Handles CVE-2025-11677, CVE-2025-11678, CVE-2025-11679 and
CVE-2025-11680.
* drop patches included in this release
* update license
* add packageconfig for examples as those don't build
License-Update: added new license, see:
https://libwebsockets.org/git/libwebsockets/commit?id=e3dca87f23e8f783e1008b54829b39f9d7b083df
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This ends up in the native/nativesdk depchains especially when
building on arm64 build hosts.
Fixes errors e.g.
WARNING: Nothing RPROVIDES 'nativesdk-libopus-dev' (but virtual:nativesdk:/srv/build/yoe/sources/meta-openembedded/meta-oe/recipes-multimedia/libopus/libopus_1.5.2.bb RDEPENDS on or otherwise requires it)
No eligible RPROVIDERs exist for 'nativesdk-libopus-dev'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop memory leak patch which has already been included in this new version.
The new version also includes a fix for CVE 2025-62408.
Changelog: https://github.com/c-ares/c-ares/releases/tag/v1.34.6
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This reverts commit 1175d5c8c1.
Since this recipe inherits bash-completion, adding
${datadir}/bash-completion to FILES:${PN} should not be needed (in
addition to being the wrong thing to do as the files are expected to be
packaged in the ${PN}-bash-completion package). The reason the problem
addressed in commit 1175d5c8c1 turned up
is due to the recent change to the bash-completion bbclass, where it
started to use PACKAGE_BEFORE_PN. This clashed with the lib_package
bbclass, which used to set rather than add to PACKAGE_BEFORE_PN, and
since it is inherited after bash-completion, it overrid what
bash-completion does.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are two different types of tags in glslang git repo. One is the
release tag of the project itself: 15.2.0, 14.3.0, etc. The other tag is
for Vulkan SDK: vulkan-sdk-1.4.309, vulkan-sdk-1.4.304.1, etc.
The vulkan sdk tag is used for glslang in openembedded-core because it
needs to update in locksetup with vulkan, which leads to a mismatch
between the runtime version and the build version. Set CHECK_VERSION_PV
for it to skip the version check.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade Vulkan CTS to the point release, fixing several tests. While we
are at it, refresh Vulkan-Video-Samples patches.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When OpenCV is being built with the "fastcv" packageconfig, several
OpenCV libs are linked against the libfastcv.a. At runtime this lib will
dlopen(libfastcvopt.so.1), providing a fallback to slow algorithms, etc.
However as it is dlopen() rather than dynamic linking, there is no
runtime dependency.
In Yocto, if we enable a feature, we expect that all runtime
dependencies are pulled in. Utilize the qcom-fastcv-binaries recipe
provided by the meta-qcom layer and pull in libfastcvopt1 package as
required.
Cc: Pulkit Singh Tak <ptak@qti.qualcomm.com>
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The minicoredumper has multiple 2038 year problems where 'long' type
variables and strtol() function calls cause overflow on 32-bit systems
when handling timestamps after 2038-01-19.
This leads to incorrect timestamp formatting in core dump directory
names (e.g., sleep40s.20380119.031407+0000.598).
Fix by changing 'long timestamp' to 'time_t timestamp' and replacing
strtol() with strtoll() to properly handle 64-bit timestamps on
32-bit systems.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ripgrep is a fast, line-oriented search tool written in Rust.
Add recipe for the latest release (15.1.0)
- Recursively searches the current directory using a regex pattern
- Respects .gitignore rules
- Provides first-class support on Linux
- 'rg' is significantly faster than grep
More information: https://crates.io/crates/ripgrep
Upstream Benchmarks:
Task ripgrep GNU grep Speedup vs grep
Basic search (Unicode) 536 lines, 0.082s 536 lines, 0.273s ripgrep ~3.3× faster
Ignoring gitignore files 447 lines, 0.063s 447 lines, 0.674s ripgrep ~10× faster
Large single file (~13GB) 7882 lines, 1.042s 7882 lines, 6.577s ripgrep ~6.3× faster
Bechmarks inside qemu (ripgrep built from this recipe):
Tool & Command Real Time User Time Sys Time Speedup vs grep
ripgrep (rg "printf" /usr) 0.496 s 0.511 s 0.604 s 3.1× faster
grep (grep -R "printf" /usr) 1.533 s 0.633 s 0.897 s —
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fd is a simple, fast and user-friendly alternative to 'find' written in rust.
Add recipe for the latest release (10.3.0)
- Ignores hidden and .gitignore files by default
- Supports regular expressions and highlights matches
- Faster and easier to use than traditional 'find'
More information: https://crates.io/crates/fd-find
Upstream Benchmarks:
Tool & Command Time (mean ± σ) Range (min … max) Speedup vs find
fd -u '[0-9]\.jpg$' ~ 854.8 ms ± 10.0 ms 839.2 ms … 868.9 ms ~13x faster
find ~ -iname '*[0-9].jpg' 11.226 s ± 0.104 s 11.119 s … 11.466 s —
Bechmarks inside qemu (fd built from this recipe):
Tool & Command Real Time User Time Sys Time Speedup vs find
fd (fd /path/to/search) 2.115 s 2.660 s 5.083 s ≈2.1× faster
find (find /path/to/search) 4.401 s 1.607 s 2.788 s —
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These CVEs were filed for "Fram's Fast File Exchange" application, which
has the same abbreviated name as fex. Currently this recipe has no historical
CVEs associated, so I couldn't set the correct CVE_PRODUCT. Rather ignore
these irrelevant CVEs explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-Fix-build-with-gcc-15.patch
removed since it's included in 2.6.2
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- packit: Bump release only for daily Copr builds
- tests: Split locale tests into multiple test cases
- misc: Separate Ansible tasks into a different file
- misc: Add build and test dependecies for CentOS
- misc: Use --break-system-packages for pip on Debian
- misc: Do not use "with_items" when installing packages
- HACKING: Update directions for updating documentation
- Fix compilation with C23
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* PR #246: Make ldns_calc_keytag() available for CDNSKEY RR
* PR #247: Make ldns_key_rr2ds() available for CDNSKEY RR
* PR #248: Make ldns_rr_compare_{ds,ds_dnskey}() available for
CDS and CDNSKEY RRs.
* PR #245: Make drill trace use IPv6 when used with -6
* Fix#254: Unquoted "value" rdata for CAA records fail to validate.
Follows the long string unquoted syntax from RFC8659, section 4.1.1.
* Fix#266: ldns-read-zone -u fails if a type is the only type in a
window and the type modulo 256 is equal to zero.
* Fix#271: Intermittent build failure with multi-job
builds (make -j).
* Add ldns-verify-zone -s option. It checks all signature results,
instead of passing by when one RRSIG validates. That prints output
for spurious RRSIGs, the failures for them.
* Fix RR types NSAP-PTR, GPOS and RESINFO to print unquoted strings.
* Fix memory leak when trying to read zones that have equal RRs.
the ldns_dnssec_*_add_rr() functions now return LDNS_STATUS_EQUAL_RR
when an already existing RR is tried to be added. This is a API
change, hence this also bumps the version to 1.9.0
* PR #282: ensure returning pkt with LDNS_STATUS_OK.
* PR #286: Fix RR Type AMTRELAY type nogateway, to print relay '.',
and memory leaks in parsing it.
* DSYNC is no longer a draft RR type and compiled by default
* RFC 9824 support: Compact Denial of Existence in DNSSEC
* The HHIT and BRID draft RR types
* PR #249: If RNG is already seeded, return early.
* PR #221: Improve error messages.
* PR #256: Use SWIG_AppendOutput to support swig 4.3
* PR #188: Homogenize paths for source files during compilation
* Fix#283: ldns-walk fails after update from 1.8.3 to 1.8.4
* PR #200: Allow compiled tests to link to ldns statically via
environment variable.
* PR #220: Optionally exclude ZONEMD RRs in ldns-compare-zone
* Fix#285: A WALLET RR breaks TXT signing.
* Fix#287: ldns-verify-zone hangs with missing NSEC3 RRs.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
