subtree updates
meta-raspberrypi: b6a1645a97..c57b464b88:
Lluis Campos (1):
rpi-cmdline: do_compile: Use pure Python syntax to get `CMDLINE`
meta-openembedded: 2eb39477a7..a755af4fb5:
Adrian Zaharia (1):
lapack: add packageconfig for lapacke
Akash Hadke (1):
polkit: Add --shell /bin/nologin to polkitd user
Alex Kiernan (3):
ntpsec: Add UPSTREAM_CHECK_URI
libgpiod: Detect ptest using PTEST_ENABLED
ostree: Cleanup PACKAGECONFIGs
Anuj Mittal (1):
yasm: fix buildpaths warning
Atanas Bunchev (1):
python3-twitter: Upgrade 4.8.0 -> 4.10.1
Bartosz Golaszewski (4):
imagemagick: add PACKAGECONFIG for C++ bindings
python3-matplotlib: don't use PYTHON_PN
python3-matplotlib: add packaging to RDEPENDS
python3-matplotlib: bump to 3.5.2
Bruce Ashfield (3):
vboxguestdrivers: fix build against 5.19 kernel / libc-headers
zfs: update to v2.1.5
vboxguestdrivers: make kernel shared directory dependency explicit
Carsten Bäcker (1):
spdlog: Fix CMake flag
Changqing Li (3):
fuse3: support ptest
redis: fix do_patch fuzz warning
dlt-daemon: fix dlt-system.service failed since buffer overflow
Clément Péron (1):
python: add Pydantic data validation package
Devendra Tewari (1):
android-tools: sleep more in android-gadget-start
Ed Tanous (1):
Add python-requests-unixsocket recipe
Enguerrand de Ribaucourt (1):
mdio-tools: add recipes
Etienne Cordonnier (1):
uutils-coreutils: add recipe
Jagadeesh Krishnanjanappa (4):
python3-asgiref: add recipe
python3-django: make 3.2.x as default version
python3-django: Add python3-asgiref runtime dependency
python3-django: remove 2.2.x recipe
Jan Luebbe (2):
chrony: add support for config and source snippet includes
gensio: upgrade 2.3.1 -> 2.5.2
Jan Vermaete (1):
makeself: added makeself as new recipe
Jim Broadus (1):
networkmanager: fix iptables and nft paths
Jose Quaresma (2):
wireguard-module: 1.0.20210219 -> 1.0.20220627
wireguard-tools: Add a new package for wg-quick
Julian Haller (2):
pcsc-lite: upgrade 1.9.0 -> 1.9.8
ccid: upgrade 1.4.33 -> 1.5.0
Justin Bronder (1):
lmdb: only set SONAME on the shared library
Khem Raj (61):
mariadb: Inherit pkgconfig
mariadb: Add packageconfig for lz4 and enable it
ibus: Swith to use main branch instead of master
kronosnet: Upgrade to 1.24
ostree: Upgrade to 2022.5 release
sdbus-c++-libsystemd: Fix build with glibc 2.36
xfstests: Upgrade to v2022.07.10
autofs: Fix build with glibc 2.36
audit: Upgrade to 3.0.8 and fix build with linux 5.17+
pcp: Add to USERADD_PACKAGES instead of override
mozjs: Use RUST_HOST_SYS and RUST_TARGET_SYS
fluentbit: Fix build with clang
audit: Fix build with musl
fluentbit: Fix build with musl
klibc: Upgrade to 2.0.10
gnome-keyring,cunit,xfce4-panel: Do not inherit remove-libtool class here
mpd: Update to 0.23.8
openipmi: Enable largefile cflags
proftpd: Always enable largefile support
netperf: Always enable largefile support
openipmi: Always enable largefile support
unbound: Always enable largefile support
sysbench: Always enable largefile support
libmtp: Always enable largefile support
toybox: Fix build with glibc 2.36+
xfstests: Upgrade to 2022.07.31 release
libmpd: Fix function returns and casts
audit: Revert the tweak done in configure step in do_install
mpd: Upgrade to 0.23.9
fluentbit: Use CMAKE_C_STANDARD_LIBRARIES cmake var to pass libatomic
fluentbit: Upgrade to 1.9.7 and fix build on x86
klibc: Fix build with kernel 5.19 headers
ntpsec: Add -D_GNU_SOURCE and fix building with devtool
gd: Fix build with clang-15
cpulimit: Define -D_GNU_SOURCE
safec: Remove unused variable 'len'
ncftp: Enable autoreconf
ncftp: Fix TMPDIR path embedding into ncftpget
libb64: Switch to github fork and upgrade to 2.0.0.1+git
dhrystone: Disable warnings as errors with clang
dibbler: Fix build with musl
fio: Fix additional warnings seen with musl
ssmtp: Fix null pointer assignments
gst-editing-services: Add recipe
rygel: Upgrade to 0.40.4
libesmtp: Define _GNU_SOURCE
python3-grpcio: Enable largefile support explicitly
libteam: Include missing headers for strrchr and memcmp
neon: Upgrade to 0.32.2
satyr: Fix build on musl/clang
libmusicbrainz: Avoid -Wnonnull warning
aom: Upgrade to 3.4.0
vorbis-tools: Fix build on musl
dvb-apps: Use tarball for SRC_URI and fix build on musl
python3-netifaces: Fix build with python3 and musl
python3-pyephem: Fix build with python3 and musl
samba: Fix warnings in configure tests for rpath checks
lirc: Fix build on musl
mongodb: Fix boost build with clang-15
crda: Fix build with clang-15
monkey: Fix build with musl
Lei Maohui (2):
dnf-plugin-tui: Fix somw issue in postinstall process.
xrdp: Fix buildpaths warning.
Leon Anavi (16):
python3-nocasedict: Upgrade 1.0.3 -> 1.0.4
python3-frozenlist: Upgrade 1.3.0 -> 1.3.1
python3-networkx: Upgrade 2.8.4 -> 2.8.5
python3-pyhamcrest: Upgrade 2.0.3 -> 2.0.4
python3-aiohue: Upgrade 4.4.2 -> 4.5.0
python3-pyperf: Upgrade 2.3.0 -> 2.4.1
python3-eth-abi: Upgrade 3.0.0 -> 3.0.1
python3-cytoolz: Upgrade 0.11.2 -> 0.12.0
python3-yarl: Upgrade 1.7.2 -> 1.8.1
python3-term: Upgrade 2.3 -> 2.4
python3-coverage: Upgrade 6.4.1 -> 6.4.4
python3-regex: Upgrade 2022.7.25 -> 2022.8.17
python3-awesomeversion: Upgrade 22.6.0 -> 22.8.0
python3-typed-ast: Upgrade 1.5.2 -> 1.5.4
python3-prompt-toolkit: Upgrade 3.0.24 -> 3.0.30
python3-prettytable: Upgrade 3.1.1 -> 3.3.0
Markus Volk (6):
libass: update to v1.16.0
spdlog: update to v1.10.0
waylandpp: add recipe
wireplumber: update to v0.4.11
pipewire: update to v0.3.56
pipewire: improve runtime dependency settings
Marta Rybczynska (1):
polkit: update patches for musl compilation
Matthias Klein (1):
libftdi: update to 1.5
Mike Crowe (1):
yasm: Only depend on xmlto when docs are enabled
Mike Petersen (1):
sshpass: add recipe
Mingli Yu (10):
net-snmp: set ac_cv_path_PSPROG
postgresql: Fix the buildpaths issue
freeradius: Fix buildpaths issue
openipmi: Fix buildpaths issue
apache2: Fix the buildpaths issue
frr: fix buildpaths issue
nspr: fix buildpaths issue
liblockfile: fix buildpaths issue
freediameter: fix buildpaths issue
postgresql: make sure pam conf installed when pam enabled
Ovidiu Panait (1):
net-snmp: upgrade 5.9.1 -> 5.9.3
Paulo Neves (1):
fluentbit Upgrade to 1.3.5 -> 1.9.6
Philip Balister (2):
python3-pybind11: Update to Version 2.10.0.
Remove dead link and old information from the README.
Potin Lai (7):
libplist: add libplist_git.bb
libimobiledevice-glue: SRCREV bump bc6c44b..d2ff796
libimobiledevice: add libimobiledevice_git.bb
libirecovery: SRCREV bump e190945..ab5b4d8
libusbmuxd: add libusbmuxd_git.bb
usbmuxd: add usbmuxd_git.bb
idevicerestore: SRCREV bump 280575b..7d622d9
Richard Purdie (1):
lmdb: Don't inherit base
Sam Van Den Berge (1):
python3-jsonrpcserver: add patch to use importlib.resources instead of pkg_resources
Saul Wold (10):
libipc-signal-perl: Fix LICENSE string
libdigest-hmac-perl: Fix LICENSE string
libio-socket-ssl-perl: Fix LICENSE string
libdigest-sha1-perl: Fix LICENSE string
libmime-types-perl: Fix LICENSE string
libauthen-sasl-perl: Fix LICENSE string
libnet-ldap-perl: Fix LICENSE string
libxml-libxml-perl: Fix LICENSE string
libnet-telnet-perl: Fix LICENSE string
libproc-waitstat-perl: Fix LICENSE string
Sean Anderson (2):
image_types_sparse: Pad source image to block size
image_types_sparse: Generate "don't care" chunks
Vyacheslav Yurkov (4):
protobuf: correct ptest dependency
protobuf: 3.19.4 -> 3.21.5 upgrade
protobuf: change build system to cmake
protobuf: disable protoc binary for target
Wang Mingyu (60):
cifs-utils: upgrade 6.15 -> 7.0
geocode-glib: upgrade 3.26.3 -> 3.26.4
gjs: upgrade 1.72.1 -> 1.72.2
htpdate: upgrade 1.3.5 -> 1.3.6
icewm: upgrade 2.9.8 -> 2.9.9
ipc-run: upgrade 20200505.0 -> 20220807.0
iwd: upgrade 1.28 -> 1.29
ldns: upgrade 1.8.1 -> 1.8.2
libadwaita: upgrade 1.1.3 -> 1.1.4
libencode-perl: upgrade 3.18 -> 3.19
libmime-charset-perl: upgrade 1.012.2 -> 1.013.1
libtest-warn-perl: upgrade 0.36 -> 0.37
nano: upgrade 6.3 -> 6.4
nbdkit: upgrade 1.31.15 -> 1.32.1
netdata: upgrade 1.35.1 -> 1.36.0
fio: upgrade 3.30 -> 3.31
nlohmann-json: upgrade 3.10.5 -> 3.11.2
poco: upgrade 1.12.1 -> 1.12.2
postgresql: upgrade 14.4 -> 14.5
poppler: upgrade 22.07.0 -> 22.08.0
smarty: upgrade 4.1.1 -> 4.2.0
tracker: upgrade 3.3.2 -> 3.3.3
uftp: upgrade 5.0 -> 5.0.1
xdg-user-dirs: upgrade 0.17 -> 0.18
python3-pycodestyle: upgrade 2.9.0 -> 2.9.1
python3-pyzmq: upgrade 23.2.0 -> 23.2.1
python3-setuptools-declarative-requirements: upgrade 1.2.0 -> 1.3.0
python3-sqlalchemy: upgrade 1.4.39 -> 1.4.40
python3-werkzeug: upgrade 2.2.1 -> 2.2.2
python3-xmlschema: upgrade 2.0.1 -> 2.0.2
python3-yappi: upgrade 1.3.5 -> 1.3.6
ade: upgrade 0.1.1f -> 0.1.2
babl: upgrade 0.1.92 -> 0.1.94
ctags: upgrade 5.9.20220703.0 -> 5.9.20220821.0
grilo-plugins: upgrade 0.3.14 -> 0.3.15
ldns: upgrade 1.8.2 -> 1.8.3
libcurses-perl: upgrade 1.38 -> 1.41
mosquitto: upgrade 2.0.14 -> 2.0.15
nbdkit: upgrade 1.32.1 -> 1.33.1
netdata: upgrade 1.36.0 -> 1.36.1
libsdl2-ttf: upgrade 2.20.0 -> 2.20.1
xfstests: upgrade 2022.07.31 -> 2022.08.07
php: upgrade 8.1.8 -> 8.1.9
rdma-core: upgrade 41.0 -> 42.0
spitools: upgrade 1.0.1 -> 1.0.2
unbound: upgrade 1.16.1 -> 1.16.2
zlog: upgrade 1.2.15 -> 1.2.16
python3-hexbytes: upgrade 0.2.3 -> 0.3.0
python3-pythonping: upgrade 1.1.2 -> 1.1.3
python3-jsonrpcserver: Add dependence python3-typing-extensions
feh: upgrade 3.9 -> 3.9.1
gnome-bluetooth: upgrade 42.2 -> 42.3
hunspell: upgrade 1.7.0 -> 1.7.1
gtk4: upgrade 4.6.6 -> 4.6.7
logwatch: upgrade 7.6 -> 7.7
bdwgc: upgrade 8.2.0 -> 8.2.2
tcpreplay: upgrade 4.4.1 -> 4.4.2
tree: upgrade 2.0.2 -> 2.0.3
xfsdump: upgrade 3.1.10 -> 3.1.11
babl: upgrade 0.1.94 -> 0.1.96
Wolfgang Meyer (1):
libsdl2-ttf: upgrade 2.0.18 -> 2.20.0
Xu Huan (18):
python3-protobuf: upgrade 4.21.3 -> 4.21.4
python3-pycodestyle: upgrade 2.8.0 -> 2.9.0
python3-pyflakes: upgrade 2.4.0 -> 2.5.0
python3-pythonping: upgrade 1.1.1 -> 1.1.2
python3-regex: upgrade 2022.7.24 -> 2022.7.25
python3-werkzeug: upgrade 2.2.0 -> 2.2.1
python3-google-auth: upgrade 2.9.1 -> 2.10.0
python3-humanize: upgrade 4.2.3 -> 4.3.0
python3-hexbytes: upgrade 0.2.2 -> 0.2.3
python3-imageio: upgrade 2.21.0 -> 2.21.1
python3-nocaselist: upgrade 1.0.5 -> 1.0.6
python3-protobuf: upgrade 4.21.4 -> 4.21.5
python3-pycares: upgrade 4.2.1 -> 4.2.2
python3-fastjsonschema: upgrade 2.16.1 -> 2.16.2
python3-google-api-python-client: upgrade 2.56.0 -> 2.57.0
python3-google-auth: upgrade 2.10.0 -> 2.11.0
python3-grpcio-tools: upgrade 1.47.0 -> 1.48.0
python3-grpcio: upgrade 1.47.0 -> 1.48.0
Yi Zhao (5):
strongswan: upgrade 5.9.6 -> 5.9.7
libldb: upgrade 2.3.3 -> 2.3.4
samba: upgrade 4.14.13 -> 4.14.14
python3-jsonrpcserver: upgrade 5.0.7 -> 5.0.8
samba: fix buildpaths issue
wangmy (16):
gedit: upgrade 42.1 -> 42.2
libwacom: upgrade 2.3.0 -> 2.4.0
htpdate: upgrade 1.3.4 -> 1.3.5
nbdkit: upgrade 1.31.14 -> 1.31.15
pure-ftpd: upgrade 1.0.50 -> 1.0.51
avro-c: upgrade 1.11.0 -> 1.11.1
debootstrap: upgrade 1.0.126 -> 1.0.127
freerdp: upgrade 2.7.0 -> 2.8.0
icewm: upgrade 2.9.7 -> 2.9.8
libmxml: upgrade 3.3 -> 3.3.1
poco: upgrade 1.12.0 -> 1.12.1
xfontsel: upgrade 1.0.6 -> 1.1.0
xmessage: upgrade 1.0.5 -> 1.0.6
xrefresh: upgrade 1.0.6 -> 1.0.7
zabbix: upgrade 6.0.5 -> 6.2.1
xrdp: upgrade 0.9.18 -> 0.9.19
zhengrq.fnst (4):
python3-asttokens: upgrade 2.0.7 -> 2.0.8
python3-charset-normalizer: upgrade 2.1.0 -> 2.1.1
python3-eth-account: 0.6.1 -> 0.7.0
python3-cantools: upgrade 37.1.0 -> 37.1.2
zhengruoqin (12):
python3-dominate: upgrade 2.6.0 -> 2.7.0
python3-flask-login: upgrade 0.6.1 -> 0.6.2
python3-google-api-python-client: upgrade 2.54.0 -> 2.55.0
python3-haversine: upgrade 2.5.1 -> 2.6.0
python3-imageio: upgrade 2.19.5 -> 2.21.0
python3-autobahn: upgrade 22.6.1 -> 22.7.1
python3-engineio: upgrade 4.3.3 -> 4.3.4
python3-flask: upgrade 2.1.3 -> 2.2.2
python3-gcovr: upgrade 5.1 -> 5.2
python3-google-api-python-client: upgrade 2.55.0 -> 2.56.0
python3-asttokens: upgrade 2.0.5 -> 2.0.7
python3-zeroconf: upgrade 0.38.7 -> 0.39.0
meta-security: 2a2d650ee0..10fdc2b13a:
Anton Antonov (2):
Use CARGO_TARGET_SUBDIR in do_install
parsec-service: Update oeqa tests
Armin Kuster (8):
python3-privacyidea: update to 3.7.3
lkrg-module: update to 0.9.5
apparmor: update to 3.0.6
packagegroup-core-security: add space for appends
cryptmount: Add new pkg
packagegroup-core-security: add pkg to grp
cyptmount: Fix mount.h conflicts seen with glibc 2.36+
kas: update testimage inherit
John Edward Broadbent (1):
meta-security: Add recipe for Glome
Mingli Yu (1):
samhain-standalone: fix buildpaths issue
poky: fc59c28724..9b1db65e7d:
Alejandro Hernandez Samaniego (1):
baremetal-image.bbclass: Emulate image.bbclass to handle new classes scope
Alex Stewart (1):
maintainers: update opkg maintainer
Alexander Kanavin (113):
kmscube: address linux 5.19 fails
rpm: update 4.17.0 -> 4.17.1
go: update 1.18.4 -> 1.19
bluez5: update 5.64 -> 5.65
python3-pip: update 22.2.1 -> 22.2.2
ffmpeg: update 5.0.1 -> 5.1
iproute2: upgrade 5.18.0 -> 5.19.0
harfbuzz: upgrade 4.4.1 -> 5.1.0
libwpe: upgrade 1.12.0 -> 1.12.2
bind: upgrade 9.18.4 -> 9.18.5
diffoscope: upgrade 218 -> 220
ell: upgrade 0.51 -> 0.52
gnutls: upgrade 3.7.6 -> 3.7.7
iso-codes: upgrade 4.10.0 -> 4.11.0
kea: upgrade 2.0.2 -> 2.2.0
kexec-tools: upgrade 2.0.24 -> 2.0.25
libcap: upgrade 2.64 -> 2.65
libevdev: upgrade 1.12.1 -> 1.13.0
libnotify: upgrade 0.8.0 -> 0.8.1
libwebp: upgrade 1.2.2 -> 1.2.3
libxcvt: upgrade 0.1.1 -> 0.1.2
mesa: upgrade 22.1.3 -> 22.1.5
mobile-broadband-provider-info: upgrade 20220511 -> 20220725
nettle: upgrade 3.8 -> 3.8.1
piglit: upgrade to latest revision
puzzles: upgrade to latest revision
python3: upgrade 3.10.5 -> 3.10.6
python3-dtschema: upgrade 2022.7 -> 2022.8
python3-hypothesis: upgrade 6.50.1 -> 6.54.1
python3-jsonschema: upgrade 4.9.0 -> 4.9.1
python3-markdown: upgrade 3.3.7 -> 3.4.1
python3-setuptools: upgrade 63.3.0 -> 63.4.1
python3-sphinx: upgrade 5.0.2 -> 5.1.1
python3-urllib3: upgrade 1.26.10 -> 1.26.11
sqlite3: upgrade 3.39.1 -> 3.39.2
sysklogd: upgrade 2.4.0 -> 2.4.2
webkitgtk: upgrade 2.36.4 -> 2.36.5
kernel-dev: working with kernel using devtool does not require building and installing eSDK
sdk-manual: describe how to use extensible SDK functionality directly in a Yocto build
dropbear: merge .inc into .bb
rust: update 1.62.0 -> 1.62.1
cmake: update 3.23.2 -> 3.24.0
weston: upgrade 10.0.1 -> 10.0.2
patchelf: update 0.14.5 -> 0.15.0
patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak
weston: exclude pre-releases from version check
tzdata: upgrade 2022a -> 2022b
libcgroup: update 2.0.2 -> 3.0.0
python3-setuptools-rust: update 1.4.1 -> 1.5.1
shadow: update 4.11.1 -> 4.12.1
slang: update 2.3.2 -> 2.3.3
xz: update 5.2.5 -> 5.2.6
gdk-pixbuf: update 2.42.8 -> 2.42.9
xorgproto: update 2022.1 -> 2022.2
boost-build-native: update 4.4.1 -> 1.80.0
boost: update 1.79.0 -> 1.80.0
vulkan-samples: update to latest revision
epiphany: upgrade 42.3 -> 42.4
git: upgrade 2.37.1 -> 2.37.2
glib-networking: upgrade 2.72.1 -> 2.72.2
gnu-efi: upgrade 3.0.14 -> 3.0.15
gpgme: upgrade 1.17.1 -> 1.18.0
libjpeg-turbo: upgrade 2.1.3 -> 2.1.4
libwebp: upgrade 1.2.3 -> 1.2.4
lighttpd: upgrade 1.4.65 -> 1.4.66
mesa: upgrade 22.1.5 -> 22.1.6
meson: upgrade 0.63.0 -> 0.63.1
mpg123: upgrade 1.30.1 -> 1.30.2
pango: upgrade 1.50.8 -> 1.50.9
piglit: upgrade to latest revision
pkgconf: upgrade 1.8.0 -> 1.9.2
python3-dtschema: upgrade 2022.8 -> 2022.8.1
python3-more-itertools: upgrade 8.13.0 -> 8.14.0
python3-numpy: upgrade 1.23.1 -> 1.23.2
python3-pbr: upgrade 5.9.0 -> 5.10.0
python3-pyelftools: upgrade 0.28 -> 0.29
python3-pytz: upgrade 2022.1 -> 2022.2.1
strace: upgrade 5.18 -> 5.19
sysklogd: upgrade 2.4.2 -> 2.4.4
wireless-regdb: upgrade 2022.06.06 -> 2022.08.12
wpebackend-fdo: upgrade 1.12.0 -> 1.12.1
python3-hatchling: update 1.6.0 -> 1.8.0
python3-setuptools: update 63.4.1 -> 65.0.2
devtool: do not leave behind source trees in workspace/sources
systemtap: add a patch to address a python 3.11 failure
bitbake: bitbake-layers: initialize tinfoil before registering command line arguments
scripts/oe-setup-builddir: add a check that TEMPLATECONF is valid
bitbake-layers: add a command to save the active build configuration as a template into a layer
bitbake-layers: add ability to save current layer repository configuration into a file
scripts/oe-setup-layers: add a script that restores the layer configuration from a json file
selftest/bblayers: add a test for creating a layer setup and using it to restore the layers
selftest/bblayers: adjust the revision for the layer setup test
perl: run builds from a pristine source tree
meta-poky/conf: move default templates to conf/templates/default/
syslinux: mark all pending patches as Inactive-Upstream
shadow: correct the pam patch status
mtd-utils: remove patch that adds -I option
gstreamer1.0-plugins-bad: remove an unneeded patch
ghostscript: remove unneeded patch
ovmf: drop the force no-stack-protector patch
python: submit CC to cc_basename patch upstream
mc: submit perl warnings patch upstream
sysvinit: send install.patch upstream
valgrind: (re)send ppc instructions patch upstream
gdk-pixbuf: submit fatal-loader.patch upstream
libsdl2: follow upstream version is even rule
python3-pip: submit reproducible.patch upstream
python3-pip: remove unneeded reproducible.patch
llvm: remove 0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch
scripts/oe-setup-builddir: migrate build/conf/templateconf.cfg to new template locations
meta/files/layers.schema.json: drop the layers property
scripts/oe-setup-builddir: write to conf/templateconf.cfg after the build is set up
scripts/oe-setup-builddir: make environment variable the highest priority source for TEMPLATECONF
Alexandre Belloni (1):
ruby: drop capstone support
Andrei Gherzan (7):
shadow: Enable subid support
rootfspostcommands.py: Restructure sort_passwd and related functions
rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils
selftest: Add module for testing rootfs postcommands
rootfs-postcommands.bbclass: Follow function rename in rootfspostcommands.py
shadow: Avoid nss warning/error with musl
linux-yocto: Fix COMPATIBLE_MACHINE regex match
Andrey Konovalov (2):
mesa: add pipe-loader's libraries to libopencl-mesa package
mesa: build clover with native LLVM codegen support for freedreno
Anuj Mittal (1):
poky.conf: add ubuntu-22.04 to tested distros
Armin Kuster (1):
system-requirements.rst: remove EOL and Centos7 hosts
Aryaman Gupta (1):
bitbake: runqueue: add memory pressure regulation
Awais Belal (1):
kernel-fitimage.bbclass: only package unique DTBs
Beniamin Sandu (1):
libpam: use /run instead of /var/run in systemd tmpfiles
Bertrand Marquis (1):
sysvinit-inittab/start_getty: Fix respawn too fast
Bruce Ashfield (22):
linux-yocto/5.15: update to v5.15.58
linux-yocto/5.10: update to v5.10.134
linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge)
linux-libc-headers: update to v5.19
kernel-devsrc: support arm v5.19+ on target build
kernel-devsrc: support powerpc on v5.19+
lttng-modules: fix build against mips and v5.19 kernel
linux-yocto: introduce v5.19 reference kernel recipes
meta/conf: update preferred linux-yocto version to v5.19
linux-yocto: drop v5.10 reference kernel recipes
linux-yocto/5.15: update to v5.15.59
linux-yocto/5.15: fix reproducibility issues
linux-yocto/5.19: cfg: update x32 configuration fragment
linux-yocto/5.19: fix reproducibility issues
poky: update preferred version to v5.19
poky: change preferred kernel version to 5.15 in poky-alt
yocto-bsp: drop v5.10 bbappend and create 5.19 placeholder
lttng-modules: replace mips compaction fix with upstream change
linux-yocto/5.15: update to v5.15.60
linux-yocto/5.19: update to v5.19.1
linux-yocto/5.19: update to v5.19.3
linux-yocto/5.15: update to v5.15.62
Changqing Li (1):
apt: fix nativesdk-apt build failure during the second time build
Chen Qi (2):
python3-hypothesis: revert back to 6.46.11
python3-requests: add python3-compression dependency
Drew Moseley (1):
rng-tools: Replace obsolete "wants systemd-udev-settle"
Enrico Scholz (2):
npm.bbclass: fix typo in 'fund' config option
npm.bbclass: fix architecture mapping
Ernst Sjöstrand (1):
cve-check: Don't use f-strings
Jacob Kroon (1):
python3-cython: Remove debug lines
Jan Luebbe (2):
openssh: sync local ssh_config + sshd_config files with upstream 8.7p1
openssh: add support for config snippet includes to ssh and sshd
JeongBong Seo (1):
wic: add 'none' fstype for custom image
Johannes Schneider (1):
classes: rootfs-postcommands: autologin root on serial-getty
Jon Mason (2):
oeqa/parselogs: add qemuarmv5 arm-charlcd masking
ref-manual: add numa to machine features
Jose Quaresma (4):
bitbake: build: prefix the tasks with a timestamp in the log task_order
archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source
linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS
shaderc: upgrade 2022.1 -> 2022.2
Joshua Watt (4):
bitbake: siggen: Fix insufficent entropy in sigtask file names
bitbake: utils: Pass lock argument in fileslocked
classes: cve-check: Get shared database lock
meta/files: add layer setup JSON schema and example
Kai Kang (1):
packagegroup-self-hosted: update for strace
Kevin Hao (1):
uboot-config.bbclass: Don't bail out early in multi configs
Khem Raj (83):
qemu: Fix build with glibc 2.36
mtd-utils: Fix build with glibc 2.36
stress-ng: Upgrade to 0.14.03
bootchart2: Fix build with glibc 2.36+
ltp: Fix sys/mount.h conflicts needed for glibc 2.36+ compile
efivar: Fix build with glibc 2.36
cracklib: Drop using register keyword
util-linux: Define pidfd_* function signatures
util-linux: Upgrade to 2.38.1
tcp-wrappers: Fix implicit-function-declaration warnings
perl-cross: Correct function signatures in configure_func.sh
perl: Pass additional flags to enable lfs and gnu source
sysvinit: Fix mount.h conflicts seen with glibc 2.36+
glibc: Bump to 2.36
glibc: Update patch status
zip: Enable largefile support based on distro feature
zip: Make configure checks to be more robust
unzip: Fix configure tests to use modern C
unzip: Enable largefile support when enabled in distro
iproute2: Fix netns check during configure
glibc: Bump to latest 2.36 branch
gstreamer1.0-plugins-base: Include required system headers for isspace() and sscanf()
musl: Upgrade to latest tip of trunk
zip: Always enable LARGE_FILE_SUPPORT
libmicrohttpd: Enable largefile support unconditionally
unzip: Always enable largefile support
default-distrovars: Remove largefile from defualt DISTRO_FEATURES
zlib: Resolve CVE-2022-37434
json-c: Fix function prototypes
rsync: Backport fix to address CVE-2022-29154
rsync: Upgrade to 3.2.5
libtirpc: Backport fix for CVE-2021-46828
libxml2: Ignore CVE-2016-3709
tiff: Backport a patch for CVE-2022-34526
libtirpc: Upgrade to 1.3.3
perf: Add packageconfig for libbfd support and use disabled as default
connman: Backports for security fixes
systemd: Upgrade to 251.4 and fix build with binutils 2.39
time: Add missing include for memset
screen: Add missing include files in configure checks
setserial: Fix build with clang
expect: Fix implicit-function-declaration warnings
spirv-tools: Remove default copy constructor in header
boost: Compile out stdlib unary/binary_functions for c++11 and newer
vulkan-samples: Qualify move as std::move
apt: Do not use std::binary_function
ltp: Fix sys/mount.h and linux/mount.h conflict
rpm: Remove -Wimplicit-function-declaration warnings
binutils: Upgrade to 2.39 release
binutils-cross: Disable gprofng for when building cross binutils
binutils: Package up gprofng
binutils: Disable gprofng when using clang
binutils-cross-canadian: Package up new gprofng.rc file
autoconf: Fix strict prototype errors in generated tests
rsync: Add missing prototypes to function declarations
nfs-utils: Upgrade to 2.6.2
webkitgtk: Upgrade to 2.36.6 minor update
musl: Update to tip
binutils: Disable gprofng on musl systems
binutils: Upgrade to latest on 2.39 release branch
cargo_common.bbclass: Add missing space in shell conditional code
rng-tools: Remove depndencies on hwrng
ccache: Update the patch status
ccache: Fix build with gcc12 on musl
alsa-plugins: Include missing string.h
xinetd: Pass missing -D_GNU_SOURCE
watchdog: Include needed system header for function decls
libcgroup: Use GNU strerror_r only when its available
pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses
apr: Use correct strerror_r implementation based on libc type
gcr: Define _GNU_SOURCE
ltp: Adjust types to match create_fifo_thread return
gcc: Upgrade to 12.2.0
glibc: Update to latest on 2.36
ltp: Remove -mfpmath=sse on x86-64 too
apr: Cache configure tests which use AC_TRY_RUN
rust: Fix build failure on riscv32
ncurses: Fix configure tests for exit and mbstate_t
rust-llvm: Update to matching LLVM_VERSION from rust-source
librepo: Fix build on musl
rsync: Turn on -pedantic-errors at the end of 'configure'
ccache: Upgrade to 4.6.2
xmlto: Update to use upstream tip of trunk
Konrad Weihmann (1):
python3: disable user site-pkg for native target
Lee Chee Yang (1):
migration guides: add release notes for 4.0.3
Luca Ceresoli (1):
libmnl: remove unneeded SRC_URI 'name' option
Markus Volk (2):
connman: add PACKAGECONFIG to support iwd
packagegroup-base.bb: add a configure option to set the wireless-daemon
Martin Jansa (5):
glibc: revert one upstream change to work around broken DEBUG_BUILD build
syslinux: Fix build with glibc-2.36
syslinux: refresh patches with devtool
glibc: fix new upstream build issue with DEBUG_BUILD build
glibc: apply proposed patch from upstream instead of revert
Mateusz Marciniec (2):
util-linux: Remove --enable-raw from EXTRA_OECONF
util-linux: Improve check for magic in configure.ac
Michael Halstead (1):
uninative: Upgrade to 3.7 to work with glibc 2.36
Michael Opdenacker (1):
dev-manual: use proper note directive
Mingli Yu (1):
bitbake: fetch: use BPN instead
Neil Horman (1):
bitbake: Fix npm to use https rather than http
Paul Eggleton (1):
relocate_sdk.py: ensure interpreter size error causes relocation to fail
Pavel Zhukov (6):
package_rpm: Do not replace square brackets in %files
selftest: Add regression test for rpm filesnames
parselogs: Ignore xf86OpenConsole error
bitbake: gitsm: Error out if submodule refers to parent repo
bitbake: tests: Add Timeout class
bitbake: tests: Add test for possible gitsm deadlock
Peter Bergin (3):
rust-cross-canadian: rename shell variables for easier appends
packagegroup-rust-cross-canadian: add native compiler environment
oeqa/sdk: extend rust test to also use a build script
Peter Marko (1):
create-spdx: handle links to inaccessible locations
Quentin Schulz (3):
docs: conf.py: update yocto_git base URL
docs: README: add TeX font package required for building PDF
docs: ref-manual: system-requirements: add missing packages
Randy MacLeod (1):
rust: update from 1.62.1 to 1.63.0
Rasmus Villemoes (1):
bitbake.conf: set BB_DEFAULT_UMASK using ??=
Richard Purdie (85):
oeqa/selftest/sstate: Ensure tests are deterministic
nativesdk: Clear TUNE_FEATURES
populate_sdk_base: Disable rust SDK for MIPS n32
selftest/reproducible: Exclude rust/rust-dbg for now until we can fix
conf/distro/no-static-libs: Allow static musl for rust
rust-target-config: Add mips n32 target information
rust-common: Add CXXFLAGS
rust-common: Drop export directive from wrappers
rust-common: Rework wrappers to handle musl
rust: Work around reproducibility issues
rust: Switch to use RUST_XXX_SYS consistently
rust.inc: Rename variables to make code clearer
rust.inc: Fix cross build llvm-config handling
rust/mesa: Drop obsolete YOCTO_ALTERNATE_MULTILIB_NAME
rust-target-config: Show clear error when target isn't defined
rust: Generate per recipe target configuration files
rust-common/rust: Improve bootstrap BUILD_SYS handling
cargo_common: Handle build SYS as well as HOST/TARGET
rust-llvm: Enable nativesdk variant
rust.inc: Fix for cross compilation configuration
rust-common: Update to match cross targets
rust-target-config: Make target workaround generic
rust-common: Simplify libc handling
cargo: Drop cross-canadian variant and fix/use nativesdk
rust-common: Set rustlibdir to match target expectation
rust-cross-canadian: Simplify and fix
rust: Drop cross/crosssdk
rust: Enable nativesdk and target builds + replace rust-tools-cross-canadian
rust: Fix musl builds
rust: Ensure buildpaths are handled in debug symbols correctly
rust: Update README
selftest/wic: Tweak test case to not depend on kernel size
bitbake: runqueue: Ensure deferred tasks are sorted by multiconfig
bitbake: runqueue: Improve deadlock warning messages
bitbake: runqueue: Drop deadlock breaking force fail
rust-common: Remove conflict with utils create_wrapper
kern-devsrc: Drop auto.conf creation
cargo: Work around host system library conflicts
rust-cross-canadian: Use shell from SDK, not the host
buildhistory: Only use image-artifact-names as an image class
rust: Remove unneeded RUST_TARGETGENS settings
meta-skeleton/hello-mod: Switch to SPDX-License-Identifier
perf: Fix reproducibility issues with 5.19 onwards
selftest/runtime_test/incompatible_lic: Use IMAGE_CLASSES for testimage
testexport: Fix to work as an image class
testexport: Use IMAGE_CLASSES for testimage
selftest/runtime_test: Use testexport in IMAGE_CLASSES, not globally
bitbake: BBHandler: Allow earlier exit for classes not found
bitbake: BBHandler: Make inherit calls more directly
bitbake: bitbake: Add copyright headers where missing
bitbake: BBHandler/cooker: Implement recipe and global classes
classes: Add copyright statements to files without one
scripts: Add copyright statements to files without one
classes: Add SPDX license identifiers
lib: Add copyright statements to files without one
insane: Update to allow for class layout changes
classes: Update classes to match new bitbake class scope functionality
recipetool: Update for class changes
package: Switch debug source handling to use prefix map
libgcc/gcc-runtime: Improve source reference handling
bitbake.conf: Handle S and B separately for debug mapping
python3-cython: Update code to match debug path changes
gcc-cross: Fix relative links
gcc: Resolve relative prefix-map filenames
gcc: Add a patch to avoid hardcoded paths in libgcc on powerpc
gcc: Update patch status to submitted for two patches
valgrind: Disable drd/tests/std_thread2 ptest
valgrind: Update to match debug file layout changes
skeleton/service: Ensure debug path handling works as intended
distrooverrides: Move back to classes whilst it's usage is clarified
vim: Upgrade 9.0.0115 -> 9.0.0242
icu: Drop binconfig support (icu-config)
libtirpc: Mark CVE-2021-46828 as resolved
bitbake: runqueue: Change pressure file warning to a note
rust-target-config: Drop has-elf-tls option
llvm: Add llvm-config wrapper to improve flags handling
mesa: Rework llvm handling
rust-target-config: Fix qemuppc target cpu option
rust: Fix crossbeam-utils for arches without atomics
pseudo: Update to include recent upstream minor fixes
bitbake: Revert "fetch: use BPN instead"
vim: Upgrade 9.0.0242 -> 9.0.0341
gcc-multilib-config: Fix i686 toolchain relocation issues
kernel: Always set CC and LD for the kernel build
kernel: Use consistent make flags for menuconfig
Robert Joslyn (1):
curl: Update to 7.85.0
Ross Burton (9):
oeqa/qemurunner: add run_serial() comment
oeqa/commands: add support for running cross tools to runCmd
oeqa/selftest: rewrite gdbserver test
libxml2: wrap xmllint to use the correct XML catalogues
oeqa/selftest: add test for debuginfod
libgcrypt: remove obsolete pkgconfig install
libgcrypt: remove obsolete patch
libgcrypt: rewrite ptest
cve-check: close cursors as soon as possible
Sakib Sajal (2):
qemu: fix CVE-2021-3507
qemu: fix CVE-2022-0216
Shubham Kulkarni (1):
sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct
Simone Weiss (1):
json-c: Add ptest for json-c
Sundeep KOKKONDA (1):
glibc : stable 2.35 branch updates
Thomas Roos (1):
oeqa devtool: Add tests to cover devtool handling of various git URL styles
Tom Hochstein (1):
piglit: Add PACKAGECONFIG for glx and opencl
Tom Rini (1):
qemux86-64: Allow higher tunes
Ulrich Ölmann (1):
scripts/runqemu.README: fix typos and trailing whitespaces
William A. Kennington III (1):
image_types: Set SOURCE_DATE_EPOCH for squashfs
Yang Xu (1):
insane.bbclass: Skip patches not in oe-core by full path
Yogesh Tyagi (1):
gdbserver : add selftest
Yongxin Liu (1):
grub2: fix several CVEs
wangmy (19):
msmtp: upgrade 1.8.20 -> 1.8.22
bind: upgrade 9.18.5 -> 9.18.6
btrfs-tools: upgrade 5.18.1 -> 5.19
libdnf: upgrade 0.67.0 -> 0.68.0
librepo: upgrade 1.14.3 -> 1.14.4
pkgconf: upgrade 1.9.2 -> 1.9.3
python3-pygments: upgrade 2.12.0 -> 2.13.0
ethtool: upgrade 5.18 -> 5.19
librsvg: upgrade 2.54.4 -> 2.54.5
libtasn1: upgrade 4.18.0 -> 4.19.0
liburcu: upgrade 0.13.1 -> 0.13.2
libwpe: upgrade 1.12.2 -> 1.12.3
lttng-tools: upgrade 2.13.7 -> 2.13.8
lttng-ust: upgrade 2.13.3 -> 2.13.4
libatomic-ops: upgrade 7.6.12 -> 7.6.14
lz4: upgrade 1.9.3 -> 1.9.4
python3-hatchling: upgrade 1.8.0 -> 1.8.1
python3-urllib3: upgrade 1.26.11 -> 1.26.12
repo: upgrade 2.28 -> 2.29.1
meta-arm: 20a629180c..52f07a4b0b:
Anton Antonov (11):
arm/optee-os: backport RWX permission error patch
work around for too few arguments to function init_disassemble_info() error
arm/optee-os: backport linker warning patches
arm/tf-a-tests: work around RWX permission error on segment
Recipes for Trusted Services dependencies.
Recipes for Trusted Services Secure Partitions
ARM-FFA kernel drivers and kernel configs for Trusted Services
Trusted Services test/demo NWd tools
psa-api-tests for Trusted Services
Include Trusted Services SPs into optee-os image
Define qemuarm64-secureboot-ts CI pipeline and include it into meta-arm
Gowtham Suresh Kumar (2):
arm-bsp/secure-partitions: fix SMM gateway bug for EFI GetVariable()
arm-bsp/u-boot: drop EFI GetVariable() workarounds patches
Jon Mason (11):
arm-bsp/fvp-base-arm32: Update kernel patch for v5.19
arm/qemuarm64-secureboot: remove tfa memory patch
arm/linux-yocto: remove optee num pages kernel config variable
arm-bsp/juno: drop scmi patch
arm/qemuarm-secureboot: remove vmalloc from QB_KERNEL_CMDLINE_APPEND
arm/fvp: use image-artifact-names as an image class
atp/atp: drop package inherits
arm/optee: Update to 3.18
arm-bsp/fvp-base: set preferred kernel to 5.15
arm/arm-bsp: Add yocto-kernel-cache bluetooth support
arm-bsp/corstone1000: use compressed kernel image
Khem Raj (2):
gator-daemon: Define _GNU_SOURCE feature test macro
optee-os: Add section attribute parameters when clang is used
Peter Hoyes (3):
docs: Update FVP_CONSOLES in runfvp documentation
docs: Introduce meta-arm OEQA documentation
arm/oeqa: Make linuxboot test case timeout configurable
Richard Purdie (1):
gem5/gem5-m5ops: Drop uneeded package inherit
Ross Burton (2):
arm/trusted-firmware-a: remove redundant patches
arm/trusted-firmware-a: work around RWX permission error on segment
Rui Miguel Silva (2):
arm-bsp:corstone500: rebase u-boot patches on v2022.07
arm-bsp/corstone1000: rebase u-boot patches on top v2022.07
Vishnu Banavath (3):
arm-bsp/trusted-firmware-a: Bump TF-A version for N1SDP
arm-bsp/optee: add optee-os support for N1SDP target
arm/optee: update optee-client to v3.18
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I90aa0a94410dd208163af126566d22c77787abc2
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-avoid-start-failure-with-bind-user.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-avoid-start-failure-with-bind-user.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/0001-named-lwresd-V-and-start-log-hide-build-options.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/0001-named-lwresd-V-and-start-log-hide-build-options.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/bind-ensure-searching-for-json-headers-searches-sysr.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/bind-ensure-searching-for-json-headers-searches-sysr.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9 b/poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/bind9
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/bind9
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/conf.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/conf.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh b/poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/generate-rndc-key.sh
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/generate-rndc-key.sh
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/init.d-add-support-for-read-only-rootfs.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/init.d-add-support-for-read-only-rootfs.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch b/poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/make-etc-initd-bind-stop-work.patch
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/make-etc-initd-bind-stop-work.patch
diff --git a/poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service b/poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service
similarity index 100%
rename from poky/meta/recipes-connectivity/bind/bind-9.18.4/named.service
rename to poky/meta/recipes-connectivity/bind/bind-9.18.6/named.service
diff --git a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb b/poky/meta/recipes-connectivity/bind/bind_9.18.6.bb
similarity index 97%
rename from poky/meta/recipes-connectivity/bind/bind_9.18.4.bb
rename to poky/meta/recipes-connectivity/bind/bind_9.18.6.bb
index 8c62fc7..5f54942 100644
--- a/poky/meta/recipes-connectivity/bind/bind_9.18.4.bb
+++ b/poky/meta/recipes-connectivity/bind/bind_9.18.6.bb
@@ -20,7 +20,7 @@
file://0001-avoid-start-failure-with-bind-user.patch \
"
-SRC_URI[sha256sum] = "f277ae50159a00c300eb926a9c5d51953038a936bd8242d6913dfb6eac42761d"
+SRC_URI[sha256sum] = "d43a0fed03c774d1685d203598218c0b7774a88fcc390a0170710d5feb7fbff1"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# follow the ESV versions divisible by 2
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
index 22dd07b..79d4645 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -53,7 +53,6 @@
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
file://0001-test-gatt-Fix-hung-issue.patch \
- file://fix_service.patch \
"
S = "${WORKDIR}/bluez-${PV}"
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
deleted file mode 100644
index 96fdf6b..0000000
--- a/poky/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-The systemd bluetooth service failed to start because the /var/lib/bluetooth
-path of ReadWritePaths= is created by the bluetooth daemon itself.
-
-The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth
-and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service.
-The existing ProtectSystem=full option mounts the /usr, the boot loader
-directories and /etc read-only. This means the two option are useless and could be removed.
-
-Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329]
-
-Index: bluez-5.64/src/bluetooth.service.in
-===================================================================
---- bluez-5.64.orig/src/bluetooth.service.in
-+++ bluez-5.64/src/bluetooth.service.in
-@@ -15,12 +15,12 @@ LimitNPROC=1
-
- # Filesystem lockdown
- ProtectHome=true
--ProtectSystem=full
-+ProtectSystem=strict
- PrivateTmp=true
- ProtectKernelTunables=true
- ProtectControlGroups=true
--ReadWritePaths=@statedir@
--ReadOnlyPaths=@confdir@
-+ConfigurationDirectory=bluetooth
-+StateDirectory=bluetooth
-
- # Execute Mappings
- MemoryDenyWriteExecute=true
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb
similarity index 94%
rename from poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb
rename to poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb
index 4319f9a..4c15aeb 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.64.bb
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.65.bb
@@ -1,6 +1,6 @@
require bluez5.inc
-SRC_URI[sha256sum] = "ae437e65b6b3070c198bc5b0109fe9cdeb9eaa387380e2072f9de65fe8a1de34"
+SRC_URI[sha256sum] = "2565a4d48354b576e6ad92e25b54ed66808296581c8abb80587051f9993d96d4"
# These issues have kernel fixes rather than bluez fixes so exclude here
CVE_CHECK_IGNORE += "CVE-2020-12352 CVE-2020-24490"
diff --git a/poky/meta/recipes-connectivity/connman/connman.inc b/poky/meta/recipes-connectivity/connman/connman.inc
index 5880ecd..d7af94f 100644
--- a/poky/meta/recipes-connectivity/connman/connman.inc
+++ b/poky/meta/recipes-connectivity/connman/connman.inc
@@ -28,10 +28,15 @@
--enable-tools \
--disable-polkit \
"
+# For smooth operation it would be best to start only one wireless daemon at a time.
+# If wpa-supplicant is running, connman will use it preferentially.
+# Select either wpa-supplicant or iwd
+WIRELESS_DAEMON ??= "wpa-supplicant"
PACKAGECONFIG ??= "wispr iptables client\
- ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd wifi', d)} \
+ ${@bb.utils.filter('DISTRO_FEATURES', '3g systemd', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'wifi ${WIRELESS_DAEMON}', '', d)} \
"
# If you want ConnMan to support VPN, add following statement into
@@ -39,9 +44,11 @@
# PACKAGECONFIG:append:pn-connman = " openvpn vpnc l2tp pptp"
PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_system_unitdir}/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''"
-PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant"
+PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi"
PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5, bluez5"
PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono"
+PACKAGECONFIG[wpa-supplicant] = ",,wpa-supplicant,wpa-supplicant"
+PACKAGECONFIG[iwd] = "--enable-iwd,--disable-iwd,,iwd"
PACKAGECONFIG[tist] = "--enable-tist,--disable-tist,"
PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn"
PACKAGECONFIG[vpnc] = "--enable-vpnc --with-vpnc=${sbindir}/vpnc,--disable-vpnc,,vpnc"
diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
new file mode 100644
index 0000000..182c5ca
--- /dev/null
+++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32292.patch
@@ -0,0 +1,37 @@
+From d1a5ede5d255bde8ef707f8441b997563b9312bd Mon Sep 17 00:00:00 2001
+From: Nathan Crandall <ncrandall@tesla.com>
+Date: Tue, 12 Jul 2022 08:56:34 +0200
+Subject: gweb: Fix OOB write in received_data()
+
+There is a mismatch of handling binary vs. C-string data with memchr
+and strlen, resulting in pos, count, and bytes_read to become out of
+sync and result in a heap overflow. Instead, do not treat the buffer
+as an ASCII C-string. We calculate the count based on the return value
+of memchr, instead of strlen.
+
+Fixes: CVE-2022-32292
+
+CVE: CVE-2022-32292
+
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gweb/gweb.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gweb/gweb.c b/gweb/gweb.c
+index 12fcb1d8..13c6c5f2 100644
+--- a/gweb/gweb.c
++++ b/gweb/gweb.c
+@@ -918,7 +918,7 @@ static gboolean received_data(GIOChannel *channel, GIOCondition cond,
+ }
+
+ *pos = '\0';
+- count = strlen((char *) ptr);
++ count = pos - ptr;
+ if (count > 0 && ptr[count - 1] == '\r') {
+ ptr[--count] = '\0';
+ bytes_read--;
+--
+cgit
+
diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch
new file mode 100644
index 0000000..b280203
--- /dev/null
+++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p1.patch
@@ -0,0 +1,141 @@
+From 72343929836de80727a27d6744c869dff045757c Mon Sep 17 00:00:00 2001
+From: Daniel Wagner <wagi@monom.org>
+Date: Tue, 5 Jul 2022 08:32:12 +0200
+Subject: wispr: Add reference counter to portal context
+
+Track the connman_wispr_portal_context live time via a
+refcounter. This only adds the infrastructure to do proper reference
+counting.
+
+Fixes: CVE-2022-32293
+CVE: CVE-2022-32293
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/wispr.c | 52 ++++++++++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 42 insertions(+), 10 deletions(-)
+
+diff --git a/src/wispr.c b/src/wispr.c
+index a07896ca..bde7e63b 100644
+--- a/src/wispr.c
++++ b/src/wispr.c
+@@ -56,6 +56,7 @@ struct wispr_route {
+ };
+
+ struct connman_wispr_portal_context {
++ int refcount;
+ struct connman_service *service;
+ enum connman_ipconfig_type type;
+ struct connman_wispr_portal *wispr_portal;
+@@ -97,6 +98,11 @@ static char *online_check_ipv4_url = NULL;
+ static char *online_check_ipv6_url = NULL;
+ static bool enable_online_to_ready_transition = false;
+
++#define wispr_portal_context_ref(wp_context) \
++ wispr_portal_context_ref_debug(wp_context, __FILE__, __LINE__, __func__)
++#define wispr_portal_context_unref(wp_context) \
++ wispr_portal_context_unref_debug(wp_context, __FILE__, __LINE__, __func__)
++
+ static void connman_wispr_message_init(struct connman_wispr_message *msg)
+ {
+ DBG("");
+@@ -162,9 +168,6 @@ static void free_connman_wispr_portal_context(
+ {
+ DBG("context %p", wp_context);
+
+- if (!wp_context)
+- return;
+-
+ if (wp_context->wispr_portal) {
+ if (wp_context->wispr_portal->ipv4_context == wp_context)
+ wp_context->wispr_portal->ipv4_context = NULL;
+@@ -201,9 +204,38 @@ static void free_connman_wispr_portal_context(
+ g_free(wp_context);
+ }
+
++static struct connman_wispr_portal_context *
++wispr_portal_context_ref_debug(struct connman_wispr_portal_context *wp_context,
++ const char *file, int line, const char *caller)
++{
++ DBG("%p ref %d by %s:%d:%s()", wp_context,
++ wp_context->refcount + 1, file, line, caller);
++
++ __sync_fetch_and_add(&wp_context->refcount, 1);
++
++ return wp_context;
++}
++
++static void wispr_portal_context_unref_debug(
++ struct connman_wispr_portal_context *wp_context,
++ const char *file, int line, const char *caller)
++{
++ if (!wp_context)
++ return;
++
++ DBG("%p ref %d by %s:%d:%s()", wp_context,
++ wp_context->refcount - 1, file, line, caller);
++
++ if (__sync_fetch_and_sub(&wp_context->refcount, 1) != 1)
++ return;
++
++ free_connman_wispr_portal_context(wp_context);
++}
++
+ static struct connman_wispr_portal_context *create_wispr_portal_context(void)
+ {
+- return g_try_new0(struct connman_wispr_portal_context, 1);
++ return wispr_portal_context_ref(
++ g_new0(struct connman_wispr_portal_context, 1));
+ }
+
+ static void free_connman_wispr_portal(gpointer data)
+@@ -215,8 +247,8 @@ static void free_connman_wispr_portal(gpointer data)
+ if (!wispr_portal)
+ return;
+
+- free_connman_wispr_portal_context(wispr_portal->ipv4_context);
+- free_connman_wispr_portal_context(wispr_portal->ipv6_context);
++ wispr_portal_context_unref(wispr_portal->ipv4_context);
++ wispr_portal_context_unref(wispr_portal->ipv6_context);
+
+ g_free(wispr_portal);
+ }
+@@ -452,7 +484,7 @@ static void portal_manage_status(GWebResult *result,
+ connman_info("Client-Timezone: %s", str);
+
+ if (!enable_online_to_ready_transition)
+- free_connman_wispr_portal_context(wp_context);
++ wispr_portal_context_unref(wp_context);
+
+ __connman_service_ipconfig_indicate_state(service,
+ CONNMAN_SERVICE_STATE_ONLINE, type);
+@@ -616,7 +648,7 @@ static void wispr_portal_request_wispr_login(struct connman_service *service,
+ return;
+ }
+
+- free_connman_wispr_portal_context(wp_context);
++ wispr_portal_context_unref(wp_context);
+ return;
+ }
+
+@@ -952,7 +984,7 @@ static int wispr_portal_detect(struct connman_wispr_portal_context *wp_context)
+
+ if (wp_context->token == 0) {
+ err = -EINVAL;
+- free_connman_wispr_portal_context(wp_context);
++ wispr_portal_context_unref(wp_context);
+ }
+ } else if (wp_context->timeout == 0) {
+ wp_context->timeout = g_idle_add(no_proxy_callback, wp_context);
+@@ -1001,7 +1033,7 @@ int __connman_wispr_start(struct connman_service *service,
+
+ /* If there is already an existing context, we wipe it */
+ if (wp_context)
+- free_connman_wispr_portal_context(wp_context);
++ wispr_portal_context_unref(wp_context);
+
+ wp_context = create_wispr_portal_context();
+ if (!wp_context)
+--
+cgit
+
diff --git a/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch
new file mode 100644
index 0000000..56f8fc8
--- /dev/null
+++ b/poky/meta/recipes-connectivity/connman/connman/CVE-2022-32293_p2.patch
@@ -0,0 +1,174 @@
+From 416bfaff988882c553c672e5bfc2d4f648d29e8a Mon Sep 17 00:00:00 2001
+From: Daniel Wagner <wagi@monom.org>
+Date: Tue, 5 Jul 2022 09:11:09 +0200
+Subject: wispr: Update portal context references
+
+Maintain proper portal context references to avoid UAF.
+
+Fixes: CVE-2022-32293
+CVE: CVE-2022-32293
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/wispr.c | 34 ++++++++++++++++++++++------------
+ 1 file changed, 22 insertions(+), 12 deletions(-)
+
+diff --git a/src/wispr.c b/src/wispr.c
+index bde7e63b..84bed33f 100644
+--- a/src/wispr.c
++++ b/src/wispr.c
+@@ -105,8 +105,6 @@ static bool enable_online_to_ready_transition = false;
+
+ static void connman_wispr_message_init(struct connman_wispr_message *msg)
+ {
+- DBG("");
+-
+ msg->has_error = false;
+ msg->current_element = NULL;
+
+@@ -166,8 +164,6 @@ static void free_wispr_routes(struct connman_wispr_portal_context *wp_context)
+ static void free_connman_wispr_portal_context(
+ struct connman_wispr_portal_context *wp_context)
+ {
+- DBG("context %p", wp_context);
+-
+ if (wp_context->wispr_portal) {
+ if (wp_context->wispr_portal->ipv4_context == wp_context)
+ wp_context->wispr_portal->ipv4_context = NULL;
+@@ -483,9 +479,6 @@ static void portal_manage_status(GWebResult *result,
+ &str))
+ connman_info("Client-Timezone: %s", str);
+
+- if (!enable_online_to_ready_transition)
+- wispr_portal_context_unref(wp_context);
+-
+ __connman_service_ipconfig_indicate_state(service,
+ CONNMAN_SERVICE_STATE_ONLINE, type);
+
+@@ -546,14 +539,17 @@ static void wispr_portal_request_portal(
+ {
+ DBG("");
+
++ wispr_portal_context_ref(wp_context);
+ wp_context->request_id = g_web_request_get(wp_context->web,
+ wp_context->status_url,
+ wispr_portal_web_result,
+ wispr_route_request,
+ wp_context);
+
+- if (wp_context->request_id == 0)
++ if (wp_context->request_id == 0) {
+ wispr_portal_error(wp_context);
++ wispr_portal_context_unref(wp_context);
++ }
+ }
+
+ static bool wispr_input(const guint8 **data, gsize *length,
+@@ -618,13 +614,15 @@ static void wispr_portal_browser_reply_cb(struct connman_service *service,
+ return;
+
+ if (!authentication_done) {
+- wispr_portal_error(wp_context);
+ free_wispr_routes(wp_context);
++ wispr_portal_error(wp_context);
++ wispr_portal_context_unref(wp_context);
+ return;
+ }
+
+ /* Restarting the test */
+ __connman_service_wispr_start(service, wp_context->type);
++ wispr_portal_context_unref(wp_context);
+ }
+
+ static void wispr_portal_request_wispr_login(struct connman_service *service,
+@@ -700,11 +698,13 @@ static bool wispr_manage_message(GWebResult *result,
+
+ wp_context->wispr_result = CONNMAN_WISPR_RESULT_LOGIN;
+
++ wispr_portal_context_ref(wp_context);
+ if (__connman_agent_request_login_input(wp_context->service,
+ wispr_portal_request_wispr_login,
+- wp_context) != -EINPROGRESS)
++ wp_context) != -EINPROGRESS) {
+ wispr_portal_error(wp_context);
+- else
++ wispr_portal_context_unref(wp_context);
++ } else
+ return true;
+
+ break;
+@@ -753,6 +753,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+ if (length > 0) {
+ g_web_parser_feed_data(wp_context->wispr_parser,
+ chunk, length);
++ wispr_portal_context_unref(wp_context);
+ return true;
+ }
+
+@@ -770,6 +771,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+
+ switch (status) {
+ case 000:
++ wispr_portal_context_ref(wp_context);
+ __connman_agent_request_browser(wp_context->service,
+ wispr_portal_browser_reply_cb,
+ wp_context->status_url, wp_context);
+@@ -781,11 +783,14 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+ if (g_web_result_get_header(result, "X-ConnMan-Status",
+ &str)) {
+ portal_manage_status(result, wp_context);
++ wispr_portal_context_unref(wp_context);
+ return false;
+- } else
++ } else {
++ wispr_portal_context_ref(wp_context);
+ __connman_agent_request_browser(wp_context->service,
+ wispr_portal_browser_reply_cb,
+ wp_context->redirect_url, wp_context);
++ }
+
+ break;
+ case 300:
+@@ -798,6 +803,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+ !g_web_result_get_header(result, "Location",
+ &redirect)) {
+
++ wispr_portal_context_ref(wp_context);
+ __connman_agent_request_browser(wp_context->service,
+ wispr_portal_browser_reply_cb,
+ wp_context->status_url, wp_context);
+@@ -808,6 +814,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+
+ wp_context->redirect_url = g_strdup(redirect);
+
++ wispr_portal_context_ref(wp_context);
+ wp_context->request_id = g_web_request_get(wp_context->web,
+ redirect, wispr_portal_web_result,
+ wispr_route_request, wp_context);
+@@ -820,6 +827,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+
+ break;
+ case 505:
++ wispr_portal_context_ref(wp_context);
+ __connman_agent_request_browser(wp_context->service,
+ wispr_portal_browser_reply_cb,
+ wp_context->status_url, wp_context);
+@@ -832,6 +840,7 @@ static bool wispr_portal_web_result(GWebResult *result, gpointer user_data)
+ wp_context->request_id = 0;
+ done:
+ wp_context->wispr_msg.message_type = -1;
++ wispr_portal_context_unref(wp_context);
+ return false;
+ }
+
+@@ -890,6 +899,7 @@ static void proxy_callback(const char *proxy, void *user_data)
+ xml_wispr_parser_callback, wp_context);
+
+ wispr_portal_request_portal(wp_context);
++ wispr_portal_context_unref(wp_context);
+ }
+
+ static gboolean no_proxy_callback(gpointer user_data)
+--
+cgit
+
diff --git a/poky/meta/recipes-connectivity/connman/connman_1.41.bb b/poky/meta/recipes-connectivity/connman/connman_1.41.bb
index 736b78e..79542b2 100644
--- a/poky/meta/recipes-connectivity/connman/connman_1.41.bb
+++ b/poky/meta/recipes-connectivity/connman/connman_1.41.bb
@@ -5,6 +5,9 @@
file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \
file://connman \
file://no-version-scripts.patch \
+ file://CVE-2022-32293_p1.patch \
+ file://CVE-2022-32293_p2.patch \
+ file://CVE-2022-32292.patch \
"
SRC_URI:append:libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch"
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch
new file mode 100644
index 0000000..04d44ef
--- /dev/null
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch
@@ -0,0 +1,28 @@
+From dc837a6b4c2cad7f31cddfe56cd652e26baadc02 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Wed, 10 Aug 2022 22:31:03 -0700
+Subject: [PATCH] configure: Define _GNU_SOURCE when checking for setns
+
+glibc defines this function only as gnu extention
+
+Upstream-Status: Submitted [https://lore.kernel.org/netdev/20220811053440.778649-1-raj.khem@gmail.com/T/#u]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ configure | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/configure b/configure
+index 440facb..c02753b 100755
+--- a/configure
++++ b/configure
+@@ -191,6 +191,7 @@ check_ipt_lib_dir()
+ check_setns()
+ {
+ cat >$TMPDIR/setnstest.c <<EOF
++#define _GNU_SOURCE
+ #include <sched.h>
+ int main(int argc, char **argv)
+ {
+--
+2.37.1
+
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch
new file mode 100644
index 0000000..edd7381
--- /dev/null
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch
@@ -0,0 +1,25 @@
+From c8a99f1035ec7b158a204f90e9a7ed3c0b1e3d52 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex@linutronix.de>
+Date: Fri, 5 Aug 2022 11:31:56 +0200
+Subject: [PATCH] ip/ipstats.c: add an include where MIN is defined
+
+Otherwise, non-glibc systems error out (e.g. on musl).
+
+Upstream-Status: Submitted [by email to stephen@networkplumber.org,netdev@vger.kernel.org]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ ip/ipstats.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/ip/ipstats.c b/ip/ipstats.c
+index 5cdd15a..1ac275b 100644
+--- a/ip/ipstats.c
++++ b/ip/ipstats.c
+@@ -1,6 +1,7 @@
+ // SPDX-License-Identifier: GPL-2.0+
+ #include <assert.h>
+ #include <errno.h>
++#include <sys/param.h>
+
+ #include "list.h"
+ #include "utils.h"
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb
deleted file mode 100644
index 3e01c70..0000000
--- a/poky/meta/recipes-connectivity/iproute2/iproute2_5.18.0.bb
+++ /dev/null
@@ -1,11 +0,0 @@
-require iproute2.inc
-
-SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \
- file://0001-libc-compat.h-add-musl-workaround.patch \
- "
-
-SRC_URI[sha256sum] = "5ba3d464d51c8c283550d507ffac3d10f7aec587b7c66b0ccb6950643646389e"
-
-# CFLAGS are computed in Makefile and reference CCOPTS
-#
-EXTRA_OEMAKE:append = " CCOPTS='${CFLAGS}'"
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb
new file mode 100644
index 0000000..6a00779
--- /dev/null
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2_5.19.0.bb
@@ -0,0 +1,13 @@
+require iproute2.inc
+
+SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \
+ file://0001-libc-compat.h-add-musl-workaround.patch \
+ file://0001-ip-ipstats.c-add-an-include-where-MIN-is-defined.patch \
+ file://0001-configure-Define-_GNU_SOURCE-when-checking-for-setns.patch \
+ "
+
+SRC_URI[sha256sum] = "26b7a34d6a7fd2f7a42e2b39c5a90cb61bac522d1096067ffeb195e5693d7791"
+
+# CFLAGS are computed in Makefile and reference CCOPTS
+#
+EXTRA_OEMAKE:append = " CCOPTS='${CFLAGS}'"
diff --git a/poky/meta/recipes-connectivity/kea/kea_2.0.2.bb b/poky/meta/recipes-connectivity/kea/kea_2.2.0.bb
similarity index 93%
rename from poky/meta/recipes-connectivity/kea/kea_2.0.2.bb
rename to poky/meta/recipes-connectivity/kea/kea_2.2.0.bb
index 13da1f8..2c2e5a7 100644
--- a/poky/meta/recipes-connectivity/kea/kea_2.0.2.bb
+++ b/poky/meta/recipes-connectivity/kea/kea_2.2.0.bb
@@ -2,8 +2,8 @@
DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It supports both DHCPv4 and DHCPv6 protocols along with their extensions, e.g. prefix delegation and dynamic updates to DNS."
HOMEPAGE = "http://kea.isc.org"
SECTION = "connectivity"
-LICENSE = "MPL-2.0 & Apache-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b4ecee995eeb6780a17dd7e539e97abc"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=97ce14bdd2733f5b84ab5e29380d057d"
DEPENDS = "boost log4cplus openssl"
@@ -18,7 +18,7 @@
file://fix_pid_keactrl.patch \
file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
"
-SRC_URI[sha256sum] = "8d28213bdc8e2bb870a383b30ac1e53d54e1eba43d2f86e5151b08b66aa6cf32"
+SRC_URI[sha256sum] = "da7d90ca62a772602dac6e77e507319038422895ad68eeb142f1487d67d531d2"
inherit autotools systemd update-rc.d upstream-version-is-even
diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index e6f216e..2cc92b7 100644
--- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -5,8 +5,8 @@
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
-SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041"
-PV = "20220511"
+SRCREV = "fe19892a8168bf19d81e3bc4ee319bf7f9f058f5"
+PV = "20220725"
PE = "1"
SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch
new file mode 100644
index 0000000..13a21e5
--- /dev/null
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0005-mountd-Check-for-return-of-stat-function.patch
@@ -0,0 +1,34 @@
+From 887ecc7837962e9be77a4fea7d9122648f73a84a Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 15 Aug 2022 14:47:53 -0700
+Subject: [PATCH] mountd: Check for return of stat function
+
+simplify the check, stat() return 0 on success -1 on failure
+
+Fixes clang reported errors e.g.
+
+| v4clients.c:29:6: error: logical not is only applied to the left hand side of this comparison [-Werror,-Wlogical-not-parentheses]
+| if (!stat("/proc/fs/nfsd/clients", &sb) == 0 ||
+| ^ ~~
+
+Upstream-Status: Submitted [https://patchwork.kernel.org/project/linux-nfs/patch/20220816024403.2694169-1-raj.khem@gmail.com/]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Cc: Konstantin Khorenko <khorenko@virtuozzo.com>
+Cc: Steve Dickson <steved@redhat.com>
+---
+ support/export/v4clients.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/support/export/v4clients.c b/support/export/v4clients.c
+index 5f15b61..3230251 100644
+--- a/support/export/v4clients.c
++++ b/support/export/v4clients.c
+@@ -26,7 +26,7 @@ void v4clients_init(void)
+ {
+ struct stat sb;
+
+- if (!stat("/proc/fs/nfsd/clients", &sb) == 0 ||
++ if (stat("/proc/fs/nfsd/clients", &sb) != 0 ||
+ !S_ISDIR(sb.st_mode))
+ return;
+ if (clients_fd >= 0)
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch
new file mode 100644
index 0000000..793bc46
--- /dev/null
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0006-Fix-function-prototypes.patch
@@ -0,0 +1,93 @@
+From cf0ffbb5c8fa167376926d12a63613f15aa7602f Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 15 Aug 2022 14:50:15 -0700
+Subject: [PATCH] Fix function prototypes
+
+Clang is now erroring out on functions with out parameter types
+
+Fixes errors like
+error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
+
+Upstream-Status: Submitted [https://patchwork.kernel.org/project/linux-nfs/patch/20220816024403.2694169-2-raj.khem@gmail.com/]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ support/export/auth.c | 2 +-
+ support/export/v4root.c | 2 +-
+ support/export/xtab.c | 2 +-
+ utils/exportfs/exportfs.c | 4 ++--
+ utils/mount/network.c | 2 +-
+ 5 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/support/export/auth.c b/support/export/auth.c
+index 03ce4b8..2d7960f 100644
+--- a/support/export/auth.c
++++ b/support/export/auth.c
+@@ -82,7 +82,7 @@ check_useipaddr(void)
+ }
+
+ unsigned int
+-auth_reload()
++auth_reload(void)
+ {
+ struct stat stb;
+ static ino_t last_inode;
+diff --git a/support/export/v4root.c b/support/export/v4root.c
+index c12a7d8..fbb0ad5 100644
+--- a/support/export/v4root.c
++++ b/support/export/v4root.c
+@@ -198,7 +198,7 @@ static int v4root_add_parents(nfs_export *exp)
+ * looking for components of the v4 mount.
+ */
+ void
+-v4root_set()
++v4root_set(void)
+ {
+ nfs_export *exp;
+ int i;
+diff --git a/support/export/xtab.c b/support/export/xtab.c
+index c888a80..e210ca9 100644
+--- a/support/export/xtab.c
++++ b/support/export/xtab.c
+@@ -135,7 +135,7 @@ xtab_write(char *xtab, char *xtabtmp, char *lockfn, int is_export)
+ }
+
+ int
+-xtab_export_write()
++xtab_export_write(void)
+ {
+ return xtab_write(etab.statefn, etab.tmpfn, etab.lockfn, 1);
+ }
+diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c
+index 6ba615d..0897b22 100644
+--- a/utils/exportfs/exportfs.c
++++ b/utils/exportfs/exportfs.c
+@@ -69,14 +69,14 @@ static int _lockfd = -1;
+ * need these additional lockfile() routines.
+ */
+ static void
+-grab_lockfile()
++grab_lockfile(void)
+ {
+ _lockfd = open(lockfile, O_CREAT|O_RDWR, 0666);
+ if (_lockfd != -1)
+ lockf(_lockfd, F_LOCK, 0);
+ }
+ static void
+-release_lockfile()
++release_lockfile(void)
+ {
+ if (_lockfd != -1) {
+ lockf(_lockfd, F_ULOCK, 0);
+diff --git a/utils/mount/network.c b/utils/mount/network.c
+index ed2f825..01ead49 100644
+--- a/utils/mount/network.c
++++ b/utils/mount/network.c
+@@ -179,7 +179,7 @@ static const unsigned long probe_mnt3_only[] = {
+
+ static const unsigned int *nfs_default_proto(void);
+ #ifdef MOUNT_CONFIG
+-static const unsigned int *nfs_default_proto()
++static const unsigned int *nfs_default_proto(void)
+ {
+ extern unsigned long config_default_proto;
+ /*
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb
similarity index 91%
rename from poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb
rename to poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb
index bbed5ae..4b5c28c 100644
--- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.1.bb
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.2.bb
@@ -30,8 +30,10 @@
file://bugfix-adjust-statd-service-name.patch \
file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \
file://clang-warnings.patch \
+ file://0005-mountd-Check-for-return-of-stat-function.patch \
+ file://0006-Fix-function-prototypes.patch \
"
-SRC_URI[sha256sum] = "60dfcd94a9f3d72a12bc7058d811787ec87a6d593d70da2123faf9aad3d7a1df"
+SRC_URI[sha256sum] = "5200873e81c4d610e2462fc262fe18135f2dbe78b7979f95accd159ae64d5011"
# Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will
# pull in the remainder of the dependencies.
@@ -70,7 +72,7 @@
# keyutils is available in meta-oe
PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core"
-PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats"
+PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats ${PN}-rpcctl"
CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \
${localstatedir}/lib/nfs/rmtab \
@@ -93,9 +95,12 @@
FILES:${PN}-stats = "${sbindir}/mountstats ${sbindir}/nfsiostat ${sbindir}/nfsdclnts"
RDEPENDS:${PN}-stats = "python3-core"
+FILES:${PN}-rpcctl = "${sbindir}/rpcctl"
+RDEPENDS:${PN}-rpcctl = "python3-core"
+
FILES:${PN}-staticdev += "${libdir}/libnfsidmap/*.a"
-FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/"
+FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/ ${nonarch_libdir}/modprobe.d"
do_configure:prepend() {
sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
index e0d0238..ca70f37 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
+++ b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $
+# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
@@ -17,6 +17,8 @@
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
+Include /etc/ssh/ssh_config.d/*.conf
+
Host *
ForwardAgent yes
ForwardX11 yes
@@ -36,7 +38,6 @@
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 22
-# Protocol 2
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
# EscapeChar ~
@@ -46,3 +47,4 @@
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
+# UserKnownHostsFile ~/.ssh/known_hosts.d/%k
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
index 15f061b..e9eaf93 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
@@ -1,4 +1,4 @@
-# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $
+# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
@@ -10,6 +10,8 @@
# possible, but leave them commented. Uncommented options override the
# default value.
+Include /etc/ssh/sshd_config.d/*.conf
+
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
@@ -57,9 +59,9 @@
#PasswordAuthentication yes
#PermitEmptyPasswords no
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
+# Change to yes to enable keyboard-interactive authentication (beware issues
+# with some PAM modules and threads)
+KbdInteractiveAuthentication no
# Kerberos options
#KerberosAuthentication no
@@ -73,13 +75,13 @@
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
+# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
+# PAM authentication via KbdInteractiveAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
+# and KbdInteractiveAuthentication to 'no'.
#UsePAM no
#AllowAgentForwarding yes
@@ -92,7 +94,6 @@
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
-#UseLogin no
#PermitUserEnvironment no
Compression no
ClientAliveInterval 15