These tests are failing and thus preventing verification of new patches.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Earlier both libdrm[1] and kmsxx[2] projects used to provide a binary
program called kmstest. To avoid the clash, the kmsxx recipe was
updated to rename this binary to kmsxxtest during installation. However
libdrm project has now removed kmstest[3] and hence there is no clash
in naming anymore, so revert back to original name of binary i.e.
kmstest.
[1]: https://gitlab.freedesktop.org/mesa/libdrm.git
[2]: https://github.com/tomba/kmsxx
[3]: https://gitlab.freedesktop.org/mesa/libdrm.git
commit: 2b997bb4bb688be00620887c8646ff24ccb9396b
Signed-off-by: Swamil Jain <s-jain1@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Rootfs file differs with the same project configure, add preliminary
setting to avoid this.
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
https://goodies.xfce.org/ states "Starting this month (November 2019), a project is starting
to migrate the goodies.xfce.org documentation to https://docs.xfce.org/start. The goal is to
remove deprecated projects and, eventually, de-commission the goodies.xfce.org URLs. Additional
information will be posted on https://wiki.xfce.org/projects/goodies-decomm/start as the project
proceeds."
This patch updates the URLs being used in the HOMEPAGEs to reflect where the address is actually
resolving.
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
CVE: CVE-2024-23337
CVE: CVE-2024-53427
CVE: CVE-2025-48060
Patches CVE-2024-23337.patch and CVE-2024-53427.patch are backported from
jq-1.8.0, and CVE-2025-48060.patch is backported from jq-1.8.1.
Signed-off-by: Roland Kovacs <roland.kovacs@est.tech>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
CVE-2025-6019:
A Local Privilege Escalation (LPE) vulnerability was found in
libblockdev. Generally, the "allow_active" setting in Polkit permits a
physically present user to take certain actions based on the session
type. Due to the way libblockdev interacts with the udisks daemon, an
"allow_active" user on a system may be able escalate to full root
privileges on the target host. Normally, udisks mounts user-provided
filesystem images with security flags like nosuid and nodev to prevent
privilege escalation. However, a local attacker can create a specially
crafted XFS image containing a SUID-root shell, then trick udisks into
resizing it. This mounts their malicious filesystem with root
privileges, allowing them to execute their SUID-root shell and gain
complete control of the system.
Refer:
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
In the SRC_URI, the branch of maintenance/3.1.x has been reomved,
which will cause do fetch error. So update as "branch=main"
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
0001-Add-recursion-check-when-parsing-unknown-fields-in-J.patch is
dropped because it has been in new version.
This upgrade also fixes CVE-2025-4565. The fix commit is as below:
d31100c91 Manually backport recursion limit enforcement to 25.x
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When PACKAGECONFIG options like 'cxx' 'webp' and 'xml' are disabled,
certain files such as Magick++-config.im7, configure.xml, or
delegates.xml are not installed. Unconditionally running sed
on these files results in errors during do_install
Error:
sed: can't read .../image/usr/bin/Magick++-config.im7: No such file or directory
Signed-off-by: Nikhil R <nikhilr5@kpit.com>
Signed-off-by: Sana Kazi <sanakazi720@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The git server at git.pengutronix.de no longer supports the git
protocol, so switch to https.
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The git server at git.pengutronix.de no longer supports the git
protocol, so switch to https.
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ChangeLog:
https://github.com/redis/redis/releases/tag/7.2.8
Update urgency: SECURITY: There are security fixes in the release.
Security fixes
==================
* (CVE-2025-21605) An unauthenticated client can cause an unlimited growth of output buffers
Bug fixes
=================
* #12817, #12905 Fix race condition issues between the main thread and module threads
* #13863 RANDOMKEY - infinite loop during client pause
* #13877 ShardID inconsistency when both primary and replica support it
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When building with sensord disabled (PACKAGECONFIG = ""), do_install
would fail because it tried to build sensord which was skiped in
do_compile.
Error log:
make: *** No rule to make target 'rrd.h', needed by 'prog/sensord/rrd.rd'. Stop.
Avoid building sensord in do_install by explicitly setting PROG_EXTRA.
(master rev: fc88c96c4e)
Fixes: 86b20b84ec (lmsensors: Clean stale files for sensord to avoid
incorrect GCC header dependencies)
Signed-off-by: Leonard Anderweit <l.anderweit@phytec.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* fixes:
https://lists.openembedded.org/g/openembedded-devel/message/117255
DEBUG: Executing shell function do_compile
* Getting build dependencies for wheel...
/usr/lib/ld-linux-aarch64.so.1: No such file or directory
Traceback (most recent call last):
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py",
line 389, in <module>
main()
~~~~^^
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py",
line 373, in main
json_out["return_val"] = hook(**hook_input["kwargs"])
~~~~^^^^^^^^^^^^^^^^^^^^^^^^
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/pyproject_hooks/_in_process/_in_process.py",
line 143, in get_requires_for_build_wheel
return hook(config_settings)
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py",
line 334, in get_requires_for_build_wheel
return self._get_build_requires(config_settings, requirements=[])
~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py",
line 304, in _get_build_requires
self.run_setup()
~~~~~~~~~~~~~~^^
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/recipe-sysroot-native/usr/lib/python3.13/site-packages/setuptools/build_meta.py",
line 320, in run_setup
exec(code, locals())
~~~~^^^^^^^^^^^^^^^^
File "<string>", line 23, in <module>
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0/build_support/discover_system_info.py",
line 409, in discover
d["QUEUE_PRIORITY_MAX"] = sniff_mq_prio_max()
~~~~~~~~~~~~~~~~~^^
File "TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0/build_support/discover_system_info.py",
line 238, in sniff_mq_prio_max
if max_priority < 0:
^^^^^^^^^^^^^^^^
TypeError: '<' not supported between instances of 'str' and 'int'
ERROR Backend subprocess exited when trying to invoke
get_requires_for_build_wheel
WARNING: TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/temp/run.do_compile.2736023:168
exit 1 from 'nativepython3 -m build --no-isolation --wheel --outdir
TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/dist
TOPDIR/BUILD/work/raspberrypi4_64-webos-linux/python3-posix-ipc/1.2.0/posix_ipc-1.2.0'
WARNING: Backtrace (BB generated script):
On some hosts.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
If CAN_ERR_CNT is set, the snprintf_can_error_frame() bails out, as it
cannot decode CAN_ERR_CNT.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
syslog-ng is an enhanced log daemo. Prior to version 4.8.2,
`tls_wildcard_match()` matches on certificates such as `foo.*.bar`
although that is not allowed. It is also possible to pass partial
wildcards such as `foo.a*c.bar` which glib matches but should be
avoided / invalidated. This issue could have an impact on TLS
connections, such as in man-in-the-middle situations. Version
4.8.2 contains a fix for the issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-47619
Upstream patch:
12a0624e4c
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
