+ adding UPSTREAM_CHECK_GITTAGREGEX because `devtool latest-version` was
going to the 28 release (what still in rc)
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
A flaw was found in the GTK library. Under certain conditions, it is possible for a
library to be injected into a GTK application from the current working directory.
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-6655
Upstream-patch:
3bbf0b6176
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cpuset is a Python application that forms a wrapper around the
standard Linux filesystem calls to make using the cpusets facilities
in the Linux kernel easier. This can be used on linux realtime or
standard linux
Example
cset shield --cpu 2-3
echo c > /proc/irq/287/smp_affinity
irq=`ps | grep -m 1 "irq/287" | awk '{ print $1 }'`
cset shield -s -p $irq --force
chrt -f -p 75 $irq
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
_mask.c is generated by cython and encodes sourcepaths into
comments which are absolute. Edit them out.
Fixes buildpaths QA errors
Signed-off-by: Khem Raj <raj.khem@gmail.com>
pandas 2.2.2 is the first version compatible with numpy 2.0.x.
The package now uses meson as the build backend, so change the recipe to
inherit that.
Its pyproject.toml pins required versions for Cython and meson, but
newer upstream pandas releases are using different versions and
compatibility strings, so just add an OE-specific patch to relax the
requirements a bit for us.
Changelog: https://pandas.pydata.org/pandas-docs/version/2.2.2/whatsnew/v2.2.2.html
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patches for CVE-2021-45444 were applied upstream on 2022-02-12.
The snipped for do_install was taken from
8cc745c38f/debian/rules (L132)
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Psycopg 3 is a modern implementation of a PostgreSQL adapter for Python.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There is no changelog but there are few improvements relevant for the build:
- python3-six and python3-attrs are no longer dependencies
- We can start using python_setuptools_build_meta
- PYPI_PACKAGE doesn't need to be overridden since the default is now the correct ('automat' instead of 'Automat')
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The change in the license file was the update of the year in the copyright
line.
glib-2.0-native and python3-packaging-native (with python3native) is
required to have gdbus-codegen at build time.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This fixes the following issue:
python3[677]: Traceback (most recent call last):
python3[677]: File "/usr/lib/python3.12/site-packages/myownscript.py", line 9, in <module>
python3[677]: from twisted.internet import defer
python3[677]: File "/usr/lib/python3.12/site-packages/twisted/internet/defer.py", line 44, in <module>
python3[677]: import attr
python3[677]: ModuleNotFoundError: No module named 'attr'
Currently python3-attrs is provided indirectly by python3-automat. But when
python3-automat is updated to >= 24.8.1, python3-attrs is no longer indirectly
provided. The twisted recipe must declare the dependency on python3-attrs.
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
drgn is a debugger with an emphasis on programmability
drgn exposes the types and variables in a program
for easy, expressive scripting in Python.
Drgn depends on:
1. python3
2. elfutils
3. openmp
a. clang toolchain should use libomp(openmp)
from meta-clang
b. gnu gcc toolchain should use libgomp(gcc-runtime)
from openembedded-core
The build requires:
1. setuptools
2. automake
3. autoconf
4. libtool
5. pkgconf
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
vdpauinfo is a command-line tool that can query the capabilities
of the system's VDPAU implementation.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Due to the scope of supported BSPs by qemu-user is limited, such
as a segment fault on armv9 after qemu apply commit [target/arm:
Convert LDAPR/STLR (imm) to decodetree][1]
```
|tmp-glibc/work/neoversen2-crypto-wrs-linux/nodejs/20.5.1/node-v20.5.1/out/
Release/v8-qemu-wrapper.sh: line 7: 3179613 Segmentation fault (core dumped)
PSEUDO_UNLOAD=1 qemu-aarch64 -r 5.15 -L tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot -E LD_LIBRARY_PATH=tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot/usr/lib64:tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot/usr/lib64 "$@"
```
Upstream nodejs have cross compile support, but it needs host and target
have same bit width (e.g. a x86_64 host targeting arrch64 to produce a
64-bit binary). So:
1. If host and target have different bit width, build with QEMU user as usual;
2. If host and target have same bit width, enable notejs cross compile support:
- The build tools of nodejs is GYP[2], set CC_host, CFLAGS_host,
CXX_host, CXXFLAGS_host, LDFLAGS_host, AR_host for host build
which is separated with target build [3]
- Satisfy layer compatibility, set GYP variables in prefuncs of do_configure,
do_compile and do_install other than in recipe parsing
- Add missing native packages to fix library missing on host build
- Rework libatomic.patch, explicitly link to libatomic for clang
conditionally
[1] 2521b6073b
[2] https://github.com/nodejs/node-gyp
[3] https://github.com/nodejs/node-gyp/blob/main/gyp/docs/UserDocumentation.md#cross-compiling
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
File conflicts between attempted installs of mariadb and lib32-mariadb
Signed-off-by: Guocai He <guocai.he.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ConditionPathExists is set to /etc/usb-debugging-enabled as part of meta-oe/recipes-devtools/android-tools/android-tools/android-tools-adbd.service file. However, in meta-oe/dynamic-layers/selinux/recipes-devtool/android-tools/android-tools/android-tools-adbd.service file ConditionPathExists is set to /var/usb-debugging-enabled
This causes an internal inconsistency between selinux-enabled and -disabled configurations.
Hence, change ConditionPathExists=/var/usb-debugging-enabled to ConditionPathExists=/etc/usb-debugging-enabled
Reported-by: @lumag
nftables has a pyproject.toml file since v1.0.9, c.f.
https://git.netfilter.org/nftables/commit/?id=8e603e0f7eec7c0000344a004228a30fbf0ece5c
Styhead has started to complain when a recipe inherits setuptools3 and a
proper pyproject.toml is provided in sources.
This uses python_pep517 functions instead of the setuptools3 ones,
inherits the proper class (still using setuptools3 but through pep517
process).
Notably, the python PACKAGECONFIG has its build dependency on
python3-setuptools-native removed as it's brought in by
python_setuptools_build_meta inherit, which is performed whenever the
python PACKAGECONFIG is selected. This avoids a "duplicate" but no
change in behavior is expected.
This was only build tested.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Apply some suggestions from oe-stylize.py and sort configure options
alphabetically, and remove stale version comment line which has not
been updated for some time.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
According to https://github.com/OpenSC/OpenSC/wiki#license OpenSC is
licensed under LGPL-2.1 or later, which seems to be affirmed also by
the comments in the source code files, as well as the COPYING file.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This helps us to also get rid of associated RDEPENDS declaration which
implicitly pulled readline to rootfs, even configure resolved readline
as not enabled.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Commit da68f807bd added the symlink .so
path to FILES:${PN}-dev to fix QA error, complement the operation by
removing identical line from FILES:${PN}
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
A flaw was found in the Poppler's Pdfinfo utility. This issue
occurs when using -dests parameter with pdfinfo utility. By
using certain malformed input files, an attacker could cause
the utility to crash, leading to a denial of service.
CVE-2024-6239-0002 is the CVE fix and CVE-2024-6239-0001 is
dependent commit to fix the CVE.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-6239
Upstream patch:
0554731052fc1c711cb5
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Dependencies:
In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required.
This version adds a new feature which is required by the security fix in this release.
Security fixes:
Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87)
Documentation:
Mark the 1.12.x and 1.10.x branches as end-of-life (#5352)
Other bug fixes:
Fix several memory leaks (#5883, #5884)
Internal changes:
Record a log file when running build-time tests with AddressSanitizer (#5884)
Add initial suppressions file for AddressSanitizer (#5884)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
commit f6d27810b4f48562a06ce5006b1559378f30c99c
Author: Jason Schonberg <schonm@gmail.com>
Date: Mon Aug 19 00:26:48 2024 -0400
Changelog:
https://webmin.com/changelog/webmin-2.202-released/
Modified net-generic.patch to update a hardcoded version number to avoid
patch fuzz.
webmin: upgrade 2.111 -> 2.202
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* broken since
https://github.com/openembedded/meta-openembedded/pull/859
which moved the files from ${sysconfdir} which is packaged
in ${PN} by default into ${datadir} which isn't packaged causing:
ERROR: QA Issue: polkit-group-rule-network: Files/directories were installed but not shipped in any package:
/usr
/usr/share
/usr/share/polkit-1
/usr/share/polkit-1/rules.d
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
polkit-group-rule-network: 4 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This new version installs /usr/share/snmp/mibs/gpsd/GPSD-MIB which is
packaged in a new package gpsd-snmp.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It does not build in a reproducible way that is now enforced by
yocto project. Fails with
WARNING: fluentbit-1.9.9-r0 do_package_qa: QA Issue: File /usr/bin/.debug/td-agent-bit in package fluentbit-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pass systemdsystemunitdir and systemduserunitdir to set correct directories
instead of using libdir from:
meson.build:systemd_base_path = join_paths(libdir, 'systemd')
which is wrong e.g. with multilib where libdir might be /usr/lib64 instead of
usr/lib used in ${nonarch_base_libdir} which is used by systemd_* variables:
export systemd_system_unitdir="/usr/lib/systemd/system"
export systemd_user_unitdir="/usr/lib/systemd/user"
fixes:
ERROR: Didn't find service unit 'blueman-mechanism.service', specified in SYSTEMD_SERVICE:blueman.
* inherit python3targetconfig to install into right python site-packages
without this it installs into
/usr/lib/python3.12/site-packages/
instead of /usr/lib64/python3.12/site-packages set in PYTHON_SITEPACKAGES_DIR
variable used in FILES, causing
blueman: 295 installed and not shipped files. [installed-vs-shipped]
# $PYTHON_SITEPACKAGES_DIR
# set oe-core/meta/classes-recipe/python3-dir.bbclass:11
# "${libdir}/${PYTHON_DIR}/site-packages"
PYTHON_SITEPACKAGES_DIR="/usr/lib64/python3.12/site-packages"
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
