Changelog:
==========
- Lots of fixes to unix sockets.
- The addition of unix stream sockets to Windows.
- Unix datagram and seqpacket sockets are now supported.
- For older systems and newer systems whose pselect() operation is non-atomic
(BSDs, MacOS) there were race conditions and some issues. Most should all be fixed now.
- For MacOS and later BSDs, kevent() is now supported.
- External threads doing gensio calls will now have their signal masks fixed up
to work properly with gensio.
- gtlsshd was not working on MacOS
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- flatpak-spawn now supports --sandbox-a11y-own-name (if supported by portal)
- flatpak-spawn prints a useful error when --host isn't permitted
- fixed minor leak in flatpak-spawn
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bugfix:
========
- Fix icon name
- desktop: Add jpeg-xl to MimeType list
- EogWindow: Raise priority of image loading and transformation jobs
- EogMetadataDetails: Support copying metadata values to the clipboard
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Drop patches which are upstreamed.
- Move common patches to files/ dir
- Use gcc to compile for now as it does not work with clang+libc++
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Remove -DENABLE_ZLIB=ON (it is no longer optional).
* Replace -DENABLE_CMS=lcms2 with -DENABLE_LCMS=ON.
* Replace the splash PACKAGECONFIG with boost (splash is no longer
optional).
* Correct the options for the nss and tiff PACKAGECONFIGs.
This avoids the following CMake warnings:
Manually-specified variables were not used by the project:
ENABLE_CMS
ENABLE_SPLASH
ENABLE_ZLIB
WITH_NSS3
WITH_TIFF
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add a recipe for the i.MX CST (Code Signing Tool) version 3.4.0.
The Code Signing Tool is used for secure boot implementation on
i.MX devices.
Example on how to use the CST tool to sign U-Boot on i.MX5/i.MX6/i.MX7:
https://source.denx.de/u-boot/u-boot/-/blob/master/doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
Example on how to use the CST tool to sign U-Boot on i.MX8M:
https://source.denx.de/u-boot/u-boot/-/blob/master/doc/imx/habv4/guides/mx8m_spl_secure_boot.txt
Multiple layers include the imx-cst package and offer their version of
the recipes:
- meta-freescale
- meta-secure-imx
- meta-phytec
and probably more.
The idea of having imx-cst in meta-oe is to centralize and maintain
the efforts in a single location.
Move the existing imx-cst recipe from meta-freescale recipe to meta-oe.
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
As noted in the libc++ 19 release notes [1], std::char_traits<> is now
only provided for char, char8_t, char16_t, char32_t and wchar_t, and any
instantiation for other types will fail.
This causes nodejs-20 to fail to compile with clang 19 and libc++ 19,
resulting in errors similar to:
/usr/include/c++/v1/string:820:42: error: implicit instantiation of undefined template 'std::char_traits<unsigned short>'
820 | static_assert(is_same<_CharT, typename traits_type::char_type>::value,
| ^
../deps/v8/src/inspector/string-16.h:114:28: note: in instantiation of template class 'std::basic_string<unsigned short>' requested here
114 | std::basic_string<UChar> m_impl;
| ^
/usr/include/c++/v1/__fwd/string.h:23:29: note: template is declared here
23 | struct _LIBCPP_TEMPLATE_VIS char_traits;
| ^
Upstream v8 has fixed this in commit 182d9c05e78 [2], so add it as a
backported patch, until the next version of node is released.
[1] https://libcxx.llvm.org/ReleaseNotes/19.html#deprecations-and-removals
[2] https://chromium.googlesource.com/v8/v8.git/+/182d9c05e78
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Polkit unconditionally installs a systemd service, remove it in
do_install() on SysVinit systems to avoid "installed but not packaged
file" error.
Fixes this error:
ERROR: polkit-125-r0 do_package: QA Issue: polkit: Files/directories were installed but not shipped in any package:
/usr/lib/systemd
/usr/lib/systemd/system
/usr/lib/systemd/system/polkit.service
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
polkit: 3 installed and not shipped files. [installed-vs-shipped]
ERROR: polkit-125-r0 do_package: Fatal QA errors were found, failing task.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add a new OS option to polkit meson: "openembedded" and use this to
set PAM include to common-* which matches OE-Core libpam.
This also may fix a non-reproducibility since polkit meson system tried
to detect the host (compiling) OS and changed PAM config from the
detected value.
Fixes: https://github.com/openembedded/meta-openembedded/issues/860
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patches by Raghuvarya changed the location of the file that systemd
uses to check whether to start the adbd or not. However those patches
completely ignored creating those two flag files, as done by the
android-tools recipes.
Make the android-tools create the /etc/usb-debugging-enabled file so
that it's possible to enable the adbd automatically.
Fixes: a29c6386d5 ("android-toold-adbd: Fix inconsistency between selinux configurations")
Fixes: 8106cfe769 ("android-tools-adbd.service: Change /var to /etc in ConditionPathExists")
Cc: Raghuvarya S <quic_raghuvar@quicinc.com>
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
GPR_ASSERT is removed from latest gprc
Fixes
| /home/pokybuild/yocto-worker/meta-oe/build/build/tmp-glibc/work/core2-64-poky-linux/etcd-cpp-apiv3/0.15.4/git/src/v3/Action.cpp: In member function 'void etcdv3::Action::waitForResponse()':
| /home/pokybuild/yocto-worker/meta-oe/build/build/tmp-glibc/work/core2-64-poky-linux/etcd-cpp-apiv3/0.15.4/git/src/v3/Action.cpp:101:5: error: 'GPR_ASSERT' was not declared in this scope
| 101 | GPR_ASSERT(got_tag == (void*) this);
| | ^~~~~~~~~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Use full file for checksum ( COPYING -> LICENSE )
Use system libpcre
Drop py3 support patches, its default now
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Sending patches via GH results in the reviews of a lesser quality.
Discourage its usage and point out that developers should use emails
only.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The github mirror was a stopgap, now ltrace is hosted on gitlab/cespedes
drop already applied patches upstream.
Add a patch to fix VLAs
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* d9ada84 (origin/master, origin/HEAD) screencast: fix SelectSources type bitmask check
* 0776565 screenshot: clean up xdpw request
* 32b009a screenshot: remove variable-length-array
* fa0961b screenshot: clean up reply messages on failures
* aa555b7 colorchooser: clean up xdpw request
* 80ae77d colorchooser: clean up reply messages on failures
* c23c886 colorchooser: force grim to only return a single pixel
* d13d6a4 screencast: simplify xdpw_gbm_device_create()
* 67365f7 build: don't use cc.get_supported_arguments() for -D flag
* 31d85ce build: add summary for auto-detected features
* 388c484 screencast: simplify wl_drm format code conversions
* 9895411 Separate wlr_screencopy code into separate file
* 94e3de3 Group wlr_screencopy attributes in structs
* 425da7f screencast: Store transformation as part of the frame
* 91c888c screencast: Refactor xdpw_wlr_* api
* ca7a3e2 screencast: Use PipeWire to drive screencast
* 7444be5 contrib: fix typo in the portals config example
* 1eae4bf readme: list supported portals, explain new portal config
* 3087ad5 build: simplify sd-bus-provider=auto
* 53aeeba build: simplify scdoc invocation
Fixes variable length array usage which fixes build with clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the
`Access-Control-Allow-Private-Network` CORS header to be set to true
by default, without any configuration option. This behavior can expose
private network resources to unauthorized external access, leading to
significant security risks such as data breaches, unauthorized access
to sensitive information, and potential network intrusions.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6221
Upsteam-Patch:
7ae310c56a
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* License-Update: Update years
* Remove CVE-2014-10402.patch since it is not need for this version,
refer [1]
* Backport a patch
[1] https://metacpan.org/dist/DBI/view/Changes#Changes-in-DBI-1.632-9th-Nov-2014
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Debug packages of klibc-based recipe contains reference to TMPDIR and
fail to build since "buildpaths" is a ERROR_QA: For example, from [0]:
stdio: ERROR: kexec-tools-klibc-2.0.18+git-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/kexec in package kexec-tools-klibc-dbg contains reference to TMPDIR
stdio: ERROR: kexecboot-klibc-0.6+git-r0 do_package_qa: QA Issue: File /usr/bin/.debug/kexecboot in package kexecboot-klibc-dbg contains reference to TMPDIR [buildpaths]
stdio: ERROR: ubi-utils-klibc-2.0.2-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/ubirename in package ubi-utils-klibc-dbg contains reference to TMPDIR
Fix this by adding DEBUG_PREFIX_MAP to the klibc build CFLAGS to rewrite
these paths in a reproducible way.
[0]: https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/40
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
nativesdk support is needed in some of the projects for codegeneration
Signed-off-by: Nisha Parrakat <nisha.m.parrakat@bmw.de>
Signed-off-by: Akash Hadke <akash.hadke27@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
INSANE_SKIP:gcab-src doesn't work with multilib where the package is
named ${PN}-src (e.g. lib32-gcab-src) and it's better to just lower
buildpaths from ERROR_QA to WARN_QA instead of skipping it completely,
because it's still an issue which should be fixed (at least to improve
hashserv efficiency if you don't care about reproducibility itself)
The backport to scarthgap from:
https://lists.openembedded.org/g/openembedded-devel/message/111739
should IMHO be just reverted there as buildpaths QA issues
aren't fatal in scarthgap.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
