mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-20 11:38:34 +00:00
Code Issues Projects Releases Wiki Activity
32,566 Commits 63 Branches 0 Tags
0141277159fb21cfbcff5dd4b13aaa1def677235
Commit Graph

32566 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wang Mingyu
0141277159 python3-trio: upgrade 0.27.0 -> 0.28.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Wang Mingyu
0458249e18 python3-starlette: upgrade 0.42.0 -> 0.44.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Wang Mingyu
f024c3cb14 python3-pyppmd: upgrade 1.1.0 -> 1.1.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Wang Mingyu
39fe27dd0f python3-pybcj: upgrade 1.0.2 -> 1.0.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
f25d9e1e36 python3-pulsectl: upgrade 24.11.0 -> 24.12.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
fe9e2f002d python3-path: upgrade 17.0.0 -> 17.1.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
0d103d49a1 python3-libusb1: upgrade 3.1.0 -> 3.2.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
5feffebf92 python3-kiwisolver: upgrade 1.4.7 -> 1.4.8 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
d0cbaaadc1 python3-coverage: upgrade 7.6.9 -> 7.6.10 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:16 -08:00
Wang Mingyu
4a44b90e35 python3-astroid: upgrade 3.3.7 -> 3.3.8 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:15 -08:00
Wang Mingyu
4450ecbb31 parallel: upgrade 20241122 -> 20241222 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu
84cb88feb3 memcached: upgrade 1.6.33 -> 1.6.34 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu
b9bae24144 libsdl2-image: upgrade 2.8.3 -> 2.8.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu
03cbeb5018 libnet-dns-perl: upgrade 1.47 -> 1.49 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu
16e5e77e5d flatbuffers: upgrade 24.3.25 -> 24.12.23 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Wang Mingyu
4685607ee0 doxygen: upgrade 1.12.0 -> 1.13.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Wang Mingyu
ff5f84b316 ctags: upgrade 6.1.20241222.0 -> 6.1.20241229.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Changqing Li
230ddc9439 poppler: upgrade 24.11.0 -> 24.12.0 
* Upgrade 24.11.0 -> 24.12.0
* Backport patch 0001-Don-t-update-pdfsig.pot-when-POT-Creation-date-is-th.patch
  to fix a parallel build issue, refer [1]

[1] https://gitlab.freedesktop.org/poppler/poppler/-/issues/1550

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-29 19:38:05 -08:00
Hongxu Jia
79fbbad63c pahole: update COMPATIBLE_HOST setting 
Due to pahole build depend on pahole, and libbpf added more architectures
to COMPATIBLE_HOST [1], add the same COMPATIBLE_HOST setting to pahole

$ echo "MACHINE = 'qemuloongarch64'" >> conf/local.conf
$ bitbake world
ERROR: Nothing PROVIDES 'libbpf' (but meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.27.bb DEPENDS on or otherwise requires it)
libbpf was skipped: incompatible with host loongarch64-wrs-linux (not in COMPATIBLE_HOST)
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'pahole', 'libbpf']

[1] https://git.openembedded.org/meta-openembedded/commit/?id=bb8049afe96db57707afc259743e288bec456117

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-28 08:21:24 -08:00
Markus Volk
5bb3125e1c gegl: update 0.4.50 -> 0.4.52 
required for gimp-3.0.0-RC2 release

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-28 00:14:59 -08:00
Markus Volk
b74b4cd7b2 malcontent: update 0.12.0 -> 0.13.0 
Overview of changes in malcontent 0.13.0
========================================

* Bugs fixed:
  - #48 Parental controls app: show the launcher, or merge into Settings?
    (Philip Withnall)
  - !172 Update fa.po
  - !173 Update Czech translation
  - !176 malcontent-control: Update metainfo file
  - !177 Update Swedish translation
  - !179 docs: Add list of legal references for relevant countries’ laws
  - !180 po: Update Slovenian translation
  - !181 Update Polish translation 240909
  - !182 Add Chinese translation
  - !183 application: Fix opening Settings
  - !184 malcontent-control: Call setlocale() earlier to fix early i18n
  - !185 restrict-applications-selector: Fix pending changes being lost on
    search
  - !186 libmalcontent-ui: Port to libadwaita 1.6
  - !187 app-filter: Fix logic for allowlist filtering on GAppInfo

* Translation updates:
  - Chinese (China) (lumingzh)
  - Czech (AsciiWolf)
  - Persian (Danial Behzadi)
  - Polish (Piotr Drąg)
  - Slovenian (Martin Srebotnjak)
  - Swedish (Anders Jonsson)

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 23:00:37 -08:00
Peter Marko
88faae83b2 audiofile: patch CVE-2017-6839 
Use patch from buildroot:
844a7c6281

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko
9d668989b1 audiofile: patch CVE-2017-6831 
Use patch from buildroot:
bd5f84d301

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko
75f2bd2b3b audiofile: fix multiple CVEs 
CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838

Use patch from buildroot:
4a1a8277bb

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko
f29fbaa465 audiofile: patch CVE-2017-6829 
Use patch from buildroot:
434890df2a

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko
634cbcb91c audiofile: fix multiple CVEs 
CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837

Use patch from buildroot:
cc00bde57f

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko
74cda1df0e limwmf: upgrade 0.2.8.4 -> 0.2.13 
$ git log --oneline | grep CVE
f58c813 merge in fixes for libgd CVE-2019-6978
407a58b CVE-2017-6362
dabcb8c CVE-2016-10168
b691e47 CVE-2016-10167
16919b4 CVE-2016-9317
2208b48 CVE-2016-9011
f47cbdf CVE-2015-4696
b5ae5d1 CVE-2015-4695
879d6bf CVE-2015-0848+CVE-2015-4588
44f37ac CVE-2009-3546
7bd8ce0 CVE-2007-2756
cfc0916 CVE-2007-3477
5ec7547 CVE-2007-3473
fdd21b1 CVE-2007-3472
5588450 CVE-2007-0455
2c84480 CVE-2009-1364, Use-after-free vulnerability
b9cc022 CVE-2006-3376 Integer overflow in player.c

Adaptations:
* removed patches included in new version.
* extended buildpaths fix to pc file
* changed paths from libdir/gtk-2 to libdir/gdk-pixbuf-2.0

Test - built imagemagick (only recipe in meta-openembedded depending
on libwmf) with wmf PACKAGECONFIG.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
1ed73b79de libwmf; switched to unofficial fork 
Debian has switched to this fork in Bookworm.
If contains dozens of CVE fixes and other bugfixes.
This should make the maintenance of this package easier.

The sources are identical to those abandoned in 2002:
Only in .../tmp/work/core2-64-poky-linux/libwmf/0.2.8.4/libwmf-0.2.8.4/: autom4te.cache
Only in /tmp/caolanm/libwmf/: .git

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
2308c8b5a2 imagemagick: mark CVE-2023-5341 as fixed 
This CVE is fixed by
aa673b2e4d
It is tracked as 'fixed in next version' - 7.1.2 (which does not exist)
in NVD DB.

.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git describe aa673b2e4defc7cad5bec16c4fc8324f71e531f1 --tags
7.1.1-18-4-gaa673b2e4d
.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git tag --contains aa673b2e4defc7cad5bec16c4fc8324f71e531f1 | head -n1
7.1.1-19

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
7cec219b50 imagemagick: upgrade 7.1.1-26 -> 7.1.1-43 
This fixes at least CVE-2024-41817 (in 7.1.1-36).

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
4e5fdfc423 imagemagick: refactor so devtool upgrade works 
* move version part after dash to PV
* set git tag regex

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
3d97f4c13d procmail: patch CVE-2017-16844. 
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-26%2Bdeb10u1/debian/patches/30

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
8378820dab procmail: patch CVE-2014-3618 
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-20%2Bdeb7u1/debian/patches/CVE-2014-3618.patch

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko
9fff0040f1 id3lib: mark CVE-2007-4460 as fixed 
This is fixed in id3lib3.8.3_3.8.3-16.2.debian.tar.xz patch included in
SRC_URI.
Version 3.8.3-7 contains patch for this CVE, we use 3.8.3-16.2.
This can be verified by checking the debian/changelog within this patch
or diffing [1] and [2] and verifying that this can be reverse-applied.

[1] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-6.diff.gz
[2] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-7.diff.gz

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:42 -08:00
Peter Marko
e44f3251b5 spice: set CVE-2016-2150 status to fixed 
Debian has fixed this CVE with [1].
That patch is taken from [2].

.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git describe 69628ea13
v0.13.1-190-g69628ea1
.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git tag --contains 69628ea13
v0.13.2

[1] https://sources.debian.org/patches/spice/0.12.5-1%2Bdeb8u5/CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch/
[2] 69628ea137

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:42 -08:00
Peter Marko
9f7c1e6bd1 uw-imap: patch CVE-2018-19518 
Take patch from Debian from
873b07f46c

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:42 -08:00
Yi Zhao
30580f909a strongswan: upgrade 5.9.14 -> 6.0.0 
ChangeLog:
https://github.com/strongswan/strongswan/releases/tag/6.0.0

The aes, curve25519, des, fips-prf, gmp, hmac, md5, pkcs12, rc2, sha1,
sha2 plugins are not enabled by default[1]. Remove these plugins from
RDEPENDS and add PACKAGECONFIG for them.

[1] https://github.com/strongswan/strongswan/blob/6.0.0/NEWS#L38

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-26 11:12:37 -08:00
Yi Zhao
a3c4d70afb networkmanager: upgrade 1.48.10 -> 1.50.0 
ChangeLog:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.50.0/NEWS

Drop 0001-libnm-systemd-core-Disable-sd_dhcp6_client_set_duid_.patch as
it has been merged upstream.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-26 11:12:37 -08:00
Yi Zhao
44c18d1fb6 frr: upgrade 10.1.1 -> 10.2 
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.2

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-26 11:12:37 -08:00
Hongxu Jia
2a4de5168a python3-beautifulsoup4,python3-soupsieve: fix loop dependency error 
While recipe build depends on python3-beautifulsoup4-native and
python3-soupsieve-native, it failed at fix loop dependency error
...
|ERROR: Task virtual:native:meta-openembedded/meta-python/
recipes-devtools/python/python3-soupsieve_2.6.bb:do_populate_sysroot
has circular dependency on virtual:native:meta-openembedded/
meta-python/recipes-devtools/python/python3-beautifulsoup4_4.12.3.bb:do_populate_sysroot
...

Correct runtime depends as class-target override to workaround

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-26 11:12:37 -08:00
Peter Marko
db283053d0 synergy: patch CVE-2020-15117 
Pick commit based on [1].

Note that the pick is node from deskflow, which is open-source successor
of synergy.
If anyone uses thie recipe, it should be switched.

[1] https://github.com/deskflow/deskflow/security/advisories/GHSA-chfm-333q-gfpp

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko
95b8d055db opusfile: patch CVE-2022-47021 
This patch is mentioned in [1] and [2].

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-47021
[2] https://github.com/xiph/opusfile/issues/36

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko
c048c04101 libconfuse: patch CVE-2022-40320 
Pick patch per [1] poiting to [2] pointing to [3].

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-40320
[2] https://github.com/libconfuse/libconfuse/issues/163
[3] d73777c2c3

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko
9ff3f634f9 rtmpdump: add +git to PV 
We fetch newer hash than 2.4 version.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko
d7758a8d0c rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed 
This CVE is marked as fixed by Debian.
Extracting Debian jessie Debian sources [1] shows 4 commits uses for
backports. All these commits are already included in current hash
([2]-[5]).

../tmp/work/core2-64-poky-linux/rtmpdump/2.4/git$ git log | grep 'commit \(10b580aabcec1621b25518271ba1ab2b018be88e\|...\|4312322107a94c81d3ec5b98f91bc6b923551dc5\)'
commit 530f9bb2a02a78c1198fb2bf0293a12d225e4691
commit 4312322107a94c81d3ec5b98f91bc6b923551dc5
commit 39ec7eda489717d503bc4cbfaa591c93205695b6
commit 10b580aabcec1621b25518271ba1ab2b018be88e

[1] https://snapshot.debian.org/archive/debian/20170704T094954Z/pool/main/r/rtmpdump/rtmpdump_2.4%2B20150115.gita107cef-1%2Bdeb8u1.debian.tar.xz
[2] 10b580aabc
[3] 39ec7eda48
[4] 530f9bb2a0
[5] 4312322107

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko
59d3949e3e apache2: ignore CVE-1999-1237 
This vulnerability is for Apache-AuthenSmb module.
Fixed in 0.9, current version is 0.72.
In any case, not part of Apache2 sources.

[1] points to [2], which is archived under [3]

[1] https://nvd.nist.gov/vuln/detail/CVE-1999-1237
[2] http://www.securityfocus.com/archive/1/14384
[3] https://web.archive.org/web/20020618143426/http://online.securityfocus.com/archive/1/14384

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu
6b96d4062d uftrace: upgrade 0.16 -> 0.17 
Changelog:
===========
* New features
  Support watchpoint for global variables
  Show man pages for the given command
  Add utc_offset in the header info

* Bug fixes
  Show arguments in libraries from dlopen
  Save debug info for libraries from dlopen
  Protect FD of communication channel from being closed

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu
20e3072d96 tk: upgrade 9.0.0 -> 9.0.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu
960cbaa3fb thingsboard-gateway: upgrade 3.5.1 -> 3.5.3.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu
e7d4cb2406 sip: upgrade 6.9.0 -> 6.9.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00