e64c857b02
webmin: patch CVE-2017-17089
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-17089
Pick the patch referenced in the nvd report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
(cherry picked from commit 85933945fbankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:56 +05:30
9655a3d880
webmin: patch CVE-2017-15644, CVE-2017-15645 and CVE-2017-15646
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15644
https://nvd.nist.gov/vuln/detail/CVE-2017-15645
https://nvd.nist.gov/vuln/detail/CVE-2017-15646
Pick the patch mentioned in the nvd report (same patch is marked to
fix all three vulnerabilities).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
(cherry picked from commit 4c602e88b9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:56 +05:30
e8eea380c9
apache2: ignore CVE-2025-3891
...
The vulnerability was reported against mod_auth_openidc, which module
is a 3rd party one, and not part of the apache2 source distribution.
The affected module is not part of the meta-oe universe currently,
so ignore the CVE.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 11fc309ae9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:55 +05:30
d55fea5d43
libforms: Remove buildpaths from fd2ps and fdesign scripts
...
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 181409fef4anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:55 +05:30
edb76382f0
pcp: Fix contains reference to TMPDIR [buildpaths] warnings
...
WARNING: pcp-6.0.5-r0 do_package_qa: QA Issue: File /etc/pcp.conf in package pcp contains reference to TMPDIR [buildpaths]
WARNING: pcp-6.0.5-r0 do_package_qa: QA Issue: File /usr/include/pcp/builddefs in package pcp-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: alperak <alperyasinak1@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e7053ca6b6anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:55 +05:30
65b4b21110
rsyslog: set status for CVE-2015-3243
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3243
The issue is about file permissions: by default rsyslog creates world-readable
files. In case a log message contains some sensitive information, then that's
exposed to every user on the system.
However the rsyslog.conf file that is shipped with the recipe solves it: it
already sets non-world-readable default permissions on all files, so this
vulnerability is fixed in the default OE recipe.
See also this package in OpenSuse[1], where it is solved the same way.
[1]: https://build.opensuse.org/requests/619439/changes (rsyslog.conf.in)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-19 08:46:50 +05:30
55d4df5300
python3-passlib: add python3-misc as a depencency
...
python3-passlib requires 'timtit' at runtime which is part of python3-misc
Issue #1001
Signed-off-by: Michael Wyraz <mw@brick4u.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 82f17c4afeanuj.mittal@oss.qualcomm.com >
2025-11-17 13:52:41 +05:30
11d30147cb
python3-transitions: add native support
...
Issue #997
Signed-off-by: Michael Wyraz <mw@brick4u.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit ac8e1757adanuj.mittal@oss.qualcomm.com >
2025-11-17 13:52:41 +05:30
ac810a91ee
python3-passlib: add native support
...
Issue #998
Signed-off-by: Michael Wyraz <mw@brick4u.de >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit d786d02d22anuj.mittal@oss.qualcomm.com >
2025-11-17 13:52:14 +05:30
23c3bdefbe
squid: patch CVE-2025-62168
...
Pick commit mentioned in NVD CVE report.
Conflict in src/errorpage.cc resolved per patch from Debian bookworm.
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 11:50:20 +05:30
6b689aa132
minifi-cpp: fix python shebang in minifi-python
...
Replace '/usr/bin/env python' with '/usr/bin/env python3' in the scripts
under ${libexecdir}/minifi-python.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 11:50:20 +05:30
9e96944f42
rtmpdump: mark CVE-2015-8270, CVE-2015-8271 and CVE-2015-8272 as fixed
...
This CVE is marked as fixed by Debian.
Extracting Debian jessie Debian sources [1] shows 4 commits uses for
backports. All these commits are already included in current hash
([2]-[5]).
../tmp/work/core2-64-poky-linux/rtmpdump/2.4/git$ git log | grep 'commit \(10b580aabcec1621b25518271ba1ab2b018be88e\|...\|4312322107a94c81d3ec5b98f91bc6b923551dc5\)'
commit 530f9bb2a02a78c1198fb2bf0293a12d225e4691
commit 4312322107a94c81d3ec5b98f91bc6b923551dc5
commit 39ec7eda489717d503bc4cbfaa591c93205695b6
commit 10b580aabcec1621b25518271ba1ab2b018be88e
[1] https://snapshot.debian.org/archive/debian/20170704T094954Z/pool/main/r/rtmpdump/rtmpdump_2.4%2B20150115.gita107cef-1%2Bdeb8u1.debian.tar.xz
[2] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/10b580aabcec1621b25518271ba1ab2b018be88e
[3] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/39ec7eda489717d503bc4cbfaa591c93205695b6
[4] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/530f9bb2a02a78c1198fb2bf0293a12d225e4691
[5] https://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/4312322107a94c81d3ec5b98f91bc6b923551dc5
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit d7758a8d0cskandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 11:50:20 +05:30
1a6b962e47
proftpd: set status of CVE-2001-0027
...
This ancient CVE [1] is unversioned ("*") in NVD DB.
"mod_sqlpw module in ProFTPD does not reset a cached password..."
Looking at history and changelog, the module was removed [2] around
the time when this CVE was published, likely as reaction to this CVE.
"mod_sqlpw.c, mod_mysql.c and mod_pgsql.c have been REMOVED from the
distribution. They are currently unmaintained and have numerous bugs."
Note: It was later re-introduced as mod_sql when it got fixed under
new maintainer.
[1] https://nvd.nist.gov/vuln/detail/CVE-2001-0027
[2] https://github.com/proftpd/proftpd/blob/v1.3.8b/NEWS#L3362
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 03a1b56bc7skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 11:50:20 +05:30
03f418d36b
linuxptp: ignore CVE-2024-42861
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-42861
The vulnerability report is considered to be bogus and a non-issue
(or at least not a security issue) by upstream[1] and by major
Linux distros[2][3][4].
[1]: https://lists.nwtime.org/sympa/arc/linuxptp-devel/2024-09/msg00080.html
[2]: Ubuntu: https://ubuntu.com/security/CVE-2024-42861
[3]: Debian: https://security-tracker.debian.org/tracker/CVE-2024-42861
[4]: Suse: https://bugzilla.suse.com/show_bug.cgi?id=1230935
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 11:50:20 +05:30
da046dd9e0
audiofile: mark CVE-2020-18781 as patched
...
Per [1] this CVE is already patched by commit [2].
This can be also verified with yocto build.
Running without this patch:
root@qemux86-64:~# sfconvert poc.wav output format wave
malloc(): corrupted top size
Aborted
Running with it:
root@qemux86-64:~# sfconvert poc.wav output format wave
Audio File Library: Bad number of coefficients [error 62]
Could not open file 'poc.wav' for reading.
[1] https://github.com/mpruett/audiofile/issues/56
[2] https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 68f55c158eskandigraun@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:16:55 +05:30
ab86e1f967
audiofile: patch CVE-2018-13440 and CVE-2018-17059
...
Details:
https://nvd.nist.gov/vuln/detail/CVE-2018-13440
https://nvd.nist.gov/vuln/detail/CVE-2018-17059
The patches have been backported from Debian - upstream
has been inactive for almost a decade by now.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e16a7d11d1anuj.mittal@oss.qualcomm.com >
2025-11-17 10:16:55 +05:30
5613d8330c
audiofile: patch CVE-2019-13147 and CVE-2022-24599
...
Details: https://nvd.nist.gov/vuln/detail/CVE-2019-13147
https://nvd.nist.gov/vuln/detail/CVE-2022-24599
These patches are used by opensuse to mitigate the corresponding vulnerabulities.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 8ef997336aanuj.mittal@oss.qualcomm.com >
2025-11-17 10:16:55 +05:30
5287390c05
remmina: add DEPENDS on curl
...
remmina has a hard dependency on curl [1]. This doesn't result in an
error on branches with gtk4 because curl gets pulled in via vte ->
gtk4 -> gstreamer-plugins-bad -> curl.
Add an explicit DEPENDS on curl to reflect the dependency.
[1] https://github.com/FreeRDP/Remmina/blob/a8afdd728d215791e3ce2ebc0411569529cd0296/src/CMakeLists.txt#L259
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:16:55 +05:30
8343ef75dd
redis: Update status for CVE-2022-3734
...
CVE only applies for Windows.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 36bb521a13adongare@cisco.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:16:55 +05:30
72cf12a3c7
botan: patch CVE-2024-34703
...
Details https://nvd.nist.gov/vuln/detail/CVE-2024-34703
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
5e2e28b4ab
cryptsetup: upgrade 2.7.4 -> 2.7.5
...
Release Notes:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.5-ReleaseNotes
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit cf174f190dankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
df482b962c
cryptsetup: upgrade 2.7.3 -> 2.7.4
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit a403ed1c3eankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
fe68830763
cryptsetup: upgrade 2.7.2 -> 2.7.3
...
Changelog:
============
* Do not allow formatting LUKS2 with Opal SED (hardware encryption)
* Fixes to wiping LUKS2 headers after Opal locking area erase.
* Mention the need for possible PSID revert before Opal format for some
drives (man page).
* Fix Bitlocker-compatible code to ignore newly seen metadata entries.
* Fix interactive query retry if LUKS2 unbound keyslot is present.
* Detect unsupported zoned devices for LUKS header devices.
* Allow "capi" cipher format for benchmark command and fix parsing
of plain IV in "capi" format.
* Add support for HCTR2 encryption mode.
* Source code now uses SPDX license identifiers instead of full
license preambles.
* Fix missing includes for cryptographic backend that could cause
compilation errors for some systems.
* Fix tests to work correctly in FIPS mode with recent OpenSSL 3.2.
* Fix various (mostly false positive) issues detected by Coverity.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 7916a5c55aankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
e7e1a613d1
redis: upgrade 6.2.20 -> 6.2.21
...
Changelog:
https://github.com/redis/redis/releases/tag/6.2.21
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
855b23cf2c
redis: upgrade 7.2.11 -> 7.2.12
...
and refresh patches
Changelog:
https://github.com/redis/redis/releases/tag/7.2.12
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 73978fa1ffankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
75cb5178de
redis-plus-plus: upgrade 1.3.11 -> 1.3.12
...
Changelog:
https://github.com/sewenew/redis-plus-plus/releases/tag/1.3.12
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
68747f1f7e
feh: upgrade 3.10.2 -> 3.10.3
...
Changelog:
==========
* Fix feh not respecting aspect ratio of thumbnails that are smaller than
--thumb-width and --thumb-height
* Fix --no-recursive behaving like --recursive
* Fix rotation by 180° corrupting images
* Speed up --sort=size and --sort=mtime by caching stat(2) calls
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 2775cdb58cankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
be9ed1a359
libspiro: upgrade 20221101 -> 20230902
...
Changelog:
https://github.com/fontforge/libspiro/releases/tag/20240902
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
a177472288
jasper: upgrade 4.1.1 -> 4.1.2
...
Changelog:
https://github.com/jasper-software/jasper/releases/tag/version-4.1.2
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:53 +05:30
e6bfce8cf2
openjpeg: upgrade 2.5.3 -> 2.5.4
...
CVE-2025-54874.patch
removed since it's included in 2.5.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 2cc8169042ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
2327d77ba7
libbpf: upgrade 1.4.6 -> 1.4.7
...
ChangLog:
https://github.com/libbpf/libbpf/releases/tag/v1.4.7
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 07cdb574a5ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
e7179ec91a
libbpf: upgrade 1.4.5 -> 1.4.6
...
Changelog:
===========
- BPF skeleton forward compatibility fix
- BTF endianness inheritance bug fix
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 5bb9ed684bankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
d8fbe2d5cd
libbpf: upgrade 1.4.3 -> 1.4.5
...
Changelog:
============
- fix BPF skeleton forward/backward compat handling
- detect broken PID filtering logic for multi-uprobe
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9773b1358eankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
b41189a637
libbpf: upgrade 1.4.2 -> 1.4.3
...
Changelog:
Fix libbpf unintentionally dropping FD_CLOEXEC flag when (internally) duping FDs.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 8fc8a8ee0eankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
0110b3c028
libbpf: upgrade 1.4.0 -> 1.4.2
...
Changelog:
===========
- remove unnecessary struct_ops prog validity check
- handle yet another corner case of nulling out struct_ops program
- fix libbpf_strerror_r() handling unknown errors
- libbpf: improve early detection of doomed-to-fail BPF program loading
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 368ed98e7eankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
ff87862031
audit: fix build when systemd is enabled.
...
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e68145b002ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
80adc2113c
audit: Fix CVE_PRODUCT
...
Fix "audit" set in CVE_PRODUCT to "linux:audit" to detect only vulnerabilities where the vendor is "linux".
Currently, CVE_PRODUCT also detects vulnerabilities where the vendor is "visionsoft",
which are unrelated to the "audit" in this recipe.
https://www.opencve.io/cve?vendor=visionsoft&product=audit
In addition, all the vulnerabilities currently detected in "audit" have the vendor of "visionsoft" or "linux".
Therefore, fix "audit" set in CVE_PRODUCT to "linux:audit".
Signed-off-by: Shinji Matsunaga <shin.matsunaga@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit e87e51da49ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
4fc68d0837
audit: upgrade 4.0.1 -> 4.0.2
...
ChangeLog:
- Fix musl C builds
- Many code cleanups
- Use atomic variables if available for signal related flags
- Dont rotate audit logs when auditd is in debug mode
- Fix a couple memory leaks on error paths
- Correct output when displaying rules with exe/path/dir
- Fix auparse lookup test to not use the system libaupaurse
- Improve auparse metrics
- Update auparse normalizer for recent syscalls
- Make status report uniform
Drop 0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch as
the issue has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f7e691ff43ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
9a02785261
libbytesize: upgrade 2.10 -> 2.11
...
Changelog:
============
- remove dependency on python3-six and python2 crumbs
- dist: Fix release number in spec
- Squashed 'translation-canary/' changes from 4d4e65b..5bb8125
- ci: Bump actions/checkout from v3 to v4
- Rename 'master' branch to 'main'
- ci: Set custom release number for Packit
- ci: Update CentOS Stream repositories for Packit
- ci: Add dependabot to automatically update GH actions
- Update translation files
- Translated using Weblate
- infra: bump actions/upload-artifact from 3 to 4
- tests: remove unnecessary bash dependency
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 634411e51bankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
2482a8b001
libgpiod: update v2.1.2 -> v2.1.3
...
Bug fixes:
- fix C++ tests with recent kernels which introduced stricter reconfigure
behavior
- fix a use-after-free bug in python bindings
- fix passing the event clock property to line requests in python bindings
- fix a memory leak in tools
- make sure the string buffers in line-info and chip-info are big enough to not
truncate the strings they hold below the size accepted by the kernel
Dropped patch which is merged in the upstream
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9958590b70ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
a7575821c0
libgpiod: update to v1.6.5
...
This release contains a build fix for environments that require libgen.h
to be included for basename() and don't pull it implicitly with any
other header.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 4b4086edefankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
0c074158de
libiodbc: upgrade 3.52.15 -> 3.52.16
...
License-Update: Copyright updated to 2023.
Changelog:
https://github.com/openlink/iODBC/blob/v3.52.16/NEWS
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit ffe09ae8e0ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
4f27f1e206
mcelog: upgrade 199 -> 200
...
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit d5e0be9ea9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
54904afbcb
mcelog: upgrade 198 -> 199
...
0001-server-Correct-prameter-type-for-connect-API.patch
removed since it's included in 199
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 7596d6a497ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
fe50bb9e6c
openldap: upgrade 2.6.9 -> 2.6.10
...
Changelog:
=============
- Added slapd microsecond timestamp format for local logging
- Fixed libldap ldap_result behavior with LDAP_MSG_RECEIVED
- Fixed lloadd handling of starttls critical
- Fixed slapd syncrepl when used with slapo-rwm
- Fixed slapd regression with certain searches
- Fixed slapo-autoca olcAutoCAserverClass object
- Fixed slapo-pcache caching behaviors
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 43b891e96bankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
10e228a49d
openldap: make license match spdx identifier
...
The OpenLDAP license is versioned. As such, listing the license as
simply "OpenLDAP" does not convey a complete picture of what license the
component is actually using.
Update the LICENSE variable to use the SPDX identifier for OpenLDAP
licenses, with the appropriate version number, "OLDAP-2.8".
Rename the license file for the OpenLDAP license to "OLDAP-2.8" from
"OpenLDAP".
Signed-off-by: Ethan Roderick <Ethan.Roderick@digi.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 0bd728bfd9ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
6d087e4b4b
openldap: upgrade 2.6.8 -> 2.6.9
...
ChangeLog:
https://www.openldap.org/software/release/changes.html
Drop 0001-fix-incompatible-pointer-type-error.patch as the issue has
been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 1768156191ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
afcd2a0f45
openldap: upgrade 2.6.7 -> 2.6.8
...
Changelog:
===========
- Fixed libldap exit handling with OpenSSL3 again (ITS#9952)
- Fixed libldap OpenSSL channel binding digest (ITS#10216)
- Fixed slapd handling of large uid/gids peercred auth (ITS#10211)
- Fixed slapd-asyncmeta/meta target structure allocations (ITS#10197)
- Fixed slapd-meta with dynlist (ITS#10164)
- Fixed slapd-meta binds when proxying internal op (ITS#10165)
- Added slapo-nestgroup overlay (ITS#10161)
- Added slapo-memberof 'addcheck' option (ITS#10167)
- Fixed slapo-accesslog startup initialization (ITS#10170)
- Fixed slapo-constraint double free on invalid attr (ITS#10204)
- Fixed slapo-dynlist with abandoned operations (ITS#10044)
- Fixed build with gcc14.x (ITS#10166)
- Fixed back-perl with clang15 (ITS#10177)
- Fixed to reduce systemd dependencies (ITS#10214)
- Added slapo-alias contrib module (ITS#10104, ITS#10182)
- Fixed slapo-autogroup to work with slapo-dynlist (ITS#10185)
- Fixed smbk5pwd implicit function declaration (ITS#10206)
- Fixed slapo-memberof exattr requirements (ITS#7400)
- Fixed slapo-memberof is no longer deprecated (ITS#7400)
License-Update: Copyright year updated to 2024.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit f4954ecd87ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
120ef275f1
tbb: upgrade 2021.11.0 -> 2021.12.0
...
- Drop patches that are now merged in the upstream
- Upstream defaults to disabling searching for hwloc when cross-compiling.
Release Notes:
https://github.com/uxlfoundation/oneTBB/releases/tag/v2021.12.0
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
18713c0a4a
usbids: upgrade 2025.04.01 -> 2025.09.15
...
Signed-off-by: Jason Schonberg <schonm@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
(cherry picked from commit 9f4bd029e1ankur.tyagi85@gmail.com >
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com >
2025-11-17 10:15:06 +05:30
Gyorgy Sarvari
Khem Raj
alperak
Michael Wyraz
Peter Marko
Jiaying Song
Anuj Mittal
Ninette Adhikari
Ankur Tyagi
Yi Zhao
Wang Mingyu
Armin Kuster
Shinji Matsunaga
Bartosz Golaszewski
Ethan Roderick
Jason Schonberg