Changelog:
============
- certificate: Add API to retrieve version
- Bump required GnuTLS version to 3.8.5
- Avoid potential integer overflow spotted by UBSan
- Support GnuTLS as an alternative crypto backend
- Updated translations
(From OE-Core rev: 926b94a9477675f5828eb7d997aac8975500b7a8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
============
-po: Regenerate .pot files and merge .po files with them
-Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func
-build: Fix typo in CI config
-build: Add gen-release script
-test: Skip OpenPGP tests if the backend does not have a verify command
-test: Refactor certfile and keyfile filenames for OpenPGP test
-test: Refactor OpenPGP backend and commands list
-build: Test with minimal library dependencies in CI
-dpkg-deb: Fix up compressor parameters for default legacy format
-man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various tools
-debian: Fix typo in man page reference in changelog
-po: Fix typos in Swedish man pages translations
-po: Update Dutch man pages translations
-po: Update Portugese man pages translations
-Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func
-libdpkg: Use a macro to define the zstd default compression level
-libdpkg: Use array access instead of pointer arithmetic for meminfo parser
-po: Update German man pages translation
(From OE-Core rev: b9b4ad48812add8b59d3b17e5c3bd9fd3f8744c7)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
* Ensure that tests with ">=" version constraints actually print the
corresponding tool name.
* Prevent odt2txt tests from always being skipped due to an impossibly new
version requirement.
* Avoid nested parens-in-parens when printing "skipping" messages
in the testsuite.
* Don't crash on invalid zipfiles, even if we encounter 'badness'
halfway through the file.
* Fix a crash when there are (invalid) duplicate entries in .zip files.
* Add note when there are duplicate entries in ZIP files.
* Add an external tool reference for GNU Guix for zipdetails.
* Add support for the zipdetails(1) tool included in the Perl distribution.
* Don't use parenthesis within test "skipping" messages; PyTest adds its own
parenthesis, so we were ending up with double nested parens.
* Fix the .epub tests after supporting zipdetails(1).
* Update copyright years and debian/tests/control.
* Fix MozillaZipContainer's monkeypatch after Python's zipfile module changed
to detect potentially insecure overlapping entries within .zip files.
* Factor out Python version checking in test_zip.py.
* Also skip some zip tests under 3.10.14 as well; a potential regression may
have been backported to the 3.10.x series. The underlying cause is still to
be investigated.
* Don't crash if we encounter an .rdb file without an equivalent .rdx file.
* In addition, don't identify Redis database dumps (etc.) as GNU R database
files based simply on their filename.
(From OE-Core rev: f22945ba9b4835e52809bedc4e3be73a91aafe07)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
============
*Revert setting the return path to <>. It is not RFC compliant.
*Inherit MAILFROM from the crond process environment.
(From OE-Core rev: e93d7ba7ea3718e396510b12726a232edaecf976)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
============
- Add RESOLVER.ARPA to the built in empty zones.
- dig/mdig +ednsflags=<non-zero-value> did not re-enable
EDNS if it had been disabled.
- Some invalid ISO 8601 durations were accepted
erroneously.
- Don't return static-stub synthesised NS RRset.
- Fix bug in Depends (keymgr_dep) function.
- Support for the RESINFO record type has been added.
- Cleaned up several minor bugs in the RBTDB dbiterator
implementation.
- Added missing dns_rdataset_disassociate calls in
validator.c:findnsec3proofs.
- Fix incorrectly reported errors when running tests
with `make test` on platforms with older pytest.
- Optimize slabheader placement, so the infrastructure
records are put in the beginning of the slabheader
linked list.
- Improve ARM parental-agents definition.
- Fix the DNS_GETDB_STALEFIRST flag, which was defined
incorrectly in lib/ns/query.c.
- Update ZSK minimum lifetime documentation in ARM, also
depends on signing delay.
- Add workaround to enforce dynamic linker to pull
jemalloc earlier than libc to ensure all memory
allocations are done via jemalloc.
- Changes to "listen-on" statements were ignored on
reconfiguration unless the port or interface address was
changed, making it impossible to change a related
listener transport type. Thanks to Thomas Amgarten.
- Expose the TCP client count in statistics channel.
- Fix a possible crash in 'dig +nssearch +nofail' and
'host -C' commands when one of the name servers returns
SERVFAIL.
- When dnssec-policy is in effect the DNSKEY's TTLs in
the zone where not being updated to match the policy.
This lead to failures when DNSKEYs where updated as the
TTLs mismatched.
(From OE-Core rev: 9dc097f240c5ab7703179f480f538be8e21defce)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
update recipes changes in 5.0 rc4.
update new recipes, license changes, patched cve and recipes version
changes.
(From yocto-docs rev: 0fc86205668d122d4e550a5eae301cd6997f8a71)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set a new standard to introduce project names with single quotes,
so that they appear in generated text with an italic font,
to make them easier to distinguish from command names and from
ordinary English words.
Rework and move the standard for command and file names
to make the whole description "flow" better.
(From yocto-docs rev: fa6700af56213a5079eaa8d9683f3c2b2fc93740)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
CC: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If DROPBEAR_RSAKEY_DIR has already been set before, e.g. by overwriting
the file dropbear.default, the line will still be appended a second time.
DROPBEAR_RSAKEY_DIR="/path/to/dropbear"
DROPBEAR_EXTRA_ARGS="-B"
DROPBEAR_RSAKEY_DIR=/var/lib/dropbear
(From OE-Core rev: 943c6acf855fd9de592f0b77828242c2c6e0869f)
Signed-off-by: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is covered by the default rules.
(From OE-Core rev: 1f17a8d13684db6cc603a5184f5d61ab8c715d89)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set the homepage to the actual homepage, not that of the older GNU Pth.
Also fix some whitespace in the license fields.
(From OE-Core rev: f876f3a50dfa7f2da13e4b25608fd5f76bc87b3b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ruby 3.3.0 no longer bundles the readline module[1] so readline is no
longer a build dependency[2].
Ruby 3.2.0 no longer bundles the gdbm module[3] so gdbm is no longer a
build dependency.
[1] 59fd67fc3d
[2] 172077232e
(From OE-Core rev: b616e260855a9d8fbf5c1b6a1b49278673b24d7f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Waffle 1.8.0 dropped the use of libudev and instead uses libdrm[1] in
the gbm code. Update the depends.
[1] 6bf58d4bb9
(From OE-Core rev: 51731c8e9cf1e5c894c9b4d894a66403535c56c8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop patches:
0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
(superseded long time ago by native wrapper)
0001-configure-use-pkg-config-for-pcre-detection.patch
(autotools-specific)
Drop all autoconf options and native python dependency as cmake configuration doesn't contain those.
(From OE-Core rev: 614e9b387f0774856e4ef2a1633d269f06b5da0f)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit 827c60b79e7fcafd14e68870f6b69dcc48ac9c39.
Fixed with the drop of the linkmode
(From OE-Core rev: 8f46f60a703defc3e74adad382320c129cef0b06)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This will make possible to restore the default dynamic linking globally
which is what we had before the 1.20.X release.
(From OE-Core rev: 6ad90fc2fc49c4199a59dfb1c1d81a7ba184a522)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is as well inactive for over 10 years, and has been superseded by ffmpeg long time ago.
(From OE-Core rev: d46660e6c083baf7a7cf68a0eb98260246ccdcaf)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The component has been superseded by ffmpeg long ago, tarballs have
disappeared from sourceforge, no work on it has happened in over 10 years.
(From OE-Core rev: 90fbfe9fe1dab1568b85ee497520e789417d41f6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- add a PACKAGECONFIG for libdecor
- add PACKAGECONFIGS for xwayland_ei to avoid auto select
(From OE-Core rev: cb12eca789ca7c434ed9e4a796c43844df0e5ada)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If testtools and/or subunit modules are not found we get the following backtrace
(example for testtools):
NOTE: Starting bitbake server...
Traceback (most recent call last):
File "<..>/poky/scripts/oe-selftest", line 60, in
<module>
ret = main()
File "<..>/poky/scripts/oe-selftest", line 47, in main
results = args.func(logger, args)
File "<..>/poky/meta/lib/oeqa/selftest/context.py",
line 391, in run
rc = self._internal_run(logger, args)
File "<..>/poky/meta/lib/oeqa/selftest/context.py",
line 377, in _internal_run
rc = self.tc.runTests(**self.tc_kwargs['run'])
File "<..>/poky/meta/lib/oeqa/selftest/context.py",
line 161, in runTests
return super(OESelftestTestContext, self).runTests(processes, skips)
File "<..>/poky/meta/lib/oeqa/core/context.py", line
91, in runTests
result = self.runner.run(self.prepareSuite(self.suites, processes))
File "<..>/poky/meta/lib/oeqa/selftest/context.py",
line 154, in prepareSuite
from oeqa.core.utils.concurrencytest import ConcurrentTestSuite
File
"<..>/poky/meta/lib/oeqa/core/utils/concurrencytest.py",
line 22, in <module>
import testtools
ModuleNotFoundError: No module named 'testtools'
Fix this by adding a custom callback on -j/--num-processes parameter to
check testtools and subunit modules. Fallback to serial testing if
missing. This strategy is already used in sdk/context.py
(From OE-Core rev: 35284404473b2c2d9f69594582868ed66ef3525e)
Signed-off-by: Julien Stephan <jstephan@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Single executable ttyrun is taken ouf of s390-tools repository
containing ton of other helper tools.
CVEs are not assigned to executables, but to whole components.
Historically there also already exists one CVE for s390-tools.
Most of the CVEs will not be for ttyrun, but this is the way
how to get notified even if most we get will have to be ignored.
(From OE-Core rev: df28547387c2c122aef3e5326b216ec3f4d3caa7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When upgrading gnutls to the newest version 3.8.5, some ptest failed.
Backported a patch from upstream gnutls(not in any release yet) to
fix this issue.
(From OE-Core rev: 25135cd910e24117aa493abcb7f6aeee0b84ab82)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add-ptest-support.patch
refreshed for 3.8.5
Changelog:
==========
* libgnutls: Due to majority of usages and implementations of
RSA decryption with PKCS#1 v1.5 padding being incorrect,
leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
is being deprecated (encryption and decryption) and will be
disabled in the future.
* libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
backward compatibility with GCR.
* libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
v1.5 decryption error handling and deterministic ECDSA with earlier
versions of GMP.
* build: Fixed a bug where building gnutls statically failed due
to a duplicate definition of nettle_rsa_compute_root_tr().
(From OE-Core rev: 594ef33f9d5bc6fba1c9b1393936f26920406826)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-l option is specific to df provided by coreutils, if df
applet from busybox is used then it does not work and fails
like below
Fixes
df: invalid option -- 'l'
BusyBox v1.36.1 () multi-call binary.
Usage: df [-PkmhT] [-t TYPE] [FILESYSTEM]...
DEBUG: [Command returned '1' after 0.71 seconds]
DEBUG: Command: df -hl
Status: 1 Output: df: invalid option -- 'l'
it seems worth a compromise to show remote mounted filesystems if any
during ptests and it works with both df implementations
(From OE-Core rev: 75cc1ea4348a2294fdc5ab20530fcff27056ff06)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It appears that some go modules repond with a 404 error when trying to
resolve them dynamically. The response body may still contain the
go-import meta tag. An example for such behaviour is gonum.org/v1/gonum.
(From OE-Core rev: 8f2e14ab6562a9a68819a960c66a258ea9dbe246)
Signed-off-by: Sven Schwermer <sven.schwermer@disruptive-technologies.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update webkitgtk from 2.44.0 to the first bug fix release in the stable
2.44 series 2.44.1.
* remove backported patch
What's new in the WebKitGTK 2.44.1 release?
===========================================
- Fix handling of lifetime of web view child dialogs in GTK4.
- Do not schedule layer flushes when drawing area size is empty.
- Fix videos with alpha when using the DMA-BUF sink.
- Fix the build with USE_GBM=OFF.
- Fix the build in 32bit platforms
- Fix several crashes and rendering issues.
(From OE-Core rev: c129c47cf9fa119005ea6e3946ebdee0da1db7e0)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The iputils merged the ping4 and ping6 command into the ping since the
commit ebad35fe[1], currently, iputils ping support being called using
"ping -6" or "ping6" symlinks.
In oe-core, there are two packages provide ipv6 ping, inetutils and iputils,
the inetutils-ping6 doesn't support "-I" option to bind the interface, that
cause some of scripts(e.g. LTP test[2]) which was based on iputils-ping6 fails.
If someone or a package needs iputils-ping6, they can enable it in local.conf
or add it into rdepends directly.
Ref:
[1] https://github.com/iputils/iputils/commit/e3de851b809c7b72ccc654a72b6af61d
[2] https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/ \
containers/netns/netns_comm.sh#L25
(From OE-Core rev: 05107ec5e4b81315d53efef23f2a570d520ee4c7)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is part of a patch that's been upstream for a while but hasn't yet
been released. The bug is causing some downstream difficulties, so a
local patch to tide us over until the next release makes things a bit
easier.
(From OE-Core rev: bf384d6618780dea2df24adac88ba4364cb65b9b)
Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Overview of Changes in 4.14.2, 03-04-2024
=========================================
* GtkScale:
- Improve positioning of values in some cases
* Theme:
- Make progress in entries visible
* Accessibility:
- Fix text insertion handling
* GDK:
- dnd: Use the default cursor durion motion
- dnd: Use a better cursor for indicating the move action
* GSK:
- gl: Handle offloads in offscreen context better
- Fix text rendering problems with some fonts
* Wayland:
- Tighten up some protocol version checks
- Use the presentation time protocol
- Fix a crash with subsurfaces
- Improve settings portal handling
* macOS:
- Fix up the app menu support
* Windows:
- Fix problems with minimization
- Fix build without fontconfig
* Debugging:
- Add font settings in the inspector
* Demos:
- Clean up the application demo
- Update cursor images for the cursor demo
* Translation updates:
Catalan
Czech
French
Georgian
Hebrew
Persian
Slovenian
Turkish
Ukrainian
(From OE-Core rev: 17899a51b5c0c99e4b98ef88ec5f60945e5bec85)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update:
===============
Slightly tweak the LICENSE file to be more canonical:
- Copyright year updated to 2022.
- "Eli Bendersky: changed to "the copyright holder"
Changelog:
===========
-Add missing SCHAR limit defines
-Use proper SPDX identifier
-Add Python 3.11 as a supported version
-Fix multi-pragma/single statement blocks (#479)
-Add an encoding parameter to parse_file
-Feature/add pragma support
-Set up permissions to ci.yml
-_build_tables: Invalidate cache before importing generated modules
-Upgrade GitHub Actions
-Create a Security Policy
-New example to generate AST from scratch
-Add support for Python 3.12
-ply: Make generated lextab.py deterministic
(From OE-Core rev: ada1bdcbf18e0d8707578b04cd39aa8a429b6677)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-urandom-xauth-changes-to-options.h.patch
dropbear-disable-weak-ciphers.patch
0005-dropbear-enable-pam.patch
0006-dropbear-configuration-file.patch
refreshed for 2024.84
CVE-2023-36328.patch
removed since it's included in 2024.84
(From OE-Core rev: c50a0d013137338ac1dec60f6aed32ff3a185839)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch
refreshed for 18.1.3
Changelog:
============
-DFixes tsan failures for glibc's LoongArch and certain RISC-V ports when
fstat is used.
-transform.structured.convert_to_loops now properly deletes its target op.
-Fix a llvm.usub.with.overflow.i128 wrong code generation regression that
was introduced with LLVM 18.1.0.
-MemorySanitizer on Linux can now run even when maximum-entropy address-space
layout randomization is configured globally
-Fixed a Clang 18.x regression which increased binary size and stack usage with
-ftrivial-auto-var-init.
(From OE-Core rev: d2159f92ddbb6b999c1d14ac62647b4a35360377)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bitbake-selftest was failing on a github url on hosts using buildtools.
The issue was tracked down to the curl upgrade 8.6.0 -> 8.7.1. Whilst there
is a fix in upstream git to workaround the issue in this version, backport
the fix from curl upstream to ensure there are no other related issues to
the bug.
(From OE-Core rev: e956f1116deb93c0d77238a1ebde091b9f1cbc77)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Many of the common use cases for buildtools need pip to allow python to be
extended. Add it.
(From OE-Core rev: 946086abf5ac5172258ddb27af9c1c615258f62f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
