mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-15 06:10:02 +00:00
Code Issues Projects Releases Wiki Activity
32,590 Commits 64 Branches 0 Tags
1c60b8ccf7a011fcac05714fc29d47bbc21c5ea3
Commit Graph

14211 Commits

Author SHA1 Message Date
Jörg Sommer 1c60b8ccf7 libtinyxml2: set CVE product to tinyxml2 
This library gets tracked with the product name tinyxml2:

https://nvd.nist.gov/products/cpe/detail/5A6C04CB-E6AD-4740-882A-34620AEC060A

Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-03 11:34:03 -08:00
Jörg Sommer c5ef63d685 libtinyxml: set CVE product to tinyxml 
This library gets tracked with the product name tinyxml:

https://nvd.nist.gov/products/cpe/detail/95BDA29F-257C-4C44-8847-25CFC107228D

Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-03 11:34:03 -08:00
Divya Chellam 5c2793258e grpc: upgrade 1.66.1 -> 1.68.0 
This includes CVE-fix for CVE-2024-11407

Changelog:
==================================
https://github.com/grpc/grpc/releases/tag/v1.68.0
https://github.com/grpc/grpc/compare/v1.66.1...v1.68.0

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-03 10:17:22 -08:00
Ayoub Zaki 338e2ff78b botan: update 3.5.0 -> 3.6.1 
* update to latest 3.6.1 Version
* add packaging for botan binary and botan-test tool

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-03 10:17:22 -08:00
Ayoub Zaki 8bdd4740b2 bmap-writer: update to latest git version 
* switch to libarchive to handle a larger decompression schemes

* implement own sha256 hashing and drop openssl dependency

* compute maximum buffer size before writing each range

* bmap file optional: if not provided, it will be searched in the same path as the input

* print time/speed of the writing operation

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-02 07:49:49 -08:00
Bartosz Szostak 33bc1313cf yyjson: add new recipe 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-02 07:49:49 -08:00
Bartosz Szostak 21ce886005 ctre: add new recipe 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-02 07:49:49 -08:00
Bartosz Szostak 5bd1d5ad77 jsoncons: add new recipe 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-02 07:49:48 -08:00
Yi Zhao 07cdb574a5 libbpf: upgrade 1.4.6 -> 1.4.7 
ChangLog:
https://github.com/libbpf/libbpf/releases/tag/v1.4.7

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:19 -08:00
Yi Zhao de93141c92 pahole: upgrade 1.27 -> 1.28 
ChangeLog:
https://git.kernel.org/pub/scm/devel/pahole/pahole.git/tree/changes-v1.28

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:18 -08:00
Yi Zhao b2f7a5e3eb tigervnc: upgrade 1.14.0 -> 1.14.1 
ChangeLog:
https://github.com/TigerVNC/tigervnc/releases/tag/v1.14.1

* Update xorg-server to 21.1.15

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:18 -08:00
Yi Zhao 1768156191 openldap: upgrade 2.6.8 -> 2.6.9 
ChangeLog:
https://www.openldap.org/software/release/changes.html

Drop 0001-fix-incompatible-pointer-type-error.patch as the issue has
been fixed upstream.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:18 -08:00
Yi Zhao f5676076df mce-inject: update to latest git rev 
7668d820 simulate a MCE event happened during TDX guest context

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:18 -08:00
Jiaying Song da361d2d7c eject: fix do_fetch error 
Change the SRC_URI to the correct value due to the following error:
WARNING: eject-2.1.5-r0.wr2401 do_fetch: Failed to fetch URL http://sources.openembedded.org/eject-2.1.5.tar.gz, attempting MIRRORS if available

Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Yi Zhao f65596ce3e nss: upgrade 3.103 -> 3.107 
* Refresh patches.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Yi Zhao bdb41e2659 nspr: upgrade 4.35 -> 4.36 
* Refresh patches.
* Drop 0001-Fix-Wincompatible-function-pointer-types.patch as the issue
  has been fixed upstream.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-01-01 19:02:17 -08:00
Wang Mingyu 4450ecbb31 parallel: upgrade 20241122 -> 20241222 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu b9bae24144 libsdl2-image: upgrade 2.8.3 -> 2.8.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:04 -08:00
Wang Mingyu 16e5e77e5d flatbuffers: upgrade 24.3.25 -> 24.12.23 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Wang Mingyu 4685607ee0 doxygen: upgrade 1.12.0 -> 1.13.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Wang Mingyu ff5f84b316 ctags: upgrade 6.1.20241222.0 -> 6.1.20241229.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-30 09:08:03 -08:00
Changqing Li 230ddc9439 poppler: upgrade 24.11.0 -> 24.12.0 
* Upgrade 24.11.0 -> 24.12.0
* Backport patch 0001-Don-t-update-pdfsig.pot-when-POT-Creation-date-is-th.patch
  to fix a parallel build issue, refer [1]

[1] https://gitlab.freedesktop.org/poppler/poppler/-/issues/1550

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-29 19:38:05 -08:00
Hongxu Jia 79fbbad63c pahole: update COMPATIBLE_HOST setting 
Due to pahole build depend on pahole, and libbpf added more architectures
to COMPATIBLE_HOST [1], add the same COMPATIBLE_HOST setting to pahole

$ echo "MACHINE = 'qemuloongarch64'" >> conf/local.conf
$ bitbake world
ERROR: Nothing PROVIDES 'libbpf' (but meta-openembedded/meta-oe/recipes-devtools/pahole/pahole_1.27.bb DEPENDS on or otherwise requires it)
libbpf was skipped: incompatible with host loongarch64-wrs-linux (not in COMPATIBLE_HOST)
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'pahole', 'libbpf']

[1] https://git.openembedded.org/meta-openembedded/commit/?id=bb8049afe96db57707afc259743e288bec456117

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-28 08:21:24 -08:00
Markus Volk b74b4cd7b2 malcontent: update 0.12.0 -> 0.13.0 
Overview of changes in malcontent 0.13.0
========================================

* Bugs fixed:
  - #48 Parental controls app: show the launcher, or merge into Settings?
    (Philip Withnall)
  - !172 Update fa.po
  - !173 Update Czech translation
  - !176 malcontent-control: Update metainfo file
  - !177 Update Swedish translation
  - !179 docs: Add list of legal references for relevant countries’ laws
  - !180 po: Update Slovenian translation
  - !181 Update Polish translation 240909
  - !182 Add Chinese translation
  - !183 application: Fix opening Settings
  - !184 malcontent-control: Call setlocale() earlier to fix early i18n
  - !185 restrict-applications-selector: Fix pending changes being lost on
    search
  - !186 libmalcontent-ui: Port to libadwaita 1.6
  - !187 app-filter: Fix logic for allowlist filtering on GAppInfo

* Translation updates:
  - Chinese (China) (lumingzh)
  - Czech (AsciiWolf)
  - Persian (Danial Behzadi)
  - Polish (Piotr Drąg)
  - Slovenian (Martin Srebotnjak)
  - Swedish (Anders Jonsson)

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 23:00:37 -08:00
Peter Marko 88faae83b2 audiofile: patch CVE-2017-6839 
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/844a7c6281eb442881330a5d36d5a0719f2870bf

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko 9d668989b1 audiofile: patch CVE-2017-6831 
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/bd5f84d301c4e74ca200a9336eca88468ec0e1f3

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko 75f2bd2b3b audiofile: fix multiple CVEs 
CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838

Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/4a1a8277bba490d227f413e218138e39f1fe1203

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko f29fbaa465 audiofile: patch CVE-2017-6829 
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/434890df2a7c131b40fec1c49e6239972ab299d2

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko 634cbcb91c audiofile: fix multiple CVEs 
CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837

Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/cc00bde57fc20d11f8fa4e8ec5f193c091714c55

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:44 -08:00
Peter Marko 74cda1df0e limwmf: upgrade 0.2.8.4 -> 0.2.13 
$ git log --oneline | grep CVE
f58c813 merge in fixes for libgd CVE-2019-6978
407a58b CVE-2017-6362
dabcb8c CVE-2016-10168
b691e47 CVE-2016-10167
16919b4 CVE-2016-9317
2208b48 CVE-2016-9011
f47cbdf CVE-2015-4696
b5ae5d1 CVE-2015-4695
879d6bf CVE-2015-0848+CVE-2015-4588
44f37ac CVE-2009-3546
7bd8ce0 CVE-2007-2756
cfc0916 CVE-2007-3477
5ec7547 CVE-2007-3473
fdd21b1 CVE-2007-3472
5588450 CVE-2007-0455
2c84480 CVE-2009-1364, Use-after-free vulnerability
b9cc022 CVE-2006-3376 Integer overflow in player.c

Adaptations:
* removed patches included in new version.
* extended buildpaths fix to pc file
* changed paths from libdir/gtk-2 to libdir/gdk-pixbuf-2.0

Test - built imagemagick (only recipe in meta-openembedded depending
on libwmf) with wmf PACKAGECONFIG.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 1ed73b79de libwmf; switched to unofficial fork 
Debian has switched to this fork in Bookworm.
If contains dozens of CVE fixes and other bugfixes.
This should make the maintenance of this package easier.

The sources are identical to those abandoned in 2002:
Only in .../tmp/work/core2-64-poky-linux/libwmf/0.2.8.4/libwmf-0.2.8.4/: autom4te.cache
Only in /tmp/caolanm/libwmf/: .git

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 2308c8b5a2 imagemagick: mark CVE-2023-5341 as fixed 
This CVE is fixed by
https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1
It is tracked as 'fixed in next version' - 7.1.2 (which does not exist)
in NVD DB.

.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git describe aa673b2e4defc7cad5bec16c4fc8324f71e531f1 --tags
7.1.1-18-4-gaa673b2e4d
.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git tag --contains aa673b2e4defc7cad5bec16c4fc8324f71e531f1 | head -n1
7.1.1-19

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 7cec219b50 imagemagick: upgrade 7.1.1-26 -> 7.1.1-43 
This fixes at least CVE-2024-41817 (in 7.1.1-36).

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 4e5fdfc423 imagemagick: refactor so devtool upgrade works 
* move version part after dash to PV
* set git tag regex

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 3d97f4c13d procmail: patch CVE-2017-16844. 
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-26%2Bdeb10u1/debian/patches/30

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 8378820dab procmail: patch CVE-2014-3618 
Take patch from Debian.
https://sources.debian.org/data/main/p/procmail/3.22-20%2Bdeb7u1/debian/patches/CVE-2014-3618.patch

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:43 -08:00
Peter Marko 9fff0040f1 id3lib: mark CVE-2007-4460 as fixed 
This is fixed in id3lib3.8.3_3.8.3-16.2.debian.tar.xz patch included in
SRC_URI.
Version 3.8.3-7 contains patch for this CVE, we use 3.8.3-16.2.
This can be verified by checking the debian/changelog within this patch
or diffing [1] and [2] and verifying that this can be reverse-applied.

[1] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-6.diff.gz
[2] https://snapshot.debian.org/archive/debian/20070819T000000Z/pool/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-7.diff.gz

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:42 -08:00
Peter Marko 9f7c1e6bd1 uw-imap: patch CVE-2018-19518 
Take patch from Debian from
https://salsa.debian.org/lts-team/packages/uw-imap/-/commit/873b07f46ce40f43bca10ec85fe63a7a0b934294

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-27 09:21:42 -08:00
Peter Marko db283053d0 synergy: patch CVE-2020-15117 
Pick commit based on [1].

Note that the pick is node from deskflow, which is open-source successor
of synergy.
If anyone uses thie recipe, it should be switched.

[1] https://github.com/deskflow/deskflow/security/advisories/GHSA-chfm-333q-gfpp

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Peter Marko c048c04101 libconfuse: patch CVE-2022-40320 
Pick patch per [1] poiting to [2] pointing to [3].

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-40320
[2] https://github.com/libconfuse/libconfuse/issues/163
[3] https://github.com/libconfuse/libconfuse/commit/d73777c2c3566fb2647727bb56d9a2295b81669b

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu 6b96d4062d uftrace: upgrade 0.16 -> 0.17 
Changelog:
===========
* New features
  Support watchpoint for global variables
  Show man pages for the given command
  Add utc_offset in the header info

* Bug fixes
  Show arguments in libraries from dlopen
  Save debug info for libraries from dlopen
  Protect FD of communication channel from being closed

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu 20e3072d96 tk: upgrade 9.0.0 -> 9.0.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu 960cbaa3fb thingsboard-gateway: upgrade 3.5.1 -> 3.5.3.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu e7d4cb2406 sip: upgrade 6.9.0 -> 6.9.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:09 -08:00
Wang Mingyu 7eafc62373 python3-drgn: upgrade 0.0.29 -> 0.0.30 
Changelog:
 https://github.com/osandov/drgn/releases/tag/v0.0.30

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00
Wang Mingyu 595e25138b ostree: upgrade 2024.9 -> 2024.10 
Changelog:
==========
- prepare-root: Add composefs.enabled=verity
- README: Update buildstream URL to new github repo
- composefs: Ensure buffer is suitably aligned for struct fsverity_digest
- core: Always sort incoming xattrs
- Fix ci
- sign-ed25519: Fix error message of validate_length
- rofiles-fuse: when fuse execution fails, rofiles-fuse still returns exit code 0
- libostree/deploy: enable composefs by default
- man: Note semantics combining root.transient with composefs.enabled

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00
Wang Mingyu f7553ec450 nvmetcli: upgrade 0.7 -> 0.8 
Changelog:
=============
- fix common misspellings from codespell project
- nvmetcli: set up the target only after the network is configured
- nvmetcli: fixup ana groupid setting for namespaces
- Documentation: fix typo
- nvmetcli: add a tcp example json
- nvmetcli: Correct xrange usage for py3
- nvmetcli: Allow different devices for make test
- nvmetcli: Report save name correctly
- test_nvmet.py: test_invalid_input fails for py3
- nvme.py: Make modprobe work for kmod lib too
- nvme.py: Sync the containing directory
- nvme.py: Explicit close is redundant
- nvmetcli: Improve IOError handling on restore
- README: Update URL for configshell-fb
- nvmetcli: don't remove ANA Group 1 on clear

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00
Wang Mingyu d61b4aa452 nano: upgrade 8.2 -> 8.3 
Changelog:
============
- A build failure with gcc-15 is fixed.
- Several translations were updated.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00
Wang Mingyu 9c04ed658b libsdl2-image: upgrade 2.8.2 -> 2.8.3 
Changelog:
 Fixed handling of grayscale images with alpha

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00
Wang Mingyu cd2e2bd0a5 ctags: upgrade 6.1.20241215.0 -> 6.1.20241222.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-12-24 08:23:08 -08:00