Age | Commit message (Collapse) | Author |
|
Updating to the latest korg -stable release that comprises
the following commits:
ca9787bdecfa Linux 5.10.176
e57f797e3ffa HID: uhid: Over-ride the default maximum data buffer value with our own
9bc878756b01 HID: core: Provide new max_buffer_size attribute to over-ride the default
daa97e770e78 xfs: remove xfs_setattr_time() declaration
183ca919544c fs: use consistent setgid checks in is_sxid()
0e9dbde96cac attr: use consistent sgid stripping checks
240b96ffece8 attr: add setattr_should_drop_sgid()
baea3ae425fb fs: move should_remove_suid()
24378d6f7486 attr: add in_group_or_capable()
94ac142c19f1 fs: move S_ISGID stripping into the vfs_*() helpers
347750e1b69c fs: add mode_strip_sgid() helper
f60b68c46444 xfs: use setattr_copy to set vfs inode attributes
8cf9400f8948 xfs: set prealloc flag in xfs_alloc_file_space()
308dfe49eb75 xfs: fallocate() should call file_modified()
35f049abbae3 xfs: remove XFS_PREALLOC_SYNC
c84fb2962680 xfs: don't leak btree cursor when insrec fails after a split
be60f08c03de xfs: purge dquots after inode walk fails during quotacheck
d6f223cfef32 xfs: don't assert fail on perag references on teardown
d0292124bb57 PCI/DPC: Await readiness of secondary bus after reset
337aa99f76ea PCI: Unify delay handling for reset and resume
b5e0b3d74285 s390/ipl: add missing intersection check to ipl_report handling
84e2e393bf9f io_uring: avoid null-ptr-deref in io_arm_poll_handler
5e784a7d07af drm/i915/active: Fix misuse of non-idle barriers as fence trackers
8f27d4321700 drm/i915: Don't use stolen memory for ring buffers with LLC
b4a798374f2d x86/mm: Fix use of uninitialized buffer in sme_enable()
764217184f9e x86/mce: Make sure logged MCEs are processed after sysfs update
15e926dfd820 cpuidle: psci: Iterate backwards over list in psci_pd_remove()
38742635eda9 fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
03fc29e75e44 mmc: sdhci_am654: lower power-on failed message severity
b2747b690cb9 mm/userfaultfd: propagate uffd-wp bit when PTE-mapping the huge zeropage
83c3b2f4e7c6 ftrace: Fix invalid address access in lookup_rec() when index is 0
f9a98b8dde09 mptcp: avoid setting TCP_CLOSE state twice
684c7372bbd6 drm/shmem-helper: Remove another errant put in error path
fbc5ffcce72b ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro
9addf5e1050a ALSA: hda: intel-dsp-config: add MTL PCI id
c54974ccaff7 KVM: nVMX: add missing consistency checks for CR0 and CR4
7b18dea697e4 cifs: Fix smb2_set_path_size()
ec663c410ce0 tracing: Make tracepoint lockdep check actually test something
8ae86ef7a058 tracing: Check field value in hist_field_name()
de3170bd41de tracing: Make splice_read available again
efae80ca13fa interconnect: fix mem leak when freeing nodes
b37d3ccbd549 firmware: xilinx: don't make a sleepable memory allocation from an atomic context
0c16c20b8787 serial: 8250_em: Fix UART port type
f5a5150c7066 tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted
020166bc6669 ext4: fix possible double unlock when moving a directory
7257070be70e drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
ab7da8d93a6f sh: intc: Avoid spurious sizeof-pointer-div warning
6936525142a0 drm/amdkfd: Fix an illegal memory access
a98160d8f3e6 ext4: fix task hung in ext4_xattr_delete_inode
0bf15bc393a1 ext4: fail ext4_iget if special inode unallocated
8e7f26b9565a jffs2: correct logic when creating a hole in jffs2_write_begin
980d4e70c708 mmc: atmel-mci: fix race between stop command and start of next command
04eaeaa2f79f media: m5mols: fix off-by-one loop termination error
a4c048d502eb hwmon: (adm1266) Set `can_sleep` flag for GPIO chip
a4c3e1132422 hwmon: tmp512: drop of_match_ptr for ID table
c5bd9719b53b hwmon: (ucd90320) Add minimum delay between bus accesses
663c3afee81e hwmon: (ina3221) return prober error code
0a73c8b3cc99 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition
4a8c3ad12c9d hwmon: (adt7475) Fix masking of hysteresis registers
aff84fadba53 hwmon: (adt7475) Display smoothing attributes in correct order
d4dbd26f985c ethernet: sun: add check for the mdesc_grab()
eb80cb66a2c5 qed/qed_mng_tlv: correctly zero out ->min instead of ->hour
1c06d1223728 selftests: net: devlink_port_split.py: skip test if no suitable device available
bd2e78462ae1 net/iucv: Fix size of interrupt data
2cc46ed406bb net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
013fae04b8ff ipv4: Fix incorrect table ID in IOCTL path
1f0586dcc076 net: dsa: mv88e6xxx: fix max_mtu of 1492 on 6165, 6191, 6220, 6250, 6290
cccba1ff0798 ice: xsk: disable txq irq before flushing hw
2f28cb5c2a51 block: sunvdc: add check for mdesc_grab() returning NULL
a6317235da8a nvmet: avoid potential UAF in nvmet_req_complete()
9ebc344ce547 nvme: fix handling single range discard request
4cf15887a41b block: null_blk: Fix handling of fake timeout request
d14d2574a54c null_blk: Move driver into its own directory
d5e61a859a8a drm/bridge: Fix returned array size name for atomic_get_input_bus_fmts kdoc
e294f0aa47e4 net: usb: smsc75xx: Limit packet length to skb->len
9708efad9ba5 net/smc: fix deadlock triggered by cancel_delayed_work_syn()
43aa468df246 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
194248138f8d net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
be59b87ee4ae net: tunnels: annotate lockless accesses to dev->needed_headroom
281e86e3fab6 qed/qed_dev: guard against a possible division by zero
31817c530768 net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
3cbecb1c9085 i40e: Fix kernel crash during reboot when adapter is in recovery mode
91eb59240150 ipvlan: Make skb->skb_iif track skb->dev for l3s mode
2703da78849c nfc: pn533: initialize struct pn533_out_arg properly
77ad58bca011 tcp: tcp_make_synack() can be called from process context
68c665bb1850 scsi: core: Fix a procfs host directory removal regression
be5aa2534188 scsi: core: Fix a comment in function scsi_host_dev_release()
0fac20b1806b netfilter: nft_redir: correct value of inet type `.maxattrs`
c144dff64ea9 netfilter: nft_redir: correct length for loading protocol registers
3a0f8ea35ddc netfilter: nft_masq: correct length for loading protocol registers
eff050d83eee netfilter: nft_nat: correct length for loading protocol registers
0c6c5abeb471 ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
6f0c2f70d992 scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
79fe786dab5c docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate
ea1e21d38a8d clk: HI655X: select REGMAP instead of depending on it
081893e254f1 drm/meson: fix 1px pink line on GXM when scaling video overlay
ed9ed2f58ceb cifs: Move the in_send statistic to __smb_send_rqst()
a3c502218cd3 drm/panfrost: Don't sync rpm suspension after mmu flushing
0da0b816972a xfrm: Allow transport-mode states with AF_UNSPEC selector
(From OE-Core rev: 9f27f11e19fc1929d42820e88e8df3380495f659)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add patches to fix CVE-2023-28322
more POST-after-PUT confusion
When doing HTTP(S) transfers, libcurl might erroneously use the read
callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when
the `CURLOPT_POSTFIELDS` option has been set, if the same handle
previously was used to issue a `PUT` request which used that callback.
This flaw may surprise the application and cause it to misbehave and
either send off the wrong data or use memory after free or similar in
the second transfer.The problem exists in the logic for a reused
handle when it is (expected tobe) changed from a PUT to a POST.
CVE-2023-28322-1.patch is a supporting patch to resolve hunk
error in the actual patch file : CVE-2023-28322-2.patch
Link: https://curl.se/docs/CVE-2023-28322.html
(From OE-Core rev: 9ef793eca87ac568d9c22067aa854a50837cf92f)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add patch to fix CVE-2023-28321
IDN wildcard match
curl supports matching of wildcard patterns when listed as
"Subject Alternative Name" in TLS server certificates. curl can be
built to use its own name matching function for TLS rather than one
provided by a TLS library. This private wildcard matching function
would match IDN (International Domain Name)hosts incorrectly and
could as a result accept patterns that otherwise should mismatch.
IDN hostnames are converted to puny code before used for certificate
checks. Puny coded names always start with `xn--` and should not be
allowed to pattern match, but the wildcard check in curl could still
check for `x*`,which would match even though the IDN name most likely
contained nothing even resembling an `x`.
Link: https://curl.se/docs/CVE-2023-28321.html
(From OE-Core rev: 75d8593ab3b090266fd2cde27ddc56ad88de7ac7)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add patch to fix CVE-2023-28320
siglongjmp race condition
libcurl provides several different backends for resolving host names,
selectedat build time. If it is built to use the synchronous resolver,
it allows nameresolves to time-out slow operations using `alarm()` and
`siglongjmp()`.
When doing this, libcurl used a global buffer that was not mutex
protected anda multi-threaded application might therefore
crash or otherwise misbehave.
Link: https://curl.se/docs/CVE-2023-28320.html
(From OE-Core rev: c761d822be5ffc4a88600fbd7282c469b1e9902a)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add patch to fix CVE-2023-28319
UAF in SSH sha256 fingerprint check
libcurl offers a feature to verify an SSH server's public key using
a SHA 256hash. When this check fails, libcurl would free the memory
for the fingerprintbefore it returns an error message containing the
(now freed) hash.
This flaw risks inserting sensitive heap-based data into the error
message that might be shown to users or otherwise get
leaked and revealed.
Link: https://curl.se/docs/CVE-2023-28319.html
(From OE-Core rev: f7d6751828683ac2adbf140e77dbf7454cfa8eb1)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From yocto-docs rev: 8241867b565310341e4741a5f0a7597d5c5c84ab)
Signed-off-by: Daniel Ammann <daniel.ammann@bytesatwork.ch>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From yocto-docs rev: ca90cec1c441deae4289060d521f86c0c68a5e50)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From yocto-docs rev: 1b9b0bea93fa3793d8807f04d1588cd568e2ffe3)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
New cve_mitre macro for CVEs that are not found (yet) on https://nvd.nist.gov/
(From yocto-docs rev: ff675ce150187561d6d1e8b8ff0eeb10b2696ec6)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This reverts commit c9922076f5c1285d9cfd6aff8ce5b6635d88222f.
Since the minimum version required to build the docs has been bumped in
the previous commit to 4.0, this commit is not required. Moreover, since
Sphinx 5.0 triggers a warning when extlinks captions are not using %s
substitution and Sphinx 6.0 will fail to build without the substitution
characters, this revert is now required to be able to build the docs.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From yocto-docs rev: 444df054f0bf3ad7614e1613b22ee5b9e8cb94ef)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The vulkan configuration requires glslangValidator for build and
runtime.
Fixes configure error:
```
| CMake Error at CMakeLists.txt:191 (message):
| glslangValidator required by vulkan tests not found
```
Fixes runtime error:
```
name: vulkan@shaders@fs-large-local-array
result: fail
returncode: 1
out:
err: glslangValidator: No such file or directory
glslangValidator failed
```
(From OE-Core rev: 5e26ead1ca016d1691dccba1b58060ac853bf0d2)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Replace explicit opencl-icd-loader with virtual/opencl-icd.
(From OE-Core rev: fadadd3cf258b6d403fdcf537ff4b97aaabb5a40)
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
- Allow GLX tests to be disabled for systems that don't support it.
- Allow OpenCL tests to be enabled.
(From OE-Core rev: b0f54a3db7877a95a163bd480b93cfe6f0b97dcd)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Otherwise xwayland.pc would not be present in sysroot, this leads to
some xwayland configs missing like have_listenfd, have_glamor.
(From OE-Core rev: 4e42196754b19926b2219c6ffda47bd389e9d9fb)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f1932cb5a408320a5b542e20ba2807718349e8f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From OE-Core rev: 1dd008511cc62bd32f85b529f8d6031bd57e4cd2)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1a5197760da3890cc80ac7da8d589766612d9051)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
As announced here:
https://roy.marples.name/downloads/dhcpcd/
(From OE-Core rev: ceb8e2fd1686d9a8b9be3feb277741f97c4c6c66)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e317eaab45da2dea70d1485fdae93cfeea0db1d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
"sysconfdir" contains "/" by definition and thus using os.path.join()
leads to self.target_rootfs being always ignored (and thus attempting to
generate paths in host's /etc).
Use oe.path.join() instead which was made for this purpose.
(From OE-Core rev: 4766ba017b7562e42b33fde7f2e84c2a339e3f4c)
Signed-off-by: Enrico Jorns <ejo@pengutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8414c504138f6de663f5130c6b4a6ede5605d88b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is consistently seen with musl and grep from busybox
Therefore backport a patch from upstream to fix it
(From OE-Core rev: 769290794fc23894211c56b1878a73634fd20283)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 511bcd965af658e6bb0c61d9f2adb1af75af773b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From OE-Core rev: 2309f14f37636f0c2da7471c982e373c4ef5e35c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a51a069bad78c578122ae1a5b500f715246d413d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From OE-Core rev: c8837fecf62cbd103103c66c576dac55301cdc1a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a86ca028980b501e386f6bb8293a094fd77f97b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Fix issue of the below instance template systemd service dependency
[Install]
WantedBy=svc-wants@%i.service
creating the symlink (instance "a" example)
/etc/systemd/system/svc-wants@%i.service.wants/svc-wanted-by@a.service
which should be
/etc/systemd/system/svc-wants@a.service.wants/svc-wanted-by@a.service
as implemented by this change.
The functionality appears regressed just after "thud" baseline when the
logic was refactored from shell script into python (commit
925e30cb104ece7bfa48b78144e758a46dc9ec3f)
(From OE-Core rev: 308397f0bb3d6f3d4e9ec2c6a10823184049c9b5)
(From OE-Core rev: e572d096e81bb7dba8a07ee9dba93d0944857212)
Signed-off-by: Martin Siegumfeldt <mns@gomspace.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 372b29c8ad270d4d430c26a4e614976c7029afaf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This recipe is needed to build softhsm (in meta-oe) in with p11-kit
support, which is useful when multiple PKCS#11 modules need to be used.
(From OE-Core rev: 19498bea309f19d841187a7063286b2a68ce2587)
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4942a42d5a071b283fe49047dcb4fee2c96422e8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Install and package the D-Bus introspection files.
(From OE-Core rev: 45714f9ea8bde1c8047d493667b1a1d808ea7949)
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b8183ad25af3bcf23f04dd649b6ef665569fac8c)
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
dependency on them from the main package.
By default there is nothing in nghttp2-client and nghttp2-server ,nghttp2-client
and nghttp2-server aren't created. So there are dependences error if install
main package.
Problem: conflicting requests
- nothing provides nghttp2-client >= 1.52.0 needed by nghttp2-1.52.0-r0.core2_64
- nothing provides nghttp2-server >= 1.52.0 needed by nghttp2-1.52.0-r0.core2_64
Upstream-Status: Backport [OE-core d2cbe060955c598bd81923ecd554fbe82c17af99]
(From OE-Core rev: 619a643f71eceab73bbbe4dacd1eb42b6d6b01d1)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
* needed for llvm-native on hosts with gcc-13
(From OE-Core rev: 3382759cb6c5cee42151e72fd94e99a3060317f5)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
some standalone targets e.g. riscv64-elf disable shared linking for
baremetal ELF ABI in ld, therefore lets make it a static library
(From OE-Core rev: 3c6219dfcbcbde314648ba8cc54a90b32ea1c952)
(From OE-Core rev: 4ee9d5839669560ec10f23445fa8bbc03a4c5406)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Due to signedness, the checksum is not computed when filesize is bigger
a 2GB. Pick a fix for this problem from CPIO ML, where the fix has been
posted for 5 years. Since CPIO upstream is effectively unresponsive and
any and all attempts to communicate with the maintainer and get the fix
applied upstream failed, add the fix here instead.
(From OE-Core rev: bfff138af4bdd356ac66571e6ad91c1a5599b935)
(From OE-Core rev: 8320097487cc46045482f5d0d41ad799a2435bce)
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The Waffle bugfix release 1.7.1 is now available.
What is new in this release:
- cmake: pass deps' cflags to the build
- gbm: fix crash when platform lacks modifier support
- gitlab-ci: stabilise CI runs under X
- gitlab-ci: add more warnings, make all warnings fatal
- gitlab-ci: update to bullseye
- meson: add override_* support, when using waffle as submodule
- meson: skip installing bash completion when custom prefix is used
- meson: silence deprecation warnings
- meson: generate cmake files only on Windows
- meson: find wayland.xml from wayland-scanner.pc
- misc: zsh completion
- misc: fix dozens of compiler warnings
- misc: update website references
- wayland: fix build against wayland 1.20
The Waffle bugfix release 1.7.2 is now available.
What is new in this release:
- all: use format(gnu_printf), enable in mingw
- meson: don't run TLS checks on mingw
- wgl: remove unused dummy wgl_error.[ch]
Upstream now only generates CMake files on Windows, so remove all
references to CMake.
A zsh completion is now installed, remove this for now as we don't really
use zsh.
(From OE-Core rev: 6b1d94fe5d8728e3eb152426cde08634d248e1f7)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 94cf6ef11bba381ab6f65b03ed1ed14022438151)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit e4ebfb5c7892488fc834d9837e9a5a4c28eb676f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
===========
audio: channel-mix: allow up to 64 channels instead of up to 63 channels
AOM AV1 encoder timestamp handling improvements
AV1 video codec caps handling improvements in aom plugin, isomp4 and matroska muxers/demuxers.
avvidenc: fix bitrate control and timestamps off FFmpeg-based video encoders
h264parse: fix missing timestamps on outputs when splitting a frame
rtspsrc: more workarounds for servers with broken control uri handling
playbin3: fix issue with UDP streams, making sure there's enough buffering
qmlglsrc: Fix deadlock when stopping and some other fixes
qtmux: fix default timescale unit for N/1001 framerates
v4l2h264dec: Fix Raspberry Pi4 will not play video in application
vtdec: Fix non-deterministic frame output after seeks
wasapi2src: Fix loopback capture on Windows 10 Anniversary Update
macOS, iOS: Fix Xcode 14 ABI breakage with older Xcode
cerbero: Fix some regressions for CentOS in the 1.20 branch
cerbero: Fix setuptools site.py breakage in Python 3.11
Fix gst-libav build against FFmpeg from git
gobject-introspection annotation fixes for bindings
Miscellaneous bug fixes, memory leak fixes, and other stability and reliability improvements
Performance improvements
(From OE-Core rev: 102c453668f71dd30c3f0f13502f0993a051d7fe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-24540
Upstream patch:
https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797 (go 1.19.9)
(From OE-Core rev: 5defed7d5dc8bc6f68f021d19c4f42832d33472b)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is specific to Git-for-Windows.
(From OE-Core rev: 472a3e05270deace2862973dee2e65e60f9c0c19)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From OE-Core rev: d2713785f9cd2d58731df877bc8b7bcc71b6c8e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
(From meta-yocto rev: 4f81a08e7b655968266211cfc943085a69865a90)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Function 'gen_updatealternativesvardeps' still used old override
syntax when fetching variable flags. Update to use ':' instead to match
recipe meta data. This was found by review and no real issue encountered
but it is a bug that affects variable dependencies and can affect rebuilds
as task hashes might not be accurate.
(From OE-Core rev: d5fd577c066fa2fddbd16c286f2dde2883cc7828)
Signed-off-by: Peter Bergin <peter.bergin@windriver.com>
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5691f554b2cd50f256a8cbb1d96781e9eb6b930e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is a partial fix for bugzilla 15059 [https://bugzilla.yoctoproject.org/show_bug.cgi?id=15059]
It has been noted by several people that when an initramfs is bundled:
- a lot of the kernel is rebuilt
- it takes a really long time
When looking at the logs, the second kernel compilation (that performs
the bundle) is not using the parallel make settings, and builds with
-j1.
We are already explicitly passing PARALLEL_MAKE when building kernel
modules, and by extending that explicit use to the main kernel
compilation, we ensure that we always get a parallel build.
Build times chnaged from more than 30 minutes for the bundle, to
3 minutes in local testing.
The question of whether or not too much is rebuilding during the
bundle step is still an open question, but with this tweak, at least
the build time is back in the realm of acceptable.
(From OE-Core rev: a2a889b760785474dbc04e3ec11521f6da90161d)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 88fd394ecf0f2174b792075d409d87046896426b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This will use default values when no distribution is set.
[YOCTO #15086]
(From OE-Core rev: 01eb8d4ad71c587d56608d83ec4187375b2f4c44)
Signed-off-by: Thomas Roos <throos@amazon.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 888fe63b46efceeff08dbe8c4f66fec33d06cb7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Reproducer:
1.Enable the ptest of libpam and build the image.
2.Boot the rootfs with nfs, then run the following tests as root:
cd /usr/share/Linux-PAM/xtests
/usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1
/usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd3
After applying this patch, the ptest doesn't be failed.
(From OE-Core rev: 928b7e880e6a5d1b807cb7f605649233c7195578)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 549e54ad6a175359b0a57987ccdab8989df9d3a9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
* otherwise it ends '<unknown>' inside esdk, because of parsing order:
# $METADATA_REVISION [3 operations]
# set /OE/build/test-D/conf/local.conf:43
# "f2da54ef432eac89b0f18eaad68e602b6990b5de"
# immediate /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:9
# "${@oe.buildcfg.detect_revision(d)}"
# set /OE/build/test-D/layers/poky/meta/classes/metadata_scm.bbclass:10
# [vardepvalue] "${METADATA_REVISION}"
# pre-expansion value:
# "<unknown>"
METADATA_REVISION="<unknown>"
* This causes base-files.do_install and following tasks to have different
signatures between esdk and the build directory where this esdk was created:
bitbake-diffsigs {test-D,poky/build-uninative-disabled}/tmp/stamps/qemux86_64-poky-linux/base-files/*do_install*sigdata*
NOTE: Starting bitbake server...
basehash changed from 5b6981cf58bfd57d416b0e31611b73a26baae635dd1ac31c08d46f95064c3ffc to dbdce042da4d7813d632b6d1cc87a16f728ad20e55fecbc392830e6acf72babd
Variable METADATA_REVISION value changed from '<unknown>' to 'f2da54ef432eac89b0f18eaad68e602b6990b5de'
and an warning from "python3 /OE/build/test-D/ext-sdk-prepare.py" when eSDK is being prepared for use:
WARNING: The base-files:do_install sig is computed to be 83b9c9a6ef1145baac5a1e0d08814b9156af239c58fc42df95c25a9cd8a7f201,
but the sig is locked to 3dc22233059075978e5503691e98e79e7cc60db94259dfcd886bca2291c0add7 in SIGGEN_LOCKEDSIGS_t-qemux86-64
[RP: Add commit about why we need the override for future reference]
(From OE-Core rev: da6f6340f97e80cb1b21f6083ef5d0a9a856eef5)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 675ea7281c17f77bf5dea17cfd4d9da0928382a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Libarchive is being used by OPKG package manager as default
API for extracting tar files. This fix allows us to extract
ipks packages with preserved ACLs and xattrs.
Partially addresses [YOCTO #15091]
[RP: Merge into main PACKAGECONFIG and tweak commit message]
(From OE-Core rev: b1f80f0a2bf30698192c7a214c5802b76464d095)
Signed-off-by: Piotr Łobacz <p.lobacz@welotec.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 913aad1ac013368aef8f6af332588ef24bba46bd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Avoids pulling in potential GPLv3 packages through python3-misc catch-all.
python3-core is the intended minimal RDEPENDS for packages requiring python3
support. Other python3 module dependencies should be listed explicitly.
(From OE-Core rev: d4e9a2c0c666244f5a197682dabe018a4a3e06f8)
Signed-off-by: Kyle Russell <bkylerussell@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 231f93becad619f6afa383f9b1132f1d4b02fa64)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The LICENCE.qat_firmware license file was updated to reflect Intel
licensing (it removed a term regarding patent licenses).
License-Update: additional files
(From OE-Core rev: d99e46a7b6574d957b76b14f28ef9d19b31f4890)
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit fd43b59ab32e2115fcda7ad63d3a5ccc2683c7d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This release contains the fix for CVE-2023-1393 in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-March/003374.html
Benno Schulenberg (1):
xkbUtils: use existing symbol names instead of deleted deprecated ones
Olivier Fourdan (2):
composite: Fix use-after-free of the COW
xserver 21.1.8
git tag: xorg-server-21.1.8
(From OE-Core rev: 732b51f073105d4c6a0e2e06c559bffcac093fbf)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 7b08dff8f46bcaa05f7fbffbe27d524579af4faf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This reverts commit dc2c777cab0230fc54e078d20d872aaa9287a8b9.
Fixed in subsequent version bump
(From OE-Core rev: 151149b590a9051a6de58115a6796ccf17894498)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
- Reverted a change introduced in 1.14.1 which introduced crashes both
with WebKitGTK and WPE running under Wayland in some configurations.
- Fix a crash caused by wrong assertion, which was typically triggered in
debug builds when using the NVidia drivers.
- Fix WebKit no longer repainting after provisional navigation with
PSON enabled.
- Fix graphics buffer leaks by always freeing them in buffer destroy
listener callbacks.
(From OE-Core rev: 7991fb7aa30cf56105ebbe060195f16aa1c9b6da)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit aa37e18a51714af3281b4127dceb40b38aa8ac3c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Exclude CVEs that are fixed in both current linux-yocto version
v5.10.175 and v5.15.108.
To get the commit fixing a CVE, I used the Debian kernel-sec repo [1].
[1]: https://salsa.debian.org/kernel-team/kernel-sec/-/commit/86d5040aee9275f9555458fcaf9cb43710dff398
(From OE-Core rev: d1de8d75648282a421022becf61c80c3e6e8b75b)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backports from:
* https://gitlab.gnome.org/GNOME/libxml2/-/commit/e4f85f1bd2eb34d9b49da9154a4cc3a1bc284f68
* https://gitlab.gnome.org/GNOME/libxml2/-/commit/547edbf1cbdccd46b2e8ff322a456eaa5931c5df
(From OE-Core rev: 7d03d5dbc98aa701869c73c1c55a5868c70c5287)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7,
2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding
specially crafted input to `git apply --reject`, a path outside the working
tree can be overwritten with partially controlled contents (corresponding to
the rejected hunk(s) from the given patch). A fix is available in versions
2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3,
and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying
patches from an untrusted source. Use `git apply --stat` to inspect a patch before
applying; avoid applying one that create a conflict where a link corresponding to
the `*.rej` file exists.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-25652
Upstream patches:
https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b
(From OE-Core rev: 335ad8a6d795cd94b872370e44a033ce3fbf4890)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8,
2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted
`.gitmodules` file with submodule URLs that are longer than 1024 characters can used
to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug
can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when
attempting to remove the configuration section associated with that submodule. When the
attacker injects configuration values which specify executables to run (such as
`core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code
execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8,
2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running
`git submodule deinit` on untrusted repositories or without prior inspection of any
submodule sections in `$GIT_DIR/config`.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-29007
Upstream patches:
https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4
https://github.com/git/git/commit/29198213c9163c1d552ee2bdbf78d2b09ccc98b8
https://github.com/git/git/commit/a5bb10fd5e74101e7c07da93e7c32bbe60f6173a
https://github.com/git/git/commit/e91cfe6085c4a61372d1f800b473b73b8d225d0d
https://github.com/git/git/commit/3bb3d6bac5f2b496dfa2862dc1a84cbfa9b4449a
(From OE-Core rev: 1b55343b6346437b80b8a8180ae1bc9f480d92ef)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If a package with a postsints script requires ldconfig, the package class adds
a ldconfig postinst fragment to initialize it before. Systemd has its own
ldconfig.service to initialize it and sometimes if both services are running
at the same time in the first boot, the first one will work, but the second
one will fail with the following error:
ldconfig[141]: /sbin/ldconfig: Renaming of /etc/ld.so.cache~ to /etc/ld.so.cache failed: No such file or directory
This commit adds a ordering dependency between them to make sure that only one
service is running at the same time.
(From OE-Core rev: 5fca673d8fe0ee97dc37ed2c9941696842cd667a)
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e9d812e127dc6743f52f4881e509e8e2e833afe)
Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
BSD-4-Clause is only applicable to the {PN}-doc package as when I
check for the source code I find below files which only uses the
license BSD-4-Clause
~/sources/libbsd$ grep -rl "All advertising materials mentioning features or use of this software" *|grep -v \.1|grep -v \.5|grep -v \.8 | sort
COPYING
man/arc4random.3bsd
man/getprogname.3bsd
~/sources/libbsd$ grep -rnB5 "BSD-4"
COPYING-9-Files:
COPYING-10- man/arc4random.3bsd
COPYING-11-Copyright:
COPYING-12- Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
COPYING-13- All rights reserved.
COPYING:14:License: BSD-4-clause-Niels-Provos
(From OE-Core rev: aa5bdac99e187801db56ca4bcc4d5f18b2403f40)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|