Fixes:
- Accept NMEA GGA sentences with 11 or more parts (needed 14 or more
previously)
- Use async D-bus 'Set' methods to set client properties in libgeoclue to
improve robustness
- Do not change Client Location property on updates which are below threshold
to avoid leaking location to D-bus
- Ignore wired WPA interfaces when finding an interface for WiFi scanning
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
License-Update: update LICENSE from https://www.gnu.org/licenses/
Changelog:
=============
- merge README* to single README.md
- Merge pull request #2 from feckert/pr/20250902-build-fixes
- Fix fortify abort when LTO is enabled
- Fix uninitialized buffer data.
- Enable listening on IPv6
- test.sh: redirect stderr to /dev/null when counting lines
- Declare variable D as local in stop_and_clean
- Fix pthread_t format warning for fprintf
- Fix incompatible-pointer-types for pcre2_substring_list_free
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CPE parsing in oe-core's cve_check.py now handles escapes correctly[1]
so we don't need to escape in CVE_PRODUCT.
[1] oe-core 3c73dafd03b ("cve_check: Improve escaping of special characters in CPE 2.3")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The CPE parsing in oe-core's cve_check.py now handles escapes correctly[1]
so we don't need to escape in CVE_PRODUCT.
[1] oe-core 3c73dafd03b ("cve_check: Improve escaping of special characters in CPE 2.3")
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
1.Drop openct as it is unmaintained upstream.
2.Remove openct in meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
We add x11 into REQUIRED_DISTRO_FEATURES since xfce4-panel requires it,
now, xfce4-panel not require x11, so remove x11 from
REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Dependency on libwnck3 is moved into PACKAGECONFIG, so we can remove x11
from REQUIRED_DISTRO_FEATURES, set ANY_OF_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
We add x11 into REQUIRED_DISTRO_FEATURES because one of the dependency
pavucontrol requires x11, now, pavucontrol doesn't require x11, so
remove x11 from REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
We add x11 into REQUIRED_DISTRO_FEATURES because one of the dependency
gtkmm4 require x11, now, gtkmm4 don't require x11, so remove x11 from
REQUIRED_DISTRO_FEATURES
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fix for CVE-2026-34080. Since it is tracked without version info
by NVD, mark it explicitily as patched.
Drop the patch that is included in this release.
While here, also add the recipe to the ptest list - it's a fast one,
runs under a second.
Changelog:
- Drop the autotools build system
- Unbreak the CI
- Prevent a crash on disconnect
- Fix building with glibc >= 2.43
- Fix the eavesdrop filtering to prevent message interception
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Backport a patch from openLDAP to fix the configure errors with clang-22 -std=gnu23
Fix another issue by dropping C89 signatures in favor of C99 function prototypes
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Contains fixes for CVE-2026-34078 and CVE-2026-34079
Add explicit CVE_STATUS tags for these CVEs, because they are tracked
without version info by NVD at this time.
Changelog:
17.6:
Bug fixes:
- Fix the remaining regression for Chromium based browsers by not leaking file
descriptors down to wrapped command
- Fix a regression when installing extra-data without a runtime, which is the
case for openh264
- Fix the remaining regression for Epiphany by ignoring unusable sandbox-expose
paths for sub-sandboxes in the portal
- Fix the installed tests by allowing to add a new ref to an existing temporary
ostree repo
- Avoid closing fds 0/1/2 when they are used as a bad argument to flatpak-run,
and reduce duplication in handling file descriptor arguments
Enhancements:
- Disable auto-pin in flatpak-repair to preserve the pin state across
re-installs
- Small improvements for the tests
17.5:
Bug fixes:
- Fix regressions caused by the sandbox escape security fix, which impact some
browsers, browser-based apps and Steam (#6577, #6569, #6576, #6574)
Enhancements:
- Expand test coverage of flatpak-run features used by flatpak-portal (#6573)
17.4:
Security fixes:
- Fix a complete sandbox escape which leads to host file access and code
execution in the host context (CVE-2026-34078)
- Prevent arbitrary file deletion on the host filesystem (CVE-2026-34079)
- Prevent arbitrary read-access to files in the system-helper context
(GHSA-2fxp-43j9-pwvc)
- Prevent orphaning cross-user pull operations (GHSA-89xm-3m96-w3jg)
Enhancements:
- Enable ntsync unconditionally
- Automatic branch following for extensions to ensure that "no-autodownload"
extensions stay functional after an update that requires a new branch
- Translation updates: eo, kk, sr, zh_CN
Bug fixes:
- Prevent CPR sequence from showing up in the terminal
- Fix a crash for apps/runtimes with multiarch permission
- Fixes for Coverity warnings
- Add test-preinstall.sh to the test matrix source
- Fix a test message to refer to "systemd-localed" instead of "located"
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
fixes
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'ITT_DoOneTimeInitialization' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'TBB_runtime_interface_version' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_memcpy_largest_cachelinesize' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_memcpy_largest_cache_size' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'get_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'init_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'irc__get_msg' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'irc__print' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'override_mem_ops_method' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'set_memcpy_largest_cachelinesize' failed: symbol not defined
| aarch64-yoe-linux-ld.lld: error: version script assignment of 'local' to symbol 'set_memcpy_largest_cache_size' failed: symbol not defined
| aarch64-yoe-linux-clang: error: linker command failed with exit code 1 (use -v to see invocation)
| [45/49] Linking CXX shared library clang_22.1_cxx11_64_release/libtbb.so.12.17
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Changelog:
https://github.com/storaged-project/blivet/releases
1. Drop 0008-use-oe-variable-to-replace-hardcoded-dir.patch and add
do_install:append to manually install D-Bus and systemd files:
Upstream commit 0f0fd84d [1] removed data_files from setup.py and
moved their installation to a Makefile target (install-dbus), but
OE uses setuptools3_legacy which only runs setup.py install and
does not invoke the Makefile.
2. Add missing RDEPENDS:
- python3-dasbus: upstream replaced the internal safe_dbus module
with the external dasbus library [2].
- python3-pygobject: was always required (gi.repository for
libblockdev) but missing from old recipe.
- util-linux: blivet directly calls lsblk, mount, umount and
blockdev via subprocess.
[1] https://github.com/storaged-project/blivet/commit/0f0fd84d
[2] https://github.com/storaged-project/blivet/commit/1e7c5409
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
-Update tailscale recipe to version 1.94.2
-Regenerate go module dependencies and license checksums
-Export GOFLAGS with build tags so do_update_modules discovers all dependencies
-Manually verify and complete Unknown license entries
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Drop the upstream applied patches
Add patches to fix build with clang-22
Bump PE to account for version going from 7.x to 0.8
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Samba has a new build-time dependency, libquic[1]. The repository
builds an out-of-tree kernel module and a regular userspace library
with the same build script, however the Makefile seems to be fairly
hostile to cross-compilation. The Samba tarball also vendors the
same with their own build script - for now, this venodred version is used.
There are some efforts that the kernel part is mainlined[2], once it
happens it should be possible to easily remove this from the recipe.
pyldb was removed from RDEPENDS, as it seems that samba now builds its
own version of it.
Patches updated, unneeded patches dropped. Some patches contained a
considerable amount of whitespace changes - those were trimmed for
the ease of rebasing.
Changelog:
https://gitlab.com/samba-team/samba/-/blob/samba-4.23.5/WHATSNEW.txt?ref_type=tags
(Switch to other branches to see earlier changelogs)
[1]: https://github.com/lxin/quic/
[2]: https://github.com/lxin/net-next/commits/quic/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
On hosts with gcc-13 it was trying to use -std=gnu23 and failing
with unrecognized command-line option (gnu23 needs gcc-14 and newer)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The not aligned value of CONFIGURATION_FILES_DIR makes the configuration
file install path is different with the default configuration file path
from where the application to read, then make the service dlt/dlt-system
not works well.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
The python3 setuptools 82 dropped pkg_resources module by now.
To avoid the failure "No module named 'pkg_resources'", replace the
functions from this module with other functions from modules
packaging and importlib.metadata.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Wang Mingyu
Ross Burton
Adam Duskett
Zheng Ruoqin
Changqing Li
Gyorgy Sarvari
Khem Raj
Jiaying Song
Ayoub Zaki
Jörg Sommer
Martin Jansa
Li Zhou
Jason Schonberg
Zhang Peng