The upstream repo location has changed, it's now
https://git.enlightenment.org/old/legacy-imlib2
It's not clear when or why it happened, but the the commit hash we use
in SRCREV exists in the 'new' location, so let's at least update the
SRC_URI for now, and fix this warning:
WARNING: imlib2-1.7.1-r0 do_fetch: Failed to fetch URL git://git.enlightenment.org/legacy/imlib2.git;protocol=https;branch=master, attempting MIRRORS if available
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 62becef109)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Rebuilding net-snmp may cause autotools_preconfigure() to run `make
clean`, which in turn can cause `configure`to be run. However, since
CACHED_CONFIGUREVARS is not set under those circumstances, `configure`
will run with an incorrect configuration and the build will fail with:
checking for /etc/printcap... configure: error: cannot check for
file existence when cross compiling
Avoid the problem by setting CLEANBROKEN = "1".
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* the branch was renamed in upstream
* it's already resolved in meta-oe/kirkstone since this commit:
commit cef2d1429b
Author: Robert Joslyn <robert.joslyn@redrectangle.org>
Date: Sat Jan 15 06:19:04 2022 -0800
Subject: htop: Update to 3.1.2
Upstream renamed the branch to "main", update SRC_URI.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The commit 4fe018038f87 is in the main branch, so the do_fetch task failed.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b8bb7dc157)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Release notes (https://github.com/lxml/lxml/blob/master/CHANGES.txt):
4.6.5 (2021-12-12)
==================
Bugs fixed
----------
* A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
content through SVG images (CVE-2021-43818).
* A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
content through CSS imports and other crafted constructs (CVE-2021-43818).
4.6.4 (2021-11-01)
==================
Features added
--------------
* GH#317: A new property ``system_url`` was added to DTD entities.
Patch by Thirdegree.
* GH#314: The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars.
Patch by Isaac Jurado.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The master branch has been renamed to main in the github repo.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
master branch on the repository has been renamed in upstream to main.
Signed-off-by: Kartikey Rameshbhai Parmar <kartikey.rameshbhai.parmar@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2487391283)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
If you add -dev packages to an image, as in an
sdk, ${PN}-dev is pulled in, which depends on ${PN}
which no longer exists in the new package layout.
Error:
Problem: conflicting requests
- nothing provides cdrkit = 1.1.11-r0.1 needed by cdrkit-dev-1.1.11-r0.1.corei7_64
(try to add '--skip-broken' to skip uninstallable packages)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Commit [1] changed the pidfile dir to /var/run/syslog-ng. This also changed
the location where the control socket is searched for, causing the following
error with systemd:
root@qemux86-64:~# syslog-ng-ctl config
Error connecting control socket, socket='/var/run/syslog-ng/syslog-ng.ctl',
error='No such file or directory'
Update the systemd service file to point to the new location.
[1] 00d1d63e4f ("syslog-ng: provide correct PID directory location to
restart/stop syslog-ng daemon")
Signed-off-by: lmorales <luisalejandro.moralespena@windriver.com>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The `dot` tool requires to be run once after installation in order to
create its configuration file.
The do_prepare_recipe_sysroot task uses do_populate_sysroot in order to
prepare the recipe-sysroot-native. Package postinstall scripts are not
executed for -native packages, but files under ${BINDIR}/postinst-* are.
This is quite the same as graphviz-setup.sh does for nativesdk. The
general idea has been taken from
OECORE/meta/classes/pixbufcache.bbclass.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The upstream ebtables-legacy-save perl script is replaced by a bash
implementation (taken from Fedora). So there's nothing left which
RDEPENDs on perl.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The project has renamed the master branch to main.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0c9c5c6661)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
KillMode=none is deprecated, so we need to stop using it [1].
For now, use `KillMode=mixed` and `IgnoreOnIsolate=true` instead.
In the future, we should change plymouth to be able to exit and
start again without restarting the active animation, but that's
going to require some effort.
[1] https://gitlab.freedesktop.org/plymouth/plymouth/-/issues/123
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7981762d67)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
From announcement:
This release was focused on stability and hardening, notably fixing some
long-standing race conditions and memory leaks. Default mount options got
tweaked towards data safety.
All users are strongly advised to upgrade.
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2b2666b7fa)
[Minor fixup for honister context, bug fix only]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
==========
*) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
*) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
*) http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
*) OpenSSL autoconf detection improvement: pick up openssl.pc in the
specified openssl path.
*) mod_proxy_connect, mod_proxy: Do not change the status code after we
already sent it to the client.
*) mod_http: Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request. PR 65725
*) mod_dav: Some DAV extensions, like CalDAV, specify both document
elements and property elements that need to be taken into account
when generating a property. The document element and property element
are made available in the dav_liveprop_elem structure by calling
dav_get_liveprop_element().
*) mod_dav: Add utility functions dav_validate_root_ns(),
dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
dav_find_attr() so that other modules get to play too.
*) mpm_event: Restart stopping of idle children after a load peak. PR 65626.
*) mod_http2: fixes 2 regressions in server limit handling.
1. When reaching server limits, such as MaxRequestsPerChild, the
HTTP/2 connection send a GOAWAY frame much too early on new
connections, leading to invalid protocol state and a client
failing the request. See PR65731.
The module now initializes the HTTP/2 protocol correctly and
allows the client to submit one request before the shutdown
via a GOAWAY frame is being announced.
2. A regression in v1.15.24 was fixed that could lead to httpd
child processes not being terminated on a graceful reload or
when reaching MaxConnectionsPerChild. When unprocessed h2
requests were queued at the time, these could stall.
See <https://github.com/icing/mod_h2/issues/212>.
*) mod_ssl: Add build support for OpenSSL v3.
*) mod_proxy_connect: Honor the smallest of the backend or client timeout
while tunneling.
*) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
half-close forwarding when tunneling protocols.
*) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
a third-party module. PR 65627.
*) mod_md: Fix memory leak in case of failures to load the private key.
PR 65620
*) mod_md: adding v2.4.8 with the following changes
- Added support for ACME External Account Binding (EAB).
Use the new directive `MDExternalAccountBinding` to provide the
server with the value for key identifier and hmac as provided by
your CA.
While working on some servers, EAB handling is not uniform
across CAs. First tests with a Sectigo Certificate Manager in
demo mode are successful. But ZeroSSL, for example, seems to
regard EAB values as a one-time-use-only thing, which makes them
fail if you create a seconde account or retry the creation of the
first account with the same EAB.
- The directive 'MDCertificateAuthority' now checks if its parameter
is a http/https url or one of a set of known names. Those are
'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
for now and they are not case-sensitive.
The default of LetsEncrypt is unchanged.
- `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
section.
- Treating 401 HTTP status codes for orders like 403, since some ACME
servers seem to prefer that for accessing oders from other accounts.
- When retrieving certificate chains, try to read the repsonse even
if the HTTP Content-Type is unrecognized.
- Fixed a bug that reset the error counter of a certificate renewal
and prevented the increasing delays in further attempts.
- Fixed the renewal process giving up every time on an already existing
order with some invalid domains. Now, if such are seen in a previous
order, a new order is created for a clean start over again.
See <https://github.com/icing/mod_md/issues/268>
- Fixed a mixup in md-status handler when static certificate files
and renewal was configured at the same time.
*) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
*) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
PR 65616.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ea76fc6437)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
License-Update:
change "the above copyright" to "the original copyright"
Changelog:
=========
Fix rt.cpan.org #137768
Test t/05-SVCB.t on Perl 5.18.0 fails with deep recursion.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 347a9d7456)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
=========
Fix error in example firewall.sh script
configure: remove useless -Wno-* from default CFLAGS
Add argv_insert_head__empty_argv__head_only to argv tests
Move deprecation of SWEET32/64bit block size ciphers to 2.7
Include --push-remove in the output of --help.
Move '--push-peer-info' documentation from 'server' to 'client options'
add test case(s) to notice 'openvpn --show-cipher' crashing
BUILD: enable CFG and Spectre mitigation for MSVC
Fix loading PKCS12 files on Windows
msvc: fix product version display
msvc: add missing header to project file
config-msvc.h: fix OpenSSL-related defines
contrib/vcpkg-ports: remove openssl port
GitHub Actions: use latest working lukka/run-vcpkg
Use network address for emulated DHCP server as a default
Load OpenSSL config on Windows from trusted location
ring_buffer.h: fix GCC warning about unused function
ssh_openssl.h: remove unused declaration
vcpkg/pkcs11-helper: compatibility with latest vcpkg
config-msvc.h: indicate key material export support
Don't use BF-CBC in unit tests if we don't have it
Define have_blowfish variable in ncp unit tests
doc link-options.rst: Use free open-source dynamic-DNS provider URL
Fix some more wrong defines in config-msvc.h
Ensure the current common_name is in the environment for scripts
Require EC key support in Windows builds
resolvconf fails with -p
Update IRC information in CONTRIBUTING.rst
doc/man (vpn-network-options): fix foreign_option_{n} typo
README.down-root: Fix plugin module name
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2867330535)
[2.5.x is a stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
From the release notes page
(https://docs.djangoproject.com/en/4.0/releases/3.2.10/):
Django 3.2.10 fixes a security issue with severity “low” and a bug in
3.2.9.
CVE-2021-44420: Potential bypass of an upstream access control based on
URL paths
HTTP requests for URLs with trailing newlines could bypass an upstream
access control based on URL paths.
Bugfixes
Fixed a regression in Django 3.2 that caused a crash of setUpTestData()
with BinaryField on PostgreSQL, which is memoryview-backed (#33333).
Django 3.2.9 fixes a bug in 3.2.8 and adds compatibility with Python
3.10.
Bugfixes
Fixed a bug in Django 3.2 that caused a migration crash on SQLite when
altering a field with a functional index (#33194).
Django 3.2.8 fixes two bugs in 3.2.7.
Bugfixes
Fixed a bug in Django 3.2 that caused incorrect links on read-only
fields in the admin (#33077).
Fixed a regression in Django 3.2 that caused incorrect selection of
items across all pages when actions were placed both on the top and
bottom of the admin change-list view (#33083).
Django 3.2.7 fixes a bug in 3.2.6.
Bugfixes
Fixed a regression in Django 3.2 that caused the incorrect offset
extraction from fixed offset timezones (#32992).
Django 3.2.6 fixes several bugs in 3.2.5.
Bugfixes
Fixed a regression in Django 3.2 that caused a crash validating "NaN"
input with a forms.DecimalField when additional constraints, e.g.
max_value, were specified (#32949).
Fixed a bug in Django 3.2 where a system check would crash on a model
with a reverse many-to-many relation inherited from a parent class
(#32947).
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 446a503acf)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The master branch has been renamed to main in the github repo.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Under some configuration, CMake may pick up the existence of python
from the native recipe sysroot and use that when linking for target,
resulting in the following error:
ld: .../recipe-sysroot-native/usr/lib/libpython3.10.so: error adding
symbols: file in wrong format
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Original repo doesn't exist any more. Even though I couldn't find any
new official repo, this is the only one on github that contains used
commit hash.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c57e4d5faa)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
pip isn't needed to build, and adding the empty string to RDEPENDS is
most certainly meaningless.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 57ae325941)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
Also update the HOMEPAGE.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 45e5b27db6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
gevent is MIT, and it embeds copies of Python which is Python-2.0.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 91b516cc80)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
gevent by default will build its own c-ares and libuv, but that build
needs patches and embedded libraries are bad form.
DEPEND on the recipes instead, and turn off embedding.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 2d63ec9476)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2755ba786a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8384c874f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise licenses BSD-2-Clause and BSD-3-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4004a2279e)
[Fixed up for Honistor context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-2-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3e5651b6b4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 09aa844891)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"BSD" is ambiguous, use the precise license BSD-3-Clause.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 11af3bd250)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
