0
        python3-eth-keyfile: upgrade 0.6.0 -> 0.6.1

  Yi Zhao (7):
        meta-python: fix Upstream-Status format
        meta-oe: fix Upstream-Status format
        meta-networking: fix Upstream-Status format
        fatresize: fix Upstream-Status format
        apache2: use /run instead of /var/run for systemd volatile config
        phpmyadmin: upgrade 5.2.0 -> 5.2.1
        ufs-utils: upgrade 1.9 -> 3.12.3

  bhargav_das@mentor.com (1):
        python3-daemon_2.3.2.bb: add python-daemon recipe for python3

Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I826d53d70744bc80ebe8b60203241dfddce7d5fe
diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf
index dcf6ce9..afd9e2f 100644
--- a/poky/meta/conf/bitbake.conf
+++ b/poky/meta/conf/bitbake.conf
@@ -90,6 +90,10 @@
 # If set to boolean false ('no', 'n', 'false', 'f', '0'), /var/log is on persistent storage.
 VOLATILE_LOG_DIR ?= "yes"
 
+# if set to 'yes': /tmp links to /var/tmp which links to /var/volatile/tmp
+# otherwise:       /tmp is on persistent storage
+VOLATILE_TMP_DIR ?= "yes"
+
 BB_RENAMED_VARIABLES[PNBLACKLIST] = "SKIP_RECIPE"
 BB_RENAMED_VARIABLES[CVE_CHECK_PN_WHITELIST] = "CVE_CHECK_SKIP_RECIPE"
 BB_RENAMED_VARIABLES[CVE_CHECK_WHITELIST] = "CVE_CHECK_IGNORE"
diff --git a/poky/meta/conf/distro/include/cve-extra-exclusions.inc b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
index 8b5f8d4..a281a8a 100644
--- a/poky/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/poky/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -78,9 +78,34 @@
 CVE_CHECK_IGNORE += "CVE-2019-10126 CVE-2019-14899 CVE-2019-18910 CVE-2019-3016 CVE-2019-3819 CVE-2019-3846 CVE-2019-3887"
 # 2020
 CVE_CHECK_IGNORE += "CVE-2020-10732 CVE-2020-10742 CVE-2020-16119 CVE-2020-1749 CVE-2020-25672 CVE-2020-27820 CVE-2020-35501 CVE-2020-8834"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2020-27784
+# Introduced in version v4.1 b26394bd567e5ebe57ec4dee7fe6cd14023c96e9
+# Patched in kernel since v5.10	e8d5f92b8d30bb4ade76494490c3c065e12411b1
+# Backported in version v5.4.73	e9e791f5c39ab30e374a3b1a9c25ca7ff24988f3
+CVE_CHECK_IGNORE += "CVE-2020-27784"
+
 # 2021
 CVE_CHECK_IGNORE += "CVE-2021-20194 CVE-2021-20226 CVE-2021-20265 CVE-2021-3564 CVE-2021-3743 CVE-2021-3847 CVE-2021-4002 \
                      CVE-2021-4090 CVE-2021-4095 CVE-2021-4197 CVE-2021-4202 CVE-2021-44879 CVE-2021-45402"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-3669
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.15 20401d1058f3f841f35a594ac2fc1293710e55b9
+CVE_CHECK_IGNORE += "CVE-2021-3669"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-3759
+# Introduced in version v4.5 a9bb7e620efdfd29b6d1c238041173e411670996
+# Patched in kernel since v5.15 18319498fdd4cdf8c1c2c48cd432863b1f915d6f
+# Backported in version v5.4.224 bad83d55134e647a739ebef2082541963f2cbc92
+# Backported in version v5.10.154 836686e1a01d7e2fda6a5a18252243ff30a6e196
+CVE_CHECK_IGNORE += "CVE-2021-3759"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2021-4218
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.8 32927393dc1ccd60fb2bdc05b9e8e88753761469
+CVE_CHECK_IGNORE += "CVE-2021-4218"
+
 # 2022
 CVE_CHECK_IGNORE += "CVE-2022-0185 CVE-2022-0264 CVE-2022-0286 CVE-2022-0330 CVE-2022-0382 CVE-2022-0433 CVE-2022-0435 \
                      CVE-2022-0492 CVE-2022-0494 CVE-2022-0500 CVE-2022-0516 CVE-2022-0617 CVE-2022-0742 CVE-2022-0854 \
@@ -90,6 +115,277 @@
                      CVE-2022-28356 CVE-2022-28388 CVE-2022-28389 CVE-2022-28390 CVE-2022-28796 CVE-2022-28893 CVE-2022-29156 \
                      CVE-2022-29582 CVE-2022-29968"
 
+# https://nvd.nist.gov/vuln/detail/CVE-2022-0480
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.15 0f12156dff2862ac54235fc72703f18770769042
+CVE_CHECK_IGNORE += "CVE-2022-0480"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1184
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 46c116b920ebec58031f0a78c5ea9599b0d2a371
+# Backported in version v5.4.198 17034d45ec443fb0e3c0e7297f9cd10f70446064
+# Backported in version v5.10.121 da2f05919238c7bdc6e28c79539f55c8355408bb
+# Backported in version v5.15.46 ca17db384762be0ec38373a12460081d22a8b42d
+CVE_CHECK_IGNORE += "CVE-2022-1184"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-1462
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 a501ab75e7624d133a5a3c7ec010687c8b961d23
+# Backported in version v5.4.208 f7785092cb7f022f59ebdaa181651f7c877df132
+# Backported in version v5.10.134 08afa87f58d83dfe040572ed591b47e8cb9e225c
+# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
+CVE_CHECK_IGNORE += "CVE-2022-1462"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2308
+# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
+# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
+# Backported in version v5.15.72 dc248ddf41eab4566e95b1ee2433c8a5134ad94a
+# Backported in version v5.19.14 38d854c4a11c3bbf6a96ea46f14b282670c784ac
+CVE_CHECK_IGNORE += "CVE-2022-2308"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2327
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.10.125 df3f3bb5059d20ef094d6b2f0256c4bf4127a859
+CVE_CHECK_IGNORE += "CVE-2022-2327"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2663
+# Introduced in version v2.6.20 869f37d8e48f3911eb70f38a994feaa8f8380008
+# Patched in kernel since v6.0 0efe125cfb99e6773a7434f3463f7c2fa28f3a43
+# Backported in version v5.4.213 36f7b71f8ad8e4d224b45f7d6ecfeff63b091547
+# Backported in version v5.10.143 e12ce30fe593dd438c5b392290ad7316befc11ca
+# Backported in version v5.15.68 451c9ce1e2fc9b9e40303bef8e5a0dca1a923cc4
+# Backported in version v5.19.9 6cf0609154b2ce8d3ae160e7506ab316400a8d3d
+CVE_CHECK_IGNORE += "CVE-2022-2663"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2785
+# Introduced in version v5.18 b1d18a7574d0df5eb4117c14742baf8bc2b9bb74
+# Patched in kernel since v6.0 86f44fcec22ce2979507742bc53db8400e454f46
+# Backported in version v5.19.4 b429d0b9a7a0f3dddb1f782b72629e6353f292fd
+CVE_CHECK_IGNORE += "CVE-2022-2785"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3176
+# Introduced in version v5.1 221c5eb2338232f7340386de1c43decc32682e58
+# Patched in kernel since v5.17 791f3465c4afde02d7f16cf7424ca87070b69396
+# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
+CVE_CHECK_IGNORE += "CVE-2022-3176"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3435
+# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
+# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
+# Breaking commit backported in v5.10.111 63ea57478aaa3e06a597081a0f537318fc04e49f
+# Breaking commit backported in v5.15.34 907c97986d6fa77318d17659dd76c94b65dd27c5
+# Patched in kernel since v6.1 61b91eb33a69c3be11b259c5ea484505cd79f883
+# Backported in version v5.4.226 cc3cd130ecfb8b0ae52e235e487bae3f16a24a32
+# Backported in version v5.10.158 0b5394229ebae09afc07aabccb5ffd705ffd250e
+# Backported in version v5.15.82 25174d91e4a32a24204060d283bd5fa6d0ddf133
+CVE_CHECK_IGNORE += "CVE-2022-3435"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3526
+# Introduced in version v5.13 427f0c8c194b22edcafef1b0a42995ddc5c2227d
+# Patched in kernel since v5.18 e16b859872b87650bb55b12cca5a5fcdc49c1442
+# Backported in version v5.15.35 8f79ce226ad2e9b2ec598de2b9560863b7549d1b
+CVE_CHECK_IGNORE += "CVE-2022-3526"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3534
+# Introduced in version v5.10 919d2b1dbb074d438027135ba644411931179a59
+# Patched in kernel since v6.2 93c660ca40b5d2f7c1b1626e955a8e9fa30e0749
+# Backported in version v5.10.163 c61650b869e0b6fb0c0a28ed42d928eea969afc8
+# Backported in version v5.15.86 a733bf10198eb5bb927890940de8ab457491ed3b
+# Backported in version v6.1.2 fbe08093fb2334549859829ef81d42570812597d
+CVE_CHECK_IGNORE += "CVE-2022-3534"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3564
+# Introduced in version v3.6 4b51dae96731c9d82f5634e75ac7ffd3b9c1b060
+# Patched in kernel since v6.1 3aff8aaca4e36dc8b17eaa011684881a80238966
+# Backported in version v5.10.154 cb1c012099ef5904cd468bdb8d6fcdfdd9bcb569
+# Backported in version v5.15.78 8278a87bb1eeea94350d675ef961ee5a03341fde
+CVE_CHECK_IGNORE += "CVE-2022-3564"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3619
+# Introduced in version v5.12 4d7ea8ee90e42fc75995f6fb24032d3233314528
+# Patched in kernel since v6.1 7c9524d929648935bac2bbb4c20437df8f9c3f42
+# Backported in version v5.15.78 aa16cac06b752e5f609c106735bd7838f444784c
+CVE_CHECK_IGNORE += "CVE-2022-3619"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3621
+# Introduced in version v2.60.30 05fe58fdc10df9ebea04c0eaed57adc47af5c184
+# Patched in kernel since v6.1 21a87d88c2253350e115029f14fe2a10a7e6c856
+# Backported in version v5.4.218 792211333ad77fcea50a44bb7f695783159fc63c
+# Backported in version v5.10.148 3f840480e31495ce674db4a69912882b5ac083f2
+# Backported in version v5.15.74 1e512c65b4adcdbdf7aead052f2162b079cc7f55
+# Backported in version v5.19.16 caf2c6b580433b3d3e413a3d54b8414a94725dcd
+CVE_CHECK_IGNORE += "CVE-2022-3621"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3623
+# Introduced in version v5.1 5480280d3f2d11d47f9be59d49b20a8d7d1b33e8
+# Patched in kernel since v6.1 fac35ba763ed07ba93154c95ffc0c4a55023707f
+# Backported in version v5.4.228 176ba4c19d1bb153aa6baaa61d586e785b7d736c
+# Backported in version v5.10.159 fccee93eb20d72f5390432ecea7f8c16af88c850
+# Backported in version v5.15.78 3a44ae4afaa5318baed3c6e2959f24454e0ae4ff
+# Backported in version v5.19.17 86a913d55c89dd13ba070a87f61a493563e94b54
+CVE_CHECK_IGNORE += "CVE-2022-3623"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3624
+# Introduced in version v6.0 d5410ac7b0baeca91cf73ff5241d35998ecc8c9e
+# Patched in kernel since v6.0 4f5d33f4f798b1c6d92b613f0087f639d9836971
+CVE_CHECK_IGNORE += "CVE-2022-3624"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3625
+# Introduced in version v4.19 45f05def5c44c806f094709f1c9b03dcecdd54f0
+# Patched in kernel since v6.0 6b4db2e528f650c7fb712961aac36455468d5902
+# Backported in version v5.4.211 1ad4ba9341f15412cf86dc6addbb73871a10212f
+# Backported in version v5.10.138 0e28678a770df7989108327cfe86f835d8760c33
+# Backported in version v5.15.63 c4d09fd1e18bac11c2f7cf736048112568687301
+# Backported in version v5.19.4 26bef5616255066268c0e40e1da10cc9b78b82e9
+CVE_CHECK_IGNORE += "CVE-2022-3625"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3629
+# Introduced in version v3.9 d021c344051af91f42c5ba9fdedc176740cbd238
+# Patched in kernel since v6.0 7e97cfed9929eaabc41829c395eb0d1350fccb9d
+# Backported in version v5.4.211 f82f1e2042b397277cd39f16349950f5abade58d
+# Backported in version v5.10.138 38ddccbda5e8b762c8ee06670bb1f64f1be5ee50
+# Backported in version v5.15.63 e4c0428f8a6fc8c218d7fd72bddd163f05b29795
+# Backported in version v5.19.4 8ff5db3c1b3d6797eda5cd326dcd31b9cd1c5f72
+CVE_CHECK_IGNORE += "CVE-2022-3629"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3630
+# Introduced in version v5.19 85e4ea1049c70fb99de5c6057e835d151fb647da
+# Patched in kernel since v6.0 fb24771faf72a2fd62b3b6287af3c610c3ec9cf1
+# Backported in version v5.19.4 7a369dc87b66acc85d0cffcf39984344a203e20b
+CVE_CHECK_IGNORE += "CVE-2022-3630"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3633
+# Introduced in version v5.4 9d71dd0c70099914fcd063135da3c580865e924c
+# Patched in kernel since v6.0 8c21c54a53ab21842f5050fa090f26b03c0313d6
+# Backported in version v5.4.211 04e41b6bacf474f5431491f92e981096e8cc8e93
+# Backported in version v5.10.138 a220ff343396bae8d3b6abee72ab51f1f34b3027
+# Backported in version v5.15.63 98dc8fb08299ab49e0b9c08daedadd2f4de1a2f2
+# Backported in version v5.19.4 a0278dbeaaf7ca60346c62a9add65ae7d62564de
+CVE_CHECK_IGNORE += "CVE-2022-3633"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3635
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.0 3f4093e2bf4673f218c0bf17d8362337c400e77b
+# Backported in version v5.4.211 9a6cbaa50f263b12df18a051b37f3f42f9fb5253
+# Backported in version v5.10.138 a0ae122e9aeccbff75014c4d36d11a9d32e7fb5e
+# Backported in version v5.15.63 a5d7ce086fe942c5ab422fd2c034968a152be4c4
+# Backported in version v5.19.4 af412b252550f9ac36d9add7b013c2a2c3463835
+CVE_CHECK_IGNORE += "CVE-2022-3635"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3636
+# Introduced in version v5.19 33fc42de33278b2b3ec6f3390512987bc29a62b7
+# Patched in kernel since v5.19 17a5f6a78dc7b8db385de346092d7d9f9dc24df6
+CVE_CHECK_IGNORE += "CVE-2022-3636"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3640
+# Introduced in version v5.19 d0be8347c623e0ac4202a1d4e0373882821f56b0
+# Breaking commit backported in v5.4.209 098e07ef0059296e710a801cdbd74b59016e6624
+# Breaking commit backported in v5.10.135 de5d4654ac6c22b1be756fdf7db18471e7df01ea
+# Breaking commit backported in v5.15.59 f32d5615a78a1256c4f557ccc6543866e75d03f4
+# Patched in kernel since v6.1 0d0e2d032811280b927650ff3c15fe5020e82533
+# Backported in version v5.4.224 c1f594dddd9ffd747c39f49cc5b67a9b7677d2ab
+# Backported in version v5.10.154 d9ec6e2fbd4a565b2345d4852f586b7ae3ab41fd
+# Backported in version v5.15.78 a3a7b2ac64de232edb67279e804932cb42f0b52a
+CVE_CHECK_IGNORE += "CVE-2022-3640"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3646
+# Introduced in version v2.6.30 9ff05123e3bfbb1d2b68ba1d9bf1f7d1dffc1453
+# Patched in kernel since v6.1 d0d51a97063db4704a5ef6bc978dddab1636a306
+# Backported in version v5.4.218 b7e409d11db9ce9f8bc05fcdfa24d143f60cd393
+# Backported in version v5.10.148 aad4c997857f1d4b6c1e296c07e4729d3f8058ee
+# Backported in version v5.15.74 44b1ee304bac03f1b879be5afe920e3a844e40fc
+# Backported in version v5.19.16 4755fcd844240857b525f6e8d8b65ee140fe9570
+CVE_CHECK_IGNORE += "CVE-2022-3646"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3649
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 d325dc6eb763c10f591c239550b8c7e5466a5d09
+# Backported in version v5.4.220 d1c2d820a2cd73867b7d352e89e92fb3ac29e926
+# Backported in version v5.10.148 21ee3cffed8fbabb669435facfd576ba18ac8652
+# Backported in version v5.15.74 cb602c2b654e26763226d8bd27a702f79cff4006
+# Backported in version v5.19.16 394b2571e9a74ddaed55aa9c4d0f5772f81c21e4
+CVE_CHECK_IGNORE += "CVE-2022-3649"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-4382
+# Introduced in version v5.3 e5d82a7360d124ae1a38c2a5eac92ba49b125191
+# Patched in kernel since v6.2-rc5 d18dcfe9860e842f394e37ba01ca9440ab2178f4
+# Backported in version v5.4.230 9a39f4626b361ee7aa10fd990401c37ec3b466ae
+# Backported in version v5.10.165 856e4b5e53f21edbd15d275dde62228dd94fb2b4
+# Backported in version v5.15.90 a2e075f40122d8daf587db126c562a67abd69cf9
+# Backported in version v6.1.8 616fd34d017000ecf9097368b13d8a266f4920b3
+CVE_CHECK_IGNORE += "CVE-2022-4382"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-26365
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 2f446ffe9d737e9a844b97887919c4fda18246e7
+# Backported in version v5.4.204 42112e8f94617d83943f8f3b8de2b66041905506
+# Backported in version v5.10.129 cfea428030be836d79a7690968232bb7fa4410f1
+# Backported in version v5.15.53 7ed65a4ad8fa9f40bc3979b32c54243d6a684ec9
+CVE_CHECK_IGNORE += "CVE-2022-26365"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33740
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 307c8de2b02344805ebead3440d8feed28f2f010
+# Backported in version v5.4.204 04945b5beb73019145ac17a2565526afa7293c14
+# Backported in version v5.10.129 728d68bfe68d92eae1407b8a9edc7817d6227404
+# Backported in version v5.15.53 5dd0993c36832d33820238fc8dc741ba801b7961
+CVE_CHECK_IGNORE += "CVE-2022-33740"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33741
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 4491001c2e0fa69efbb748c96ec96b100a5cdb7e
+# Backported in version v5.4.204 ede57be88a5fff42cd00e6bcd071503194d398dd
+# Backported in version v5.10.129 4923217af5742a796821272ee03f8d6de15c0cca
+# Backported in version v5.15.53 ed3cfc690675d852c3416aedb271e0e7d179bf49
+CVE_CHECK_IGNORE += "CVE-2022-33741"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-33742
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v5.19 2400617da7eebf9167d71a46122828bc479d64c9
+# Backported in version v5.4.204 60ac50daad36ef3fe9d70d89cfe3b95d381db997
+# Backported in version v5.10.129 cbbd2d2531539212ff090aecbea9877c996e6ce6
+# Backported in version v5.15.53 6d0a9127279a4533815202e30ad1b3a39f560ba3
+CVE_CHECK_IGNORE += "CVE-2022-33742"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-42895
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 b1a2cd50c0357f243b7435a732b4e62ba3157a2e
+# Backported in version v5.15.78 3e4697ffdfbb38a2755012c4e571546c89ab6422
+# Backported in version v5.10.154 26ca2ac091b49281d73df86111d16e5a76e43bd7
+# Backported in version v5.4.224 6949400ec9feca7f88c0f6ca5cb5fdbcef419c89
+CVE_CHECK_IGNORE += "CVE-2022-42895"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2022-42896
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 711f8c3fb3db61897080468586b970c87c61d9e4
+# Backported in version v5.4.226 0d87bb6070361e5d1d9cb391ba7ee73413bc109b
+# Backported in version v5.10.154 6b6f94fb9a74dd2891f11de4e638c6202bc89476
+# Backported in version v5.15.78 81035e1201e26d57d9733ac59140a3e29befbc5a
+CVE_CHECK_IGNORE += "CVE-2022-42896"
+
+
+# 2023
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0266
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.2 56b88b50565cd8b946a2d00b0c83927b7ebb055e
+# Backported in version v5.15.88 26350c21bc5e97a805af878e092eb8125843fe2c
+# Backported in version v6.1.6 d6ad4bd1d896ae1daffd7628cd50f124280fb8b1
+CVE_CHECK_IGNORE += "CVE-2023-0266"
+
+# https://nvd.nist.gov/vuln/detail/CVE-2023-0394
+# Introduced in version 2.6.12 357b40a18b04c699da1d45608436e9b76b50e251
+# Patched in kernel since v6.2 cb3e9864cdbe35ff6378966660edbcbac955fe17
+# Backported in version v5.4.229 3998dba0f78a59922b0ef333ccfeb58d9410cd3d
+# Backported in version v5.10.164 6c9e2c11c33c35563d34d12b343d43b5c12200b5
+# Backported in version v5.15.89 456e3794e08a0b59b259da666e31d0884b376bcf
+# Backported in version v6.1.7 0afa5f0736584411771299074bbeca8c1f9706d4
+CVE_CHECK_IGNORE += "CVE-2023-0394"
+
+# Wrong CPE in NVD database
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3563
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3637
+# Those issue do not affect the kernel, patchs listed on CVE pages links to https://git.kernel.org/pub/scm/bluetooth/bluez.git
+CVE_CHECK_IGNORE += "CVE-2022-3563 CVE-2022-3637"
 
 # qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255
 # There was a proposed patch https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html
diff --git a/poky/meta/conf/distro/include/ptest-packagelists.inc b/poky/meta/conf/distro/include/ptest-packagelists.inc
index 5422ecd..0681b4b 100644
--- a/poky/meta/conf/distro/include/ptest-packagelists.inc
+++ b/poky/meta/conf/distro/include/ptest-packagelists.inc
@@ -12,6 +12,7 @@
     bc-ptest \
     bluez5-ptest \
     busybox-ptest \
+    cpio-ptest \
     diffstat-ptest \
     diffutils-ptest \
     ethtool-ptest \
diff --git a/poky/meta/conf/distro/include/tcmode-default.inc b/poky/meta/conf/distro/include/tcmode-default.inc
index 9236f8b..ef61377 100644
--- a/poky/meta/conf/distro/include/tcmode-default.inc
+++ b/poky/meta/conf/distro/include/tcmode-default.inc
@@ -19,11 +19,11 @@
 GCCVERSION ?= "12.%"
 SDKGCCVERSION ?= "${GCCVERSION}"
 BINUVERSION ?= "2.40%"
-GDBVERSION ?= "12.%"
+GDBVERSION ?= "13.%"
 GLIBCVERSION ?= "2.37"
 LINUXLIBCVERSION ?= "6.1%"
 QEMUVERSION ?= "7.2%"
-GOVERSION ?= "1.19%"
+GOVERSION ?= "1.20%"
 LLVMVERSION ?= "15.%"
 RUSTVERSION ?= "1.67%"
 
diff --git a/poky/meta/conf/machine/include/riscv/qemuriscv.inc b/poky/meta/conf/machine/include/riscv/qemuriscv.inc
index 1d32b4a..c977a26 100644
--- a/poky/meta/conf/machine/include/riscv/qemuriscv.inc
+++ b/poky/meta/conf/machine/include/riscv/qemuriscv.inc
@@ -26,7 +26,7 @@
 UBOOT_ENTRYPOINT:riscv64 = "0x80200000"
 
 # qemuboot options
-QB_SMP = "-smp 4"
+QB_SMP ?= "-smp 4"
 QB_KERNEL_CMDLINE_APPEND = "earlycon=sbi"
 QB_MACHINE = "-machine virt"
 QB_DEFAULT_BIOS = "fw_jump.elf"
diff --git a/poky/meta/conf/machine/include/riscv/tune-riscv.inc b/poky/meta/conf/machine/include/riscv/tune-riscv.inc
index 6598014..8047120 100644
--- a/poky/meta/conf/machine/include/riscv/tune-riscv.inc
+++ b/poky/meta/conf/machine/include/riscv/tune-riscv.inc
@@ -10,7 +10,7 @@
 
 TUNEVALID[bigendian] = "Big endian mode"
 
-AVAILTUNES += "riscv64 riscv32 riscv64nf riscv32nf"
+AVAILTUNES += "riscv64 riscv32 riscv64nc riscv64nf riscv32nf"
 
 # Default
 TUNE_FEATURES:tune-riscv64 = "riscv64"
diff --git a/poky/meta/conf/machine/include/x86/qemuboot-x86.inc b/poky/meta/conf/machine/include/x86/qemuboot-x86.inc
index 3953679..dd7e7c9 100644
--- a/poky/meta/conf/machine/include/x86/qemuboot-x86.inc
+++ b/poky/meta/conf/machine/include/x86/qemuboot-x86.inc
@@ -1,6 +1,6 @@
 # For runqemu
 IMAGE_CLASSES += "qemuboot"
-QB_SMP = "-smp 4"
+QB_SMP ?= "-smp 4"
 QB_CPU:x86 = "-cpu IvyBridge -machine q35,i8042=off"
 QB_CPU_KVM:x86 = "-cpu IvyBridge -machine q35,i8042=off"
 
diff --git a/poky/meta/conf/machine/qemuarm.conf b/poky/meta/conf/machine/qemuarm.conf
index 1bd4e3e..c523423 100644
--- a/poky/meta/conf/machine/qemuarm.conf
+++ b/poky/meta/conf/machine/qemuarm.conf
@@ -16,7 +16,7 @@
 QB_SYSTEM_NAME = "qemu-system-arm"
 QB_MACHINE = "-machine virt,highmem=off"
 QB_CPU = "-cpu cortex-a15"
-QB_SMP = "-smp 4"
+QB_SMP ?= "-smp 4"
 # Standard Serial console
 QB_KERNEL_CMDLINE_APPEND = "vmalloc=256"
 # For graphics to work we need to define the VGA device as well as the necessary USB devices
diff --git a/poky/meta/conf/machine/qemuarm64.conf b/poky/meta/conf/machine/qemuarm64.conf
index ffc51c8..2f0f0e4 100644
--- a/poky/meta/conf/machine/qemuarm64.conf
+++ b/poky/meta/conf/machine/qemuarm64.conf
@@ -16,7 +16,7 @@
 QB_SYSTEM_NAME = "qemu-system-aarch64"
 QB_MACHINE = "-machine virt"
 QB_CPU = "-cpu cortex-a57"
-QB_SMP = "-smp 4"
+QB_SMP ?= "-smp 4"
 QB_CPU_KVM = "-cpu host -machine gic-version=3"
 # For graphics to work we need to define the VGA device as well as the necessary USB devices
 QB_GRAPHICS = "-device virtio-gpu-pci"
diff --git a/poky/meta/conf/machine/qemuppc64.conf b/poky/meta/conf/machine/qemuppc64.conf
index 7709339..2fbd26a 100644
--- a/poky/meta/conf/machine/qemuppc64.conf
+++ b/poky/meta/conf/machine/qemuppc64.conf
@@ -13,7 +13,7 @@
 QB_SYSTEM_NAME = "qemu-system-ppc64"
 QB_MACHINE = "-machine pseries"
 QB_CPU = "-cpu POWER9"
-QB_SMP = "-smp 2"
+QB_SMP ?= "-smp 2"
 
 QB_NFSROOTFS_EXTRA_OPT = "wsize=524288,rsize=524288"
 QB_KERNEL_CMDLINE_APPEND = "console=hvc0 nohugevmalloc"
diff --git a/poky/meta/conf/sanity.conf b/poky/meta/conf/sanity.conf
index fff1ad8..5934199 100644
--- a/poky/meta/conf/sanity.conf
+++ b/poky/meta/conf/sanity.conf
@@ -3,7 +3,7 @@
 # See sanity.bbclass
 #
 # Expert users can confirm their sanity with "touch conf/sanity.conf"
-BB_MIN_VERSION = "2.0.1"
+BB_MIN_VERSION = "2.3.1"
 
 SANITY_ABIFILE = "${TMPDIR}/abi_version"
 
diff --git a/poky/meta/conf/conf-notes.txt b/poky/meta/conf/templates/default/conf-notes.txt
similarity index 100%
rename from poky/meta/conf/conf-notes.txt
rename to poky/meta/conf/templates/default/conf-notes.txt