MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-08-22 00:42:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
78,069 Commits 39 Branches 599 Tags 257 MiB
yocto-5.2.2
Commit Graph

3742 Commits

Author SHA1 Message Date
Changqing Li
cde5497160 libsoup: fix CVE-2025-4969 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/447

(From OE-Core rev: 2fd6621812f62acc2bbce47db9e9dc96349d8e3e)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
41d7ce9502 libsoup: fix CVE-2025-4948 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449

(From OE-Core rev: c6a014352ae480d90b84ca26653654814a7bda52)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
974a6ab51e libsoup: fix CVE-2025-32908 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/429

(From OE-Core rev: 6605a2b1f00e70e0756f73febc73ef01967ecb2a)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
abbbcbf3f0 libsoup: fix CVE-2025-32907 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/429

(From OE-Core rev: fd541857dddeb8cf1da03c50a1087b65deb728ed)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
e8d14bbbc1 libsoup: fix CVE-2025-4476 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440

(From OE-Core rev: 0b93d8cedfd102fcd723786b975a5cf684c2b0e8)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
2526655f76 libsoup: fix CVE-2025-32914 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/436

(From OE-Core rev: 323ee2ba9008eb1bdcd1082ca2a8952e30a8e333)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
c9de00a836 libsoup-2.4: fix CVE-2025-4969 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/447

(From OE-Core rev: e6f07ad948254c445bc9f5c94211148c8b7b7a68)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
8b97b401c4 libsoup-2.4: fix CVE-2025-4948 
Refer:
http://gitlab.gnome.org/GNOME/libsoup/-/issues/449

(From OE-Core rev: 080c655c5a4590c55e8cc7d0e7a90676a3ed78ab)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
5aaeb04472 libsoup-2.4: fix CVE-2025-32907 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/428

(From OE-Core rev: 771a05a7f65c391b0e2ad01e509f63d14fd0a7f2)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
8600fa1992 libsoup: upgrade 3.6.4 -> 3.6.5 
Changes in libsoup from 3.6.4 to 3.6.5:

* session: Strip authentication credentials on cross-origin redirects [Patrick Griffis]
* build: Use pkg-config instead of krb5-config for the gssapi dependency [Patrick Griffis]
* http1: When using chunked encoding report an error in case of unexpected stream end [Andrzej Surdej]
* http2: When a message has no content still respect its Content-Type [Patrick Griffis]
* http2: Revert manual window size management temporarily, as it could stall [Patrick Griffis]
* sniffer: Fix potential overflows [Patrick Griffis]
* hsts: Fix minor leak [Patrick Griffis]
* headers: Fix a few parsing edge cases that could be an out of bound read [Patrick Griffis]
* connection: Avoid ever calling disconnect twice [Patrick Griffis]
* auth-digest: Fix handling when a nonce isn't present [Patrick Griffis]
* cookies: Limit max size of max-age, path, and domain attributes to 1024 bytes [Patrick Griffis]
* cookies: Limit max size of name and value to 4096 bytes [Patrick Griffis]
* docs: Remove references to old libsoup domain [Simon McVittie]

Refer:
766e175282

(From OE-Core rev: a5585378dd9a2ecd8261958d02c34ecce1be5c0f)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
915a1ef24d libsoup-2.4: fix CVE-2025-4476 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/440

(From OE-Core rev: d5fa3329cc58713c3476559b61b0797ace819fbd)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:26 -07:00
Changqing Li
e2d34d51f2 libsoup-2.4: fix CVE-2024-52531 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/423

(From OE-Core rev: 34e9c7cfd832ed03b71fc4c23d82e853ff8c1711)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
bbf1cef462 libsoup-2.4: fix CVE-2025-32912 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/434

(From OE-Core rev: d1f3c8a62388133acd5df33ec857e06cc23ab9d0)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
93f5146591 libsoup-2.4: fix CVE-2025-32910 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/432

(From OE-Core rev: 1ecca7b624a7f33513d5e585bedec6438acef3e8)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
6c2bade41f libsoup-2.4: fix CVE-2025-32909 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/431

(From OE-Core rev: 2329f4f77fc9403e42b0c97dbd693c5d8bc906ae)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
ef20438ad0 libsoup-2.4: fix CVE-2025-32052 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/425

(From OE-Core rev: ea01c691da88233ae8c767b59b9a7196351489fc)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
aef38fef95 libsoup-2.4: fix CVE-2025-32050 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/424

(From OE-Core rev: 8de43e4c2d202a0bbb242cbc0dc096d07b78f0c1)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
84fcd2a3d0 libsoup-2.4: fix CVE-2025-46421 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

(From OE-Core rev: 1012345aa97804da17867e7569a19259f37c2e25)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
252e11c0d3 libsoup-2.4: fix CVE-2025-46420 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/438

(From OE-Core rev: 131a975cac59061f1b3013ce626a93160bf8d2be)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
dc2f096686 libsoup-2.4: fix CVE-2025-32914 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/450

(From OE-Core rev: 1b3ed35fe9afa00987f64415a43ae9ed4f53e7f3)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
908bd59cfc libsoup-2.4: fix CVE-2025-32906 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/404

(From OE-Core rev: 8bd48ff06234b7dc387e0c578c61429359894edd)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
362528cdc0 libsoup-2.4: fix CVE-2024-52530 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/377

(From OE-Core rev: 5fb04759fcc5b74ea7c2c47fbd1971755a6acb55)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
3e320ec1d3 libsoup-2.4: fix CVE-2025-2784 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422

(From OE-Core rev: 1d00d1aa58b15adefb9f6ef5e85517018377aa63)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
e2e0c06b36 libsoup-2.4: fix CVE-2025-32053 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/426

(From OE-Core rev: 2f8307a3795ccaff50fbfb4fe716cdf37f1c82f2)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Changqing Li
ee37552eeb libsoup-2.4: update patch 0001-CVE-2025-32911.patch 
CVE-2025-32913 also fixed in this patch

Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/435

(From OE-Core rev: d95ddd4ebb4ea78fc64cfb025306f1f953ded3f9)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-13 09:01:25 -07:00
Peter Marko
577bbcd237 sqlite3: mark CVE-2025-29087 as patched 
Description of CVE-2025-29087 and CVE-2025-3277 are very similar.
There is no lonk from NVD, but [1] and [2] from Debian mark these two
CVEs as duplicates with the same link for patch.

[1] https://security-tracker.debian.org/tracker/CVE-2025-29087
[2] https://security-tracker.debian.org/tracker/CVE-2025-3277

(From OE-Core rev: a9386d9f3f4f5256dca2eee6355e3cc74d77af1d)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-02 10:26:30 -07:00
Peter Marko
11c14e791b sqlite3: patch CVE-2025-29088 
Pick commit [1] mentioned in [2].

[1] 56d2fd008b
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-29088

(From OE-Core rev: bf22e18843bf10418e7f8f182036eaf78de98413)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-02 10:26:30 -07:00
Peter Marko
42f60f3fd1 sqlite3: patch CVE-2025-3277 
Pick commit [1] mentioned in [2].

[1] https://sqlite.org/src/info/498e3f1cf57f164f
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-3277

(From OE-Core rev: 341297828a5b7c77e6d9113d5abcd22c3a0c224a)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-06-02 10:26:30 -07:00
Changqing Li
f780b27120 icu: set ac_cv_path_install to ensure install tool reproducibility 
icu will check program install path during do_configure, eg:
checking for a BSD-compatible install... /path/to/install -c

And this path will be writen into pkgdata.inc:
INSTALL_CMD=$(INSTALL-L)

Decided by if install is installed into recipe-sysroot-native during
do_configure stage, the INSTALL_CMD could be
/build/tmp/work/corei7-64-wrs-linux/icu/76-1/recipe-sysroot-native/usr/bin/install
or /build/tmp/hosttools/install if the build is rerun after the sysroot was
extended.

set ac_cv_path_install to install under hosttools to make a deterministic
result of INSTALL_CMD, avoid vary caused by the execute sequence of
another task which DEPENDS on coreutils-native and independent with
do_configure

[RP: Removed paths from ac_cv_path_install to simplify and avoid QA error too]
(From OE-Core rev: 208143e060cda6e22ae1e8c618e033fa9144b323)

(From OE-Core rev: 60a38959a5b740b16044bf8644046b3ed4816ae7)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-19 08:57:20 -07:00
Changqing Li
4720c11542 libsoup-2.4: fix CVE-2024-52532 
CVE-2024-52532:
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
during the reading of certain patterns of WebSocket data from clients.

Refer:
https://nvd.nist.gov/vuln/detail/CVE-2024-52532

(From OE-Core rev: e91fb129f132aae628b3a942afe9259c25f1b539)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-19 08:57:20 -07:00
Changqing Li
be58b8a46a buildtools-tarball: Make buildtools respects host CA certificates 
To adapt user network enviroment, buildtools should first try to use
the user configured envs like SSL_CERT_FILE/CURL_CA_BUNDLE/..., if these
envs is not set, then use the auto-detected ca file and ca path, and
finally use the CA certificates in buildtools.

nativesdk-openssl set OPENSSLDIR as "/not/builtin", need set SSL_CERT_FILE/SSL_CERT_DIR to work

nativesdk-curl don't set default ca file, need
SSL_CERT_FILE/SSL_CERT_DIR or CURL_CA_BUNDLE/CURL_CA_PATH to work

nativesdk-git actually use libcurl, and GIT_SSL_CAPATH/GIT_SSL_CAINFO
also works

nativesdk-python3-requests will use cacert.pem under python module certifi by
default, need to set REQUESTS_CA_BUNDLE

(From OE-Core rev: 0d5f241eee19c0dff9f9f59949485414935edaa2)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-14 08:33:40 -07:00
Changqing Li
e9eaa015a5 buildtools-tarball: add envvars into BB_ENV_PASSTHROUGH_ADDITIONS 
Here is one testcase:
For recipe tensorflow-lite-host-tools_2.18.0.bb, refer [1],
do_configure[network] = "1"
and it will git clone some repos in CMakeLists.txt

When buildtools is used and nativesdk-git is installed into sdk,
do_configure failed with error:
[1/9] Performing download step (git clone) for 'protobuf-populate'
Cloning into 'protobuf'...
fatal: unable to access 'https://github.com/protocolbuffers/protobuf/': error setting certificate file: /usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-wrlinuxsdk-linux/etc/ssl/certs/ca-certificates.crt

Fix by adding GIT_SSL_CAINFO in BB_ENV_PASSTHROUGH_ADDITIONS, so that
user can export GIT_SSL_CAINFO=${GIT_SSL_CAINFO} in their
do_configure:prepend() to fix above do_configure failure

CURL_CA_BUNDLE and REQUESTS_CA_BUNDLE is similar envvars, so all add
into BB_ENV_PASSTHROUGH_ADDITIONS

[1] https://github.com/nxp-imx/meta-imx/blob/styhead-6.12.3-1.0.0/meta-imx-ml/recipes-libraries/tensorflow-lite/tensorflow-lite-host-tools_2.18.0.bb

(From OE-Core rev: 5fa8cb40395977722d0d5a2271c8044598fb1f01)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-14 08:33:40 -07:00
Changqing Li
478f9aceec buildtools-tarball: move setting of envvars to respective envfile 
* make git,curl,python3-requests align with openssl, move the setting of
  envvars into respective envfile
* for environment.d-openssl.sh, also check if ca-certificates.crt exist
  before export envvars

(From OE-Core rev: 5c915fcada5868bdbb8aa3e28c18a26cfc41914f)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-14 08:33:40 -07:00
Changqing Li
95d7312e40 libsoup-2.4: fix CVE-2025-32911 
CVE-2025-32911:
A use-after-free type vulnerability was found in libsoup, in the
soup_message_headers_get_content_disposition() function. This flaw
allows a malicious HTTP client to cause memory corruption in the libsoup
server.

Backport patches to fix it

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-32911
[2] https://gitlab.gnome.org/GNOME/libsoup/-/issues/433

(From OE-Core rev: 75f1c57a5171859d1bfc58d69b3923d017b14303)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-14 08:33:40 -07:00
Ross Burton
6ade544faa acl: improve ptest packaging 
As there's a small number of  test binaries in acl, instead of
installing large chunks of the build tree we can install just those and
use a boilerplate test runner.

Drop 0001-tests-do-not-hardcode-the-build-path-into-a-helper-l.patch and
replace with an explicit -DBASEDIR= flag passed at build time.

Drop 0001-test-patch-out-failing-bits.patch and delete the tests that
fail entirely as they won't work without a specific user/group setup.

Backport a patch from upstream so that some tests don't use excessive
amounts of memory.

Backport a patch from upstream to cater for both glibc and musl's
behaviour with interleaved stdout/stderr, fixing the tests on musl.

Clean up dependencies now that we're not shipping the build system.

(From OE-Core rev: 2d82d5ea612ae6d7ac177f2a2792b3e3fdac1c70)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:04 +00:00
Ross Burton
32139d1420 attr: improve ptest packaging 
As there's just a few test binaries in attr, instead of installing large
chunks of the build tree we can install just those and use a boilerplate
test runner.

Also add a comment explaining why we have to sed the test suite if musl
is used.

(From OE-Core rev: baa1cbab47326656f762562303ddf4b0d9cc2b5c)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:04 +00:00
Ross Burton
862a1f2904 attr: merge .bb and .inc 
There's only one recipe using the .inc so the split is mostly pointless.

(From OE-Core rev: a6f29ced550251487211d8a83dc00e98b306e544)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:04 +00:00
Khem Raj
48e34a905e db: Disable incompatible-pointer-types warning as error 
GCC-15 treats this warning as error

(From OE-Core rev: f2fce342022f2d87a8679e6aeccfc20c380af5fe)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:03 +00:00
Khem Raj
7dae0ab041 nettle: Fix build with GCC-15 
These signatures are exposed when build with musl particularly

(From OE-Core rev: 2379010dfecffedc8d4253a03d5cb348f17ecee9)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-27 11:19:03 +00:00
Matthias Schiffer
7ed9f4b7aa curl: only set CA bundle in target build 
In native/nativesdk builds, sysconfdir refers to a recipe sysroot
directory, which will disappear once the workdir is cleaned up, breaking
libcurl's HTTPS connections.

By simply not setting --with-ca-bundle at all in non-target builds, curl
defaults to the host system's CA certificates, which is desirable anyways
to allow builds in environments that require local CA certificates.

(From OE-Core rev: 4909a46e93ba774c960c3d3c277e2a669af3fea6)

Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-24 17:29:16 +00:00
Jason Schonberg
3652b35c75 sqlite3: upgrade 3.47.2 -> 3.48.0 
Changelog:
 https://www.sqlite.org/releaselog/3_48_0.html

(From OE-Core rev: db32c9d19fa21b0d1cd556dc86c2f60eb6de0593)

Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-20 11:29:03 +00:00
Wang Mingyu
b5e84e5989 libjitterentropy: upgrade 3.6.1 -> 3.6.2 
License-Update: Copyright year uptated to 2025

(From OE-Core rev: af6cc5ea16f557fb63114f6150e1207d15483eea)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-19 11:49:45 +00:00
Wang Mingyu
126a2ceaf8 at-spi2-core: upgrade 2.54.1 -> 2.56.0 
(From OE-Core rev: 0a9da6b761997796405a73230a09227d5f5b2e78)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-19 11:49:45 +00:00
Vijay Anusuri
e57dee3e65 vim: Upgrade 9.1.1115 -> 9.1.1198 
This includes CVE-fix for CVE-2025-27423 and CVE-2025-29768

Changes between 9.1.1115 -> 9.1.1198
====================================
https://github.com/vim/vim/compare/v9.1.1115...v9.1.1198

(From OE-Core rev: 8e540bd287fd56e3a714f81395b59dd508a6d957)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-19 10:07:31 +00:00
Khem Raj
7427895495 gdbm: Use C11 standard 
GCC15 is switching defaults to C23 and gdbm is not yet ready to
compile using C23 std.

(From OE-Core rev: e0f13f9bc96a0dd4c5f6750a8106422a6d015359)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-19 09:48:14 +00:00
Ross Burton
85c2eb6d42 libcap: upgrade to 2.75 
Just one change, to fix the Go psx module build.

(From OE-Core rev: 8b95a195e31a1e01b3b508ca0a77908fa87f5d02)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-18 10:27:31 +00:00
Ross Burton
f465a5fd31 libcap: fix licensing fields 
The recipe LICENSE field should reflect the license of all of the sources,
so include the PAM module licenses too.

Don't use conditionals in LIC_FILES_CHKSUM so that the configuration
does not cause differing checksums to be used.

Explicitly set the license on libcap and libcap-dev to reflect the
contents:
- libcap is BSD|GPLv2, and also BSD|LGPLv2+ if PAM is enabled.
- libcap-dev is just the library, so BSD|GPLv2.

(From OE-Core rev: 12ac8b55ee7407aca485869f0031cf7375761ca9)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-18 10:27:31 +00:00
Ross Burton
45ecfbb583 libcap: clean up configuration variables 
There's no need to set PACKAGECONFIG:class-native as we disable PAM in
the native DISTRO_FEATURES.

No need to set COPTS, since "Canonicalize build system"[1] the exported
CFLAGS/CPPFLAGS/LDFLAGS are respected.

Merge multiple make arguments into EXTRA_OEMAKE to remove duplication.

SYSTEM_HEADERS is not used upstream, remove.

[1] 2762c2c1a8c98d9012fcd40f20d133493a0b3219

(From OE-Core rev: 88cd79eee6dcc40d0e75ab35d9092ac3c788be7d)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-18 10:27:31 +00:00
Ross Burton
8536e51f0f libcap: remove redundant FILES:PN-dev 
base_libdir/*.so is part of the default assignment.

(From OE-Core rev: 964c73bd4de30c682961f7fe2ee85a92995d3160)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-18 10:27:31 +00:00
Ross Burton
48b587d8e5 libcap: drop obsolete patches 
Drop 0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch,
fixed upstream in "libcap: Fix for older kernels"[1].

Drop 0002-tests-do-not-run-target-executables.patch, doesn't appear to
be needed anymore and most likely resolved by "Don't build the
tests/binaries until we want to run them"[2].

[1] f1c3ac995d02d4f17b9d15656ab6d58f4c87435a
[2] 99799844ad9272d43892881d1090369e6032aec2

(From OE-Core rev: 1efd3ff1ab24ee4037bdcf92602dce961abe63aa)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-03-18 10:27:31 +00:00