[OE-core][dunfell][PATCH] licenses.conf: Add missing LGPLv2.0+ license

Adds LGPLv2.0+ license variation to match LGPLv2+. Signed-off-by: Colin McAllister --- This is a much smaller change that fixes the primary issue I've hit with SPDX generation on Dunfell, where pango_1.46.7 uses "LGPLv2.0+" for a license, which doesn't exist in the SPDXLICENSEMAP

[OE-core][kirkstone][PATCH] common-licenses: Backport missing license

Backports missing license from master to kirkstone. Signed-off-by: Colin McAllister --- .../LGPL-3.0-with-zeromq-exception| 181 ++ 1 file changed, 181 insertions(+) create mode 100644 meta/files/common-licenses/LGPL-3.0-with-zeromq-exception diff --git a/meta

[OE-core][dunfell][PATCH 2/2] licenses.conf: Backport missing licenses

SPDX generation on Dunfell curently runs into issues because some recipes contain licenses that are not supported in licenses.conf. This commit backports licenses added to licenses.conf since Dunfell. Signed-off-by: Colin McAllister --- This patch updates licenses.conf to align with both

[OE-core][dunfell][PATCH 0/2] License backports

The following two changes backport common-licenes added after Dunfell. This fixes spdx generation issues for some recipes on Dunfell that use licenses that are not supported in licenses.conf. Colin McAllister (2): common-licenses: Backport missing licenses licenses.conf: Backport missing

[OE-core] [PATCH] initscripts: Add custom mount args for /var/lib

Adds bitbake variable to set additional mount flags for the /var/lib overlayfs or bind mount when using a read-only root filesystem. This can be used to set additional options like "-o nodev". Signed-off-by: Colin McAllister --- .../initscripts/initscripts-1.0/read-only-rootfs-hook.s

[OE-core] [dunfell][PATCH v4] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.1.0 to fix CVE-2023-5129. Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 + 2 files changed, 365 insertions(+) create mode 100644 meta/recipes-multimedia

[OE-core] [mickledore][PATCH v2] libwebp: Fix CVE-2023-5129

Add patch for Libwebp 1.3.1 to fix CVE-2023-5129. Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.3.1.bb | 4 +- 2 files changed, 367 insertions(+), 1 deletion(-) create mode 100644 meta

[OE-core] [kirkstone][PATCH v4] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.2.4 to fix CVE-2023-5129 Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 + 2 files changed, 365 insertions(+) create mode 100644 meta/recipes-multimedia

[OE-core] [kirkstone][PATCH v3] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.2.4 to fix CVE-2023-5129 Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 + 2 files changed, 365 insertions(+) create mode 100644 meta/recipes-multimedia

[OE-core] [dunfell][PATCH v3] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.1.0 to fix CVE-2023-5129. Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 + 2 files changed, 365 insertions(+) create mode 100644 meta/recipes-multimedia

[OE-core] [kirkstone][PATCH v2] libwebp: Fix CVE-2024-5129

Add patch from libwebp 1.2.4 to fix CVE-2023-5129 Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 + 2 files changed, 365 insertions(+) create mode 100644 meta/recipes-multimedia

[OE-core] [mickledore][PATCH] libwebp: Fix CVE-2023-5129

Add patch for Libwebp 1.3.1 to fix CVE-2023-5129. Signed-off-by: Colin McAllister --- .../webp/files/CVE-2023-5129.patch| 364 ++ meta/recipes-multimedia/webp/libwebp_1.3.1.bb | 4 +- 2 files changed, 367 insertions(+), 1 deletion(-) create mode 100644 meta

Re: [OE-core] [PATCH] libwebp: upgrade 1.3.1 -> 1.3.2

I must not have gotten enough sleep last night. Please disregard this change. From: openembedded-core@lists.openembedded.org on behalf of Colin McAllister via lists.openembedded.org Sent: Tuesday, September 26, 2023 16:38 To: openembedded-core

[OE-core] [nanbield][PATCH] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.3.1 branch to fix CVE-2023-5129. --- .../webp/files/CVE-2023-5129.patch| 361 ++ meta/recipes-multimedia/webp/libwebp_1.3.1.bb | 4 +- 2 files changed, 364 insertions(+), 1 deletion(-) create mode 100644

Re: [OE-core] [dunfell][PATCH] libwebp: Fix CVE-2023-5129

also get a fix for master? It’s bad form to fix a CVE in the stable branches without also fixing master, otherwise it’s possible that security issues appear when you upgrade. Ross > On 26 Sep 2023, at 21:02, Colin McAllister via lists.openembedded.org > wrote: > > Add patch from l

[OE-core] [PATCH] libwebp: upgrade 1.3.1 -> 1.3.2

Upgrades libwebp to the latest version to fix CVE-2023-5129. Change-Id: I061fcda90c7720bc41a575551b399a6f36dfd534 --- .../webp/{libwebp_1.3.1.bb => libwebp_1.3.2.bb} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename meta/recipes-multimedia/webp/{libwebp_1.3.1.bb =>

[OE-core] [kirkstone][PATCH] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.2.4 branch to fix CVE-2023-5129. Change-Id: Id9fd776e81105beba3d37564e83ade816270aedd --- .../webp/files/CVE-2023-5129.patch| 362 ++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 1 + 2 files changed, 363 insertions(+) create mode 100644

[OE-core] [dunfell][PATCH v2] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.1.0 branch to fix CVE-2023-5129. Change-Id: Idaabd9e118fb51a80159a25312000337427e23bf --- .../webp/files/CVE-2023-5129.patch| 362 ++ meta/recipes-multimedia/webp/libwebp_1.1.0.bb | 1 + 2 files changed, 363 insertions(+) create mode 100644

[OE-core] [dunfell][PATCH] libwebp: Fix CVE-2023-5129

Add patch from libwebp 1.1.0 branch to fix CVE-2023-5129. --- .../webp/files/CVE-2023-5129.patch| 362 ++ 1 file changed, 362 insertions(+) create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-5129.patch diff --git