[OE-core] [PATCH] xrandr: upgrade 1.5.1 -> 1.5.2

From: Wang Mingyu Signed-off-by: Wang Mingyu --- .../xorg-app/{xrandr_1.5.1.bb => xrandr_1.5.2.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta/recipes-graphics/xorg-app/{xrandr_1.5.1.bb => xrandr_1.5.2.bb} (75%) diff --git

[OE-core] [PATCH] libxshmfence: upgrade 1.3.1 -> 1.3.2

From: Wang Mingyu Changelog: configure: Use AC_SYS_LARGEFILE to enable large file support Signed-off-by: Wang Mingyu --- .../xorg-lib/{libxshmfence_1.3.1.bb => libxshmfence_1.3.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

[OE-core] [PATCH] libxkbfile: upgrade 1.1.1 -> 1.1.2

From: Wang Mingyu Changelog: configure: Use AC_SYS_LARGEFILE to enable large file support Signed-off-by: Wang Mingyu --- .../xorg-lib/{libxkbfile_1.1.1.bb => libxkbfile_1.1.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

[OE-core] [PATCH] libpng: upgrade 1.6.38 -> 1.6.39

From: Wang Mingyu Changelog: == * Changed the error handler of oversized chunks (i.e. larger than PNG_USER_CHUNK_MALLOC_MAX) from png_chunk_error to png_benign_error. * Fixed a buffer overflow error in contrib/tools/pngfix. * Fixed a memory leak (CVE-2019-6129) in

[OE-core] [PATCH] libxau: upgrade 1.0.10 -> 1.0.11

From: Wang Mingyu Changelog: configure: Use AC_SYS_LARGEFILE to enable large file support Signed-off-by: Wang Mingyu --- .../xorg-lib/{libxau_1.0.10.bb => libxau_1.0.11.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

[OE-core] [PATCH] libpcre2: upgrade 10.40 -> 10.41

From: Wang Mingyu Signed-off-by: Wang Mingyu --- .../libpcre/{libpcre2_10.40.bb => libpcre2_10.41.bb}| 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-support/libpcre/{libpcre2_10.40.bb => libpcre2_10.41.bb} (95%) diff --git

[OE-core] [PATCH] libfontenc: upgrade 1.1.6 -> 1.1.7

From: Wang Mingyu Changelog: configure: Use AC_SYS_LARGEFILE to enable large file support Signed-off-by: Wang Mingyu --- .../xorg-lib/{libfontenc_1.1.6.bb => libfontenc_1.1.7.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename

[OE-core] [kirkstone][PATCH] libxml2: Fix CVE-2022-40303 && CVE-2022-40304

Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0 && https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b Signed-off-by: Hitendra Prajapati --- .../libxml/libxml2/CVE-2022-40303.patch

[OE-core] [kirkstone][PATCH] yocto-check-layer: Allow OE-Core to be tested

From: Richard Purdie For unknown reasons we've never seemingly run the check layer script against OE-Core itself. This isn't entirely straightforward as the core layer is a bit of a special case, we can't for example compare signatures against ourselve and we can't remove core from

Re: [OE-Core][master][PATCH] openssh: remove RRECOMMENDS to rng-tools for sshd package

In the kernel is the jitter entropy system. It should work on all platforms that have high res timers available. (This is the same mechanism that haveged was using before as well. So no change in the RNG quality, just now built into the kernel itself.) The only place we've observed an

[OE-core] [PATCH] sanity: Update minimum python version to 3.8

Bitbake is moving to a minimum python version of 3.8, update OE-Core to match to make things consistent. Signed-off-by: Richard Purdie --- meta/classes-global/sanity.bbclass | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/classes-global/sanity.bbclass

[OE-core] [PATCH] go-crosssdk: avoid host contamination by GOCACHE

From: Robert Andersson By default GOCACHE is set to $HOME/.cache. Same issue for all other go recipes had been fixed by commit 9a6d208b: [ go: avoid host contamination by GOCACHE ] but that commit missed go-crosssdk recipe. Signed-off-by: Robert Andersson Signed-off-by: Ming Liu ---

[OE-core] [PATCH] lib/sstatesig: Drop OEBasic siggen

We're now used to using hashes as part of the task hashes and the sstate code relies on this. The older OEBasic hash approach therefore wouldn't work and can be removed. Signed-off-by: Richard Purdie --- meta/lib/oe/sstatesig.py | 10 -- 1 file changed, 10 deletions(-) diff --git

[OE-core] OE-core CVE metrics for langdale on Sun 11 Dec 2022 03:30:01 AM HST

Branch: langdale New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 13 unpatched CVEs CVE-2022-36227 (CVSS3: 9.8 CRITICAL): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36227 * CVE-2022-37454 (CVSS3: 9.8 CRITICAL): python3:python3-native

[OE-core] OE-core CVE metrics for kirkstone on Sun 11 Dec 2022 03:00:01 AM HST

Branch: kirkstone New this week: 2 CVEs CVE-2022-35260 (CVSS3: 6.5 MEDIUM): curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35260 * CVE-2022-4292 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4292 * Removed this week: 11 CVEs

[OE-core] OE-core CVE metrics for dunfell on Sun 11 Dec 2022 02:30:01 AM HST

Branch: dunfell New this week: 2 CVEs CVE-2022-35260 (CVSS3: 6.5 MEDIUM): curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35260 * CVE-2022-4292 (CVSS3: 7.8 HIGH): vim https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4292 * Removed this week: 19 CVEs

[OE-core] OE-core CVE metrics for master on Sun 11 Dec 2022 02:00:01 AM HST

Branch: master New this week: 0 CVEs Removed this week: 4 CVEs CVE-2022-36227 (CVSS3: 9.8 CRITICAL): libarchive:libarchive-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36227 * CVE-2022-40303 (CVSS3: 7.5 HIGH): libxml2:libxml2-native