This helps us to also get rid of associated RDEPENDS declaration which
implicitly pulled readline to rootfs, even configure resolved readline
as not enabled.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Commit da68f807bd added the symlink .so
path to FILES:${PN}-dev to fix QA error, complement the operation by
removing identical line from FILES:${PN}
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Dependencies:
In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required.
This version adds a new feature which is required by the security fix in this release.
Security fixes:
Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87)
Documentation:
Mark the 1.12.x and 1.10.x branches as end-of-life (#5352)
Other bug fixes:
Fix several memory leaks (#5883, #5884)
Internal changes:
Record a log file when running build-time tests with AddressSanitizer (#5884)
Add initial suppressions file for AddressSanitizer (#5884)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* broken since
https://github.com/openembedded/meta-openembedded/pull/859
which moved the files from ${sysconfdir} which is packaged
in ${PN} by default into ${datadir} which isn't packaged causing:
ERROR: QA Issue: polkit-group-rule-network: Files/directories were installed but not shipped in any package:
/usr
/usr/share
/usr/share/polkit-1
/usr/share/polkit-1/rules.d
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
polkit-group-rule-network: 4 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This new version installs /usr/share/snmp/mibs/gpsd/GPSD-MIB which is
packaged in a new package gpsd-snmp.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It does not build in a reproducible way that is now enforced by
yocto project. Fails with
WARNING: fluentbit-1.9.9-r0 do_package_qa: QA Issue: File /usr/bin/.debug/td-agent-bit in package fluentbit-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
pr,openssl,chown,chgrp are guessed during configure and they are
found on host, sometimes under native sysroot and some under HOSTTOOLS
which is not right, therefore point to target locations of these tools
Fixes all errors like below
File /usr/sbin/lprng_certs in package lprng contains reference to TMPDIR
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Use external libpsl, this also avoids hardcoded buildpaths which
gets into binaries due to inplace vendored libpsl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
- Fix musl C builds
- Many code cleanups
- Use atomic variables if available for signal related flags
- Dont rotate audit logs when auditd is in debug mode
- Fix a couple memory leaks on error paths
- Correct output when displaying rules with exe/path/dir
- Fix auparse lookup test to not use the system libaupaurse
- Improve auparse metrics
- Update auparse normalizer for recent syscalls
- Make status report uniform
Drop 0001-Replace-__attribute_malloc__-with-__attribute__-__ma.patch as
the issue has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
osinfo-db is required by libosinfo to list os info. So add the recipes
osinfo-db and its dependency osinfo-db-tools-native. Then add osinfo-db
to RDEPENDS of libosinfo.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In addition, allow for other configuration options for dbus-cxx and split
into different packages.
SDK can now also be built with dbus-cxx tools, generally used to generate
C++ interface code from DBus introspection files. This required adding
cppgenerate in a new recipe for dependency purposes.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Rules shipped by OS packages should go in /usr/share/. /etc/ is
reserved for local modifications. This allows local users and
admins to provide overrides. It also removes the need to fix
directory permissions.
Signed-off-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is no longer required by upstream for data in /usr/, as it ships
in packages so there's no point hiding its content. Still required for
/etc/ as that's for local modifications.
Signed-off-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The json module is used in several cli commands.
The fcntl module is used in terminal input handling.
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Modify the CMakeLists.txt to add an Option for
STATIC target import, as available for shared library.
Link: https://github.com/facebook/rocksdb/pull/12890
Configure static library default to switched off
as shared libraries are sufficient in most cases.
Signed-off-by: Bhabu Bindu <bindu.bhabu@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This fixes errors from buildhistory changes where packages-split would
be empty.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Copyright updated to 2024.
Changelog:
===========
* Wi-Fi Easy Connect
- add support for DPP release 3
- allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
- various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
- add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
- use Secure=1 in message 3 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* extend PASN support for secure ranging
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
- this is based on additional details being added in the IEEE 802.11
standard
- the new implementation is not backwards compatible
* improved ACS to cover additional channel types/bandwidths
* extended Multiple BSSID support
* fix beacon protection with FT protocol (incorrect BIGTK was provided)
* support unsynchronized service discovery (USD)
* add preliminary support for RADIUS/TLS
* add support for explicit SSID protection in 4-way handshake
(a mitigation for CVE-2023-52424; disabled by default for now, can be
enabled with ssid_protection=1)
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update:
Copyright year updated to 2023, SIL International changged to "https://www.sil.org/"
Modern Gurage glyphs Copyright updated to 2022
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Niko Mauno
Yogita Urade
Markus Volk
Martin Jansa
Jörg Sommer
Khem Raj
Jose Quaresma
Christophe Vu-Brugier
Yi Zhao
Kai Kang
Robert Middleton
Randy MacLeod
Luca Boccassi
Esben Haabendal
Nikhil R
Jason Schonberg
Peter Kjellerstedt
alperak
Changqing Li
Wang Mingyu