AgeCommit message (Collapse)AuthorFilesLines
33 hoursopenssh: Exclude CVE-2008-3844 from cve-checkRichard Purdie1-0/+3
CVE only applies to some distributed RHEL binaries so irrelavent to us. (From OE-Core rev: 5d8b3ddf91050f6745a99a8abb1c3b03c35247af) Signed-off-by: Richard Purdie <>
33 hoursbind: Exclude CVE-2019-6470 from cve-checkRichard Purdie1-0/+4
Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore so the issue doesn't affect us. (From OE-Core rev: 30106ae676124ba3c0e496a4f19c919c8418b59b) Signed-off-by: Richard Purdie <>
33 hoursepiphany: Update to 40.1Robert Joslyn2-7/+8
Refresh patch and adjust version directory for new version numbering scheme. Add new dependency on libarchive. (From OE-Core rev: 02bce05698d905771250ab12b48d8b0e19d218cb) Signed-off-by: Robert Joslyn <> Signed-off-by: Richard Purdie <>
33 hoursbaremetal-helloworld: Enable RISC-V 64 portAlejandro Hernandez Samaniego2-3/+16
Add support for MACHINE=qemuriscv64. $ runqemu nographic KERNEL: [tmp/deploy/images/qemuriscv64/baremetal-helloworld-image-qemuriscv64.bin] MACHINE: [qemuriscv64] FSTYPE: [bin] runqemu - INFO - Running tmp/work/x86_64-linux/qemu-helper-native/1.0-r1/recipe-sysroot-native/usr/bin/qemu-system-riscv64 Hello OpenEmbedded on RISC-V 64! (From OE-Core rev: 31fde82640bf0d185eab55d2cbaf663c9faae801) Signed-off-by: Alejandro Enedino Hernandez Samaniego <> Signed-off-by: Richard Purdie <>
33 hoursmesa: add lmsensors PACKAGECONFIGAlexander Kanavin1-0/+2
(From OE-Core rev: 1b470a5fe7c74938cac7c83cd104ca25182af6cc) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
33 hourspowertop: update 2.13 -> 2.14Alexander Kanavin1-11/+3
Drop configure() tweaks, none of them are needed anymore, and particularly the ncurses tweak was changing the build in a way that is not clear (and no one remembers why it was there in the first place). Adjust LDFLAGS as somehow -pthread isn't there --> link failures. (From OE-Core rev: c4982ddd71ac652f9d3b879bf31bb087500fb611) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
33 hoursRevert "go: Use for SRC_URI"Alexander Kanavin1-1/+1
This reverts commit 4118415d4bc6243c98a1440195826be7cbad24f1. This was found to be unnecessary, and broke upstream version checks. (From OE-Core rev: cee436d1eb94663f3604c80b6ad87292f6901498) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
3 daysovmf: Improve reproducibility by enabling prefix mappingRichard Purdie2-0/+101
We want to pass ${DEBUG_PREFIX_MAP} to gcc commands and also pass in --debug-prefix-map to nasm (we carry a patch to nasm for this). The tools definitions are built by ovmf-native so we need to pass this in at target build time when we know the right values. By using determininistc file paths in the ovmf build, it removes the opportunitity for gcc/ld to change the output binaries due to path lengths overflowing section sizes and causing small changes in the binary output. This also means that if builds have reproducibility issues in future, it becomes much easier to compare intermediate build artefacts. (From OE-Core rev: 51f51310d6d5cced2b55bf27dbb9a5717740a206) Signed-off-by: Richard Purdie <>
3 daysopenssh: Exclude CVE-2007-2768 from cve-checkRichard Purdie1-0/+3
We don't build/use the OPIE PAM module, exclude the CVE from this recipe. (From OE-Core rev: 3670be602f2ace24dc49e196407efec577164050) Signed-off-by: Richard Purdie <>
3 dayslogrotate: Exclude CVE-2011-1548,1549,1550 from cve-checkRichard Purdie1-0/+3
These CVEs apply to the way logrotate was installed on Gentoo, Debian and SUSE, exclude from cve-check as they don't apply to OE. (From OE-Core rev: 23643016f3b8794db772e333ff0b8f598571b628) Signed-off-by: Richard Purdie <>
3 daysjquery: Exclude CVE-2007-2379 from cve-checkRichard Purdie1-0/+5
The CVE is non-specific and depends on the users of jquery, doesn't make sense to have this flagged against jquery as there is nothing we can do about it. (From OE-Core rev: 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb) Signed-off-by: Richard Purdie <>
3 daysqemu: Exclude CVE-2018-18438 from cve-checkRichard Purdie1-0/+4
The issues were investigated and found not to be an issue therefore exclude from checks. (From OE-Core rev: ee6ee9bd489c126b99d15c1011560df2f840a6e9) Signed-off-by: Richard Purdie <>
3 daysqemu: Exclude CVE-2007-0998 from cve-checkRichard Purdie1-0/+4
The CVE applies to the built-in VNC server but we don't enable this by default. (From OE-Core rev: d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6) Signed-off-by: Richard Purdie <>
3 daysqemu: Exclude CVE-2017-5957 from cve-checkRichard Purdie1-0/+3
The CVE applies to virglrender before 0.6.0 which we don't have. (From OE-Core rev: 9b5355375d028577de0b98e05992de6a088cb972) Signed-off-by: Richard Purdie <>
3 daysbuilder: whitelist CVE-2008-4178 (a different builder)Ross Burton1-0/+2
(From OE-Core rev: 107987b342a834badfad286474b03543b4764d23) Signed-off-by: Ross Burton <> Signed-off-by: Richard Purdie <>
3 dayslibnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)Ross Burton1-0/+3
(From OE-Core rev: be04484f99a5b29cc9066e350b526fc4420ad6d4) Signed-off-by: Ross Burton <> Signed-off-by: Richard Purdie <>
3 dayscairo: backport patch for CVE-2020-35492Ross Burton2-0/+61
(From OE-Core rev: 0c4e6f99332ae253855708845a41fdfeb72d4c30) Signed-off-by: Richard Purdie <>
3 daysglibc: Document and whitelist CVE-2019-1010022-25Richard Purdie1-0/+13
These CVEs are disputed by upstream and there is no plan to fix/address them. No other distros are carrying patches for them. There is a patch for 1010025 however it isn't merged upstream and probably carries more risk of other bugs than not having it. (From OE-Core rev: b238db678083cc15313b98d2e33f83cccab03fc6) Signed-off-by: Richard Purdie <>
3 daysgrub2: Add CVE whitelist entries for issues fixed in 2.06Richard Purdie1-0/+7
We're using a pre-release version of 2.06 so these issues are fixed but continue to show up in the checks since it is pre-2.06 and the CPE entries are "before but excluding 2.06". Adding these will clean up CVE reports until the 2.06 release comes out. (From OE-Core rev: 2467ab1554bee3a431636046735e8e369e865bc6) Signed-off-by: Richard Purdie <>
3 daysccache: version bump 4.2.1 -> 4.3Bastian Krause2-166/+3
Instead of [1] a very similar PR [2] was merged that allows enabling/disabling documentation builds. So drop the patch here and use the upstream cmake option ENABLE_DOCUMENTATION instead. [1] [2] (From OE-Core rev: 1eedc5f822933928ed7861350ad47ff9c096552a) Signed-off-by: Bastian Krause <> Signed-off-by: Richard Purdie <>
3 daysliberation-fonts: fix upstream version checkAlexander Kanavin1-0/+1
(From OE-Core rev: dbb283b838007744e6bb1641e844ca7719fc4742) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
3 daysswig: fix upstream version checkAlexander Kanavin1-0/+2
(From OE-Core rev: 4e9f4dca48e853a794331a75200fd7450176eeb2) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
3 daysgcc-sanitizers: Package up static hwasan files as wellMartin Jansa1-1/+3
* introduced with gcc-11, other hwasan files were already packaged in: 3df4a25465 gcc-sanitizers: Package up hwasan files but static library was still triggering installed-vs-shipped (From OE-Core rev: 49aec04aa8ac98545b48c41382ebf1a1c3be1118) Signed-off-by: Martin Jansa <> Signed-off-by: Richard Purdie <>
3 dayslinux-firmware: include all relevant files in -bcm4356Yann Dirson1-2/+2
This currently catches the .clb_blob and .vamrs,rock960.txt, and other .txt files may come in future upstream releases. (From OE-Core rev: e332738a8aae0914c58b40faae8b9d7a82fd6a95) Signed-off-by: Yann Dirson <> Signed-off-by: Richard Purdie <>
3 daysbusybox: upgrade 1.33.0 -> 1.33.1zhengruoqin2-60/+1
0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch removed since it is included in 1.33.1 (From OE-Core rev: 544236b12a72ee5be5ef0147249ead112082b871) Signed-off-by: Zheng Ruoqin <> Signed-off-by: Richard Purdie <>
3 dayskexec-tools: upgrade 2.0.21 -> 2.0.22wangmy1-1/+1
(From OE-Core rev: 2c7868ef9e85a3cdd56b11cd5e876e633307a21d) Signed-off-by: Wang Mingyu <> Signed-off-by: Richard Purdie <>
3 daysell: upgrade 0.39 -> 0.40wangmy1-1/+1
(From OE-Core rev: db1f0f28a0651a648cd9fd238f5e2809110ff577) Signed-off-by: Wang Mingyu <> Signed-off-by: Richard Purdie <>
3 daysat-spi2-core: upgrade 2.40.0 -> 2.40.1wangmy1-1/+1
(From OE-Core rev: 7944928f86348562e4b4440e53f4201b186a3ca6) Signed-off-by: Wang Mingyu <> Signed-off-by: Richard Purdie <>
3 daysptest: add a test for orphaned ptests, and restore ones found by itAlexander Kanavin2-11/+50
Particularly, numactl, numpy and libseccomp are disabled for now due to failures or lack of qemu support. The rest have been verified to pass quickly. [RP: Fix multilib recipe handling] (From OE-Core rev: 8bb5da87000ade519529e44181448244bd94d4f5) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspuzzles: Upstream changed to main branch for developmentRichard Purdie1-1/+1
(From OE-Core rev: 943402b25212408a4ddcfa8a146b645509e138dd) Signed-off-by: Richard Purdie <>
4 dayspython3-markdown: Upgrade to 3.3.4Khem Raj1-2/+1
meta-python is carrying 3.3.4, once we upgrade it in core we can safely drop it from meta-python, helps with layer-compatibility checks (From OE-Core rev: 88c11b0a45b3fd310288325f97c16ca2c9e0006e) Signed-off-by: Khem Raj <> Signed-off-by: Richard Purdie <>
4 daysgstreamer1.0-plugins-good: fix build with gcc11Andreas Müller2-0/+101
This fixes issues when qt plugins are enabled (which is not by default without additional layers). (From OE-Core rev: 25f3ff9c4ca20962994c43b741c7839b713cbfe6) Signed-off-by: Andreas Müller <> Signed-off-by: Richard Purdie <>
4 remove '-O2' from CFLAGSKai Kang1-0/+2
It fails to boot grub after upgrade grub to 2.06. According to description in it is introduced by a commit to fix CVE. So remove option '-O2' from CFLAGS rather than revert the commit to avoid the failure. [YOCTO #14367] CC: Tony Battersby <> (From OE-Core rev: 69805629b8f47fd46a37b7c5cc435982e2ac3d1d) Signed-off-by: Kai Kang <> Signed-off-by: Richard Purdie <>
4 daysdejagnu: needs expect at runtimeRomain Naour1-0/+1
runtest return an error due to missing expect on the target. Add expect as runtime dependency. (From OE-Core rev: d9a3a08edc1efcbe7b02e80be98370792d3c6cc2) Signed-off-by: Romain Naour <> Signed-off-by: Richard Purdie <>
4 daysswig: Upgrade to 4.0.2Khem Raj9-769/+15
Drop backports and refresh patches to apply on 4.x series (From OE-Core rev: 5c7923e79c2411a0a36e540a8b894d399ad04aa7) Signed-off-by: Khem Raj <> Signed-off-by: Richard Purdie <>
4 dayslibcap: Configure Make variables correctly without a horrible hackPeter Kjellerstedt1-13/+8
Occasionally, the build would fail with: make[2]: execvp: mkdir: Argument list too long This turned out to be due to a hacky solution used in the recipe to modify the Makefile, which resulted in one more $(BUILD_CFLAGS) being added to the immediately expanded BUILD_CFLAGS Make variable each time do_configure was executed. After a couple of times, this lead to an environment with a 140 kB BUILD_CFLAGS when mkdir should execute, which resulted in the E2BIG. (From OE-Core rev: 116e6b61c585c6f0f7ae6f010bd490bb39914348) Signed-off-by: Peter Kjellerstedt <> Signed-off-by: Richard Purdie <>
4 dayslttng-modules: backport patches to fix build against 5.12+ kernelVinícius Ossanes Aquino4-0/+427
Add the following patches from stable-2.12 branch of lttng repository to fix errors when building lttng-modules against 5.12+ kernel since they are not present on the release 2.12.5: - 17cd2dc9 fix: block: add a disk_uevent helper (v5.12) - 127135b6 fix backport: block: add a disk_uevent helper (v5.12) - 853d5903 fix: mm, tracing: kfree event name mismatching with provider kmem (v5.12) (From OE-Core rev: 2538ba2b3490e3599d9ccd637aa8486ea428f1b0) Signed-off-by: Vinicius Aquino <> Signed-off-by: Richard Purdie <>
4 dayslinux-yocto/5.4: qemuppc32: reduce serial shutdown issuesBruce Ashfield3-3/+3
Integrating the following commit(s) to linux-yocto/5.4: qemuppc32: reduce serial issues seen on shutdown Richard reported: We've been seeing a lot of the qemuppc shutdown issue and I decided to look into it. The really worrying thing looking at the logs locally is the serial ports are showing irq issues and becoming disabled as nobody would handle them. Errors like: [ 9.194886] irq 36: nobody cared (try booting with the "irqpoll" option) [ 9.198712] CPU: 0 PID: 127 Comm: bootlogd Not tainted [ 9.202283] Call Trace: [ 9.205611] [d1005f00] [c00a0da8] __report_bad_irq+0x50/0x138 (unreliable) [ 9.209347] [d1005f30] [c00a0cc0] note_interrupt+0x324/0x378 [ 9.212855] [d1005f70] [c009d138] handle_irq_event+0xe8/0x104 [ 9.216353] [d1005fa0] [c00a1d9c] handle_fasteoi_irq+0xc0/0x29c [ 9.219960] [d1005fc0] [c009b798] generic_handle_irq+0x40/0x5c [ 9.223496] [d1005fd0] [c00075d0] __do_irq+0x58/0x188 [ 9.226948] [d1005ff0] [c0010040] call_do_irq+0x20/0x38 [ 9.230391] [d29eda60] [c0007788] do_IRQ+0x88/0xfc [ 9.233860] [d29eda90] [c0016454] ret_from_except+0x0/0x14 [ 9.237288] --- interrupt: 501 at __setup_irq+0x3c4/0x838 [ 9.237288] LR = __setup_irq+0x790/0x838 [ 9.244155] [d29edb88] [c009f0a4] request_threaded_irq+0x114/0x1c8 [ 9.247672] [d29edbb8] [c07a5a18] pmz_startup+0x17c/0x32c [ 9.251203] [d29edbd8] [c07a1140] uart_port_startup+0x184/0x2f8 [ 9.254651] [d29edc08] [c07a1974] uart_port_activate+0x78/0xf4 [ 9.258141] [d29edc28] [c07839f8] tty_port_open+0xd4/0x170 [ 9.261579] [d29edc58] [c079db74] uart_open+0x2c/0x48 [ 9.265116] [d29edc68] [c077a288] tty_open+0x168/0x640 [ 9.268574] [d29edcd8] [c0280be8] chrdev_open+0x138/0x2a4 [ 9.272123] [d29edd18] [c027421c] do_dentry_open+0x228/0x410 [ 9.275643] [d29edd48] [c028e9f4] path_openat+0xb04/0xf28 [ 9.279184] [d29eddd8] [c02917e4] do_filp_open+0x120/0x164 [ 9.282535] [d29ede98] [c0276238] do_sys_openat2+0xd8/0x19c [ 9.285790] [d29edee8] [c0276574] sys_openat+0x88/0xdc [ 9.289096] [d29edf38] [c00160d8] ret_from_syscall+0x0/0x34 [ 9.292620] --- interrupt: c01 at 0xfec3738 [ 9.292620] LR = 0xfec36e0 [ 9.299035] handlers: [ 9.302312] [<7f7f7da8>] pmz_interrupt [ 9.305541] Disabling IRQ #36 (and the irqpoll option does not help) This is problematic as the shutdown test uses the serial interface to shut down the system. If the serial interface fails to login or run the command, game over for the test. CONFIG_SERIAL_PMACZILOG_CONSOLE complicates that handling, but doesn't provide any output or capabilities that we need. So we disable it here, and reduce the chances of issues during shutdown. (From OE-Core rev: 42355cb73049ee7a4af0f539a2a5b7d4ee1abc65) Signed-off-by: Bruce Ashfield <> Signed-off-by: Richard Purdie <>
4 daysx264: upgrade to latest revisionAlexander Kanavin1-1/+1
(From OE-Core rev: 17f18d0aa3a8588717b6b5ae2a2b9c773fbf7863) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspython3-setuptools-scm: upgrade 5.0.1 -> 6.0.1Alexander Kanavin1-1/+1
(From OE-Core rev: a95aab10c662dda99867c2cffd4e6fcfe33cebe0) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspython3-pytest: upgrade 6.2.2 -> 6.2.3Alexander Kanavin1-1/+1
(From OE-Core rev: a49c3ee159164dbea35fdae51584ce8c2abb488b) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspython3-importlib-metadata: upgrade 3.4.0 -> 3.10.1Alexander Kanavin1-1/+1
(From OE-Core rev: 68ec69e4c135ce49956a50698f681cd317cf96c7) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspython3-hypothesis: upgrade 6.2.0 -> 6.9.1Alexander Kanavin1-1/+1
(From OE-Core rev: 549b395e0fcc59e01a48b91d33cf72b7501c41df) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspkgconf: upgrade 1.7.3 -> 1.7.4Alexander Kanavin1-1/+1
(From OE-Core rev: a7cb5f9160fa1575adf10d4a0b679478cfa585ef) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspiglit: upgrade to latest revisionAlexander Kanavin1-1/+1
(From OE-Core rev: dd085bd577a2a64b46485a9fde7eb8f2a727e1e8) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayspango: upgrade 1.48.2 -> 1.48.4Alexander Kanavin1-1/+1
(From OE-Core rev: 894f2783ac1f9741bcf3e54c1b86ac0dd1bc04e0) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayslinux-firmware: upgrade 20210208 -> 20210315Alexander Kanavin1-2/+2
License-Update: additional firmware files, version changes (From OE-Core rev: 2f10b9dbb4fb8ccb9a427883370fbbeb6f394551) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayslibxres: upgrade 1.2.0 -> 1.2.1Alexander Kanavin1-2/+1
(From OE-Core rev: beb2c79c77f9a5370c633f3f7cd4f7302c0cf49a) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayslibwpe: upgrade 1.8.0 -> 1.10.0Alexander Kanavin1-1/+1
(From OE-Core rev: 2abc471c24d60485fb6fb3380eeea33137bf81bf) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>
4 dayslibinput: upgrade 1.16.4 -> 1.17.1Alexander Kanavin1-1/+1
(From OE-Core rev: c70e9a812659811664b40fa103d52bbb06e39750) Signed-off-by: Alexander Kanavin <> Signed-off-by: Richard Purdie <>