What the patch does is not suitable, as upstream would surely
want the issue with the code fixed, not removal of that code altogether.
I'd also note that serf is still semi-ummaintained, and the only consumer
of it is subversion, which is slowly but steadily fading away in favor of
git and artifact-specific solutions.
(From OE-Core rev: 07e14e259e5354c6465953189854229a0ea42e66)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 634717817e94740ac8d4e8cc82cb68bfd15d8dbd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
* Fix aborting when _GLIBCXX_ASSERTIONS are enabled.
* Fall back to utf8cpp header detection in the case that its CMake
configuration is removed.
* Improve compatibility with the SWIG interface compiler.
* Build system fixes for testing without bindings, Emscripten and Illumos.
* C bindings: Fix setting UTF-8 encoded property values.
* Windows: Fix opening long paths.
(From OE-Core rev: 0f4f4bc352589c475afcc16a4e375cd6fc4726e6)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d3438bd2698dff19722123d7b2b5674ba40107eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
ICU 74.2 updates to CLDR 44.1 locale data. These are maintenance releases for ICU 74
and CLDR 44, with limited sets of bug fixes and no API or structural changes.
The CLDR bug fix relevant for ICU is for some formatting patterns that erroneously
had two adjacent space characters. These are coalesced into one. (CLDR-17233)
Important: DateFormat.getInstanceForSkeleton() and the DateTimePatternGenerator
sometimes used the wrong patterns because they failed to use/inherit certain data
(ICU-22575 — CLDR 44 had removed some redundant data that ICU relied on)
For details, please see https://icu.unicode.org/download/74.
Note that upstream has re-spun the release tarball (the initial tarball had a broken symlink
for LICENSE file), so there can be yocto premirror checksum mismatches:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6671/steps/13/logs/stdio
(From OE-Core rev: a6a5fa0af5e0bfe230681eee3f2e3b45a694ac9b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 344f7500e6df31d7c06331aedbac0df4983da958)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
bitbake-selftest was failing on a github url on hosts using buildtools.
The issue was tracked down to the curl upgrade 8.6.0 -> 8.7.1. Whilst there
is a fix in upstream git to workaround the issue in this version, backport
the fix from curl upstream to ensure there are no other related issues to
the bug.
(From OE-Core rev: 28ee90b07c70cafbba9149dd4dbe26cae9e214c7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Includes a fix for CVE-2024-28182.
(From OE-Core rev: 37d4b0c6c5b836f9f2bc52a142b093ef61ca48b2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This includes 4 security fixes:
CVE-2024-2466 - TLS certificate check bypass with mbedTLS
CVE-2024-2398 - HTTP/2 push headers memory-leak
CVE-2024-2379 - QUIC certificate check bypass with wolfSSL
CVE-2024-2004 - Usage of disabled protocol
Along with many other changes, mostly bugfixes: https://curl.se/changes.html
(From OE-Core rev: 8e27b472d1bc872c6da2b22f57b30d36e231d745)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Upgrade gnutls SRCREV for new version
- Refresh patches for 3.8.4
Changelog:
==========
** libgnutls: RSA-OAEP encryption scheme is now supported
To use it with an unrestricted RSA private key, one would need to
initialize a gnutls_x509_spki_t object with necessary parameters
for RSA-OAEP and attach it to the private key. It is also possible
to import restricted private keys if they are stored in PKCS#8
format.
** libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516).
[GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
** libgnutls: Fixed a bug where certtool crashed when verifying a certificate
chain with more than 16 certificates. Reported by William Woodruff (#1525)
and yixiangzhike (#1527).
[GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835]
** libgnutls: Compression libraries are now loaded dynamically as needed
instead of all being loaded during gnutls library initialization.
As a result, the library initialization should be faster.
** build: The gnutls library can now be linked with the static library
of GMP. Note that in order for this to work libgmp.a needs to be
compiled with -fPIC and libhogweed in Nettle also has to be linked
to the static library of GMP. This can be used to prevent custom
memory allocators from being overriden by other applications.
** API and ABI modifications:
gnutls_x509_spki_get_rsa_oaep_params: New function.
gnutls_x509_spki_set_rsa_oaep_params: New function.
GNUTLS_PK_RSA_OAEP: New enum member of gnutls_pk_algorithm_t.
(From OE-Core rev: feaa2b8065c7a02b52aa55954f05a3ee66260305)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The list of test labels to disable shouldn't be quoted, and this meant
that tests were running when they should not.
[ YOCTO #15268 ]
(From OE-Core rev: 97afe73e6fbd4a116ac3bf2178634d7636195e5a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream contains the patches that were being carried here.
(From OE-Core rev: 240b3db72343f20f354f2681da48946da04c3260)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
without vapi gnome-calculator-46.0 will fail with:
| ../gnome-calculator-46.0/lib/currency-provider.vala:161.19-161.47:
error: The name `send_and_splice_async' does not exist in the context
of `Soup.Session' (libsoup-3.0)
(From OE-Core rev: cce5c9db1f19fd4638c19c70fd99f065dd93f15b)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We often see multiple curl tests fail during ptest runs, the actual test
varies but the output is like this:
FAIL: 337: protoc!
There was no content at all in the file log/3/server.input.
Server glitch? Total curl failure? Returned: 28
Error code 28 is CURLE_OPERATION_TIMEDOUT, so this is almost certainly
due to a loaded machine resulting in the tests running slowly.
It is notable that the test runner explicitly passes --max-time=13 to
curl, so experiment and change this to 600 to see if this solves the
problem.
[ YOCTO #15268 ]
(From OE-Core rev: e2e9ec1bf97a7e36a05a247dbc671ecca584205f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There's no need to run the output of runtests.pl through a sed to get
automake-style output, as you can pass -am to get this formatting.
Don't run timing dependent tests, as the ptests can run on loaded
systems.
Add a dependency on the en_US locale because some of the tests require
this.
(From OE-Core rev: 3c3601d50ae290e7e9797eadd20c05df99bbd040)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The rename of bmap-tools to bmaptool creates an incompatibility that
will break package feeds. Restore package feed compatibility by adding
a bmap-tools runtime alias.
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
(From OE-Core rev: fba4ac04524c5c3fa04a51b6e0679276327115ad)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop patch as issue addressed upstream.
(From OE-Core rev: b6b337c68fa27a359db6efbedf492ca0cb9d9234)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: copyright years
(From OE-Core rev: 6a0cb6e129d5602808f34fd2a9460fc05d9520d6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: copyright years
(From OE-Core rev: 913212724c5a8437678e0f07795e8a894d6f43bc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The bmaptool (previously: bmap-tools, bmap-tool, bmaptool) has been moved
to be under the Yocto Project umbrella and is now hosted at:
github.com/yoctoproject/bmaptool
[RP: Added a couple of missing renames]
(From OE-Core rev: 7a036b1a1ec7dcd27dbe18d4c2e703bd2a8af182)
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update:
===============
doc/libunistring.texi (Conventions):
Explain the (resultbuf, lengthp) return value convention from the user's point of view.
doc/libunistring.texi (Include files):
Fix documentation of _LIBUNISTRING_VERSION and _libunistring_version (incorrect since 2010-05-14).
Add documentation of _libunistring_unicode_version.
Changelog:
=============
* The data tables and algorithms have been updated to Unicode version 15.1.0.
* New functions u8_pcpy, u16_pcpy, u32_pcpy, similar to mempcpy.
* New functions uc_indic_conjunct_break_name, uc_indic_conjunct_break_byname,
uc_indic_conjunct_break.
* New functions
uc_is_property_prepended_concatenation_mark,
uc_is_property_id_compat_math_start, uc_is_property_id_compat_math_continue,
uc_is_property_ids_unary_operator
and new constants
UC_PROPERTY_PREPENDED_CONCATENATION_MARK,
UC_PROPERTY_ID_COMPAT_MATH_START, UC_PROPERTY_ID_COMPAT_MATH_CONTINUE,
UC_PROPERTY_IDS_UNARY_OPERATOR.
* New constant _libunistring_unicode_version.
* The UTF-8 decoder functions, especially u8_mbtouc, are now more Unicode
Standard compliant.
* The *printf functions no longer support the %n directive, for security
reasons.
* Fixed a bug in the *printf functions: In the %U, %lU, %llU directives, a
negative width given as an argument did not trigger left-justification.
* The functions u16_strstr and u32_strstr now operate in worst-case linear
time.
(From OE-Core rev: f9be1e083df6b2621271a2683eddb84bdf34270a)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
Fix a possible wrong error return from the DER builder.
(From OE-Core rev: f476d845feb03e54c93df31291f11c82b9a07487)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-Do-not-fail-when-testing-config-scripts.patch
refreshed for 1.48
Changelog:
===========
* New configure option --with-libtool-modification.
* New option parser flag to detect commands given without a double
dash. There is also the new meta command "command-mode" to set
this flag via a config file.
* Added an es_fopen mode flag "sequential" with support on Windows.
* Added an es_fopen mode flag "wipe" to cleanup internal buffers at
close time.
* New function gpgrt_wipememory.
* Improvements to setenv on Windows.
* Fixed call to estream-printf string filters.
* Many improvements to the yat2m tool.
* Updates to the build system.
(From OE-Core rev: e484b0dda40d00f6272970c9e8a5c9cd6b879301)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/libffi/libffi/not-win32.patch
refreshed for 3.4.6
Changelog:
===========
-chore: update version to 3.4.6 and fix long double regression on mips64 and alpha
-Update sparc64 host
-Update cfarm hostnames
-Always define long double types
-update copyright year in libffi.texi
-Update version, copyright and testsuite info
-Fix test filename reference
(From OE-Core rev: 0ea9b851f3d7ca568b536c7980730ea03333d037)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This function hasn't been used since the upgrade to 0.6.23 in 2021[1]
[1] oe-core 65a54f72e15f59bdf9d8c4618f3ef8510541d134
(From OE-Core rev: 3f8da47b54ffa1b0a9feb971a7324a52a325b5e1)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE_STATUS was set for those components, but meanwhile databases are updated
with corrected information, so setting the CVE_STATUS is not needed anymore.
(From OE-Core rev: 5ec6057cfa66ceeb33bec013e320f8e3fa7d7ecf)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
By default, the tests are built and run at do_compile and we can see
errors like below in log.do_compile:
gnupg-2.4.4/tests/cms/inittests: line 99: ../../sm/gpgsm: cannot execute binary file: Exec format error
Note that the do_compile process still succeeds. However, we'd better avoid
executing these target binaries at build time.
(From OE-Core rev: 74d48497470ce209bc6bdf49c2e2cfda67dce6ae)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
https://www.vim.org/vim-9.1-released.php
Vim 9.1 is available
The Vim project is happy to announce that Vim 9.1 has finally been released.
This release is dedicated to Bram Moolenaar, Vim's lead developer for more
than 30 years, who passed away half a year ago. The Vim project wouldn't
exist without his work!
Vim 9.1 is mainly a bug fix release, it contains hundreds of bug fixes, a
few new features and there are many minor improvements.
Changes:
https://github.com/vim/vim/compare/v9.0.2130...v9.1.0114
CVE: CVE-2024-22667
(includes commit b39b240c38)
(From OE-Core rev: 9f7e9c0f4360469b9775372272e0a442c7cc06c8)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update libgit2 to pull in securtiy fixes.
Changelog summary:
- A bug in git_revparse_single is fixed that could cause a Denial of
Service attack. This fixes CVE-2024-24575
- A bug in git_index_add is fixed that could lead to arbitrary code execution.
This fixes CVE-2024-24577
- A bug in the smart transport negotiation could have caused an out-of-bounds
read.
(From OE-Core rev: 7191dcae3853728dbb95c4901c2fdb73f9066a66)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport an upstream patch to remove Python exception handler which is
deprecated and also removed from swig.
736c052d7d
(From OE-Core rev: 970db363039ab1c9d3cc5eb33eb834865ac340c4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop the clang/VFP patch, merged in 00116b6.
Drop the FILES for ${libdir}/libffi-${PV}, this file isn't installed.
License-Update: Copyright year updated to 2024.
(From OE-Core rev: e3ea7c0ae99171ebaa273f0a1f6d4fa49ed1b257)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Pull small fixed related to secure builds, handling of rc in every ptest
and better tests output when timeout.
Changes,
92c1b97 Do not reset error counter before each test
7de7e2b utils: run_child fix security flags build
6a9fba2 utils.c: get_available_ptests fix security flags compilation
5b8ad9a tests: Ensure that timeouts still print ERROR
d939217 SECURITY.md: Add file
(From OE-Core rev: 1d8a8487d300332c796a7555644bb370fc858f6f)
Signed-off-by: Anibal Limon <anibal@limonsoftware.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
