Add in stable updates to glibc 2.38 to fix malloc bugs
(From OE-Core rev: 26309ba6ef5b776d6bc45b984261b91e6c8c5a94)
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 39f987fcb20ad7c0e45425b9f508d463c50ce0c1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This version includes fixes to patchelf.
(From OE-Core rev: 410c2be543d031dc54a37439c8069807c395fc36)
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1c5c8ff97ba0a7f9adc592d702b865b3d166a24b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
gcc stable version upgraded from v11.3 to v11.4
For changes in v11.4 see - https://gcc.gnu.org/gcc-11/changes.html
Below is the bug fix list for v11.4
https://gcc.gnu.org/bugzilla/buglist.cgi?bug_status=RESOLVED&order=short_desc%2Cbug_status%2Cpriority%2Cassigned_to%2Cbug_id&query_format=advanced&resolution=FIXED&target_milestone=11.4
There are a total 115 bugs are fixed in this release, below is the list of bugs fixed excluding the regression fixes.
ID Product Comp Resolution Summary▲
108199 gcc tree-opt FIXE Bitfields, unions and SRA and storage_order_attribute
107801 gcc libstdc+ FIXE Building cross compiler for H8 family fails in libstdc++ (c++17/memory_resource.cc)
108265 gcc libstdc+ FIXE chrono::hh_mm_ss can't be constructed from unsigned durations
104443 gcc libstdc+ FIXE common_iterator<I, S>::operator-> is not correctly implemented
98056 gcc c++ FIXE coroutines: ICE tree check: expected record_type or union_type or qual_union_type, have array_type since r11-2183-g0f66b8486cea8668
107061 gcc target FIXE ENCODEKEY128 clobbers xmm4-xmm6
105433 gcc testsuit FIXE FAIL: gcc.target/i386/iamcu/test_3_element_struct_and_unions.c
105095 gcc testsuit FIXE gcc.dg/vect/complex/fast-math-complex-* tests are not executed
100474 gcc c++ FIXE ICE: in diagnose_trait_expr, at cp/constraint.cc:3706
105854 gcc target FIXE ICE: in extract_constrain_insn, at recog.cc:2692 (insn does not satisfy its constraints: sse2_lshrv1ti3)
104462 gcc target FIXE ICE: in extract_constrain_insn_cached, at recog.cc:2682 with -mavx512fp16 -mno-xsave
106045 gcc libgomp FIXE Incorrect testcase in libgomp.c/target-31.c at -O0
56189 gcc c++ FIXE Infinite recursion with noexcept when instantiating function template
100295 gcc c++ FIXE Internal compiler error from generic lambda capturing parameter pack and expanding it in if constexpr
100613 gcc jit FIXE libgccjit should produce dylib on macOS
104875 gcc libstdc+ FIXE libstdc++-v3/src/c++11/codecvt.cc:312:24: warning: left shift count >= width of type
107471 gcc libstdc+ FIXE mismatching constraints in common_iterator
105284 gcc libstdc+ FIXE missing syncstream and spanstream forward decl. in <iosfwd>
98821 gcc c++ FIXE modules : c++tools configures with CC but code fragments assume CXX.
109846 gcc fortran FIXE Pointer-valued function reference rejected as actual argument
101324 gcc target FIXE powerpc64le: hashst appears before mflr at -O1 or higher
102479 gcc c++ FIXE segfault when deducing class template arguments for tuple with libc++-14
105128 gcc libstdc+ FIXE source_location compile error for latest clang 15
106183 gcc libstdc+ FIXE std::atomic::wait might fail to be unblocked by notify_one/all on platforms without platform_wait()
102994 gcc libstdc+ FIXE std::atomic<ptr>::wait is not marked const
105324 gcc libstdc+ FIXE std::from_chars() assertion at floating_from_chars.cc:78 when parsing 1.11111111....
105375 gcc libstdc+ FIXE std::packaged_task has no deduction guide.
104602 gcc libstdc+ FIXE std::source_location::current uses cast from void*
106808 gcc libstdc+ FIXE std::string_view range concept requirement causes compile error with Boost.Filesystem
105725 gcc c++ FIXE [ICE] segfault with `-Wmismatched-tags`
105920 gcc target FIXE __builtin_cpu_supports ("f16c") should check AVX
(From OE-Core rev: 4fd7e5951c42336729f12cde71450ec298f2078b)
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
libpng is a platform-independent library which
supports all PNG features.
This ptest executes the below binaries, parses
the png image and prints the image features.
1. pngfix - provides information about PNG image
copyrights details.
2. pngtest - tests, optimizes and optionally fixes
the zlib header in PNG files.
3. pngstest - verifies the integrity of PNG image by
dumping chunk level information.
4. timepng - provides details about PNG image chunks.
(From OE-Core rev: 2d58b38185ca7eed5d885b8d00ca549b57138554)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 8d2e96c3a611aba63aa9a51f6b350ea8c9654e06)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 56f1af6d5b3019dccbc27bb0a9692a5f1a32f87b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 61e64e7af709dd03dd4018c69a752f2eadc5372e)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 60eda3dcbf96b5982a0e282fd0c3c13b0b4d7787)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
We were not able to get a response about availability over email, and so the recipe
has to be unassigned.
(From OE-Core rev: 191ab08c035f1811af932775a767b5e83a95e35b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3beb88060be9484cfe75dfa60f041b0b32214978)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Modify packages to unassigned where appropriate
(From OE-Core rev: 36b862f23afe3ed81006c203e875f900249fd040)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ab37ddf53607111bf5c49c4f2388224999c4a5a9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 27f15bc3166fda5acd07e9e1c34842a641d24e37)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This was confirmed via private email.
(From OE-Core rev: 826fb858ebf1f8e9e2741b9046fd5c04638ff056)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c30e9f1972a3e1d4099f39fd6d0dfb37acb73ce1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This was confirmed via private email.
(From OE-Core rev: 0823449cb03876ad88643df6c41c9450625d435d)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc8bb0da24419424989548ced27b2e76030340d9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This was confirmed via private email.
(From OE-Core rev: d66095fa0c2ddf11a790d4d2f94ce6c2b80c0143)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 834519933fcd6e4ff54f24d0cf671ea9ce24398a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This cve (https://nvd.nist.gov/vuln/detail/CVE-2022-46176) is a security vulnirability when using cargo ssh.
Kirkstone doesn't support rust on-target images and the bitbake using the 'wget' (which uses 'https') for fetching the sources instead of ssh.
So, cargo-native also not vulnerable to this cve and so added to excluded list.
(From OE-Core rev: 7e4037fd0a66a860b4809be72a89e2de97960a17)
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Acked-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Mitigate occurences where ':append' operator is used and leading
whitespace character is obviously missing, risking inadvertent
string concatenation.
(From OE-Core rev: fcd340ec53ff8352b8cae0eb351810072b025a08)
(From OE-Core rev: cb64ace13db85e143d99627c8803fbb13ba18617)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alex Stewart assumed maintainership of the yocto project's opkg fork,
and opkg recipes, from Alejandro Del Castilo back in Q1 of 2020.
Update maintainership of the opkg recipes.
(From OE-Core rev: 371e574acaab78b44ac171de92b668157df787de)
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit fd0511080fb5744b4b58df43184fa2561cc37134)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove obsolete comments/data from the file. Add in three CVEs to ignore.
Two are qemu CVEs which upstream aren't particularly intersted in and aren't
serious issues. Also ignore the nasm CVE found from fuzzing as this isn't
a issue we'd expose from OE.
(From OE-Core rev: 94fad58c6f10d0dfc42be816b0a7f6b108bd03e6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 68291026aab2fa6ee1260ca95198dd1d568521e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
For OE-Core our policy is to stay as close to the kernel stable releases
as we can. This should ensure the bulk of the major kernel CVEs are fixed
and we don't dive into each individual issue as the stable maintainers are
much more able to do that.
Rather than just ignore all kernel CVEs which is what we have been doing,
list the ones we ignore on this basis here, allowing new issues to be
visible. If anyone wishes to clean up CPE entries with NIST for these, we'd
welcome than and then entries can likely be removed from here.
(From OE-Core rev: 726ce5bf1ea64d31f523ec5aff905407480c1095)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 319d465d44328b5f062d2da0526c0e8b189b4239)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes
NOTE: Multiple providers are available for virtual/crypt (libxcrypt, musl)
Consider defining a PREFERRED_PROVIDER entry to match virtual/crypt
(From OE-Core rev: bdccfa48f2dc58d716bd2ddd9c6279584fd6515b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4417dbf6fcb1f067705c8bd2220f4093ba899cc1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are reports of issues with the new libstdc++ from gcc 12. This upgrades
to a gcc 12 version of uninative to allow builds on those systems. Gcc 12 isn't
finalised so we may need to add a new version of this if/as appropriate when it
is.
(From OE-Core rev: e3da4da7e5da5bb9e1d360e2be2fdd5132e69320)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a ptest for popt to core-image-ptest-all. Provide a patch to popt to
adopt the test format to "simple test" and a script for running the test.
All tests passed on a trial run.
(From OE-Core rev: ffae118e7b1bdf704d9af0ad47809c3791b672b4)
Signed-off-by: Simone Weiss <simone.weiss@elektrobit.com>
Signed-off-by: David Niederpruem <david.niederpruem@elektrobit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Allow nativesdk recipes to find a correct version of the rust cross
compiler.
(From OE-Core rev: 0f5d26772abfbbae9096fa43901d8620f76aea3c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a recipe for Installer, a minimal library/tool to install Python
Wheels. Unlike PIP, it explicitly only installs wheels and does nothing
else.
(From OE-Core rev: bf09c0bd99e4defbc259775b4a2e3fcce09bde17)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3-bcrypt and python3-pytz both run in just a few seconds, so add
them to the fast list.
(From OE-Core rev: 555cefec5d554eb610166ff9d0cbf0a620d99632)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The python3-cryptography recipe has a lot of tests and uses a large
amount of memory. It is slow (> 30 seconds).
(From OE-Core rev: ca9fefab2457ee86e24b23d99d3351b0dd9e66ef)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The reason it was separate is that there is a peculiar circular
dependency: dbus tests require glib, while some of glib's gdbus tests
require dbus. So dbus was built with tests disabled and without glib
dependency, then glib was built with dbus dependency, then dbus was
built again with glib dependency and tests enabled, only for the purpose
of installing those tests. I find that brittle and hacky, so this
removes dbus dependecy from glib (the fallout is that some gdbus tests
are no longer being executed), and dbus and its tests are built once,
after glib. Conversely, dbus is now dependent on glib for the purpose
of building the tests.
Also, dbus ptest installation is no longer using custom code, and dbus
run-ptest simply uses standard installed tests execution mechanism from
gnome.
(From OE-Core rev: cfecef4e6925865961858d0fe5ffc7794c71cd3b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop libstd-rs patches as they're merged upstream.
(From OE-Core rev: 05f4a09899aa8dbb22ef1adb494abac41d5b96b7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is no reason to set an empty default for it, while not doing it
for all other potential WHITELIST_* variables. The reason it was set
here is a leftover from before when it was actually set to a value.
(From OE-Core rev: 22ccd479147744fcbf4f2e765e54da8d3d3d9c7f)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The code has not been touched since 2016 and numerous files still have
Python2 syntax code in them. This causes do_compile errors when
packaging a wheel (PEP-517 packaging).
Nothing in oe-core depends on python3-nose.
[YOCTO #14638]
(From OE-Core rev: 19135f8b7cbaabeb2e38572d11e909ce386d60b8)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The native recipe simply calls create_wrapper to add a host script. Do
this via do_install:append:class-native()
The scons*.1 man pages are being installed in ${prefix}, move them to
${mandir} (previously installed in ${datadir}).
[YOCTO #14638]
Drop from maintainers.inc
(From OE-Core rev: f91009d168bcad5df6b3ca4f5cd4babff5cf682c)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the core of one of the "new build system" tools--hosted
officially as part of the pypa (Python Packaging Authority)
repositories--it is an increasingly common build tool (e.g.
typing_extensions and tomli) as declared in pyproject.toml for
said packages.
This package provides a very simple bootstrapping method that builds
the source tarball (build_sdist) and a wheel (build_wheel).
Bootstrap -native by simply unzipping the wheel to
PYTHON_SITEPACKAGES_DIR.
Use pip to install the wheel for class-target.
Wheels are the official vehicle for delivering Python packages now.
Eggs (egg-info) are deprecated and will increasingly go away.
[YOCTO #14638]
(From OE-Core rev: 18717181e4a893fd7c309eb75443a868ec4e83eb)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is one of the "new build tools" which are part of pypa (Python
Packaging Authority) toolchain.
Wheels are the official delivery mechanism for Python packages, replacing
the now deprecated Eggs (egg-info).
[YOCTO #14638]
(From OE-Core rev: 78a4bccfa38c2d3a6a4a097319eec28c2bc357a7)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rename the image, the test controller class/code/module and the underlying
image sentinel file to all match the controller terminology.
(From OE-Core rev: f87b32833ac5327c4659ab8c06af34e7bda83f83)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
