352
Shown a warning if the last shutdown/reboot was unclean
Bug fixes and translation updates
351
Firewall ports can be deleted individually
350
networking: fix renaming of bridges and other groups (RHEL-117883)
bridge: fix OpenSSH_10.2p1 host key detection
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This reverts commit 1175d5c8c1.
Since this recipe inherits bash-completion, adding
${datadir}/bash-completion to FILES:${PN} should not be needed (in
addition to being the wrong thing to do as the files are expected to be
packaged in the ${PN}-bash-completion package). The reason the problem
addressed in commit 1175d5c8c1 turned up
is due to the recent change to the bash-completion bbclass, where it
started to use PACKAGE_BEFORE_PN. This clashed with the lib_package
bbclass, which used to set rather than add to PACKAGE_BEFORE_PN, and
since it is inherited after bash-completion, it overrid what
bash-completion does.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are two different types of tags in glslang git repo. One is the
release tag of the project itself: 15.2.0, 14.3.0, etc. The other tag is
for Vulkan SDK: vulkan-sdk-1.4.309, vulkan-sdk-1.4.304.1, etc.
The vulkan sdk tag is used for glslang in openembedded-core because it
needs to update in locksetup with vulkan, which leads to a mismatch
between the runtime version and the build version. Set CHECK_VERSION_PV
for it to skip the version check.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade Vulkan CTS to the point release, fixing several tests. While we
are at it, refresh Vulkan-Video-Samples patches.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This helps tests not hitting timeout (120s default)
especially testmesg_stress test can timeout on slower machines
e.g. fully emulated ( non-kvm ) qemu machines e.g.
qemuarm64 on x86_64 machine.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When OpenCV is being built with the "fastcv" packageconfig, several
OpenCV libs are linked against the libfastcv.a. At runtime this lib will
dlopen(libfastcvopt.so.1), providing a fallback to slow algorithms, etc.
However as it is dlopen() rather than dynamic linking, there is no
runtime dependency.
In Yocto, if we enable a feature, we expect that all runtime
dependencies are pulled in. Utilize the qcom-fastcv-binaries recipe
provided by the meta-qcom layer and pull in libfastcvopt1 package as
required.
Cc: Pulkit Singh Tak <ptak@qti.qualcomm.com>
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The minicoredumper has multiple 2038 year problems where 'long' type
variables and strtol() function calls cause overflow on 32-bit systems
when handling timestamps after 2038-01-19.
This leads to incorrect timestamp formatting in core dump directory
names (e.g., sleep40s.20380119.031407+0000.598).
Fix by changing 'long timestamp' to 'time_t timestamp' and replacing
strtol() with strtoll() to properly handle 64-bit timestamps on
32-bit systems.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This tweak was specific to clang-16, its no longer needed
moreover, setup.py is no longer there in latest 0.19.x
release
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Relase Overview:
* BFD the ability to listen for specific VRFs only
- Configure which VRFs the BFD daemon will listen to. By default, BFD listens to all VRFs
present in the system, including the default VRF. Default VRF must be specified as `default`.
* BGP SRv6/MPLS coexistence
- Allow MPLS and SRv6 to coexist on the same L3VRF, even for a given prefix. This feature is
important in brown fields where some operators want to migrate from MPLS to SRv6 backbone.
* BGP SRv6 locator per VRF support
- Ability to choose SRv6 locator per VRF.
* BGP Error handling (RFC 7606) for iBGP peers
- Before 10.5.0, once we received a malformed packet between iBGP peers, we always reset the
session, and with this release, we handle malformed packets the same way as for eBGP
(by withdrawing or discarding the malformed packets).
* BGP IPv6 Link-Local Capability is disabled by default
- In 10.4.0, this capability was enabled by default for a “datacenter” profile, but it’s disabled
for 10.5.0 and will be backported to 10.4.2 as well. The problem arises when the receiver has
configured a route-map with `set ipv6 next-hop prefer-global` and we send only an IPv6 Link-Local
address; therefore, it was decided to revert it to be disabled by default.
* BGP BGPID Next-Hop Characteristic
- In some cases, the BGP speaker sending a route might encode only a link-local address and no
global address. To provide uniqueness in this case, it is sufficient to associate the BGP
Identifier and AS Number of the route's sender. The BGP Identifier Characteristic
(BGPID) provides a way to convey this information if required.
* BGP EVPN flooding per VNI support
- Add an ability to adjust BUM flooding per VNI, instead of just globally. E.g., disable flooding
only for an arbitrary VNI.
* BGP RPKI strict mode
- RPKI strict mode prevents BGP from establishing a session if no RPKI cache server
is connected.
* BGP rejects AS_SET by default**
- Until 10.5.0, it was disabled by default, and since RFC 9774 was published, we switched this on
by default (to reject).
* BGP has lots of improvements for Graceful-Restart**
* PIM/PIMv6 route-map support to allow users to filter IGMP/MLD joins using source, group, and
interface combinations
* Support for multiple SRv6 locators
- This extends the SRv6 SID Manager to add support for multiple locators.
* Zebra 16-bit next hop weights support
- The weights used in ECMP’s consistent hashing have been widened from 8 bits to 16 bits since
the 6.12 Linux kernel.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Changelog
- The project has been completely refactored to use the Zstandard implementation from the standard library ([PEP-784](https://peps.python.org/pep-0784/))
- The refactor has some minor impact on public APIs, such as changing the exception raised on invalid input
2. Drop 0001-Bump-setuptools-dependency-from-74-to-89.patch as setuptools in requires was removed in pyproject.toml
3. HOMEPAGE has been changed to https://github.com/Rogdham/pyzstd.
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: the project was relicensed from GPL-2 to GPL-3
Inludes fixes for the following vulnerabilities:
CVE-2025-7394, CVE-2025-7395, CVE-2025-7396, CVE-2025-12888, CVE-2025-11936,
CVE-2025-11935, CVE-2025-11934, CVE-2025-11933, CVE-2025-11932, CVE-2025-11931,
CVE-2025-12889
Drop patch that is incorporated in this release.
Changelog: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md
Ptests passed:
START: ptest-runner
2025-12-09T18:23
BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.6rsnys/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 13
END: /usr/lib/wolfssl/ptest
2025-12-09T18:23
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ripgrep is a fast, line-oriented search tool written in Rust.
Add recipe for the latest release (15.1.0)
- Recursively searches the current directory using a regex pattern
- Respects .gitignore rules
- Provides first-class support on Linux
- 'rg' is significantly faster than grep
More information: https://crates.io/crates/ripgrep
Upstream Benchmarks:
Task ripgrep GNU grep Speedup vs grep
Basic search (Unicode) 536 lines, 0.082s 536 lines, 0.273s ripgrep ~3.3× faster
Ignoring gitignore files 447 lines, 0.063s 447 lines, 0.674s ripgrep ~10× faster
Large single file (~13GB) 7882 lines, 1.042s 7882 lines, 6.577s ripgrep ~6.3× faster
Bechmarks inside qemu (ripgrep built from this recipe):
Tool & Command Real Time User Time Sys Time Speedup vs grep
ripgrep (rg "printf" /usr) 0.496 s 0.511 s 0.604 s 3.1× faster
grep (grep -R "printf" /usr) 1.533 s 0.633 s 0.897 s —
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fd is a simple, fast and user-friendly alternative to 'find' written in rust.
Add recipe for the latest release (10.3.0)
- Ignores hidden and .gitignore files by default
- Supports regular expressions and highlights matches
- Faster and easier to use than traditional 'find'
More information: https://crates.io/crates/fd-find
Upstream Benchmarks:
Tool & Command Time (mean ± σ) Range (min … max) Speedup vs find
fd -u '[0-9]\.jpg$' ~ 854.8 ms ± 10.0 ms 839.2 ms … 868.9 ms ~13x faster
find ~ -iname '*[0-9].jpg' 11.226 s ± 0.104 s 11.119 s … 11.466 s —
Bechmarks inside qemu (fd built from this recipe):
Tool & Command Real Time User Time Sys Time Speedup vs find
fd (fd /path/to/search) 2.115 s 2.660 s 5.083 s ≈2.1× faster
find (find /path/to/search) 4.401 s 1.607 s 2.788 s —
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The recipe has been disabled for over two years, due to the application
being an abandonware, and it fails to compile with new versions of its dependencies.
There are no signs from upstream that it would be revived (repository
has been archived 4 years ago).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The recipe has been disabled for over two years, due to the application
being an abandonware, and it fails to compile with new versions of its dependencies.
There are no signs from upstream that it would be revived (repository
has been archived 4 years ago).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The recipe has been disabled for over two years, due to the application
being an abandonware, and it fails to compile with new versions of its dependencies.
There are no signs from upstream that it would be revived (repository
has been archived 4 years ago).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The recipe has been disabled for over two years, due to the application
being an abandonware, and it fails to compile with new versions of its dependencies.
There are no signs from upstream that it would be revived (repository
has been archived 4 years ago).
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These CVEs were filed for "Fram's Fast File Exchange" application, which
has the same abbreviated name as fex. Currently this recipe has no historical
CVEs associated, so I couldn't set the correct CVE_PRODUCT. Rather ignore
these irrelevant CVEs explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: copyright year bump
Changelog:
- Fix potential security issue CVE-2024-54662, related to "socksmethod"
use in client/hostid-rules.
- Add a missing call to setgroups(2).
- Patch to fix compilation with libminiupnp 2.2.8.
- Client connectchild optimizations.
- Client SIGIO handling improvements.
- Various configure/build fixes.
- Updated to support TCP_EXP1 version of TCP hostid format.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-9648
It is already fixed in the currently used version.
Also, update CVE-2025-55763's status to "fixed-version" (so it will be
marked as "Patched" in the CVE report instead of "Ignored")
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-3297
The vulnerability is triggered by a patch added by Ubuntu, and the vulnerable patch is
not present in the recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-fix-typo-in-test-script.patch
removed since it's included in 1.1.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-Fix-build-with-gcc-15.patch
removed since it's included in 2.6.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
