libpam and systemd require the settings below:
INIT_MANAGER = "systemd"
DISTRO_FEATURES:append = " pam systemd usrmerge"
So remove hardcoded libpam and systemd dependencies from DEPENDS.
Add conditional logic to include these dependencies only when
the corresponding DISTRO_FEATURES are enabled.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The commit adding update-alternatives support omitted
ALTERNATIVE_TARGET[ebtables], causing the bbclass to fall back to
constructing the target as ${sbindir}/ebtables.ebtables which does
not exist. The binary is installed as ebtables-legacy, so set
ALTERNATIVE_TARGET accordingly.
fixes QA warnings:
ebtables: alternative target does not exist, skipping
ebtables: NOT adding alternative provide /usr/sbin/ebtables
ebtables: alt_link == alt_target: /usr/sbin/ebtables == /usr/sbin/ebtables
Fixes: 584fec0f74 ("ebtables: Use update alternatives for "ebtables"")
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- This patch incorporates all previously suggested changes
- Introduced a new API function: print_result()
- Added support for configuring a dynamic number of filters when
executing replay.lua
- Added script to interact with the STM32 CAN bootloader (stm32.lua)
- Add Unified Diagnostic Services (ISO 14229-1) script written in Lua
(uds.lua)
- Various updates and fixes required by the Debian package and to be able
to get certified by Microsoft
- Added manpages
Signed-off-by: Michael Fitzmayer <mail@michael-fitzmayer.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Variable DISTRO_FEATURES_BACKFILL_CONSIDERED has been renamed
to DISTRO_FEATURES_OPTED_OUT.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The initial 3.8.2 tag pointing at 5cf0acb8 ("Update version for 3.8.2
release") was actually a pre-release and that tag has since moved.
Now that 3.8.2 has offically been released we can update the SRCREV.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fix packing of missed installed file:
| ERROR: opensc-0.27.1-r0 do_package: QA Issue: opensc: Files/directories were installed but not shipped in any package:
| /usr/share/p11-kit
| /usr/share/p11-kit/modules
| /usr/share/p11-kit/modules/opensc.module
| Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
| opensc: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
* Add a PACKAGECONFIG for glog. If it is disabled, then miniglog, which
is provided by ceres-solver, will be used instead.
* Disable CUDA and gflags. They are not expected to be found, but this
makes it explicit.
* Disable building tests and examples as they are not used anyway.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
WirePlumber 0.5.14
~~~~~~~~~~~~~~~~~~
Additions & Enhancements:
- Added per-device default volume configuration via the
``device.routes.default-{source,sink}-volume`` property, allowing device-specific volume
defaults (e.g. a comfortable default for internal speakers or no attenuation for HDMI) (!772)
- Added Lua 5.5 support; the bundled Lua subproject wrap has also been updated to 5.5.0
(!775, !788)
- Enhanced libcamera monitor to load camera nodes locally within the WirePlumber
process instead of the PipeWire daemon, eliminating race conditions that could occur
during initial enumeration and hotplug events (!790)
- Enhanced Bluetooth loopback nodes to always be created when a device supports both
A2DP and HSP/HFP profiles, simplifying the logic and making the BT profile autoswitch
setting take effect immediately without requiring device reconnection (!782)
- Enhanced Bluetooth loopback nodes to use ``target.object`` property instead of smart
filters, fixing issues that prevented users from setting them as default nodes and
also allowing smart filters to be used with them (#898; !792)
- Enhanced Bluetooth profile autoswitch logic with further robustness improvements,
including better headset profile detection using profile name patterns and resolving
race conditions by running profile switching after ``device/apply-profile`` in a
dedicated event hook (#926, #923; !776, !777, !808)
- Enhanced wpctl ``set-default`` command to accept virtual nodes (e.g.
``Audio/Source/Virtual``) in addition to regular device nodes (#896; !787)
- Improved stream linking to make the full graph rescan optional when linkable items
change, saving CPU on low-end systems and reducing audio startup latency when
connecting multiple streams in quick succession (!800)
- Allowed installation of systemd service units without libsystemd being present,
useful for distributions like Alpine Linux that allow systemd service subpackages
(!793)
- Allowed the ``mincore`` syscall in the WirePlumber systemd sandbox, required for
Mesa/EGL (e.g. for the libcamera GPUISP pipeline)
- Allowed passing ``WIREPLUMBER_CONFIG_DIR`` via the ``wp-uninstalled`` script,
useful for passing additional configuration paths in an uninstalled environment (!801)
Fixes:
- Removed Bluetooth sink loopback node, which was causing issues with KDE and GNOME (!794)
- Fixed default audio source selection to never automatically use ``Audio/Sink`` nodes
as the default source unless explicitly selected by the user (#886; !781)
- Fixed crash in ``state-stream`` when the Format parameter has a Choice for the
number of channels (#903; !795)
- Fixed BAP Bluetooth device set channel properties, where ``audio.position`` was
incorrectly serialized as a pointer address instead of the channel array (!786)
- Fixed memory leaks in ``wp_interest_event_hook_get_matching_event_types`` and in
the Lua ``LocalModule()`` implementation (!784, !810)
- Fixed HFP HF stream media class being incorrectly assigned due to
``api.bluez5.internal=true`` being set on HFP HF streams (!809)
- Fixed Lua 5.4 compatibility in ``state-stream`` script
- Updated translations: Bulgarian, Georgian, Kazakh, Swedish
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- remove backport patch
PipeWire 1.6.3 (2026-04-09)
Highlights
- Fix some RAOP compatibility regressions.
- Fix segfault in the mixer in some cases.
- Most nodes now produce and consume MIDI1 again and avoid
conversions to and from UMP.
- Various small fixes and improvements.
PipeWire
- Fix regression with sample rate changes. (#5207)
- Fix a potential integer overflow in the memory mapping.
Modules
- Align RTP timestamps to make RAOP work on more devices. (#5167)
- Avoid crashes in RTP streams because of concurrent event
emmission.
- Avoid invalid fd usage in native-protocol with special crafted
messages.
- Fix properties and params enumeration in filter-chain (#5202).
SPA
- Fix compilation with -Werror=discarded-qualifiers
- Avoid OOB read in mix matrix. (#5176)
- Avoid loading plugins from absolute paths that are not in the
search path.
- Avoid MIDI conversions to and from UMP. (#5183)
Bluetooth
- Backport some fixes and avoid some crashes.
JACK
- Make sure timebase callback is never called with 0 frames.
- Increase the notify queue to avoid losing notifications.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Some headers come from 'mm' (in the top source directory, i.e. the root of
Linux's sources), as in the exampels below:
Makefile:LOCAL_HDRS += $(selfdir)/mm/local_config.h $(top_srcdir)/mm/gup_test.h
cow.c:#include "../../../../mm/gup_test.h"
gup_longterm.c:#include "../../../../mm/gup_test.h"
gup_test.c:#include <mm/gup_test.h>
hmm-tests.c:#include <mm/gup_test.h>
uffd-unit-tests.c:#include "../../../../mm/gup_test.h"
Add this directory to KERNEL_SELFTEST_SRC if 'mm' PACKAGECONFIG is enabled.
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Add numa (numactl), as required by rmap, migration, and others.
Add liburing, otherwise some tests would be disabled.
Moreover, liburing's availability is checked in a shell script executed
prior to the compilation of the individual test cases. This script,
however, does not read CFLAGS.
Backport a fix [1] from mainline to address this issue.
[1] 7f532d19c8
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The support of libhugetlbfs was removed from mainline Linux a while ago,
since v6.1 [1].
Since libhugetlbfs was the main reason to remove 'mm' selftests for some
specific architectures, the respective operations should only remove bpf.
Update the recipe to remove libhugetlbfs as a dependency of mm, and thus
unblock this test category for some targets.
[1] 6f83d6c74e
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Since v6.10 [1], this category of selftests was renamed
to 'mm'.
Update the recipe accordingly.
I left a mention to the previous name (i.e., 'vm') just in case.
[1]: baa489fabd
Signed-off-by: João Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Mark fixed CVEs explicitly patched,because NVD tracks them without version info.
Changelog:
Security fixes:
CVE-2026-32105
CVE-2026-32107
CVE-2026-32623
CVE-2026-32624
CVE-2026-33145
CVE-2026-33516
CVE-2026-33689
CVE-2026-35512
New features:
Support for xorgxrdp bug fixes
Bug fixes:
Honour pass_shell_as_env setting only if user sets a shell
We no longer try to create a NULL authentication file when using VNC over UDS
Problems with the Brazilian ABNT2 keyboard mapping have been corrected
A 'file exists' error when installing xrdp over an existing installation has been addressed
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Fixes CVE-2026-40354: https://github.com/flatpak/xdg-desktop-portal/releases/tag/1.20.4
Also mark the CVE explicitly patched, as it is tracked without version info
at this time.
The project now has a dependency on libglnx, which by default it tries to download
from the internet during configuring. To avoid that error, this dependency is added to the SRC_URI.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
These patches are about a number of CVEs files against the application:
CVE-2025-63649, CVE-2025-63650, CVE-2025-63651, CVE-2025-63652, CVE-2025-63653, CVE-2025-63655,
CVE-2025-63656, CVE-2025-63657 and CVE-2025-63658.
These patches are taken from a pull request[1] that is referenced in the relevant bug report[2].
The patches don't target specific CVEs on separately, but they fix a number of CVEs altogether.
Based on upstream analysis (in the linked issue) a number of these CVEs are duplicates of each
other and/or not exploitable. The valid CVEs are fixed by these patches.
I haven't added specific CVE info to the patches, one hand because of the above, it is hard to
separate the patches by CVE, and secondarily because NVD tracks these CVEs with incorrect version
info: NVD considers 1.8.6 fully fixed, even though the patches are only in the master branch,
untagged at this time. After updating the recipe to 1.8.6+, the vulnerabilites will disappear
from the CVE report due to this.
[1]: https://github.com/monkey/monkey/pull/434
[2]: https://github.com/monkey/monkey/issues/426
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
- add patches to fix compilation
- add runtime dependency for python3-pycairo
Overview of Changes from GIMP 3.2.2 to GIMP 3.2.4
=================================================
Core:
- The "edit-fill-*" actions will now behave accordingly on specific
cases. E.g. it will skip layers which can't be filled (content-lock
layers and link layers) and it will fill the expected way
non-rasterized text and vector layers.
- Images opened through command lines are not considered stray images
anymore on exit when run without a GUI (scripts, etc.).
- We improved the support of the process temporary folder, so that we
can avoid clashes when several users run GIMP on a same computer.
Furthermore the temporary folder is now deleted at startup (unless
it is not empty, which it should be).
- XCF opened as layers will now always create new layers named as in
the source XCF, even if the source XCF had only a single layer.
- The "layers-resize" now only works on raster layers.
- The "Layers to Image Size" and "Resize Layer to Selection" actions
will only work on raster layers too.
Tool
- Text tool:
* When editing text, prioritize our global actions when a
shortcut matches, before sending the hit keys to the IME (Input
Method Engine). Otherwise some IME may consume our keys and block
custom shortcuts (e.g. Alt+key events are often used to trigger
special characters on macOS or Windows and may block core
actions).
* Prevent font size jumping to 0 when using shortcuts on selected
text.
- Selection tools: when moving a floating layer or selection,
temporarily disable the marching ants outline. Among other reasons,
it improves performance.
- Select by Color tool: optimized processing when working in Intersect
mode.
- Crop tool: non-raster layers are not rasterized anymore.
- Text tool: on-canvas GUI is now properly positioned when rotating
the canvas.
Plug-Ins:
- Improve import of: APNG, PAA, PNG, DDS, PSP, PNM, PSD, JIF, PVR
texture, TIM, XWD, SFW, ORA.
- Improved PDF export.
- file-compressor: improved error messaging.
- New Windows WIA scanner plug-in, replacing the now deprecated TWAIN
scanner plug-in (which is not shipped in our Windows packages
anymore as it depends on dropped 32-bit Windows platform).
- Script-Fu: several deprecated functions now cleaned out from
scripts.
- Filmstrip: the created image will now have the dirty flag set.
API:
- libgimp/PDB:
* libgimp/PDB functions gimp_context_set_line_width_unit() and
gimp_vector_layer_set_stroke_width_unit() now accept pixel as input unit.
* Improved error handling in gimp_temp_file().
* New function: gimp_resources_loaded()
- libgimp:
* A function gimp_env_exit() was added, but same as gimp_env_init(),
it is not declared in public headers and should never be used by
plug-ins. It is considered private.
* gimp_quit() function is deprecated.
- PDB:
* (gimp-quit) procedure (without libgimp wrapper) is deprecated.
Translations:
- New Lao translation.
Build:
- Many build warnings are being cleaned out.
- New jobs are being set up with -Werror progressively as we weed out
existing build warnings.
- The issue bot will now run and create reports when specific jobs
fail.
- New rules to generate Markdown versions of our man pages for the
website.
Overview of Changes from GIMP 3.2.0 to GIMP 3.2.2
=================================================
Core:
- We removed support for a separate folder for loading 32-bit binaries
on 64-bit Windows. This was being used for core plug-ins for the
TWAIN plug-in only.
- Various fixes related to the new non-destructive layer types, or to
non-destructive layer effects.
- More robust handling of Procreate and SwatchBooker palettes.
- Fix scaling paths when importing SVG as paths.
- We now support reading the documentation being installed in the user
config directory in the `help/` subdirectory.
- Histogram dialog: the unique color count feature now takes into
account any selection.
Graphical User Interface:
- Theme fixes.
- Various text fixed for better localization.
- Display the "Tab" shortcut for the "Hide Docks" action, even though
it is not a real global shortcut (it only works on the canvas).
- Metadata Rotation import dialog: you can now click the preview for
Original and Rotated images in the Metadata Rotation Import Dialog,
and have it open the image rotated as shown in the preview.
Plug-Ins:
- Tile: carry over the source image's profile to the newly created
image.
- Improve support of: FITS, TIM, PAA, ICNS, PVR, SFW, JIF, PSP, PSD
Translations:
- Serbian Cyrillic now has upstream support in InnoSetup (in their
"Unofficial" list still, which means it is less verified). Our
installer now has Serbian Cyrillic localization too.
Build:
- NM environment variable is now used in priority for the `nm` tool
used for the build. This check is stored from configure-time
environment.
- Windows x86 32-bit pipeline has now been decommissioned from our CI.
This implies that 32-bit builds won't be available anymore in our
Windows installer, just as was already the case on the Windows Store.
- Meson build:
* New boolean option -Dtwain-unmaintained: this puts our TWAIN
plug-in behind a disabled-by-default flag, because this plug-in
only made sense in 32-bit. The next step will be to replace it by
a WIA plug-in.
* Option -Dwin32-32bits-dll-folder removed.
- GIMP can now be built fully without patches on macOS. The in-house
macOS build is slowly moving to become our main CI for this OS and
for making the release DMGs.
- Snap: enable MIDI (Alsa) support.
- AppImage: enable "Send by email".
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
SRC_URI[md5sum] has been deprecated and replace it with
SRC_URI[sha256sum] for proper integrity verification.
Signed-off-by: Haiqing Bai <haiqing.bai@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop patches that were merged in this release.
Changelog:
- --get-exif , --get-all-exif added
- --reverse modifier option added for fileoperations commands
- kill -USR2 can now stop --capture-movie
- updated translations
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
