mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
23,456 Commits 64 Branches 0 Tags
0fdc4a63579c2ca67ef8438800e0596086a562dd
Commit Graph

1632 Commits

Author SHA1 Message Date
Wang Mingyu 0fdc4a6357 php: Fix install conflict when enable multilib. 
Error: Transaction test error:
  file /usr/bin/php-config conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
  file /usr/bin/phpize conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
  file /usr/include/php/main/build-defs.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686
  file /usr/include/php/main/php_config.h conflicts between attempted installs of php-dev-8.2.7-r0.core2_64 and lib32-php-dev-8.2.7-r0.i686

The differences of php-config are as follows:
@@ -8,16 +8,16 @@
 vernum="80207"
 include_dir="/usr/include/php"
 includes="-I$include_dir -I$include_dir/main -I$include_dir/TSRM -I$include_dir/Zend -I$include_dir/ext -I$include_dir/ext/date/lib"
-ldflags=" -L/usr/lib64"
+ldflags=" -L/usr/lib"
 libs="-lcrypt  -lc-client  -lrt -lcrypt -lpam -lbz2 -lrt -lm -ldl  -lxml2 -lssl -lcrypto -lsqlite3 -lz -lxml2 -lssl -lcrypto -lsqlite3 -lxml2 -lxml2 -lxml2 -lxml2 -lz -lssl -lcrypto -lcrypt "
-extension_dir='/usr/lib64/php8/extensions/no-debug-non-zts-20220829'
+extension_dir='/usr/lib/php8/extensions/no-debug-non-zts-20220829'
 man_dir=`eval echo /usr/share/man`
 program_prefix=""
 program_suffix=""
 exe_extension=""
 php_cli_binary=NONE
 php_cgi_binary=NONE
-configure_options=" '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=m
 ysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
  -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
+configure_options=" '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mysqli=mysqlnd' '--with-pdo-mysql=mys
 qlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS
 =' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"

The differences of phpize are as follows:
@@ -4,7 +4,7 @@
 prefix='/usr'
 datarootdir='/usr/php'
 exec_prefix="`eval echo /usr`"
-phpdir="`eval echo /usr/lib64/php8`/build"
+phpdir="`eval echo /usr/lib/php8`/build"
 includedir="`eval echo /usr/include`/php"
 builddir="`pwd`"
 SED="sed"

The differences of build-defs.h are as follows:
@@ -14,7 +14,7 @@
    +----------------------------------------------------------------------+
 */

-#define CONFIGURE_COMMAND " '../php-8.2.7/configure'  '--build=x86_64-linux' '--host=x86_64-poky-linux' '--target=x86_64-poky-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib64' '--with-gettext=/usr/lib64/..' '--with-zlib=/usr/lib64/..' '--with-iconv=/usr/lib64/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib64/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-m
 ysqli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib64/..' '--with-pdo-sqlite=/usr/lib64/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=x86_64-poky-linux' 'target_alias=x86_64-poky-linux' 'PKG_CONFIG_PATH=/usr/lib64/pkgconfig:/usr/share/pkgconfig://usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib64/pkgconfig' 'CC=x86_64-poky-linux-gcc -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -Wl,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=x86_64-poky-linux-gcc -E --sysroot= -m64 -march=core2 -mtune=core2 -msse3 -mf
 pmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security' 'CXX=x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
+#define CONFIGURE_COMMAND " '../php-8.2.7/configure'  '--build=x86_64-linux' '--host=i686-pokymllib32-linux' '--target=i686-pokymllib32-linux' '--prefix=/usr' '--exec_prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--libexecdir=/usr/libexec' '--datadir=/usr/share' '--sysconfdir=/etc' '--sharedstatedir=/com' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include' '--oldincludedir=/usr/include' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--disable-silent-rules' '--disable-dependency-tracking' '--with-libtool-sysroot=' '--enable-mbstring' '--enable-fpm' '--with-libdir=lib' '--with-gettext=/usr/lib/..' '--with-zlib=/usr/lib/..' '--with-iconv=/usr/lib/..' '--with-bz2=/usr' '--with-config-file-path=/etc/php/apache2-php8' 'ac_cv_c_bigendian_php=no' '--enable-sockets' '--enable-pcntl' '--enable-shared' '--disable-rpath' '--with-pic' '--libdir=/usr/lib/php8' '--disable-static' '--with-imap=' '--with-imap-ssl=' '--disable-ipv6' '--disable-mbregex' '--with-mys
 qli=mysqlnd' '--with-pdo-mysql=mysqlnd' '--enable-opcache' '--with-openssl' '--without-pgsql' '--disable-soap' '--with-sqlite3=/usr/lib/..' '--with-pdo-sqlite=/usr/lib/..' '--with-valgrind=no' '--enable-nls' 'build_alias=x86_64-linux' 'host_alias=i686-pokymllib32-linux' 'target_alias=i686-pokymllib32-linux' 'PKG_CONFIG_PATH=/usr/lib/pkgconfig:/usr/share/pkgconfig:/ubinux-dev/ubinux001/contribution/build_xh/tmp/work/i686-pokymllib32-linux/lib32-php/8.2.7-r0/recipe-sysroot//usr/share/pkgconfig' 'PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig' 'CC=i686-pokymllib32-linux-gcc -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I/usr/include/apache2 -DHAVE_LIBDL ' 'LDFLAGS=-Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fcanon-prefix-map -W
 l,-z,relro,-z,now -ldl ' 'CPPFLAGS=' 'CPP=i686-pokymllib32-linux-gcc -E --sysroot= -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64' 'CXX=i686-pokymllib32-linux-g++ -m32 -march=i686 -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -D_TIME_BITS=64 -D_FILE_OFFSET_BITS=64 --sysroot=' 'CXXFLAGS= -O2 -pipe -g -feliminate-unused-debug-types -fcanon-prefix-map -fvisibility-inlines-hidden'"
 #define PHP_ODBC_CFLAGS        ""
 #define PHP_ODBC_LFLAGS                ""
 #define PHP_ODBC_LIBS          ""
@@ -24,12 +24,12 @@
 #define PHP_PROG_SENDMAIL      "/usr/sbin/sendmail"
 #define PEAR_INSTALLDIR         ""
 #define PHP_INCLUDE_PATH       ".:"
-#define PHP_EXTENSION_DIR       "/usr/lib64/php8/extensions/no-debug-non-zts-20220829"
+#define PHP_EXTENSION_DIR       "/usr/lib/php8/extensions/no-debug-non-zts-20220829"
 #define PHP_PREFIX              "/usr"
 #define PHP_BINDIR              "/usr/bin"
 #define PHP_SBINDIR             "/usr/sbin"
 #define PHP_MANDIR              "/usr/share/man"
-#define PHP_LIBDIR              "/usr/lib64/php8"
+#define PHP_LIBDIR              "/usr/lib/php8"
 #define PHP_DATADIR             "/usr/share"
 #define PHP_SYSCONFDIR          "/etc"
 #define PHP_LOCALSTATEDIR       "/var"

The differences of php_config.h are as follows:
@@ -2064,7 +2064,7 @@
 /* #undef SIZEOF_INTMAX_T */

 /* The size of `long', as computed by sizeof. */
-#define SIZEOF_LONG 8
+#define SIZEOF_LONG 4

 /* The size of `long long', as computed by sizeof. */
 #define SIZEOF_LONG_LONG 8
@@ -2079,7 +2079,7 @@
 #define SIZEOF_SHORT 2

 /* The size of `size_t', as computed by sizeof. */
-#define SIZEOF_SIZE_T 8
+#define SIZEOF_SIZE_T 4

 /* Size of ssize_t */
 #define SIZEOF_SSIZE_T 8

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-07-30 09:42:55 -04:00
Martin Jansa 0d361748b8 giflib: fix build with gold and avoid imagemagick-native dependency 
* avoid imagemagick-native like upstream did in:
  https://sourceforge.net/p/giflib/code/ci/d54b45b0240d455bbaedee4be5203d2703e59967/

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-07-17 20:07:57 -04:00
Soumya Sambu 6ff0748a47 php: Upgrade to 8.1.29 
Includes fix for CVE-2024-5458, CVE-2024-2408 and other bugs

Changelog:
https://www.php.net/ChangeLog-8.php#8.1.29

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-27 11:32:38 -04:00
nikhil 383cc5f413 giflib: upgrade to version 5.2.2 
Upgrade to latest version giflib v5.2.2.

This version fixes bugs listed in link below:
Link: https://sourceforge.net/p/giflib/code/ci/5.2.2/tree/NEWS

Fixes for CVE-2023-48161, CVE-2022-28506, CVE-2023-39742
Link: https://clients.neighbourhood.ie/yocto/1-40.html#:~:text=CVE%2D2023%2D39742%3A%20giflib%3Agiflib%2Dnative

Added dependency on ImageMagick which includes "convert" utility,
to ensure availability of required tool during compilation process.

Add patch to rename binary used in Makefile from
"convert" to "convert.im7" as installed by imagemagick package.

Drop CVE-2022-28506.patch as it is fixed in this version.

Signed-off-by: Bhabu Bindu <bhabubindu@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-27 11:25:28 -04:00
Vijay Anusuri bbbe4d5320 yajl: backport Debian patch for CVE-2022-24795 
import patch from ubuntu to fix
 CVE-2022-24795

Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/yajl/tree/debian/patches/?h=ubuntu%2Ffocal-security
Upstream commit
https://github.com/ppisar/yajl/commit/23cea2d7677e396efed78bbf1bf153961fab6bad]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-27 11:23:55 -04:00
Rob Woolley 9fd5ae9132 sip3: Fix segmentation fault 
The first version of this patch introduced a problem with python3-pyqt5.
Python emitted the following error message when one attempted to import
PyQt5.Qt:

  ImportError: dynamic module does not define module export function (PyInit_Qt)

This came about due to segfault in sip when executed in do_configure of
python3-pyqt5.  This resulted in a zero-length sipQtcmodule.c file being
produced.  This compiled successfully which meant no build failure was
observed.

The segfault was caused by a mistake in backporting the patch from SIP 6.
The generateCompositeCpp() function uses the generate_include_sip_h()
helper function in later versions which doesn't exist in SIP 4.

We must replace the first parameter passed to isPY_SSIZE_T_CLEAN() from
mod to pt->module to account for this. The change is not necessary for
generateInternalAPIHeader()

To simplify the patch we can remove the generated lexer and parser files
and run flex and bison in do_configure instead.

Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Tested-by: Toby Flynn <campingandskiing@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-27 11:21:40 -04:00
Archana Polampalli 3eb9002ce7 nodejs: fix CVE-2023-46809 
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-02 15:10:59 -04:00
Archana Polampalli 17db7e96c4 nodejs: fix CVE-2024-22025 
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-02 15:09:02 -04:00
Archana Polampalli 7b468c6f83 nodejs: fix CVE-2024-22019 
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-02 15:08:41 -04:00
Soumya Sambu 5085c443d0 php: upgrade 8.1.22 -> 8.1.28 
Upgrade php to 8.1.28

Security fixes:
    CVE-2024-3096
    CVE-2024-2756

https://www.php.net/ChangeLog-8.php#8.1.28

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-05-26 15:22:08 -04:00
nikhil ca4f69e66c giflib: Fix CVE CVE-2022-28506 
There is a heap buffer overflow in DumpScreen2RGB() in gif2rgb.c.  This
occurs when a crafted gif file, where size of color table is < 256 but
image data contains pixels with color code highier than size of color
table. This causes oferflow of ColorMap->Colors array.

Fix the issue by checking if value of each pixel is within bounds of
given color table. If the value is out of color table, print error
message and exit.

Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-04-28 13:10:23 -04:00
virendra thakur 1915dcb8e8 nodejs: Set CVE_PRODUCT to "node.js" 
Set CVE_PRODUCT to 'node.js' for nodjs recipe

Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-02-28 08:18:18 -05:00
Archana Polampalli caef559130 cjson: upgrade 1.7.15 -> 1.7.17 
The following CVEs are addressed in this release.
CVE-2023-50471
CVE-2023-50472

https://github.com/DaveGamble/cJSON/releases/tag/v1.7.17

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-01-12 07:14:16 -05:00
Rob Woolley 1cd6f3e074 sip3: Add py_ssize_t_clean argument 
An unintentional breakage was made upstream in sip4 which results
in builds reporting: QtCoremod.sip:23: syntax error

This was reported in Debian, but not resolved:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998605

A backport of a fix from the upstream project fixes the parser to
prevent it from complaining about the syntax error.

Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-01-12 07:14:16 -05:00
Rob Woolley b1e99bedbf sip3: Add sipconfig.py 
Add the destdir option to ensure that sipconfig.py gets installed to the
site-packages directory and included in python3-sip3.

Remove references to the build paths from sipconfig.py as part of the
install stage.  One may then prepend STAGING_DIR_NATIVE to sip_bin and
STAGING_DIR_TARGET to *_dir in any recipe that uses sipconfig.py.

Signed-off-by: Rob Woolley <rob.woolley@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-01-12 07:14:16 -05:00
Soumya 7f5ded2c88 yasm: fix CVE-2023-37732 
Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c
and /elf/elf.c, which allows the attacker to cause a denial of service via a
crafted file.

References:
https://github.com/yasm/yasm/issues/233
https://nvd.nist.gov/vuln/detail/CVE-2023-37732

Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 41fffef6b0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-01-12 07:14:16 -05:00
Richard Purdie c6b90f27a4 meta-oe: Drop broken BBCLASSEXTEND variants 
The command "bitbake universe -c fetch" currently throws a ton of warnings
as there are many 'impossible' dependencies.

In some cases these variants may never have worked and were just added by copy
and paste of recipes. In some cases they once clearly did work but became
broken somewhere along the way. Users may also be carrying local bbappend files
which add further BBCLASSEXTEND.

Having universe fetch work without warnings is desireable so clean up the broken
variants. Anyone actually needing something dropped here can propose adding it
and the correct functional dependencies back quite easily. This also then
ensures we're not carrying or fixing things nobody uses.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9962d57f7c)
Backport:
* Updated paths to follow PV changes
* Adapted modified recipes to the ones generating warnings
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-11-17 10:49:04 -05:00
Mingli Yu 3f0d6ed420 nlohmann-json: Add ptest support 
* Fetch the test data during do_fetch phase to avoid internet access
during test as some tests need test data.
 # ./run-ptest
PASS: test-algorithms
PASS: test-allocator
PASS: test-alt-string
PASS: test-assert_macro
PASS: test-bson
PASS: test-byte_container_with_subtype
PASS: test-capacity
PASS: test-cbor
PASS: test-class_const_iterator
PASS: test-class_iterator
PASS: test-class_lexer
PASS: test-class_parser
PASS: test-comparison
PASS: test-concepts
PASS: test-constructor1
PASS: test-constructor2
PASS: test-convenience
PASS: test-conversions
PASS: test-conversions_cpp17
PASS: test-deserialization
PASS: test-diagnostics
PASS: test-disabled_exceptions
PASS: test-element_access1
PASS: test-element_access2
PASS: test-hash
PASS: test-inspection
PASS: test-items
PASS: test-items_cpp17
PASS: test-iterators1
PASS: test-iterators2
PASS: test-json_patch
PASS: test-json_pointer
PASS: test-large_json
PASS: test-merge_patch
PASS: test-meta
PASS: test-modifiers
PASS: test-msgpack
PASS: test-noexcept
PASS: test-ordered_json
PASS: test-ordered_map
PASS: test-pointer_access
PASS: test-readme
PASS: test-reference_access
PASS: test-regression1
PASS: test-regression1_cpp17
PASS: test-regression2
PASS: test-regression2_cpp17
PASS: test-serialization
PASS: test-testsuites
PASS: test-to_chars
PASS: test-ubjson
PASS: test-udt
PASS: test-udt_macro
PASS: test-unicode1
PASS: test-unicode2
PASS: test-unicode3
PASS: test-unicode4
PASS: test-unicode5
PASS: test-user_defined_input
PASS: test-wstring

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-11-15 08:41:33 -05:00
Richard Purdie 8274d201cb suiteparse: Adapt to upstream branch name changes 
meta-oe master branch already made this change.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-11-03 10:49:44 -04:00
Polampalli, Archana d3ee870fb0 nodejs: fix CVE-2022-25883 
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression
Denial of Service (ReDoS) via the function new Range, when untrusted user data is
provided as a range.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-25883

Upstream patches:
https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-09-04 11:59:59 -04:00
Sourav Pramanik 7c127728e7 nlohmann-json: Avoid usage of nobranch=1 
The usage of nobranch=1 in SRC_URI allows using unprotected branches.

This change updates the real branch name in place of nobranch=1.

Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-08-30 13:41:52 -04:00
Sourav Pramanik a76c87aa0a rapidjson: Avoid usage of nobranch=1 
The usage of nobranch=1 in SRC_URI allows using unprotected branches.

This change updates the real branch name in place of nobranch=1.

Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-08-30 13:41:52 -04:00
Polampalli, Archana 20ed5727af php: upgrade 8.1.16 -> 8.1.22 
Upgrade php to 8.1.22

Security fixes:
    CVE-2023-3824
    CVE-2023-3823
    CVE-2023-3247

https://www.php.net/ChangeLog-8.php#8.1.22

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-08-25 10:39:46 -04:00
Polampalli, Archana 529620141e nodejs: upgrade 16.20.1 -> 16.20.2 
This release contains bug fixes only.
The following CVEs have been addressed:

CVE-2023-32002
CVE-2023-32006
CVE-2023-32559

$ git log --oneline v16.20.1..v16.20.2
dadbde963f (tag: v16.20.2) 2023-08-09, Version 16.20.2 'Gallium' (LTS)
d8ccfe9ad4 policy: handle Module.constructor and main.extensions bypass
242aaa0caa policy: disable process.binding() when enabled
40c3958a5a  deps: update archs files for OpenSSL-1.1.1v
a9ac9da89a deps: fix openssl crypto clean
362d4c7494 deps: upgrade openssl sources to OpenSSL_1_1_1v
7447de2794 Working on v16.20.2

https://github.com/nodejs/node/releases/tag/v16.20.2

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-08-11 10:32:04 -04:00
Polampalli, Archana 83f5741bd5 yasm: fix CVE-2023-31975 
yasm v1.3.0 was discovered to contain a memory leak via the function
yasm_intnum_copy at /libyasm/intnum.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-31975
https://github.com/yasm/yasm/issues/210

Upstream patches:
https://github.com/yasm/yasm/commit/b2cc5a1693b17ac415df76d0795b15994c106441

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-08-03 16:47:53 -04:00
Polampalli, Archana 8814f25902 nodejs: upgrade 16.19.1 -> 16.20.1 
Drop the gcc13.patch as it has been merged in 16.20.1
    56cbc7fdda deps: V8: cherry-pick c2792e58035f

The list of the CVEs are fixed in this relase:

    CVE-2023-30581
    CVE-2023-30585
    CVE-2023-30588
    CVE-2023-30589
    CVE-2023-30590

https://nodejs.org/en/blog/release/v16.20.0
https://nodejs.org/en/blog/release/v16.20.1

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-07-16 15:30:53 -04:00
Hitendra Prajapati 297bc1cc64 yajl: CVE-2023-33460 memory leak in yajl_tree_parse function 
Upstream-Status: Backport from https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-07-02 11:19:22 -04:00
Peter Marko d7ece8be99 grpc: ignore CVE-2023-32732 
It was introduced in in v1.53.0 and not backported to v1.46.x branch.
NVD references PR which intrioduces the vulnerability:
  https://github.com/grpc/grpc/pull/32309#issuecomment-1589561295

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-07-02 11:17:52 -04:00
Arash Partow a82d92c8a6 ExprTk: Update package to release/0.0.2 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0522e66a26)
[The SRC_URI HASH no longer exists in repo so use 0.0.2 version]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-06-19 09:17:01 -04:00
Adrian Zaharia 5bb0b48228 lapack: add packageconfig for lapacke 
backport of commit:
   d799db35d lapack: add packageconfig for lapacke

Signed-off-by: Adrian Zaharia <Adrian.Zaharia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-06-15 07:47:55 -04:00
Xiangyu Chen 09a027b488 Revert "pahole: fix native package build error" 
This reverts commit 0cc8e22c46.

The pahole-native package should use the header from libbpf instead of linux-libc-headers,
the 0cc8e22c would cause compile error, so revert it.

Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-23 23:12:46 -04:00
Khem Raj 4cc7363978 nodejs: Fix build with gcc13 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-19 09:46:38 -04:00
Martin Jansa ac933b0d1e abseil-cpp: backport a fix for build with gcc-13 
* needed for abseil-cpp-native on hosts with gcc-13"

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-19 09:46:05 -04:00
Chee Yang Lee 9e539aaed6 capnproto: upgrade to 0.9.2 
upgrade include fix for CVE-2022-46149

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-09 06:51:22 -04:00
Xiangyu Chen 0cc8e22c46 pahole: fix native package build error 
pahole-native package needs some uapi headers such like linux/btf.h,
otherwise it would report error as below:

btf_loader.c:342:54: error: invalid use of undefined type ‘struct btf_enum64’

Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-05-06 07:42:05 -04:00
Martin Jansa 207807733e pahole: respect libdir 
* use the same expression as cmake.bbclass is using:
  CMAKE_INSTALL_LIBDIR:PATH=${@os.path.relpath(d.getVar('libdir'), d.getVar('prefix') + '/')}
  but ${baselib} should work here as well

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-04-13 08:26:08 -04:00
BINDU b97dbaac66 flatbuffers: adapt for cross-compilation environments 
Flatbuffers contains a library and a schema compiler. The package
contains cmake files to discover the libraries and the compiler tool.
Currently, all of these cmake files are installed into the target
sysroot. However, the compiler utility isn't installed into the sysroot
(as it is not runnable on the build machine).

When an application that depends on flatbuffers gets built, it uses
flatbuffers' exported cmake targets to configure the project. One of the
exported targets is FlatcTarget.cmake which expects to see flatc binary
in /usr/bin of the sysroot. Since binaries for target don't end up in
target sysroot, cmake configuration fails.

This patch addresses this problem of flatbuffers' build infrastructure
in cross-compiling environments. By removing FlatcTarget.cmake for
target builds from the sysroot we essentially skip this step of
flatbuffers' configuration.

Signed-off-by: Ivan Stepic <Ivan.Stepic@bmw.de>
Signed-off-by: Bhabu Bindu <bindudaniel1996@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-04-13 08:23:09 -04:00
Polampalli, Archana 9cf4ebeb3d nodejs: Upgrade 16.19.0 -> 16.19.1 
The following CVEs fixed in this version:
     CVE-2023-23918
     CVE-2023-23919
     CVE-2023-23920
     CVE-2023-23936
     CVE-2023-24807

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-13 08:58:37 -04:00
Tom Hochstein acd692b775 nlohmann-json: Allow empty main package for SDK 
The header-only package cannot be included in the SDK without marking
the main package with ALLOW_EMPTY.

Fixes rootfs problem:
```
The following packages have unmet dependencies:
 imx-gpu-sdk : Depends: nlohmann-json but it is not installable
E: Unable to correct problems, you have held broken packages.
```

Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f9c9e7a448)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-13 08:58:37 -04:00
Mingli Yu 9d4bbb9b32 php: Upgrade to 8.1.16 
Upgrade php to 8.1.16 [1].

[1] https://www.php.net/ChangeLog-8.php#8.1.16

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-13 08:58:37 -04:00
Andrej Valek 54960c549b grpc: upgrade 1.46.6 -> 1.46.7 
Includes fix for CVE-2023-0286

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-03-05 07:52:09 -05:00
Tim Orling 278ec081a6 nodejs: upgrade 16.18.1 -> 16.19.0 
* 16.18.0 (npm 8.19.2) introduced a regression in git+ssh urls
  - https://github.com/nodejs/node/issues/44992
  - https://github.com/npm/cli/pull/5761

https://nodejs.org/ko/blog/release/v16.19.0/

License-Update: Clarify vendored OpenSSL Toolkit is OpenSSL and SSLeay
License-Update: JS Foundation -> OpenJS Foundation

https://github.com/nodejs/node/commit/e7ed56f501389978e4619ab697a812631c4061ff

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-02-04 12:16:38 -05:00
Andrej Valek 06fb36d33c grpc: upgrade 1.45.2 -> 1.46.6 
Backporting the version from master (1.50.1) would a big risk. So use the
version 1.46.6 which also includes fixes of bundled z-lib library.

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2023-01-29 11:19:58 -05:00
Mingli Yu 352d7f8205 php: Upgrade to 8.1.12 
This is a security release[1].

[1] https://www.php.net/ChangeLog-8.php#8.1.12

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-12-26 14:15:26 -05:00
Archana Polampalli 1c7063e57d Nodejs: Fixed python3 DeprecationWarning 
Distutils package and pipes are deprecated and slated for removal in Python 3.13 for Nodejs 16.18
Replaced distutils with setuptools

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
 2022-12-20 10:00:29 -05:00
He Zhe bfe2aea83b protobuf: upgrade 3.19.4 -> 3.19.6 
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-12-11 16:18:47 -05:00
Archana Polampalli 08b6b6846a Nodejs - Upgrade to 16.18.1 
* Drop Openssl legacy provider patch and install both binaries patch
  which are already available in 16.x
* Refresh native binaries patch against 16.x base

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-11-19 11:19:11 -05:00
wangmy 8c62aaa67e php: upgrade 8.1.9 -> 8.1.10 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2e768a2846)
[Bug fix only release]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-09-20 08:17:56 -04:00
Wang Mingyu 3cd6cc5dec php: upgrade 8.1.8 -> 8.1.9 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 610b8fdfd4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2022-09-15 08:30:26 -04:00
Enrico Scholz 035d9c61e8 nodejs-oe-cache-native: initial checkin 
This implements an 'npm cache add' like functionality but allows to
specify the key of the data and sets metadata which are required to
find the data.

It is used to cache information as done during 'npm install'.

Keyformat and metadata are nodejs version specific.

Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2022-09-15 08:17:25 -04:00