A vulnerability classified as problematic was found in OpenCV
wechat_qrcode Module up to 4.7.0. Affected by this vulnerability
is the function DecodedBitStreamParser::decodeByteSegment of the
file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation
leads to null pointer dereference. The attack can be launched
remotely. The exploit has been disclosed to the public and may
be used. It is recommended to apply a patch to fix this issue.
The associated identifier of this vulnerability is VDB-228547.
Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This reverts commit 0abf5af3ff
libopencv-ts package is not empty and libopencv_ts libraries are
not all installed in the -dev package, these libraries are needed
for sdk development listed in opencv4.pc file.
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Look for level transitions when testing toggling
values because using fixed delays to assume value
changes is not reliable.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
cherry-pick from meta-oe/master 45a8bb2620...
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
These pyc files include references to buildtime TMPDIR, therefore delete
them and let them be regerated during runtime if needed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b1b7ee87ac)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Remove intltool-native as it is not used, and add autoconf-archive-native.
Also explicitly disable systemd when not selected to be sure it doesn't
automatically enable.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0713297ae9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This can be satisfied via transitive dependencies, but make it an
explicit DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2697f5bcf4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
If you try to build libblockdev with an empty PACKAGECONFIG then the
configure fails.
Add autoconf-archive, glib-2.0, and udev; these were implicitly pulled
in via other dependencies. Move kmod to DEPENDS as it's a hard
requirement.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f14663746b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This can be satisfied via transitive dependencies, but make it an
explicit DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5fca30d672)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This can be satisfied via transitive dependencies, but make it an
explicit DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit dbbafeceb4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Recipes are not expected to set FILESPATH directly, they are
expected to use FILESEXTRAPATH.
I can see the seting of FILESPATH in this recipe only wants to
find redis-7 specific patches and files. This could be easily achieved by
using redis-7.0.11/ directory to hold all those files.
Using FILESPATH in this way removes the possibility of overriding
some files (e.g., the redis service file) from other layers via
FILESEXTRAPATH:prepend, which is kind of a common practice and is
actually working for basically all other recipes.
This is because we have:
meta/classes-global/base.bbclass:FILESPATH = "${@base_set_filespath(["${FILE_DIRNAME}/${BP}", "${FILE_DIRNAME}/${BPN}", "${FILE_DIRNAME}/files"], d)}"
And FILESEXTRAPATH is handled in base_set_filespath.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
c-ares is an asynchronous resolver library. c-ares is vulnerable
to denial of service. If a target resolver sends a query, the attacker
forges a malformed UDP packet with a length of 0 and returns them to
the target resolver. The target resolver erroneously interprets the 0
length as a graceful shutdown of the connection. This issue has been
patched in version 1.19.1.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-32067https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
pahole need to line up with kernel's architectures bitsize,
so add it to NON_MULTILIB_RECIPES.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
using libbpf-native provided headers for pahole-native or other application.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ensures that we do not apply empty sed expression which might happen
when building native recipe
Cc: jan vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fcdb991b80)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
As per gnulib_2018-03-07 recipe information,
SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3"
This revision was committed on "2018-12-18".
There is a discrepancy between SRCREV and the recipe version.
Which reports "CVE-2018-17942" as unpatched.
To report "CVE-2018-17942" as patched,
We need to align a recipe name with SRCREV commit date.
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9edbe7033c)
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Use sed to change scripts to reference ${baselib}. The
former set of scripts modified was incomplete.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1cc72c41af)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
CCFLAGS is used in Make rules which will ensure file remapping options
are used when compiling
Fixes
WARNING: vlan-1.9-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/vconfig.vlan in package vlan-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 26842ecc3b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Configure emits HAVE_CC variable to be used in sourcecode and its built
from CC env var, CC in OE contains buildpaths in --sysroot option,
therefore edit this option out in configure.ac itself and remove all
other workarounds to fix this issue in recipe
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c0a344ab71)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
it encoded PYTHON variable during build which otherwise points to python
on build host which is not correct for cross compiled packages.
Add missing dependency on python3-core which is needed for ibus-setup
script to run
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fe0e3d77eb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
0001-initialize-GdkDragAction-action-to-0.patch
removed since it's included in 44.1
Changelog:
==========
* Resolve some crashes
* Visual bugfixes:
- Tweak style colors in view items
- Show custom emblems from extensions again
- Relayout SELinux property row
- Flip switches correctly
* Other bugfixes:
- Disable some actions when not useful
- Fix dead characters handling in batch rename dialog
- Fix crashes when rapidly opening and closing windows
- Prevent location change when autofs timeouts
- Fix issues with translations in libadwaita widgets
- Drop workarounds for fixed GTK bugs
- Fix other issues
* Enhancements:
- Dismiss toast on undo
- Select right items after some operations
- Paste into expanded folders
- Allow extraction of .tar.zst and .zstd archives
- Performance optimization
* Translation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0398ebda11)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
bison/flex emits line directives which can be safely removed from
generated files.
agent_version.h is generated by cmake which has build information like
compiler and cflags etc. which contains buildpaths too, therefore
replace real workdir with <WORKDIR>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d2df1e4c4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It points to sh provided by HOSTTOOLS in the build systems path
Fixes
WARNING: lirc-0.10.2-r0 do_package_qa: QA Issue: File /usr/include/lirc/config.h in package lirc-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d112323521)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Sometimes an end user might want to change some values in
/sys/kernel/config/usb_gadget/ at runtime, for instance, a product id
or serial number must be read from /proc/device-tree, and so on.
Support that by letting gadget-start run all scripts in /etc/usbgx.d
after importing the schemas.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Drop hard-coded /usr/bin,/etc from gadget-start.
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Add the execute attribute for sysvinit service file to fix the
below error:
$ service minicoredumper status
minicoredumper: unrecognized service
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d477cbb526)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
