Khem Raj [Tue, 27 Aug 2024 16:26:04 +0000 (09:26 -0700)]
musl: Upgrade to latest tip of trunk
Bring following changes on top of 1.2.5
* dd1e63c3 syslog: revert LOG_FAC/LOG_FACMASK changes
* 008f737d siglongjmp: document why this function just calls longjmp
* 947b4574 inet_ntop: fix the IPv6 leading zero sequence compression
* 50ab8306 dynlink: avoid copying to temp buffer in get_lfs64
* 1b97d006 sys/epoll.h: add epoll ioctls
* ab31e9d6 getusershell: skip blank lines and comments
* 53ac44ff dynlink: fix get_lfs64() with posix_fallocate64
* 895736d4 syslog: fix incorrect LOG_MAKEPRI and LOG_FAC[MASK] macros
* 05ce67fe add renameat2 linux syscall wrapper
* 00799729 fix mismatched type in posix_getdents definition
* cbf59dd6 aarch64 crti.o: fix alignment of _init/_fini
* 84015cee fix typo that broke sys/reg.h and sys/user.h
* 1b0d4851 implement posix_getdents adopted for next issue of POSIX
* 2c124e13 stdint.h: derive limits from __LONG_MAX, use common fast16 types
* 7019fbe1 sys/user.h: derive __WORDSIZE from __LONG_MAX
* e709a6f0 sys/reg.h: derive __WORDSIZE from __LONG_MAX
* 29b216b2 unistd.h: derive ILP32/LP64 macros from __LONG_MAX instead of arch bits
* 0dfa1d8c unify bits/stat.h for all archs sharing a common definition
* ef600888 align aarch64, riscv64, loongarch64 stat structure padding type
* 6f666231 ldso: fix non-functional fix to early dynamic PAGE_SIZE access
* fced99e9 strptime: implement conversion specifiers adopted for next POSIX issue
* 3f9d4224 printf decimal integer formatting: shave off one division
* a23cf8f9 riscv mcontext_t/sigcontext: use __aligned__ instead of aligned
* cbf1c7b6 add missing STATX_ATTR_* macros omitted when statx was added
* 3f49203c initgroups: do not artificially limit number of supplementary groups
* 24ebbbde printf: fix edge case where hex float precision was not honored
* e3b0ace5 complex: fix comment in cacosh
* 9683bd62 math: fix fma(x,y,0) when x*y rounds to -0
* 5370070f fix pwrite/pwritev handling of O_APPEND files
* bdc9a9ff uio.h: add RWF_NOAPPEND flag for pwritev2
* 7ada6dde iconv: fix missing bounds checking for shift_jis decoding
* fd7d0185 add missing inline keyword on default a_barrier definition
* b5121e2e iconv: add aliases for GBK
* ca6f46af iconv: add euro symbol to GBK as single byte 0x80
Khem Raj [Tue, 27 Aug 2024 16:26:03 +0000 (09:26 -0700)]
musl: Update to 1.2.5 release
This release adds extension functions statx and preadv2/pwritev2, with
fallback implementations for older kernels, and adds two new ports:
loongarch64 and riscv32. Minor changes to the printf family of
functions have been made for conformance to new standards
interpretations/requirements. TLSDESC support for riscv64 has also
been added.
Bugs fixed include some DNS issues related to new TCP fallback
functionality, several rare race conditions, potentially incorrect
return value when glob aborts, and several signifiant arch-specific
bugs affecting TLSDESC on arm, riscv64 icache flushing, and sh
sigsetjmp and dlsym RTLD_NEXT. [1]
Do not use https protocol for fetching
Musl author confirms that https protocol is not well supported yet on
musl git host, currently we experience this problem intermittently on
some build hosts where the fetching fails.
fatal: protocol error: bad line length character: erro
WARNING: Failed to fetch URL git://git.etalabs.net/git/musl;branch=master;protocol=https
Patch '0001-utils-Include-libgen.h-on-musl-linux-systems.patch' dropped
because it is now upstream in commit 9c941dfc36.
Add wayland-native and wayland-protocols to DEPENDS to avoid errors
during build.
There's a reproducibility issue being seen on the autobuilder. It
appears that it's a host contamination issue, based on what Richard
replied with in the v3. See: https://lists.openembedded.org/g/openembedded-core/message/203651
Does anyone with more CMake familiarity know how to patch CMakeLists.txt
or the recipe in a way that will fix these errors? I'm not able to see
any of them locally. It's also possible that what I've added to
PACKAGECONFIG is not the right approach for x11 support.
Changelog:
c11c9374c (HEAD -> main, origin/main, origin/HEAD) arb_bindless_texture: test image/sampler constructors f11abb664 Revert "arb_bindless_texture: add another function param bindless test" 045343687 arb_gpu_shader5: add linker version of function overloads test 4b1116f3a arb_bindless_texture: add another function param bindless test 4a62c2672 glsl: test function linking with implicit param conversions 9f280db77 arb_bindless_texture: add basic function param bindless tests 766669895 generated_tests: fix numpy overflow warnings that are errors in numpy 2.0 5214915dc generated_tests: print mako exceptions 41bd119f2 arb_texture_buffer_object: don't leak src strings 582f5490a gl-1.0: Add a test for glPushAttrib/glPopAttrib 647d07250 ext_texture_format_bgra8888: test GL_BGRA8_EXT as well dee2a233f perf: port glsl-compile-time perf-test from mesa demos 18333c568 perf: port vertexrate perf-test from mesa demos e932fa2f5 perf: port vbo perf-test from mesa demos f9cf4788a perf: port teximage perf-test from mesa demos 20ccc1c10 perf: port readpixels perf-test from mesa demos 556a9c96d perf: port genmipmap perf-test from mesa demos 225b6bfb6 perf: port fill perf-test from mesa demos dae4a13f9 perf: port fbobind perf-test from mesa demos cd0f812b3 perf: port copytex perf-test from mesa demos fdf3fc09d cl: add missing errors 01b64dd06 glsl-1.10: test a complex partial unroll scenario cf8daaf5b glsl-bug-110796: detect missing ES 3.2 support using EGL_BAD_MATCH 30d34daf7 glsl-bug-110796: distinguish which context creation failed 3ea14414a Sync .mailmap from Mesa 7accec34a glsl-bug-110796: check for GL ES 3.2 support 12ebd71c7 egl-terminate-then-unbind-context: simplify 69bc38a77 egl_khr_create_context: improve skip reporting 209becf6d arb_blend_func_extended: simplify MAX_DUAL_SOURCE_DRAW_BUFFERS detection 800abe232 arb_blend_func_extended: gles: follow the specification requirements 1cad6ee20 arb_texture_multisample: require geometry shaders 59bdc8c4e egl: missing EGLconfig isn't stderr material cee2190b5 ext_external_objects: avoid stderr when we skip the test 8cbefab52 util: remove handwritten defines and drop FIXME 11e7aa044 texsubimage: fix low bpp formats by expecting less than 8 bits of precision e180f9623 Use GBM_LDFLAGS to get all options 3bddb36e8 fix vk_vert_buf_reuse cleanup 8f6e71975 arb_texture_view: test for NaN in more cases 446c20f3e ext_direct_state_access: Fix deprecated-non-prototype warnings 8a6ce9c6f arb_fragment_layer_viewport: don't test out-of-range gl_Layer values 8d5af6c51 glsl-1.30: Test uint to float conversion of sign extended value 7aa7bc1b0 arb_draw_buffers_blend: Fix deprecated-non-prototype warnings 3d3a20a2b arb_sample_shading: do not actually run mask_in_one if it's not supported 759cc6454 clear-stencil: new test to check for problems clearing stencils 2c64a91bb read_depth_offset: new test to check depth offset calculation 869a1b6e8 replayer: create bin/ everytime 9be2db198 Reduce precision in depth clear precision check 7f40f35a3 Add float from half function f7ece74a1 tests/gbm: Add gbm_device_get_fd() test fd4a6c521 wayland: Add Wayland dmabuf driver-name test df0d0ae79 conversion-explicit: use a different value for normalized +/- min a482803ac cmake: if we specify PIGLIT_BUILD_GL_TESTS OPENGL_FOUND is always true 67b89b3e3 README: recommend Ninja by default and switch to cmake --build efd111853 cmake: build is compatible up to 3.28 e84aca9b5 cmake: add workaround for CMP0148 2e70ca91e README: ccmake is not that common, regular cmake is enough to build e39ba99e5 README: update requirements d945707b9 cmake: WGL doesn't need Waffle, pass the definition without it 938a9dc9f cmake: remove this 12 years old workaround taking too many lines 7e5ca052d cmake: implement switch for the EGL tests and simplify test conditions cd9d15364 cmake: make PIGLIT_BUILD_DMA_BUF_TESTS aligned with GBM dependency 4af47af27 cmake: depend on WGL_TESTS being enabled to build WGL a222d50bb cmake: implement GBM and Wayland controls 4230c7e9f cmake: fix unusually formated statement d958b70d1 cmake: implement X11 option (required for GLX) 4319b9fc8 cmake: move GLX and WGL option to the beggining of the file 44e1c29bf cmake: move first batch of option() at the beggining of the file 96241ea22 cmake: rename default values with prefix DEFAULT_ 21374d8d3 cmake: move defaults into the per-platform section 86d3f1132 cmake: predefine defaults depending on the system 381221a81 cmake: drop unused CMP0042 policy 99eade7cd cmake: respect indentation dd6f7eaf8 texturing: add a test for GPU/CPU sync when creating textures 025e462ae util: fix multisample_texture_fs_template f9e26b98b tests: add a test for GL_APPLE_sync b24c834d9 ci: codespell ignore list is lowercase 0a842edd0 more spelling fixes accross the whole codebase 2c473ea73 ci: bump distribution tag 7cd28b970 arb_multisample: Fix bitwise-instead-of-logical warning 19e58247e ext_texture_storage: Fix memory leak on error path d0b5d0c1f arb_internalformat_query2: fix internalformat selection for max_layers subtest 74064b1d4 arb_clear_texture: only test float depth textures when supported 9c941dfc3 properly check for libgen.h c55e22a5c arb_copy_image-formats: avoid undefined behavior 537831d48 intel/ppgtt: Use getpagesize fallback with MinGW b32186ee5 README: add Vulkan into the generic description 1e631479c fix arb_query_buffer_object-qbo to warn on invalid GS results instead of fail 62938a9bc tests: Fix cl test program@execute@builtin@builtin-float-degrees-1.0.generated issue about tolerance.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/lib/oe/sstatesig.py: do not error out if sstate files fail on os.stat()
There's an ongoing issue with the autobuilder NFS:
https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/6463/steps/14/logs/stdio
The file entry exists, but os.stat returns a 'file not found; error. It's not
clear how and why such entries appear, but they do produce printdiff test failures
and should not be relevant in context of the printdiff.
[RP: Move wrapping to get_time() function to cover all cases and add comment] Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jonathan GUILLOT [Thu, 22 Aug 2024 15:24:49 +0000 (17:24 +0200)]
cronie: add inotify PACKAGECONFIG option
By default, cronie inspects crontab modtimes every minute to check for
modications avoiding server restart for them to be taken in account. The
inotify option allows the server to use this mechanism to be directly
notified when a crontab is modified.
Signed-off-by: Jonathan GUILLOT <jonathan@joggee.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Siddharth Doshi [Thu, 22 Aug 2024 16:17:21 +0000 (21:47 +0530)]
wpa-supplicant: Upgrade 2.10 -> 2.11
License-Update:
===============
- README: Change in copyright years as per https://w1.fi/cgit/hostap/commit/README?id=d945ddd368085f255e68328f2d3b020ceea359af
- wpa_supplicant/wpa_supplicant.c: Change in copyright years as per https://w1.fi/cgit/hostap/commit/wpa_supplicant/wpa_supplicant.c?id=d945ddd368085f255e68328f2d3b020ceea359af
create_npm.py duplicated the logic for matching licenses from files and
also finding them. This patch refactors the code to reuse the license
utils. This will make the code more maintainable and also align both
behaviors. For instance, some licenses weren't matched properly because
the duplicate logic did not support the difference in format in the md5
tables for COMMON_LICENSE_DIR and licenses.csv.
This is also faster since the license files were being read twice.
The result is slightly more accurate since the utils have better
implementations, and I was able to reuse the logic for the root PN
package, as well as the base LICENSE variable.
I chose to extract generate_common_licenses_chksums into create.py
since it can be considered a general utility function to allow
other recipetool creators to refer to COMMON_LICENSE_DIR files.
I updated the wording in the code when appropriate.
v3:
- added commit
- this replaces the commit that added all the COMMON_LICENSE_DIR md5
to licenses.csv
Signed-off-by: Enguerrand de Ribaucourt <enguerrand.de-ribaucourt@savoirfairelinux.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The npm recipetool handler redefines the license code the could be
unified. In order to do this refactoring, extract the bits we'll
need into separate functions.
guess_license() is renamed to find_licenses() and is split into
find_license_files() and match_licenses().
Signed-off-by: Enguerrand de Ribaucourt <enguerrand.de-ribaucourt@savoirfairelinux.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
recipetool: create_npm: resolve licenses defined in package.json
Some npm packages do not copy the LICENSE or COPY file into their
git repository. They'll instead simply use SPDX identifiers in their
package.json. A fallback for those repositories attempted to match
the README file to a license file instead, which had a very low
probability of success.
This commit replaces this fallback with parsing the package.json and
looking for the license in COMMON_LICENSE_DIR. If the license is not
found, "Unknown" will still be produced.
This also generates "Unknown" for packages which had no README file,
which could silently not appear in the generated recipe. The user was
more likely to miss them.
Our current emulation mandates that the package.json contains a version
field. Some packages may not provide it when they are not published to
the registry. The actual `npm pack` would allow such packages, so
should we.
This patch adds a default value to allow building such packages.
This applies for instance to this package which doesn't declare a
version:
- https://github.com/cockpit-project/cockpit/blob/23701a555a5af13f998ee4c7526d27fdb5669d63/package.json#L2
v3:
- Split bitbake npmsw.py modification in another commit
Chen Qi [Thu, 22 Aug 2024 09:26:41 +0000 (02:26 -0700)]
util-linux/util-linux-libuuid: upgrade from 2.40.1 to 2.40.2
Upgrade util-linux from 2.40.1 to 2.40.2.
0001-Revert-autotools-make-pam-install-path-configurable.patch
is added to solve a problem of lastlog2 pam module not installed
in the expected location.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ola x Nilsson [Thu, 22 Aug 2024 08:18:16 +0000 (10:18 +0200)]
scons.bbclass: Add scons class prefix to do_configure
While do_compile and do_install already have the scons_ prefix,
do_configure did not. This was most likely an oversight from when it
was converted from do_configure[noexec] = "1".
Signed-off-by: Ola x Nilsson <olani@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
mesa: set PV from the .inc file and not via filenames
This allows automated updates of the recipe together with mesa-gl
variant, and avoids having to check that update submissions
do include mesa-gl file rename.
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These are the release notes:
https://github.com/tukaani-project/xz/releases/
There are also backdoor notes:
https://tukaani.org/xz-backdoor/
"I plan to write an article how the backdoor got into the releases and
what can be learned from this." - that'd be most welcome, as it would
be first hand information that sets the record straight.
And there's a commit by commit review of Jia Tan's contributions:
https://tukaani.org/xz-backdoor/review.html
Add an option for landlock sandbox (off by default as it clashes with running under pseudo).
License-Update: public domain bits were relicensed under 0BSD license
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream no longer publishes them on savannah, e.g.
release announcement for 3.10:
https://lists.gnu.org/archive/html/sysvinit-devel/2024-07/msg00016.html
There's been several new versions since:
https://github.com/slicer69/sysvinit/releases
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Quentin Schulz [Wed, 21 Aug 2024 09:15:56 +0000 (11:15 +0200)]
weston-init: fix weston not starting when xwayland is enabled
When xwayland PACKAGECONFIG option is set, xwayland is enabled in
weston.ini. However, if the xwayland module isn't installed, weston will
refuse to start with the following error message:
Failed to load module: /usr/lib/libweston-13/xwayland.so: cannot open shared object file: No such file or directory
Therefore, whenever the xwayland PACKAGECONFIG is set, weston-init
should depend on weston-xwayland to bring this module in.
Niko Mauno [Wed, 21 Aug 2024 14:07:46 +0000 (14:07 +0000)]
util-linux: Add PACKAGECONFIG option to mitigate rootfs remount error
The 2.39 version of util-linux took new file descriptors based mount
kernel API into use. In relation to this change, the upstream release
notes in
https://github.com/util-linux/util-linux/blob/v2.39/Documentation/releases/v2.39-ReleaseNotes#L14-L21
mention that
This change is very aggressive to libmount code, but hopefully, it does not introduce regressions in traditional mount(8) behavior.
After observing following failure when booting a board using a bit
older 6.1 series kernel together with initramfs rootfs based boot flow
[FAILED] Failed to start Remount Root and Kernel File Systems.
See 'systemctl status systemd-remount-fs.service' for details.
closer inspection revealed:
demoboard ~ # systemctl status -l systemd-remount-fs.service
x systemd-remount-fs.service - Remount Root and Kernel File Systems
Loaded: loaded (/usr/lib/systemd/system/systemd-remount-fs.service; enabled-runtime; preset: disabled)
Active: failed (Result: exit-code) since Wed 2024-08-14 14:53:48 UTC; 1min 22s ago
Docs: man:systemd-remount-fs.service(8)
https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
Process: 76 ExecStart=/usr/lib/systemd/systemd-remount-fs (code=exited, status=1/FAILURE)
Main PID: 76 (code=exited, status=1/FAILURE)
Aug 14 14:53:48 demoboard systemd-remount-fs[76]: /usr/bin/mount for / exited with exit status 32.
Aug 14 14:53:48 demoboard systemd-remount-fs[81]: mount: /: mount point not mounted or bad option.
Aug 14 14:53:48 demoboard systemd-remount-fs[81]: dmesg(1) may have more information after failed mount system call.
Aug 14 14:53:48 demoboard systemd[1]: systemd-remount-fs.service: Main process exited, code=exited, status=1/FAILURE
Aug 14 14:53:48 demoboard systemd[1]: systemd-remount-fs.service: Failed with result 'exit-code'.
Aug 14 14:53:48 demoboard systemd[1]: Failed to start Remount Root and Kernel File Systems.
also consequentially, 'systemctl status' reported:
State: degraded
When issuing 'strace -ff mount -o remount /' the failure occurred at
After further investigation, The issue was pinpointed to lack of Linux
kernel commit
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=95de4ad173ca0e61034f3145d66917970961c210
("fs: relax mount_setattr() permission checks") in the kernel version
that was being used. Above mitigation was discussed in email related to
then-rejected CVE-2024-26821:
https://lore.kernel.org/linux-cve-announce/2024051606-imaging-entrench-b327@gregkh/T/
After testing with qemuarm64 machine different linux-yocto versions,
it was observed that the issue impacts following versions of currently
supported LTS kernels:
- 6.6.17 (fixed since 6.6.18 i.e. mount_setattr() returns 0)
- 6.1.78 (fixed since 6.1.79 i.e. mount_setattr() returns 0)
- 5.15.164 which is currently the newest of 5.15.y series (i.e. no
known working version)
Taking the above findings into consideration, add a new PACKAGECONFIG
option removing which enables users to opt-out from using the feature
which can cause issues with a bit older kernels. The option is enabled
only for class-target here, since it otherwise causes following error
during util-linux-native's do_configure task on Debian 11 build host
(mountfd_api requirement fails):
| configure: error: libmount_mountfd_support selected, but required mount FDs based API not available
Versions 5.10.223, 5.4.279 and 4.10.317 were also tested with qemuarm64
but the issue was not reproduced with those versions - using strace
showed that the mount_setattr call associated with the new mount API
problem was not issued with these LTS kernel versions, which seemed to
be confirmed also by following libmount debug message in these cases:
415: libmount: HOOK: [0x7fa115e818]: failed to init new API
Note: In addition to the aforementioned, this change was tested also
briefly using the current latest kernel versions 6.1.104, 6.6.45 and
6.10.3 that using the old mount API with newest kernels did not
introduce any observable regression to the boot flow.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jon Mason [Thu, 22 Aug 2024 15:09:55 +0000 (11:09 -0400)]
oeqa/runtime/ssh: increase the number of attempts
Under high load, the ssh test is hitting the amount of retries.
Increase it to 20 to avoid this issue. This would increase the maximum
failure time from 50 seconds (5 * 10) to 100 seconds.
Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Siddharth Doshi [Tue, 20 Aug 2024 09:21:42 +0000 (14:51 +0530)]
vim: Upgrade 9.1.0114 -> 9.1.0682
This includes CVE-fix for CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374
Changes between 9.1.0114 -> 9.1.0682
====================================
https://github.com/vim/vim/compare/v9.1.0114...v9.1.0682
Note:
====
Removed patch "vim-add-knob-whether-elf.h-are-checked.patch" as libelf checks are removed from configure.ac as per
commit https://github.com/vim/vim/commit/1acc67ac4412aa9a75d1c58ebf93f2b29585a960
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:42 +0000 (14:51 +0800)]
ttyrun: upgrade 2.33.1 -> 2.34.0
Changes of existing tools:
- ap_tools/ap-check: Add support for vfio-ap dynamic configuration
- dbginfo.sh: Update/Add additional DASD data collection
- dumpconf: Add new parameter 'SCP_DATA' for SCSI/NVMe/ECKD dump
devices
- libutil: Make formatted meta-data configurable
- s390-tools: Replace 'which' with built-in 'command -v'
- zdump/dfi_elf: Support core dumps of vr-kernels
Bug Fixes:
- chzdev: Fix warning about failed ATTR writes by udev
- rust/pv: Try again if first CRL-URI is invalid
- rust/pvattest: Add short option for --arpk
- zdump: Fix 'zgetdump -i' ioctl error on s390 formatted dump file
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:40 +0000 (14:51 +0800)]
sysklogd: upgrade 2.6.0 -> 2.6.1
Changelog:
===========
- Read '.conf' files from include directories sorted alphabetically
- Add extra linefeed to wall messages to ensure they are seen
- Issue #87: segfault on 'SIGTERM', regression from v2.6.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:37 +0000 (14:51 +0800)]
python3-lxml: upgrade 5.2.2 -> 5.3.0
Changelog:
===========
* GH#421: Nested "CDATA" sections are no longer rejected but split on
output to represent "]]>" correctly.
* LP#2060160: Attribute values serialised differently in "xmlfile.element()"
and "xmlfile.write()".
* LP#2058177: The ISO-Schematron implementation could fail on unknown prefixes.
* LP#2067707: The "strip_cdata" option in "HTMLParser()" turned out
to be useless and is now deprecated.
* Binary wheels use the library versions libxml2 2.12.9 and libxslt 1.1.42.
* Windows binary wheels use the library versions libxml2 2.11.8 and libxslt 1.1.39.
* Built with Cython 3.0.11.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:36 +0000 (14:51 +0800)]
python3-hypothesis: upgrade 6.110.1 -> 6.111.1
Changelog:
==========
-improves shrinking in cases involving 'slips' from one strategy to another.
-reduces the range of :class:'python:datetime.datetime' generated by :
func:'~hypothesis.extra.django.from_model' in order to avoid
https://code.djangoproject.com/ticket/35683.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:35 +0000 (14:51 +0800)]
python3-babel: upgrade 2.15.0 -> 2.16.0
Changelog:
=========
- CLDR: Upgrade to CLDR 45
- Lists: Support list format fallbacks
- Messages: Initial support for reading mapping configuration as TOML
- CLDR: Do not allow substituting alternates or drafts in derived locales
- Core: Allow falling back to modifier-less locale data
- Core: Allow use of importlib.metadata for finding entrypoints
- Dates: Avoid crashing on importing localtime when TZ is malformed
- Messages: Allow parsing .po files that have an extant but empty Language
header
- Messages: Fix --ignore-dirs being incorrectly read
- Messages: Make pgettext search plurals when translation is not found
- Replace deprecated ast.Str with ast.Constant
- Test on Python 3.13 beta releases
- Normalize package name to lower-case in setup.py
- Add a mention to the docs that format_skeleton(..., fuzzy=True) may
raise
- Two hyperlinks (to CLDR) and some typos
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:34 +0000 (14:51 +0800)]
pkgconf: upgrade 2.2.0 -> 2.3.0
Changelog:
==========
* Fix compile with Meson on Solaris by defining __EXTENSIONS__.
* Add support for the PKG_CONFIG_RELOCATE_PATHS environmental variable.
When set, the program will act as if --define-prefix is always
enabled.
* Color solution nodes that were part of the original query, and use
that coloring to skip over dependencies when generating DocumentNames
in bomtool.
* Enhance --env option to support variables with both --variable=varname
and --print-variables.
* Add --exists-cflags option which creates synthetic preprocessor
definition flags for every queried dependency when found.
* Document that Requires.private is always used for header paths.
* Fix minor documentation typos.
* Ensure string comparisons using <ctype.h> functions are done with
unsigned bytes to avoid undefined behavior.
* Fix parsing edge-case bugs with dependency versions.
* Change PKG_PROG_PKG_CONFIG autoconf macro to add a customizable
failure handler if pkg-config is not found.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:28 +0000 (14:51 +0800)]
freetype: upgrade 2.13.2 -> 2.13.3
Changelog:
==========
- Some fields in the 'FT_Outline' structure have been changed
from signed to unsigned type, which better reflects the actual
usage.
- Rare double-free crashes in the cache subsystem have been fixed.
- Excessive stack allocation in the autohinter has been fixed.
- The B/W rasterizer has received a major upkeep that results in
large performance improvements.
- If the new configuration option 'TT_CONFIG_OPTION_GPOS_KERNING' is
defined, 'FT_Get_Kerning' understands rudimentary GPOS kerning
(for TrueType fonts only).
- The internal structures 'PS_DesignMap' and 'PS_Blend' related to
parsing of old Multiple Masters fonts have been removed from the
public header file 't1tables.h'.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:27 +0000 (14:51 +0800)]
ethtool: upgrade 6.9 -> 6.10
avoid_parallel_tests.patch
refreshed for 6.10
Changelog:
==========
* Feature: suport for PoE in PSE (--show-pse and --set-pse)
* Feature: add statistics support to tsinfo (-T)
* Feature: add JSON output to base command (no option)
* Feature: add JSON output to EEE info (--show-eee)
* Fix: qsfp: better handling on page 03h read failure (-m)
* Fix: handle zero arguments for module eeprom dump (-m)
* Fix: check for missing arguments in do_srxfh() (-X)
* Misc: compiler warnings in "make check"
* Misc: more descriptive error when JSON output is not available
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:26 +0000 (14:51 +0800)]
erofs-utils: upgrade 1.7.1 -> 1.8.1
Changelog:
==========
- fix unexpected data truncation of large uncompressed files;
- fix decompression errors when using libdeflate compressor;
- fix an out-of-bound memory read issue with kite-deflate.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:24 +0000 (14:51 +0800)]
dnf: upgrade 4.21.0 -> 4.21.1
0005-Do-not-prepend-installroot-to-logdir.patch
refreshed for 4.21.1
Changelog:
==========
- doc: minor formatting and consistency fixes
- Allow local downloads to same downloaddir
- Fix "console" width on non real terminals (pipe)
- Adds checks for container and bootc hosts
- Update bootc hosts message to point to bootc --help
- tests: Use PGP keys without SHA-
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:23 +0000 (14:51 +0800)]
diffoscope: upgrade 272 -> 276
Changelog:
=========
* Also catch RuntimeError when importing PyPDF so that PyPDF or,
crucially, its transitive dependencies do not cause diffoscope to traceback at
runtime and build time.
* Factor out a method for stripping ANSI escapes.
* Strip ANSI escapes from the output of Procyon.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Wang Mingyu [Tue, 20 Aug 2024 06:51:21 +0000 (14:51 +0800)]
btrfs-tools: upgrade 6.9.2 -> 6.10.1
0001-Add-a-possibility-to-specify-where-python-modules-ar.patch
refreshed for 6.10.1
Changelog:
==========
* mkfs: rework --rootdir traversal, skip hardlinks and create new
inodes instead, also warn about them, this did not work as expected and will be
fixed in the future
* receive: search in older trees for UUIDs when detecting clone sources
* libbtrfsutil: bindings available at https://pypi.org/project/btrfsutil
* libbtrfs:
* patchlevel version update 0.1.4
* cleanup in headers, removed unused definitions, no functional changes
* don't ship list.h and rbtree.h
* other:
* documentation updates
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
license_image.bbclass: Rename license-incompatible to license-exception
There is currently both an incompatible-license and a
license-incompatible QA message. This is very confusing.
However, license-incompatible is only used to output a message when a
package is included in an image despite it having a license that is
normally incompatible (by using the INCOMPATIBLE_LICENSE_EXCEPTIONS
variable). To better match how it is used and to distinguish it from
incompatible-license, rename it to license-exception.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marta Rybczynska [Wed, 14 Aug 2024 05:30:39 +0000 (07:30 +0200)]
vex.bbclass: add a new class
The "vex" class generates the minimum information that is necessary
for VEX generation by an external CVE checking tool. It is a drop-in
replacement of "cve-check". It uses the same variables from recipes
to make the migration and backporting easier.
The goal of this class is to allow generation of the CVE list of
an image or distribution on-demand, including the latest information
from vulnerability databases. Vulnerability data changes every day,
so a status generated at build becomes out-of-date very soon.
Research done for this work shows that the current VEX formats (CSAF
and OpenVEX) do not provide enough information to generate such
rolling information. Instead, we extract the needed data from recipe
annotations (package names, CPEs, versions, CVE patches applied...)
and store for later use in the format that is an extension of the
CVE-check JSON output format.
This output can be then used (separately or with SPDX of the same
build) by an external tool to generate the vulnerability annotation
and VEX statements in standard formats.
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marta Rybczynska [Wed, 14 Aug 2024 05:30:37 +0000 (07:30 +0200)]
cve-check: annotate CVEs during analysis
Add status information for each CVE under analysis.
Previously the information passed between different function of the
cve-check class included only tables of patched, unpatched, ignored
vulnerabilities and the general status of the recipe.
The VEX work requires more information, and we need to pass them
between different functions, so that it can be enriched as the
analysis progresses. Instead of multiple tables, use a single one
with annotations for each CVE encountered. For example, a patched
CVE will have:
abbrev-status contains the general status (Patched, Unpatched,
Ignored and Unknown that will be added in the VEX code)
status contains more detailed information that can come from
CVE_STATUS and the analysis.
Additional fields of the annotation include for example the name
of the patch file fixing a given CVE.
We also use the annotation in CVE_STATUS to filter out entries
that do not apply to the given recipe
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Samantha Jalabert <samantha.jalabert@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marta Rybczynska [Wed, 14 Aug 2024 05:30:36 +0000 (07:30 +0200)]
cve-extra-inclusions: encode CPEs of affected packages
Add the new cpe:vendor:product tagging to entries in cve-extra-inclusions, using
product/vendor combinations that are already present in OE-core (usually there
is no specific vendor).
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Marta Rybczynska [Wed, 14 Aug 2024 05:30:35 +0000 (07:30 +0200)]
cve-check: encode affected product/vendor in CVE_STATUS
CVE_STATUS contains assesment of a given CVE, but until now it didn't have
include the affected vendor/product. In the case of a global system include,
that CVE_STATUS was visible in all recipes.
This patch allows encoding of affected product/vendor to each CVE_STATUS
assessment, also for groups. We can then filter them later and use only
CVEs that correspond to the recipe.
This is going to be used in meta/conf/distro/include/cve-extra-exclusions.inc
and similar places.
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Fri, 16 Aug 2024 12:34:29 +0000 (20:34 +0800)]
libsdl2: upgrade 2.30.5 -> 2.30.6
ChangeLog:
* Improved detection of Nintendo Switch Pro controller report mode
* Fixed a rare crash when a controller is disconnected
* Fixed creating a framebuffer with KMSDRM on some systems
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Fri, 16 Aug 2024 19:37:52 +0000 (21:37 +0200)]
populate_sdk_base: inherit nopackages
Since this bbclass sets PACKAGES = "", inherit the nopackages
class to skip the various packaging functions which wouldn't
do anything anyway.
This fixes errors from buildhistory changes where packages-split would be empty.
e.g. meta-toolchain build now fails with:
| DEBUG: Executing shell function buildhistory_list_pkg_files
| find: ".../meta-toolchain/1.0/packages-split/*": No such file or directory
| WARNING: exit code 1 from a shell command.
| DEBUG: Python function buildhistory_emit_pkghistory finished
Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Wed, 14 Aug 2024 18:27:20 +0000 (14:27 -0400)]
python3: skip readline limited history tests
Python 3.12.5 is failing a newer ptest for reading/writing limited
history when editline (default) is set in PACKAGECONFIG. Skip it for now
until a proper fix (if any) is determined.
A bug has been opened upstream: https://github.com/python/cpython/issues/123018
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
