mirror of
https://git.yoctoproject.org/poky
synced 2026-02-10 10:43:02 +01:00
6ad00a5bd6
update include fix for CVE-2023-46218. skip test 1477 which check that libcurl-errors.3 and the public header files have the same set of error codes. Notes: This test is not included in the source tarball. https://github.com/curl/curl/issues/12462 Release Notes: curl and libcurl 8.5.0 Public curl releases: 253 Command line options: 258 curl_easy_setopt() options: 303 Public functions in libcurl: 93 Contributors: 3039 This release includes the following changes: o gnutls: support CURLSSLOPT_NATIVE_CA [31] o HTTP3: ngtcp2 builds are no longer experimental [77] This release includes the following bugfixes: o appveyor: make VS2008-built curl tool runnable [93] o asyn-thread: use pipe instead of socketpair for IPC when available [4] o autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}` [128] o autotools: avoid passing `LDFLAGS` twice to libcurl [127] o autotools: delete LCC compiler support bits [137] o autotools: fix/improve gcc and Apple clang version detection [136] o autotools: stop setting `-std=gnu89` with `--enable-warnings` [135] o autotools: update references to deleted `crypt-auth` option [46] o BINDINGS: add V binding [54] o build: add `src/.checksrc` to source tarball [1] o build: add more picky warnings and fix them [172] o build: always revert `#pragma GCC diagnostic` after use [143] o build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H` [107] o build: delete support bits for obsolete Windows compilers [106] o build: fix 'threadsafe' feature detection for older gcc [19] o build: fix builds that disable protocols but not digest auth [174] o build: fix compiler warning with auths disabled [85] o build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS` [120] o build: picky warning updates [125] o build: require Windows XP or newer [86] o cfilter: provide call to tell connection to forget a socket [65] o checksrc.pl: support #line instructions o CI: add autotools, out-of-tree, debug build to distro check job [14] o CI: ignore test 286 on Appveyor gcc 9 build [6] o cmake: add `CURL_DISABLE_BINDLOCAL` option [146] o cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API` [138] o cmake: dedupe Windows system libs [114] o cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection [2] o cmake: fix CURL_DISABLE_GETOPTIONS [12] o cmake: fix multiple include of CURL package [96] o cmake: fix OpenSSL quic detection in quiche builds [56] o cmake: option to disable install & drop `curlu` target when unused [72] o cmake: pre-fill rest of detection values for Windows [50] o cmake: replace `check_library_exists_concat()` [23] o cmake: speed up threads setup for Windows [68] o cmake: speed up zstd detection [69] o config-win32: set `HAVE_SNPRINTF` for mingw-w64 [123] o configure: better --disable-http [80] o configure: check for the fseeko declaration too [55] o conncache: use the closure handle when disconnecting surplus connections [173] o content_encoding: make Curl_all_content_encodings allocless [101] o cookie: lowercase the domain names before PSL checks [160] o curl.h: delete Symbian OS references [162] o curl.h: on FreeBSD include sys/param.h instead of osreldate.h [21] o curl.rc: switch out the copyright symbol for plain ASCII [167] o curl: improved IPFS and IPNS URL support [87] o curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped [99] o Curl_http_body: cleanup properly when Curl_getformdata errors [152] o curl_setup: disallow Windows IPv6 builds missing getaddrinfo [57] o curl_sspi: support more revocation error names in error messages [95] o CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation [181] o CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range [165] o CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does [113] o CURLOPT_WRITEFUNCTION.3: clarify libcurl returns for CURL_WRITEFUNC_ERROR [45] o CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO o docs/example/keepalive.c: show TCP keep-alive options [73] o docs/example/localport.c: show off CURLOPT_LOCALPORT [83] o docs/examples/interface.c: show CURLOPT_INTERFACE use [84] o docs/libcurl: fix three minor man page format mistakes [26] o docs/libcurl: SYNSOPSIS cleanup [150] o docs: add supported version for the json write-out [92] o docs: clarify that curl passes on input unfiltered [47] o docs: fix function typo in curl_easy_option_next.3 [36] o docs: KNOWN_BUGS cleanup o docs: make all examples in all libcurl man pages compile [175] o docs: preserve the modification date when copying the prebuilt man page [89] o docs: remove bold from some man page SYNOPSIS sections [90] o docs: use SOURCE_DATE_EPOCH for generated manpages [16] o doh: provide better return code for responses w/o addresses [133] o doh: use PIPEWAIT when HTTP/2 is attempted [63] o duphandle: also free 'outcurl->cookies' in error path [122] o duphandle: make dupset() not return with pointers to old alloced data [109] o duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set [132] o easy: in duphandle, init the cookies for the new handle [131] o easy: remove duplicate wolfSSH init call [37] o easy_lock: add a pthread_mutex_t fallback [13] o examples/rtsp-options.c: add [157] o fopen: create new file using old file's mode [153] o fopen: create short(er) temporary file name [155] o getenv: PlayStation doesn't have getenv() [41] o GHA: move mod_h2 version in CI to v2.0.25 [43] o hostip: show the list of IPs when resolving is done [35] o hostip: silence compiler warning `-Wparentheses-equality` [62] o hsts: skip single-dot hostname [67] o HTTP/2, HTTP/3: handle detach of onoing transfers [134] o http2: header conversion tightening [33] o http2: provide an error callback and failf the message [53] o http2: safer invocation of populate_binsettings [8] o http: allow longer HTTP/2 request method names [112] o http: avoid Expect: 100-continue if Upgrade: is used [15] o http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine [81] o http: fix `-Wunused-parameter` with no auth and no proxy [149] o http: fix `-Wunused-variable` compiler warning [115] o http: fix empty-body warning [76] o http_aws_sigv4: canonicalise valueless query params [88] o hyper: temporarily remove HTTP/2 support [139] o INSTALL: update list of ports and CPU archs o IPFS: fix IPFS_PATH and file parsing [119] o keylog: disable if unused [145] o lib: add and use Curl_strndup() [97] o lib: apache style infof and trace macros/functions [71] o lib: fix gcc warning in printf call [7] o libcurl-errors.3: sync with current public headers [156] o libcurl-thread.3: simplify the TLS section [79] o Makefile.am: drop vc10, vc11 and vc12 projects from dist [103] o Makefile.mk: fix `-rtmp` option for non-Windows o mime: store "form escape" as a single bit [170] o misc: fix -Walloc-size warnings [118] o msh3: error when built with CURL_DISABLE_SOCKETPAIR set [61] o multi: during ratelimit multi_getsock should return no sockets [182] o multi: use pipe instead of socketpair to *wakeup() [18] o ngtcp2: fix races in stream handling [178] o ngtcp2: ignore errors on unknown streams [158] o ntlm_wb: use pipe instead of socketpair when possible [44] o openldap: move the alloc of ldapconninfo to *connect() [29] o openldap: set the callback argument in oldap_do [30] o openssl: avoid BN_num_bits() NULL pointer derefs [9] o openssl: fix building with v3 `no-deprecated` + add CI test [161] o openssl: fix infof() to avoid compiler warning for %s with null [70] o openssl: identify the "quictls" backend correctly [82] o openssl: include SIG and KEM algorithms in verbose [52] o openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs [58] o openssl: two multi pointer checks should probably rather be asserts [91] o openssl: when a session-ID is reused, skip OCSP stapling [142] o page-footer: clarify exit code 25 [51] o projects: add VC14.20 project files [104] o pytest: use lower count in repeat tests [98] o quic: make eyeballers connect retries stop at weird replies [140] o quic: manage connection idle timeouts [5] o quiche: use quiche_conn_peer_transport_params() [116] o rand: fix build error with autotools + LibreSSL [111] o resolve.d: drop a multi use-sentence [100] o RTSP: improved RTP parser [32] o rustls: implement connect_blocking [154] o sasl: fix `-Wunused-function` compiler warning [124] o schannel: add CA cache support for files and memory blobs [121] o setopt: check CURLOPT_TFTP_BLKSIZE range on set [171] o setopt: remove outdated cookie comment [64] o setopt: remove superfluous use of ternary expressions [169] o socks: better buffer size checks for socks4a user and hostname [20] o socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice [38] o symbols-in-versions: the CLOSEPOLICY options are deprecated o test1683: remove commented-out check alternatives o test3103: add missing quotes around a test tag attribute o test613: stop showing an error on missing output file o tests/README: SOCKS tests are not using OpenSSH, it has its own server [48] o tests/server: add more SOCKS5 handshake error checking [27] o tests: Fix Windows test helper tool search & use it for handle64 [17] o tidy-up: casing typos, delete unused Windows version aliases [144] o tool: fix --capath when proxy support is disabled [28] o tool: support bold headers in Windows [117] o tool_cb_hdr: add an additional parsing check [129] o tool_cb_prg: make the carriage return fit for wide progress bars [159] o tool_cb_wrt: fix write output for very old Windows versions [24] o tool_getparam: limit --rate to be smaller than number of ms [3] o tool_operate: do not mix memory models [108] o tool_operate: fix links in ipfs errors [22] o tool_parsecfg: make warning output propose double-quoting [164] o tool_urlglob: fix build for old gcc versions [25] o tool_urlglob: make multiply() bail out on negative values [11] o tool_writeout_json: fix JSON encoding of non-ascii bytes [179] o transfer: abort pause send when connection is marked for closing [183] o transfer: avoid calling the read callback again after EOF [130] o transfer: only reset the FTP wildcard engine in CLEAR state [42] o url: don't touch the multi handle when closing internal handles [40] o url: find scheme with a "perfect hash" [141] o url: fix `-Wzero-length-array` with no protocols [147] o url: fix builds with `CURL_DISABLE_HTTP` [148] o url: protocol handler lookup tidy-up [66] o url: proxy ssl connection reuse fix [94] o urlapi: avoid null deref if setting blank host to url encode [75] o urlapi: skip appending NULL pointer query [74] o urlapi: when URL encoding the fragment, pass in the right length [59] o urldata: make maxconnects a 32 bit value [166] o urldata: move async resolver state from easy handle to connectdata [34] o urldata: move cookielist from UserDefined to UrlState [126] o urldata: move hstslist from 'set' to 'state' [105] o urldata: move the 'internal' boolean to the state struct [39] o vssh: remove the #ifdef for Curl_ssh_init, use empty macro o vtls: cleanup SSL config management [78] o vtls: consistently use typedef names for OpenSSL structs [176] o vtls: late clone of connection ssl config [60] o vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0 [102] o VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw [110] o windows: use built-in `_WIN32` macro to detect Windows [163] o wolfssh: remove redundant static prototypes [168] o wolfssl: add default case for wolfssl_connect_step1 switch [49] o wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA [10] (From OE-Core rev: 44f4e93d25f208d0be4c53d02113b7d0ebfffa4a) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Poky
Poky is an integration of various components to form a pre-packaged build system and development environment which is used as a development and validation tool by the Yocto Project. It features support for building customised embedded style device images and custom containers. There are reference demo images ranging from X11/GTK+ to Weston, commandline and more. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK suitable for IDE integration.
Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of BSP layers which extend the systems capabilities in a modular way. Many layers are available and can be found through the layer index.
As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation, the 'meta-yocto' layer which has configuration and hardware support components. These components are all part of the Yocto Project and OpenEmbedded ecosystems.
The Yocto Project has extensive documentation about the system including a reference manual which can be found at https://docs.yoctoproject.org/
OpenEmbedded is the build architecture used by Poky and the Yocto project. For information about OpenEmbedded, see the OpenEmbedded website.
Contribution Guidelines
Please refer to our contributor guide here: https://docs.yoctoproject.org/dev/contributor-guide/ for full details on how to submit changes.
Where to Send Patches
As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams:
OpenEmbedded-Core (files in meta/, meta-selftest/, meta-skeleton/, scripts/):
- Git repository: https://git.openembedded.org/openembedded-core/
- Mailing list: openembedded-core@lists.openembedded.org
BitBake (files in bitbake/):
- Git repository: https://git.openembedded.org/bitbake/
- Mailing list: bitbake-devel@lists.openembedded.org
Documentation (files in documentation/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/
- Mailing list: docs@lists.yoctoproject.org
meta-yocto (files in meta-poky/, meta-yocto-bsp/):
- Git repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-yocto
- Mailing list: poky@lists.yoctoproject.org
If in doubt, check the openembedded-core git repository for the content you intend to modify as most files are from there unless clearly one of the above categories. Before sending, be sure the patches apply cleanly to the current git repository branch in question.