Commit Graph

1320 Commits

Author SHA1 Message Date
Gyorgy Sarvari 22a2ae9646 openjpeg: patch CVE-2026-6192
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-6192

Backport the patch referenced by the NVD advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
(cherry picked from commit 09050325e6)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-29 10:14:29 +05:30
Ankur Tyagi 39924b5b88 libvncserver: fix CVE-2026-32854
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32854

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-13 12:40:21 +05:30
Ankur Tyagi c56964fcf2 libvncserver: fix CVE-2026-32853
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-32853

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-13 12:40:21 +05:30
Gyorgy Sarvari 86dc3a4fe4 openjpeg: patch CVE-2023-39327
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-39327

Take the patch that is used by OpenSUSE to mitigate this vulnerability.
Upstream seems to be unresponsive to this issue.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit fdddf2bdd3)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-03-24 08:52:13 +05:30
Alexandre Truong 4d3e2639de source-han-sans-*-fonts: rename downloaded files in SRC_URI
In commit [0], we've switched away from SVN fetcher in SRC_URI.
The archives downloaded are named SourceHanSans*.zip
They are named this way regardless of the version 1.004 or 2.004.
So when the new archives checksums are tested, the fetcher will
look for the old archives with the same name in the DL_DIR.
>From [1], there are checksum failures due to given checksums not
matching the ones in DL_DIR. Thus, downloaded archives are renamed
following their package name and version.

[0]: https://git.openembedded.org/meta-openembedded/commit/?id=36a1e36e1272ca50e5dba0c4cf25ee3ff8b8f1c9
[1]: https://autobuilder.yoctoproject.org/typhoon/#/builders/156/builds/367/steps/16/logs/errors

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Alexandre Truong <alexandre.truong@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 08e414d496)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-03-03 13:08:08 +05:30
Gyorgy Sarvari 7e98075d47 tigervnc: mark CVE-2024-0408 and CVE-2024-0409 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-0408
https://nvd.nist.gov/vuln/detail/CVE-2024-0409

Both of these vulnerabilities were fixed[1][2] in xserver 21.1.11,
just mark them patched.

[1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/8d825f72da71d6c38cbb02cf2ee2dd9e0e0f50f2
[2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/a4f0e9466f3bc7073a8f0c28a581211c2d7adf0e

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-12 13:38:13 +05:30
Gyorgy Sarvari 14972f0f6a fontforge: patch CVE-2025-15270
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15270

Pick the patch that mentions this vulnerbaility explicitly
in its description.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit 15f2f350cc)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:53 +05:30
Gyorgy Sarvari 867af88ada fontforge: patch CVE-2025-15269
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15269

Pick the patch that refers to this vulnerability ID explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit 449999f676)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:53 +05:30
Gyorgy Sarvari 22b196ccb5 fontforge: patch CVE-2025-15275
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15275

Pick the patch that mentions this vulnerability ID explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit edc3b69cef)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:52 +05:30
Gyorgy Sarvari 8854244ac5 fontforge: patch CVE-2025-15279
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15279

Pick the patch that mentions this vulnerability ID explicitly.
Also, this patch has caused some regression - pick the patch also
that fixed that regression.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
(cherry picked from commit 21418bce90)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:52 +05:30
Gyorgy Sarvari 79e3760935 tigervnc: ignore CVE-2025-26594...26601
Ignore the following CVEs: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596,
CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601

Details:
https://nvd.nist.gov/vuln/detail/CVE-2025-26594
https://nvd.nist.gov/vuln/detail/CVE-2025-26595
https://nvd.nist.gov/vuln/detail/CVE-2025-26596
https://nvd.nist.gov/vuln/detail/CVE-2025-26597
https://nvd.nist.gov/vuln/detail/CVE-2025-26598
https://nvd.nist.gov/vuln/detail/CVE-2025-26599
https://nvd.nist.gov/vuln/detail/CVE-2025-26600
https://nvd.nist.gov/vuln/detail/CVE-2025-26601

TigerVNC compiles its own xserver, this is why these CVEs are associated
with it - despite the vulnerabilities being in xserver.

All of these vulnerabilities were fixed by the same PR[1], which has
been part of xserver since version 21.1.16 (the currently used xserver
version in TigerVNC is 21.1.18).

Due to this, ignore these vulnerabilities, and just mark them as patched.

[1]: https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1830

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4924e89bb7)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:49 +05:30
Gyorgy Sarvari 859698874e tigervnc: ignore CVE-2023-6478
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-6478

TigerVNC compiles its own xserver, this is why this CVE is associated
with it - despite the vulnerability being in xserver.

The vulnerability was fixed by [1] (from the nvd report), which has been
backported[2] to the xserver version used by the recipe - so ignore the
CVE, since it's patched already.

[1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632
[2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/58e83c683950ac9e253ab05dd7a13a8368b70a3c

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 62a78f8ba7)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:48 +05:30
Gyorgy Sarvari cfcf8dd2e9 tigervnc: ignore CVE-2023-6377
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-6377

TigerVNC compiles its own xserver, this is why this CVE is associated
with it - despite the vulnerability being in xserver.

The vulnerability was fixed by [1] (from the nvd report), which has been
backported[2] to the xserver version used by the recipe - so ignore the
CVE, since it's patched already.

[1]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd
[2]: https://gitlab.freedesktop.org/xorg/xserver/-/commit/a7bda3080d2b44eae668cdcec7a93095385b9652

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f691f2178b)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:48 +05:30
Gyorgy Sarvari e846385dac tigervnc: ignore CVE-2014-8241
Details: https://nvd.nist.gov/vuln/detail/CVE-2014-8241

The vulnerability is about a potential null-pointer dereference, because
of a malloc result is not verified[1].

The vulnerable code has been refactored since completely[2], and the code isn't
present anymore in the codebase.

[1]: https://github.com/TigerVNC/tigervnc/issues/993#issuecomment-612874972 - attachment
[2]: https://github.com/TigerVNC/tigervnc/commit/b8a24f055f1a29886d8b18bb3f0902144dc5bd14

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ed8a1038d2)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:48 +05:30
Gyorgy Sarvari db5577f533 tigervnc: sync xserver component with oe-core
oe-core has a newer version of xserver than this recipe used to compile
TigerVNC with. This recipe updates xserver to the same version, 21.1.18.

TigerVNC only started to support this xserver version 2 versions later,
with 1.13. Due to this 3 commits were backported that add the missing
changes.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-02-09 09:35:47 +05:30
Ankur Tyagi a0292cd209 jasper: patch CVE-2024-31744
Details https://nvd.nist.gov/vuln/detail/CVE-2024-31744

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-12-17 11:45:20 +05:30
Pavel Zhukov 2e0e65ecaa fbida: Require opengl feature for pdf only
Don't require it for entire distro if pdf package config disabled.

Signed-off-by: Pavel Zhukov <pavel@zhukoff.net>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f22451b51b)
Signed-off-by: Chris Laplante <chris.laplante@agilent.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-28 11:27:05 -08:00
Khem Raj c031af8d73 fvwm: Fix buildpaths QA Errors
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 228c3483e2)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-19 16:52:48 +05:30
Khem Raj d55fea5d43 libforms: Remove buildpaths from fd2ps and fdesign scripts
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 181409fef4)
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-19 08:46:55 +05:30
Wang Mingyu 68747f1f7e feh: upgrade 3.10.2 -> 3.10.3
Changelog:
==========
* Fix feh not respecting aspect ratio of thumbnails that are smaller than
  --thumb-width and --thumb-height
* Fix --no-recursive behaving like --recursive
* Fix rotation by 180° corrupting images
* Speed up --sort=size and --sort=mtime by caching stat(2) calls

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2775cdb58c)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-17 10:15:53 +05:30
Ankur Tyagi be9ed1a359 libspiro: upgrade 20221101 -> 20230902
Changelog:
https://github.com/fontforge/libspiro/releases/tag/20240902

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-17 10:15:53 +05:30
Ankur Tyagi a177472288 jasper: upgrade 4.1.1 -> 4.1.2
Changelog:
https://github.com/jasper-software/jasper/releases/tag/version-4.1.2

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-17 10:15:53 +05:30
Wang Mingyu e6bfce8cf2 openjpeg: upgrade 2.5.3 -> 2.5.4
CVE-2025-54874.patch
removed since it's included in 2.5.4

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2cc8169042)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-17 10:15:06 +05:30
Gyorgy Sarvari 64f50262ee spriv-shader-generator: fix SRC_URI branch
Master ranch was renamed to main.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-12 11:32:41 +05:30
Gyorgy Sarvari ab1b3dca32 xf86-video-armsoc: fix SRC_URI
The previously used repo was moved to freedesktop's gitlab instance,
causing fetching failures.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-12 11:32:41 +05:30
Gyorgy Sarvari 5fd1c77d91 libvdpau: update SRC_URI
The old repository was moved to a new freedesktop gitlab instance,
causing fetching faulres.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-12 11:32:41 +05:30
Ankur Tyagi e97091b159 neatvnc: upgrade 0.8.0 -> 0.8.1
Changelog
https://github.com/any1/neatvnc/compare/v0.8.0...v0.8.1

This release fixes CVE-2024-42458
Details https://nvd.nist.gov/vuln/detail/cve-2024-42458

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-12 10:44:37 +05:30
Randolph Sapp 34093c56ae glm: add nativesdk to BBCLASSEXTEND
This is a header only package. It may be useful to the native machine
but it is definitely useful for the nativesdk machine.

Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-08 06:11:03 +05:30
Gyorgy Sarvari adf3b111c3 jasper: patch CVE-2025-8837
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8837

Pick the patch from the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-10-30 14:43:30 +08:00
Gyorgy Sarvari 10196085ab jasper: patch CVE-2025-8836
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8836

Pick the patch mentioned in the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-10-30 14:43:30 +08:00
Gyorgy Sarvari 7c893fb155 jasper: patch CVE-2025-8835
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-8835

Pick the patch from the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-10-30 14:43:30 +08:00
Khem Raj c5e3b885f2 gtkwave: Add libtirpc to depends
It was missing as the recipe is using --with-tirpc

Signed-off-by: Khem Raj <raj.khem@gmail.com>

Adapted for Walnascar
Signed-off-by: Gyorgy Sarvari <gyorgy.sarvari@gmail.com>
(cherry picked from commit 8832aa3ca8)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-09-23 16:30:14 +08:00
Marc Ferland a05db3fd5c libvncserver: fix generated LibVNCServerTargets.cmake
The currently generated LibVNCServerTargets.cmake will include the
following 'set_target_properties':

    set_target_properties(LibVNCServer::vncclient PROPERTIES
      INTERFACE_INCLUDE_DIRECTORIES "${_IMPORT_PREFIX}/include"
      INTERFACE_LINK_LIBRARIES "systemd;/usr/lib/libz.so;/usr/lib/liblzo2.so;/usr/lib/libjpeg.so;/usr/lib/libgcrypt.so;/usr/lib/libgnutls.so"
    )

INTERFACE_LINK_LIBRARIES here points to absolute paths which hardcodes
the library paths. From CMake doc [1]:

    Note that it is not advisable to populate the INTERFACE_LINK_LIBRARIES
    of a target with absolute paths to dependencies. That would hard-code
    into installed packages the library file paths for dependencies as
    found on the machine the package was made on.

This breaks krfb build (kde desktop sharing server) since CMake cannot
find these libraries. Removing the absolute paths solves the issue.

Note: I also added a 'inherit pkgconfig' since libvncserver uses it to
detect libsystemd presence.

1: https://cmake.org/cmake/help/latest/prop_tgt/INTERFACE_LINK_LIBRARIES.html

Signed-off-by: Marc Ferland <marc.ferland@sonatest.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2156942867)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-09-23 16:30:13 +08:00
Peter Marko 06a0862287 fontforge: patch CVE-2024-25081 and CVE-2024-25082
Pick commit from PR [1] linked from [2] and [3] which mlso entions both
these CVEs.

[1] https://github.com/fontforge/fontforge/pull/5367
[2] https://nvd.nist.gov/vuln/detail/CVE-2024-25081
[3] https://nvd.nist.gov/vuln/detail/CVE-2024-25082

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 1e6dbd183b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-09-23 16:30:12 +08:00
Hitendra Prajapati e930b71d14 openjpeg: fix for CVE-2025-54874
Upstream-Status: Backport https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
(cherry picked from commit 5d0643f194)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-09-23 16:30:12 +08:00
Randolph Sapp dcef3fff75 vulkan-cts: allow vulkan versions > 1.3
Backport a patch from upstream that allows vulkan-cts to work with
Vulkan version greater than 1.3. Previously any unknown Vulkan versions
will return 0 when we attempt to locate the minimum version with
minVulkanAPIVersion.

Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
2025-09-12 08:15:11 +08:00
Vijay Anusuri 0468aae77f openjpeg: upgrade 2.5.0 -> 2.5.3
Includes fix for CVE-2024-56826 and CVE-2024-56827

ChangeLog:
https://github.com/uclouvain/openjpeg/blob/v2.5.3/NEWS.md

* Refresh 0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-03-03 07:58:15 -05:00
Alexandre Truong 81e606b329 source-han-sans-*-fonts: Switch away from SVN fetcher in SRC_URI
We get fetch errors from the SRC_URI provided. See errors at [0].
svn protocol was used but it's not supported by github anymore
So, an http url will be passed instead.

* For the record the svn protocol itself isn't deprecated in bitbake
fetcher, just github no longer provides a svn access as mentioned in [1]

* github no longer provides support for subversion clients [2]
it was shut down on 2024-01-08 [3]

* The sha256sum has also been changed since the previous one was
for the 1.004 release's archive, while we are on 2.004.

[0]: https://autobuilder.yoctoproject.org/typhoon/#/builders/156/builds/353/steps/16/logs/errors
[1]: https://git.openembedded.org/bitbake/commit/?h=master&id=a735898abcf056f897c9350bb128a5637e6b4617
[2]: https://docs.github.com/en/enterprise-server@3.11/get-started/working-with-subversion-on-github/support-for-subversion-clients
[3]: https://github.blog/2023-01-20-sunsetting-subversion-support/

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-03-03 07:57:49 -05:00
Hieu Van Nguyen dda0d53326 gphoto2: Fix contains reference to TMPDIR [buildpaths] warning
Remove ${RECIPE_SYSROOT} path from ${B}/config.h to fix the QA warning:
WARNING: gphoto2-2.5.28-r0 do_package_qa: QA Issue: File /usr/bin/gphoto2 in package gphoto2 contains reference to TMPDIR [buildpaths]

Signed-off-by: Hieu Van Nguyen <hieu2.nguyen@lge.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2025-01-20 19:46:16 -05:00
Chen Qi 78751d3726 graphviz: remove obsolete and problematic patch
Remove 0001-Set-use_tcl-to-be-empty-string-if-tcl-is-disabled.patch.

This patch is obsolete and not needed because the current graphviz
configure.ac has correct logic of checking use_tcl. This use_tcl
variable needs to be set when '--disable-tcl' is set, otherwise,
things will behave as if no option is supplied and the configure
process will check tcl automatically.

This patch is problematic because its logic against the current version
is wrong. The recipe has already explicitly set '--disable-tcl', so
the configure process should not do automatic checking for tcl at do_configure.

This patch fixes do_configure error when host has tcl8.6-dev installed. The
error is like below:

  QA Issue: This autoconf log indicates errors, it looked at host include and/or
  library paths while determining system capabilities.
  Rerun configure task after fixing this. [configure-unsafe]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-11-09 14:32:39 -05:00
Yogita Urade ec85533ee5 graphviz: fix CVE-2023-46045
Graphviz 2.36 before 10.0.0 has an out-of-bounds read via a
crafted config6a file. NOTE: exploitability may be uncommon
because this file is typically owned by root.

CVE-2023-46045-0003.patch is the CVE fix and CVE-2023-46045-0001.patch,
CVE-2023-46045-0002.patch are dependent commits to fix the CVE.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2023-46045

Upstream patches:
https://gitlab.com/graphviz/graphviz/-/commit/361f274ca901c3c476697a6404662d95f4dd43cb
https://gitlab.com/graphviz/graphviz/-/commit/3f31704cafd7da3e86bb2861accf5e90c973e62a
https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-08-03 11:58:41 -04:00
Alexandre Videgrain c336a5880a openbox: fix crash on alt+tab with fullscreen app
Apply an openbox patch to openbox recipe to fix crashes on alt+tab with
fullscreen app.

Github issue: https://github.com/openembedded/meta-openembedded/issues/837

Signed-off-by: Alexandre Videgrain <alexandre.videgrain@smile.fr>
Suggested-by: Ludovic Jozeau <ludovic.jozeau@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 85132c1621)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-07-17 20:02:19 -04:00
Randolph Sapp 30c7e5b94f vulkan-cts: add workaround for createMeshShaderMiscTestsEXT
Remove the CXX flag "-O2" for GCC 13 and 14. There's a bug with ARM GCC
that breaks the iteration of "types" in the createMeshShaderMiscTestsEXT
function. This issue is not present for clang or x86_64 GCC 14.

It seems that the array is not initialized before the first iteration.
In testing this can result in a random value being used. This can
manifest in LINES type being processed twice, resulting in the following
error:

FATAL ERROR: Failed to initialize dEQP: Test case with non-unique name
'no_lines' added to group 'misc'.

Signed-off-by: Randolph Sapp <rs@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-06-26 07:31:38 -04:00
Ross Burton a67c2d04a0 renderdoc: remove vim-native DEPENDS
This need for this was removed in 2016[1]

[1] https://github.com/baldurk/renderdoc/commit/fff93a4bcc036f8288fd31dcdd1209fea36b9b58

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-30 11:00:35 -07:00
Ninette Adhikari e7fdb6c5b2 st: Update status for CVE-2017-16224
The recipe used in the meta-openembedded is a different st package compared to the one which has the CVE issue.
Package used in meta-embedded: https://st.suckless.org/
Package with CVE issue: https://www.npmjs.com/package/st
No action required.

Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-30 11:00:33 -07:00
Khem Raj 6819f825ca ydotool: Do not package systemd unit files on non-systemd distros
Fixes

ERROR: ydotool-1.0.4+git-r0 do_package: QA Issue: ydotool: Files/directories were installed but not shipped in any package:
  /usr/lib
  /usr/lib/systemd
  /usr/lib/systemd/user
  /usr/lib/systemd/user/ydotoold.service

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-21 10:52:51 -07:00
Wang Mingyu c3e7f60408 st: upgrade 0.9.1 -> 0.9.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-21 10:52:49 -07:00
Wang Mingyu f5b5519e11 gtkwave: upgrade 3.3.117 -> 3.3.119
Changelog:
===========
-Fix stems reader processing code broken in 3.3.114.
-Update xml2stems to handle newer "loc" vs "fl" xml tags.
-Change preg_regex_c_1 decl to use regex_t* as datatype.
-Move gtkwave.appdata.xml to
-io.github.gtkwave.GTKWave.metainfo.xml.
-Fixed popen security advisories:
-Fixed FST security advisories:
-Fixed evcd2vcd security advisories:
-Fixed VCD security advisories:
-Fixed VZT security advisories:
-Fixed LXT2 security advisories:
-Remove FST_DO_MISALIGNED_OPS.
-Update lz4 to current version from github.
-Change LZ4_compress to LZ4_compress_default.
-Update libghw.c/.h to latest upstream version.
-Fix for -Wsign-compare in fstapi.c.
-Security fixes for GHW.
-Fix left shift of a negative number warning in fstapi.c.
-Fix ctrl-A behavior for SST filter entry.
-Fix for bad shmat return value in main.c.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-21 10:52:43 -07:00
Andre Paiusco 2776bca345 ydotool: Add new package
Add ydotool, generic cli automation tool for whatever input
(keyboard, mouse, etc.)

Reviewed-by: Khem Raj <raj.khem@gmail.com>
Reviewed-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Andre Paiusco <andre.paiusco@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-21 10:52:41 -07:00
alperak 050286a953 Use PYTHON_SITEPACKAGES_DIR instead of hard-coded site-packages directory path
The following paths have been replaced with PYTHON_SITEPACKAGES_DIR:

- "${libdir}/${PYTHON_DIR}/site-packages"
- "${libdir}/python${PYTHON_BASEVERSION}/site-packages"
- "${libdir}/python*/site-packages"
- "${libdir}/python3.*/site-packages"

Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2024-04-21 10:52:39 -07:00