(From OE-Core rev: 89974b7fa33f3e9d3e3a4df7ad219898fe400d3a)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(From OE-Core rev: 9c21b08c18414bb61abebcbbb8704946ea288a7b)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Remove duplication of license MIT from pixman bbfile.
(From OE-Core rev: 76f928359f76d449de0d884c591a5d9fdba9d19c)
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
=========
configure: Make xf86misc support disabled by default
Variable scope reduction
Remove unnecessary downcast of double to float
Call memset() instead of hand-coding our own equivalent
(From OE-Core rev: 74fef3bca108017f8a1ce0e451b4b2172ae28fcf)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d87785189336a69ae998f75394ceaebf63decb16)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
===========
test: skip compressed file tests when --disable-open-zfile is used
itlab CI: build with each of --enable-open-zfile & --disable-open-zfile
configure: correct error message to suggest --disable-open-zfile
Fix a memleak in ParsePixels error code path
Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
open-zfile: Make compress & uncompress commands optional
Require LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
test: Use PACKAGE_BUGREPORT instead of hard-coded URL's
test: Add simple test cases for functions in src/rgb.c
xpmReadRgbNames: constify filename argument
XpmCreateDataFromXpmImage: Fix misleading indentation
parse.c: Wrap FREE_CIDX definition in do { ... } while(0)
parse.c: remove unused function xstrlcpy()
(From OE-Core rev: 22d9e097538f84a12dd262c1ae936fb8107c2768)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4d9f0958eecdf683434d77a4f65611803cffd247)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
- Allow GLX tests to be disabled for systems that don't support it.
- Allow OpenCL tests to be enabled.
(From OE-Core rev: b0f54a3db7877a95a163bd480b93cfe6f0b97dcd)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Otherwise xwayland.pc would not be present in sysroot, this leads to
some xwayland configs missing like have_listenfd, have_glamor.
(From OE-Core rev: 4e42196754b19926b2219c6ffda47bd389e9d9fb)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f1932cb5a408320a5b542e20ba2807718349e8f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The Waffle bugfix release 1.7.1 is now available.
What is new in this release:
- cmake: pass deps' cflags to the build
- gbm: fix crash when platform lacks modifier support
- gitlab-ci: stabilise CI runs under X
- gitlab-ci: add more warnings, make all warnings fatal
- gitlab-ci: update to bullseye
- meson: add override_* support, when using waffle as submodule
- meson: skip installing bash completion when custom prefix is used
- meson: silence deprecation warnings
- meson: generate cmake files only on Windows
- meson: find wayland.xml from wayland-scanner.pc
- misc: zsh completion
- misc: fix dozens of compiler warnings
- misc: update website references
- wayland: fix build against wayland 1.20
The Waffle bugfix release 1.7.2 is now available.
What is new in this release:
- all: use format(gnu_printf), enable in mingw
- meson: don't run TLS checks on mingw
- wgl: remove unused dummy wgl_error.[ch]
Upstream now only generates CMake files on Windows, so remove all
references to CMake.
A zsh completion is now installed, remove this for now as we don't really
use zsh.
(From OE-Core rev: 6b1d94fe5d8728e3eb152426cde08634d248e1f7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 94cf6ef11bba381ab6f65b03ed1ed14022438151)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit e4ebfb5c7892488fc834d9837e9a5a4c28eb676f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This release contains the fix for CVE-2023-1393 in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-March/003374.html
Benno Schulenberg (1):
xkbUtils: use existing symbol names instead of deleted deprecated ones
Olivier Fourdan (2):
composite: Fix use-after-free of the COW
xserver 21.1.8
git tag: xorg-server-21.1.8
(From OE-Core rev: 732b51f073105d4c6a0e2e06c559bffcac093fbf)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7b08dff8f46bcaa05f7fbffbe27d524579af4faf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This reverts commit dc2c777cab0230fc54e078d20d872aaa9287a8b9.
Fixed in subsequent version bump
(From OE-Core rev: 151149b590a9051a6de58115a6796ccf17894498)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Fix An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c
(From OE-Core rev: 6a07e1524746bd3cfa5aec090a882f4a7f954dad)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Upgrade libxpm 3.5.13 to 3.5.15
License-update: additional copyright holders
f0857c0 man pages: Correct Copyright/License notices
The above commit is introduced while upgrading the libxpm 3.5.15.
which is mentioned in below changelog.
Due to this commit LIC_FILES_CHKSUM is changed.
Disable reading compressed files as that requires compress/uncompress executables.
Following the approach in oe-core/master:
7de4084634 libxpm: upgrade 3.5.14 -> 3.5.15
Changelog:
-------------
-------------
ddd8339 libXpm 3.5.15
8178eb0 Use gzip -d instead of gunzip
c5ab17b Prevent a double free in the error code path
515294b Fix CVE-2022-4883: compression commands depend on $PATH
f80fa6a Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
f7fbbb9 test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
a3a7c6d Fix CVE-2022-46285: Infinite loop on unclosed comments
f7a167a test: add test case for CVE-2022-46285 (unclosed comments)
0ff2c6a cxpm: getc/ungetc wrappers should not adjust position when c == EOF
501494c test: Add unit tests using glib framework
4841039 configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
aef0c8d man pages: Apply standard man page style/formatting
5d55a0b man pages: Replace "See Also" entries with more useful ones
392cb8f man pages: Fix typos and other minor editing
08bc174 libXpm 3.5.14
f0857c0 man pages: Correct Copyright/License notices
deb81a9 man pages: Fix typos
2d5fa4c man pages: Add missing word 'function' where needed
2b7357e man pages: Make function synopses more consistent with other pages
fb8590c man pages: Fix shadow man pages
bfaebfd man pages: Make file names consistent with their displayed names
7a138a5 gitlab CI: add a basic build test
3433f43 man: strip trailing whitespace
9612454 Fix spelling/wording issues
fa16fbd Build xz tarballs instead of bzip2
83e5427 update man pages
e48e649 add man pages based on doc/xpm.PS
(From OE-Core rev: a549319e5fdae685f93122627226f9b102307bc3)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Upstream has switched some new releases from bz2 to xz compression. Add
an XORG_EXT variable so recipes can set the file name extension needed
for the compression type.
Following the approach in oe-core/master:
6a8068e036b4b2a40b38896275b936916b4db76e xorg-lib-common: Add variable to set tarball type
use a variable for the tarball suffix/compression format.
(From OE-Core rev: 56ea2b625f81e397e911b3610130d3e838d10938)
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Changelog:
==========
1. The SIMD dispatchers in libjpeg-turbo 2.1.4 and prior stored the list of
supported SIMD instruction sets in a global variable, which caused an innocuous
race condition whereby the variable could have been initialized multiple times
if 'jpeg_start_*compress()' was called simultaneously in multiple threads.
libjpeg-turbo 2.1.5 included an undocumented attempt to fix this race condition
by making the SIMD support variable thread-local. However, that caused another
issue whereby, if 'jpeg_start_*compress()' was called in one thread and
'jpeg_read_*()' or 'jpeg_write_*()' was called in a second thread, the SIMD
support variable was never initialized in the second thread. On x86 systems,
this led the second thread to incorrectly assume that AVX2 instructions were
always available, and when it attempted to use those instructions on older x86
CPUs that do not support them, an illegal instruction error occurred. The SIMD
dispatchers now ensure that the SIMD support variable is initialized before
dispatching based on its value.
(From OE-Core rev: 195aae4fcb14c818629b04fc371910125a4b3277)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 009a1b0390d791d614b8d4a1407e7479c261f60d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit d57de2a7169de369105ed9bce19a43dad68f350a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Significant changes relative to 2.1.4
Fixed issues in the build system whereby, when using the Ninja Multi-Config CMake generator, a static build of libjpeg-turbo (a build in which ENABLE_SHARED is 0) could not be installed, a Windows installer could not be built, and the Java regression tests failed.
Fixed a regression introduced by 2.0 beta1[15] that caused a buffer overrun in the progressive Huffman encoder when attempting to transform a specially-crafted malformed 12-bit-per-component JPEG image into a progressive 12-bit-per-component JPEG image using a 12-bit-per-component build of libjpeg-turbo (-DWITH_12BIT=1.) Given that the buffer overrun was fully contained within the progressive Huffman encoder structure and did not cause a segfault or other user-visible errant behavior, given that the lossless transformer (unlike the decompressor) is not generally exposed to arbitrary data exploits, and given that 12-bit-per-component builds of libjpeg-turbo are uncommon, this issue did not likely pose a security risk.
Fixed an issue whereby, when using a 12-bit-per-component build of libjpeg-turbo (-DWITH_12BIT=1), passing samples with values greater than 4095 or less than 0 to jpeg_write_scanlines() caused a buffer overrun or underrun in the RGB-to-YCbCr color converter.
Fixed a floating point exception that occurred when attempting to use the jpegtran -drop and -trim options to losslessly transform a specially-crafted malformed JPEG image.
Fixed an issue in tjBufSizeYUV2() whereby it returned a bogus result, rather than throwing an error, if the align parameter was not a power of 2. Fixed a similar issue in tjCompressFromYUV() whereby it generated a corrupt JPEG image in certain cases, rather than throwing an error, if the align parameter was not a power of 2.
Fixed an issue whereby tjDecompressToYUV2(), which is a wrapper for tjDecompressToYUVPlanes(), used the desired YUV image dimensions rather than the actual scaled image dimensions when computing the plane pointers and strides to pass to tjDecompressToYUVPlanes(). This caused a buffer overrun and subsequent segfault if the desired image dimensions exceeded the scaled image dimensions.
Fixed an issue whereby, when decompressing a 12-bit-per-component JPEG image (-DWITH_12BIT=1) using an alpha-enabled output color space such as JCS_EXT_RGBA, the alpha channel was set to 255 rather than 4095.
Fixed an issue whereby the Java version of TJBench did not accept a range of quality values.
Fixed an issue whereby, when -progressive was passed to TJBench, the JPEG input image was not transformed into a progressive JPEG image prior to decompression.
(From OE-Core rev: 1ca7a15d7dece08e18cdb41f897ec37d1349ab70)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f779689c2c766b609be31222d71110c1a15145a8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit a5d15ae9f4671790d3c5fb3606ec0861c17ed6dd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In some scenarios (e.g. when "glib" removed from PACKAGECONFIG),
"${D}${bindir}" might not exist which caused `rmdir` to fail.
(From OE-Core rev: b342790a37c891cf83f24d4f96060e2d0bd79c07)
Signed-off-by: Petr Kubizňák <kubiznak@2n.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 21261072cbe0056e85550a0710de142fab8943e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2019-6461 and CVE-2019-6462 are fixed, but the reporting is
incorrect as the patch for CVE-2019-6461 is actually for CVE-2019-6462
and vice-versa.
This swaps both files and edit the CVE field to report the correct
identifier.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From OE-Core rev: 960f9a9243282da838da655d03bb34261e300498)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f12c2a5ac94cb29f473f3c7e335463c7fb6d8a6e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch was upstreamed in 6b09a8bc, 1.5.5 onwards.
(From OE-Core rev: 50c27f5f98c6f1afca4893594c2c4950cf1b7b10)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 99b6e1ecb18d595e7b66344de882c1e1db6f35c3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream went with something slightly different so let's update the
patch so we don't have to carry a patch that isn't going to be merged.
This patch is part of snapshot 1.17.6.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From OE-Core rev: dc7b7a757a850187ceaba5cf3eb0fa983b54fdfb)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 19eb1e388fbbe5bfb8462710c745f2bb5446b5b5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* The build error happens already at configure time:
| meson.build: ERROR: Problem encountered: DRI3 requested, but xshmfence not found
(From OE-Core rev: 7a27f91670d6978433ecab5d3ef694303d5da79e)
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 451fe4a067432b432b9cd38d2fc78072f6ce5421)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes since 1.5.9
- Fix for building with MSVC on non-English locale [Seungha Yang]
- Fix build on Android [Caolán McNamara]
- Add the right include paths for EGL and X11 headers [Alex Richardson]
(From OE-Core rev: 6a3e430a776866c05d354d272c0513dbf188ed34)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 436cb3c98c582e17e6ed2491cc6598c56976af46)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Latest version doesn't come with stable tarballs.
(From OE-Core rev: 1944a5dd84c3629c9c994383e2904731cf28ea87)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4b6eed2bb323a3c7390ca3ad426afe27e9072bf0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
