[OE-core][dunfell 00/11] Patch review

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2031

except for a known autobuilder intermittent issue on qemuppc which passed on
subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/63/builds/3261

The following changes since commit d044d9c0cb672c499059eb273e399ce4aee17e0d:

  image,populate_sdk_base: move 'func' flag setting for sdk command vars (2021-04-02 04:21:56 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (3):
  selftest/reproducible: enable world reproducibility test
  selftest/reproducible: add an exclusion list for items that are not
    yet reproducible
  selftest/reproducible: track unusued entries in the exclusion list

Guillaume Champagne (1):
  image-live.bbclass: optional depends when ROOTFS empty

Mike Crowe (1):
  curl: Patch CVE-2021-22876 & CVE-2021-22890

Peter Morrow (2):
  goarch: map target os to windows for mingw* TARGET_OS
  go_1.14: don't set -buildmode=pie when building for windows targets

Richard Purdie (3):
  selftest/reproducible: Sort the unused exclusion list
  diffoscope: Upgrade 136 -> 168
  diffoscope: Upgrade 168 -> 172

Steve Sakoman (1):
  selftest/reproducible: adjust exclusion list for dunfell

 meta/classes/go.bbclass                       |   8 +-
 meta/classes/goarch.bbclass                   |   2 +
 meta/classes/image-live.bbclass               |   2 +-
 meta/lib/oeqa/selftest/cases/reproducible.py  |  80 ++-
 meta/recipes-devtools/go/go_1.14.bb           |   8 +-
 .../curl/curl/CVE-2021-22876.patch            |  59 +++
 .../curl/curl/CVE-2021-22890.patch            | 464 ++++++++++++++++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   2 +
 .../{diffoscope_136.bb => diffoscope_172.bb}  |  15 +-
 9 files changed, 620 insertions(+), 20 deletions(-)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22876.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22890.patch
 rename meta/recipes-support/diffoscope/{diffoscope_136.bb => diffoscope_172.bb} (46%)

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3112

The following changes since commit da3bd5e0934b6462ae53225a58305235849b32d5:

  asciidoc: properly detect and compare Python versions >= 3.10 (2022-01-09 06:49:29 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Akash Hadke (1):
  glibc: Add fix for data races in pthread_create and TLS access

Alexander Kanavin (1):
  parselogs: add a couple systemd false positives

Anuj Mittal (1):
  xserver-xorg: update CVE_PRODUCT

Konrad Weihmann (1):
  cve-check: add lockfile to task

Mingli Yu (1):
  wic: use shutil.which

Ricardo Ribalda Delgado (1):
  wic: misc: Do not find for executables in ASSUME_PROVIDED

Richard Purdie (1):
  expat: Update HOMEPAGE to current url

Ross Burton (2):
  cve-update-db-native: use fetch task
  xserver-xorg: whitelist two CVEs

Steve Sakoman (2):
  valgrind: skip flakey ptest (gdbserver_tests/hginfo)
  oeqa/selftest/cases/tinfoil.py: increase timeout 60->120s
    test_wait_event

 meta/classes/cve-check.bbclass                |   3 +-
 meta/lib/oeqa/runtime/cases/parselogs.py      |   2 +
 meta/lib/oeqa/selftest/cases/tinfoil.py       |   4 +-
 meta/recipes-core/expat/expat_2.2.9.bb        |   2 +-
 ...ate-slotinfo-to-avoid-use-after-free.patch |  66 +++++
 ...hread_create-and-TLS-access-BZ-19329.patch | 191 ++++++++++++
 ...d-atomics-for-racy-accesses-BZ-19329.patch | 206 +++++++++++++
 .../0033-elf-Add-test-case-for-BZ-19329.patch | 144 +++++++++
 ...elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch | 180 ++++++++++++
 ...-lazy-relocation-of-tlsdesc-BZ-27137.patch |  56 ++++
 ...-lazy-relocation-of-tlsdesc-BZ-27137.patch | 124 ++++++++
 ...ock-between-pthread_create-and-ctors.patch | 276 ++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.31.bb         |   8 +
 .../recipes-core/meta/cve-update-db-native.bb |   9 +-
 .../valgrind/valgrind/remove-for-aarch64      |   1 +
 .../valgrind/valgrind/remove-for-all          |   1 +
 .../xorg-xserver/xserver-xorg.inc             |  10 +-
 scripts/lib/wic/engine.py                     |   6 +-
 scripts/lib/wic/misc.py                       |  16 +-
 scripts/wic                                   |   4 +-
 20 files changed, 1292 insertions(+), 17 deletions(-)
 create mode 100644 meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3141

The following changes since commit 01f256bc72fb45c80b6a6c77506bc4c375965a3a:

  glibc: Add fix for data races in pthread_create and TLS access (2022-01-12 04:37:31 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.169
  linux-yocto/5.4: update to v5.4.170
  linux-yocto/5.4: update to v5.4.171
  linux-yocto/5.4: update to v5.4.172
  kernel: introduce python3-dtschema-wrapper

Kai Kang (1):
  speex: fix CVE-2020-23903

Marek Vasut (1):
  Revert "weston: Use systemd notify,"

Richard Purdie (1):
  lttng-tools: Add missing DEPENDS on bison-native

Steve Sakoman (3):
  expat fix CVE-2022-22822 through CVE-2022-22827
  expat: fix CVE-2021-45960
  expat: fix CVE-2021-46143

 meta/conf/distro/include/maintainers.inc      |   1 +
 .../expat/expat/CVE-2021-45960.patch          |  65 +++++
 .../expat/expat/CVE-2021-46143.patch          |  43 +++
 .../expat/expat/CVE-2022-22822-27.patch       | 257 ++++++++++++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   3 +
 .../wayland/weston-init/weston-start          |  12 -
 .../wayland/weston-init/weston@.service       |   6 -
 .../weston/systemd-notify.weston-start        |   9 -
 .../wayland/weston/xwayland.weston-start      |   3 +-
 meta/recipes-graphics/wayland/weston_8.0.0.bb |   6 -
 .../python3-dtschema-wrapper/dt-doc-validate  |  20 ++
 .../dtc/python3-dtschema-wrapper/dt-mk-schema |  20 ++
 .../dtc/python3-dtschema-wrapper/dt-validate  |  20 ++
 .../dtc/python3-dtschema-wrapper_2021.10.bb   |  17 ++
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../lttng/lttng-tools_2.11.5.bb               |   2 +-
 .../speex/speex/CVE-2020-23903.patch          |  30 ++
 meta/recipes-multimedia/speex/speex_1.2.0.bb  |   4 +-
 20 files changed, 500 insertions(+), 54 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-45960.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-46143.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
 delete mode 100644 meta/recipes-graphics/wayland/weston/systemd-notify.weston-start
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb
 create mode 100644 meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch

-- 
2.25.1

[OE-core][dunfell 01/11] expat fix CVE-2022-22822 through CVE-2022-22827

[Steve Sakoman]

xmlparse.c has multiple integer overflows. The involved functions are:

- addBinding (CVE-2022-22822)
- build_model (CVE-2022-22823)
- defineAttribute (CVE-2022-22824)
- lookup (CVE-2022-22825)
- nextScaffoldPart (CVE-2022-22826)
- storeAtts (CVE-2022-22827)

Backport patch from:
https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e

CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../expat/expat/CVE-2022-22822-27.patch       | 257 ++++++++++++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   1 +
 2 files changed, 258 insertions(+)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-22822-27.patch

diff --git a/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
new file mode 100644
index 0000000000..e569fbc7ab
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
@@ -0,0 +1,257 @@
+From 9f93e8036e842329863bf20395b8fb8f73834d9e Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Thu, 30 Dec 2021 22:46:03 +0100
+Subject: [PATCH] lib: Prevent integer overflow at multiple places
+ (CVE-2022-22822 to CVE-2022-22827)
+
+The involved functions are:
+- addBinding (CVE-2022-22822)
+- build_model (CVE-2022-22823)
+- defineAttribute (CVE-2022-22824)
+- lookup (CVE-2022-22825)
+- nextScaffoldPart (CVE-2022-22826)
+- storeAtts (CVE-2022-22827)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e
+
+CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ expat/lib/xmlparse.c | 153 ++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 151 insertions(+), 2 deletions(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index 8f243126..575e73ee 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3261,13 +3261,38 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+ 
+   /* get the attributes from the tokenizer */
+   n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts);
++
++  /* Detect and prevent integer overflow */
++  if (n > INT_MAX - nDefaultAtts) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   if (n + nDefaultAtts > parser->m_attsSize) {
+     int oldAttsSize = parser->m_attsSize;
+     ATTRIBUTE *temp;
+ #ifdef XML_ATTR_INFO
+     XML_AttrInfo *temp2;
+ #endif
++
++    /* Detect and prevent integer overflow */
++    if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE)
++        || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) {
++      return XML_ERROR_NO_MEMORY;
++    }
++
+     parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE;
++
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) {
++      parser->m_attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts,
+                                 parser->m_attsSize * sizeof(ATTRIBUTE));
+     if (temp == NULL) {
+@@ -3276,6 +3301,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+     }
+     parser->m_atts = temp;
+ #ifdef XML_ATTR_INFO
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#  if UINT_MAX >= SIZE_MAX
++    if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) {
++      parser->m_attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#  endif
++
+     temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo,
+                                     parser->m_attsSize * sizeof(XML_AttrInfo));
+     if (temp2 == NULL) {
+@@ -3610,9 +3646,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+   tagNamePtr->prefixLen = prefixLen;
+   for (i = 0; localPart[i++];)
+     ; /* i includes null terminator */
++
++  /* Detect and prevent integer overflow */
++  if (binding->uriLen > INT_MAX - prefixLen
++      || i > INT_MAX - (binding->uriLen + prefixLen)) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   n = i + binding->uriLen + prefixLen;
+   if (n > binding->uriAlloc) {
+     TAG *p;
++
++    /* Detect and prevent integer overflow */
++    if (n > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char));
+     if (! uri)
+       return XML_ERROR_NO_MEMORY;
+@@ -3708,6 +3766,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+   if (parser->m_freeBindingList) {
+     b = parser->m_freeBindingList;
+     if (len > b->uriAlloc) {
++      /* Detect and prevent integer overflow */
++      if (len > INT_MAX - EXPAND_SPARE) {
++        return XML_ERROR_NO_MEMORY;
++      }
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++        return XML_ERROR_NO_MEMORY;
++      }
++#endif
++
+       XML_Char *temp = (XML_Char *)REALLOC(
+           parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE));
+       if (temp == NULL)
+@@ -3720,6 +3793,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+     b = (BINDING *)MALLOC(parser, sizeof(BINDING));
+     if (! b)
+       return XML_ERROR_NO_MEMORY;
++
++    /* Detect and prevent integer overflow */
++    if (len > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     b->uri
+         = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE));
+     if (! b->uri) {
+@@ -6141,7 +6229,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata,
+       }
+     } else {
+       DEFAULT_ATTRIBUTE *temp;
++
++      /* Detect and prevent integer overflow */
++      if (type->allocDefaultAtts > INT_MAX / 2) {
++        return 0;
++      }
++
+       int count = type->allocDefaultAtts * 2;
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) {
++        return 0;
++      }
++#endif
++
+       temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts,
+                                           (count * sizeof(DEFAULT_ATTRIBUTE)));
+       if (temp == NULL)
+@@ -6792,8 +6897,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize) {
+     /* check for overflow (table is half full) */
+     if (table->used >> (table->power - 1)) {
+       unsigned char newPower = table->power + 1;
++
++      /* Detect and prevent invalid shift */
++      if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) {
++        return NULL;
++      }
++
+       size_t newSize = (size_t)1 << newPower;
+       unsigned long newMask = (unsigned long)newSize - 1;
++
++      /* Detect and prevent integer overflow */
++      if (newSize > (size_t)(-1) / sizeof(NAMED *)) {
++        return NULL;
++      }
++
+       size_t tsize = newSize * sizeof(NAMED *);
+       NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize);
+       if (! newV)
+@@ -7143,6 +7260,20 @@ nextScaffoldPart(XML_Parser parser) {
+   if (dtd->scaffCount >= dtd->scaffSize) {
+     CONTENT_SCAFFOLD *temp;
+     if (dtd->scaffold) {
++      /* Detect and prevent integer overflow */
++      if (dtd->scaffSize > UINT_MAX / 2u) {
++        return -1;
++      }
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) {
++        return -1;
++      }
++#endif
++
+       temp = (CONTENT_SCAFFOLD *)REALLOC(
+           parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD));
+       if (temp == NULL)
+@@ -7212,8 +7343,26 @@ build_model(XML_Parser parser) {
+   XML_Content *ret;
+   XML_Content *cpos;
+   XML_Char *str;
+-  int allocsize = (dtd->scaffCount * sizeof(XML_Content)
+-                   + (dtd->contentStringLen * sizeof(XML_Char)));
++
++  /* Detect and prevent integer overflow.
++   * The preprocessor guard addresses the "always false" warning
++   * from -Wtype-limits on platforms where
++   * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++  if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) {
++    return NULL;
++  }
++  if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) {
++    return NULL;
++  }
++#endif
++  if (dtd->scaffCount * sizeof(XML_Content)
++      > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) {
++    return NULL;
++  }
++
++  const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content)
++                            + (dtd->contentStringLen * sizeof(XML_Char)));
+ 
+   ret = (XML_Content *)MALLOC(parser, allocsize);
+   if (! ret)
diff --git a/meta/recipes-core/expat/expat_2.2.9.bb b/meta/recipes-core/expat/expat_2.2.9.bb
index 4b63ec89db..7740d95db5 100644
--- a/meta/recipes-core/expat/expat_2.2.9.bb
+++ b/meta/recipes-core/expat/expat_2.2.9.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
 
 SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https;branch=master \
            file://CVE-2013-0340.patch \
+           file://CVE-2022-22822-27.patch \
            file://libtool-tag.patch \
          "
 
-- 
2.25.1

[OE-core][dunfell 02/11] expat: fix CVE-2021-45960

[Steve Sakoman]

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more)
places in the storeAtts function in xmlparse.c can lead to realloc
misbehavior (e.g., allocating too few bytes, or only freeing memory).

Backport patch from:
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea

CVE: CVE-2021-45960
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../expat/expat/CVE-2021-45960.patch          | 65 +++++++++++++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |  1 +
 2 files changed, 66 insertions(+)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-45960.patch

diff --git a/meta/recipes-core/expat/expat/CVE-2021-45960.patch b/meta/recipes-core/expat/expat/CVE-2021-45960.patch
new file mode 100644
index 0000000000..523449e22c
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2021-45960.patch
@@ -0,0 +1,65 @@
+From 0adcb34c49bee5b19bd29b16a578c510c23597ea Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Mon, 27 Dec 2021 20:15:02 +0100
+Subject: [PATCH] lib: Detect and prevent troublesome left shifts in function
+ storeAtts (CVE-2021-45960)
+
+Upstream-Status: Backport:
+https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea
+
+CVE: CVE-2021-45960
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+
+---
+ expat/lib/xmlparse.c | 31 +++++++++++++++++++++++++++++--
+ 1 file changed, 29 insertions(+), 2 deletions(-)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index d730f41c3..b47c31b05 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -3414,7 +3414,13 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+   if (nPrefixes) {
+     int j; /* hash table index */
+     unsigned long version = parser->m_nsAttsVersion;
+-    int nsAttsSize = (int)1 << parser->m_nsAttsPower;
++
++    /* Detect and prevent invalid shift */
++    if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) {
++      return XML_ERROR_NO_MEMORY;
++    }
++
++    unsigned int nsAttsSize = 1u << parser->m_nsAttsPower;
+     unsigned char oldNsAttsPower = parser->m_nsAttsPower;
+     /* size of hash table must be at least 2 * (# of prefixed attributes) */
+     if ((nPrefixes << 1)
+@@ -3425,7 +3431,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr,
+         ;
+       if (parser->m_nsAttsPower < 3)
+         parser->m_nsAttsPower = 3;
+-      nsAttsSize = (int)1 << parser->m_nsAttsPower;
++
++      /* Detect and prevent invalid shift */
++      if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) {
++        /* Restore actual size of memory in m_nsAtts */
++        parser->m_nsAttsPower = oldNsAttsPower;
++        return XML_ERROR_NO_MEMORY;
++      }
++
++      nsAttsSize = 1u << parser->m_nsAttsPower;
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) {
++        /* Restore actual size of memory in m_nsAtts */
++        parser->m_nsAttsPower = oldNsAttsPower;
++        return XML_ERROR_NO_MEMORY;
++      }
++#endif
++
+       temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts,
+                                nsAttsSize * sizeof(NS_ATT));
+       if (! temp) {
diff --git a/meta/recipes-core/expat/expat_2.2.9.bb b/meta/recipes-core/expat/expat_2.2.9.bb
index 7740d95db5..a21e59f987 100644
--- a/meta/recipes-core/expat/expat_2.2.9.bb
+++ b/meta/recipes-core/expat/expat_2.2.9.bb
@@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
 
 SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https;branch=master \
            file://CVE-2013-0340.patch \
+           file://CVE-2021-45960.patch \
            file://CVE-2022-22822-27.patch \
            file://libtool-tag.patch \
          "
-- 
2.25.1

[OE-core][dunfell 03/11] expat: fix CVE-2021-46143

[Steve Sakoman]

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an
integer overflow exists for m_groupSize.

Backport patch from:
https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b

CVE: CVE-2021-46143
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../expat/expat/CVE-2021-46143.patch          | 43 +++++++++++++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |  1 +
 2 files changed, 44 insertions(+)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-46143.patch

diff --git a/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
new file mode 100644
index 0000000000..d6bafba0ff
--- /dev/null
+++ b/meta/recipes-core/expat/expat/CVE-2021-46143.patch
@@ -0,0 +1,43 @@
+From 85ae9a2d7d0e9358f356b33977b842df8ebaec2b Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Sat, 25 Dec 2021 20:52:08 +0100
+Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function
+ doProlog (CVE-2021-46143)
+
+---
+ expat/lib/xmlparse.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index b47c31b0..8f243126 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -5046,6 +5046,11 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+       if (parser->m_prologState.level >= parser->m_groupSize) {
+         if (parser->m_groupSize) {
+           {
++            /* Detect and prevent integer overflow */
++            if (parser->m_groupSize > (unsigned int)(-1) / 2u) {
++              return XML_ERROR_NO_MEMORY;
++            }
++
+             char *const new_connector = (char *)REALLOC(
+                 parser, parser->m_groupConnector, parser->m_groupSize *= 2);
+             if (new_connector == NULL) {
+@@ -5056,6 +5061,16 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end,
+           }
+ 
+           if (dtd->scaffIndex) {
++            /* Detect and prevent integer overflow.
++             * The preprocessor guard addresses the "always false" warning
++             * from -Wtype-limits on platforms where
++             * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++            if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) {
++              return XML_ERROR_NO_MEMORY;
++            }
++#endif
++
+             int *const new_scaff_index = (int *)REALLOC(
+                 parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int));
+             if (new_scaff_index == NULL)
diff --git a/meta/recipes-core/expat/expat_2.2.9.bb b/meta/recipes-core/expat/expat_2.2.9.bb
index a21e59f987..757c18c5fa 100644
--- a/meta/recipes-core/expat/expat_2.2.9.bb
+++ b/meta/recipes-core/expat/expat_2.2.9.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
 SRC_URI = "git://github.com/libexpat/libexpat.git;protocol=https;branch=master \
            file://CVE-2013-0340.patch \
            file://CVE-2021-45960.patch \
+           file://CVE-2021-46143.patch \
            file://CVE-2022-22822-27.patch \
            file://libtool-tag.patch \
          "
-- 
2.25.1

[OE-core][dunfell 04/11] speex: fix CVE-2020-23903

[Steve Sakoman]

From: Kai Kang <kai.kang@windriver.com>

Backport patch to fix CVE-2020-23903.

CVE: CVE-2020-23903

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b8f56e5e9eef32c1e01742f913e205d93548de1f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../speex/speex/CVE-2020-23903.patch          | 30 +++++++++++++++++++
 meta/recipes-multimedia/speex/speex_1.2.0.bb  |  4 ++-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch

diff --git a/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch
new file mode 100644
index 0000000000..eb16e95ffc
--- /dev/null
+++ b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch
@@ -0,0 +1,30 @@
+Backport patch to fix CVE-2020-23903.
+
+CVE: CVE-2020-23903
+Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84]
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
+From: Tristan Matthews <tmatth@videolan.org>
+Date: Mon, 13 Jul 2020 23:25:03 -0400
+Subject: [PATCH] wav_io: guard against invalid channel numbers
+
+Fixes #13
+---
+ src/wav_io.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/wav_io.c b/src/wav_io.c
+index b5183015..09d62eb0 100644
+--- a/src/wav_io.c
++++ b/src/wav_io.c
+@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
+    stmp = le_short(stmp);
+    *channels = stmp;
+ 
+-   if (stmp>2)
++   if (stmp>2 || stmp<1)
+    {
+       fprintf (stderr, "Only mono and (intensity) stereo supported\n");
+       return -1;
diff --git a/meta/recipes-multimedia/speex/speex_1.2.0.bb b/meta/recipes-multimedia/speex/speex_1.2.0.bb
index 3a0911d6f8..ea475f0f1b 100644
--- a/meta/recipes-multimedia/speex/speex_1.2.0.bb
+++ b/meta/recipes-multimedia/speex/speex_1.2.0.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \
                     file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50"
 DEPENDS = "libogg speexdsp"
 
-SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz"
+SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \
+           file://CVE-2020-23903.patch \
+           "
 UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar"
 
 SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c"
-- 
2.25.1

[OE-core][dunfell 05/11] linux-yocto/5.4: update to v5.4.169

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

4ca2eaf1d477 Linux 5.4.169
48c76fc53582 phonet/pep: refuse to enable an unbound pipe
a5c6a13e9056 hamradio: improve the incomplete fix to avoid NPD
ef5f7bfa19e3 hamradio: defer ax25 kfree after unregister_netdev
df8f79bcc2e4 ax25: NPD bug when detaching AX25 device
0333eaf38500 hwmon: (lm90) Do not report 'busy' status bit as alarm
bf260ff4a42f hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
f373298e1bf0 pinctrl: mediatek: fix global-out-of-bounds issue
bf04afb6137f mm: mempolicy: fix THP allocations escaping mempolicy restrictions
f5db6bc93494 KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
06c13e039d92 usb: gadget: u_ether: fix race in setting MAC address in setup phase
b0406b5ef4e2 f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
806142c805ca tee: optee: Fix incorrect page free bug
5478b90270a3 ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
1c3d4122bec6 mmc: core: Disable card detect during shutdown
e9db8fc6c7af mmc: sdhci-tegra: Fix switch to HS400ES mode
d9031ce0b071 pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines
c7b2e5850ba6 x86/pkey: Fix undefined behaviour with PKRU_WD_BIT
ddc1d49e10a7 parisc: Correct completer in lws start
8467c8cb94a4 ipmi: fix initialization when workqueue allocation fails
8efd6a3391f7 ipmi: ssif: initialize ssif_info->client early
cd24bafefc17 ipmi: bail out if init_srcu_struct fails
5525d80dc9dd Input: atmel_mxt_ts - fix double free in mxt_read_info_block
737a98d91b07 ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
8df036befbc3 ALSA: drivers: opl3: Fix incorrect use of vp->state
fdaf41977d77 ALSA: jack: Check the return value of kstrdup()
44c743f63dd3 hwmon: (lm90) Drop critical attribute support for MAX6654
4615c9740575 hwmon: (lm90) Introduce flag indicating extended temperature support
c2242478f28d hwmon: (lm90) Add basic support for TI TMP461
d939660eff62 hwmon: (lm90) Add max6654 support to lm90 driver
055ca98d48ba hwmon: (lm90) Fix usage of CONFIG2 register in detect function
a7f95328c6f0 Input: elantech - fix stack out of bound access in elantech_change_report_id()
e12dcd4aa7f4 sfc: falcon: Check null pointer of rx_queue->page_ring
c11a41e26985 drivers: net: smc911x: Check for error irq
5d556b1437e1 fjes: Check for error irq
d7024080db82 bonding: fix ad_actor_system option setting to default
992649b8b168 ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
2460d96c19a8 net: skip virtio_net_hdr_set_proto if protocol already set
621d5536b452 net: accept UFOv6 packages in virtio_net_hdr_to_skb
0b01c51c4f47 qlcnic: potential dereference null pointer of rx_queue->page_ring
685fc8d22489 netfilter: fix regression in looped (broad|multi)cast's MAC handling
79dcbd817615 IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
78874bca4f27 spi: change clk_disable_unprepare to clk_unprepare
0c0ac2547c87 arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
6fa4e2992717 HID: holtek: fix mouse probing
2712816c10b3 serial: 8250_fintek: Fix garbled text for console
51c925a9bccc net: usb: lan78xx: add Allied Telesis AT29M2-AF
8f843cf57202 Linux 5.4.168
0d99b3c6bd39 xen/netback: don't queue unlimited number of packages
8bfcd0385211 xen/netback: fix rx queue stall detection
560e64413b4a xen/console: harden hvc_xen against event channel storms
3e68d099f09c xen/netfront: harden netfront against event channel storms
4ed9f5c511ce xen/blkfront: harden blkfront against event channel storms
192fe5739571 Revert "xsk: Do not sleep in poll() when need_wakeup set"
e281b7199236 net: sched: Fix suspicious RCU usage while accessing tcf_tunnel_info
96a1550a2b43 mac80211: fix regression in SSN handling of addba tx
66aba15a144a rcu: Mark accesses to rcu_state.n_force_qs
b847ecff8507 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
f9f300a92297 ovl: fix warning in ovl_create_real()
ba2a9d8f8ef1 fuse: annotate lock in fuse_reverse_inval_entry()
96f182c9f48b media: mxl111sf: change mutex_init() location
095ad3969b62 xsk: Do not sleep in poll() when need_wakeup set
29e9fdf7b681 ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name
f6e9e7be9b80 Input: touchscreen - avoid bitwise vs logical OR warning
3d45573dfb6e mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO
a19cf6844b50 mac80211: validate extended element ID is present
e070c0c990d7 drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
c9ee8144e409 libata: if T_LENGTH is zero, dma direction should be DMA_NONE
62889094939c timekeeping: Really make sure wall_to_monotonic isn't positive
241d36219aaa USB: serial: option: add Telit FN990 compositions
d2bb4378e2bb USB: serial: cp210x: fix CP2105 GPIO registration
bae7f0808202 usb: xhci: Extend support for runtime power management for AMD's Yellow carp.
3dc6b5f2a4d5 PCI/MSI: Mask MSI-X vectors only on success
c520e7cf82ac PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
ed31692a9758 USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
aae3448b78d9 USB: gadget: bRequestType is a bitfield, not a enum
ad0ed314d616 sit: do not call ipip6_dev_free() from sit_init_net()
c675256a7f13 net: systemport: Add global locking for descriptor lifecycle
2bf888fa4a5c net/smc: Prevent smc_release() from long blocking
56a6ffea18c2 net: Fix double 0x prefix print in SKB dump
027a13973dad net/packet: rx_owner_map depends on pg_vec
699e794c12a3 netdevsim: Zero-initialize memory for new map's value in function nsim_bpf_map_alloc
a97e7dd4b713 ixgbe: set X550 MDIO speed before talking to PHY
8addba6cab94 igbvf: fix double free in `igbvf_probe`
36844e250a2e igb: Fix removal of unicast MAC filters of VFs
bca4a53ea72c soc/tegra: fuse: Fix bitwise vs. logical OR warning
166f0adf7e75 rds: memory leak in __rds_conn_create()
9cb405ee5334 flow_offload: return EOPNOTSUPP for the unsupported mpls action type
066a637d1ce7 net: sched: lock action when translating it to flow_action infra
e7660f9535ad mac80211: fix lookup when adding AddBA extension element
f363af7c7045 mac80211: accept aggregation sessions on 6 GHz
1e6526148149 mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
ceb30f48d817 mac80211: agg-tx: refactor sending addba
eeaf9c0609e0 selftest/net/forwarding: declare NETIFS p9 p10
2252220d9ebb dmaengine: st_fdma: fix MODULE_ALIAS
18203fe17643 selftests: Fix IPv6 address bind tests
b46f0afa74e7 selftests: Fix raw socket bind tests with VRF
7b5596e53125 inet_diag: fix kernel-infoleak for UDP sockets
2c589cf07bd5 inet_diag: use jiffies_delta_to_msecs()
0d80462fbdca sch_cake: do not call cake_destroy() from cake_init()
2fba53ccfb1b s390/kexec_file: fix error handling when applying relocations
b380bf012d2b selftests: net: Correct ping6 expected rc from 2 to 1
ec5c00be7836 clk: Don't parent clks until the parent is fully registered
f83ed203c822 ARM: socfpga: dts: fix qspi node compatible
46b9e29db201 mac80211: track only QoS data frames for admission control
a6f18191c6c1 arm64: dts: rockchip: fix audio-supply for Rock Pi 4
86f2789e3c15 arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
4bb01424330d arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from rk3399-khadas-edge
e0759696de68 nfsd: fix use-after-free due to delegation race
7243aa71509a iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda
0d3277eabd54 audit: improve robustness of the audit queue handling
501ecd90efdc dm btree remove: fix use after free in rebalance_children()
b25e213522f6 recordmcount.pl: look for jgnop instruction as well as bcrl on s390
c0954f1010ad virtio_ring: Fix querying of maximum DMA mapping size for virtio device
802a1a850156 firmware: arm_scpi: Fix string overflow in SCPI genpd driver
33f0dfab3187 mac80211: send ADDBA requests using the tid/queue of the aggregation session
873e664a83ef mac80211: mark TX-during-stop for TX in in_reconfig
ff3e3fdc737a KVM: selftests: Make sure kvm_create_max_vcpus test won't hit RLIMIT_NOFILE

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index b7a7cbcbe3..7926ddc3c5 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "2bddc20729f986e46ba5b802fa6ce8716ee34506"
-SRCREV_meta ?= "ff304dbaec03398dc510602800b19d28b7c82927"
+SRCREV_machine ?= "66f69e8b3cc56e22c8b78f3141fd736fc1c5859b"
+SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.167"
+LINUX_VERSION ?= "5.4.169"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index a2db551ccb..60f13669e1 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.167"
+LINUX_VERSION ?= "5.4.169"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "e8825a1df3d08af26acf8fc2ddb140c40aa233f4"
-SRCREV_machine ?= "b9dbced11f660908cec12d5e1339bbff0ac28d59"
-SRCREV_meta ?= "ff304dbaec03398dc510602800b19d28b7c82927"
+SRCREV_machine_qemuarm ?= "092520553603d101c48aafd95aac45f5f455882a"
+SRCREV_machine ?= "d44538a3be2f25dc1c768d0ed31d18af18cc2aee"
+SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 6571b5ead5..0e8fe724e3 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "6669d1a2f103a3275306cde2486a0c133ab288a4"
-SRCREV_machine_qemuarm64 ?= "0727e136f0c04aac28ee442d1a5b208d41021c00"
-SRCREV_machine_qemumips ?= "ec2a556c8c4bea3c26d85d9097fcb7bc37d9b470"
-SRCREV_machine_qemuppc ?= "dc1f229c713f712f3e29a8f3a20e45120aeccf2a"
-SRCREV_machine_qemuriscv64 ?= "6244469059318276e2ffca54f85ecd3d13cd6756"
-SRCREV_machine_qemux86 ?= "6244469059318276e2ffca54f85ecd3d13cd6756"
-SRCREV_machine_qemux86-64 ?= "6244469059318276e2ffca54f85ecd3d13cd6756"
-SRCREV_machine_qemumips64 ?= "ec66f75ec62c5b2f576b98dcfd7dc870643590da"
-SRCREV_machine ?= "6244469059318276e2ffca54f85ecd3d13cd6756"
-SRCREV_meta ?= "ff304dbaec03398dc510602800b19d28b7c82927"
+SRCREV_machine_qemuarm ?= "69471f4c5c895fe6ccef696800c7ef2bda3ad2fd"
+SRCREV_machine_qemuarm64 ?= "e0b9164ac4b0d53e7bd42bf1d2322eb5ce462d68"
+SRCREV_machine_qemumips ?= "7bf5ddb8e9ae1284cb4e02bed7f9429bec0b39c4"
+SRCREV_machine_qemuppc ?= "b0054e5e7451561a7c6a6d6a401395fbd0395801"
+SRCREV_machine_qemuriscv64 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
+SRCREV_machine_qemux86 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
+SRCREV_machine_qemux86-64 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
+SRCREV_machine_qemumips64 ?= "e8483ea124a1715790eba584ee2ad8aac1e15edf"
+SRCREV_machine ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
+SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.167"
+LINUX_VERSION ?= "5.4.169"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 06/11] linux-yocto/5.4: update to v5.4.170

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

047dedaa38ce Linux 5.4.170
2c3920c58e03 perf script: Fix CPU filtering of a script's switch events
fe5838c22b98 net: fix use-after-free in tw_timer_handler
46556c4ecd63 Input: spaceball - fix parsing of movement data packets
975774ea7528 Input: appletouch - initialize work before device registration
436f6d0005d6 scsi: vmw_pvscsi: Set residual data length conditionally
103b16a8c51f binder: fix async_free_space accounting for empty parcels
98cde4dd5ec8 usb: mtu3: set interval of FS intr and isoc endpoint
585e2b244dda usb: mtu3: fix list_head check warning
50434eb6098f usb: mtu3: add memory barrier before set GPD's HWO
240fc586e83d usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
20d80640fa61 xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
b364fcef9615 uapi: fix linux/nfc.h userspace compilation errors
245c5e43cd25 nfc: uapi: use kernel size_t to fix user-space builds
9e4a3f47eff4 i2c: validate user data in compat ioctl
a7d3a1c6d9d9 fsl/fman: Fix missing put_device() call in fman_port_probe
2dc95e936414 net/ncsi: check for error return from call to nla_put_u32
ef01d63140f5 selftests/net: udpgso_bench_tx: fix dst ip argument
20f6896787c5 net/mlx5e: Fix wrong features assignment in case of error
b85f87d30dba ionic: Initialize the 'lif->dbid_inuse' bitmap
1cd4063dbc91 NFC: st21nfca: Fix memory leak in device probe and remove
44cd64aa1c43 net: lantiq_xrx200: fix statistics of received bytes
3477f4b67ee4 net: usb: pegasus: Do not drop long Ethernet frames
831de271452b sctp: use call_rcu to free endpoint
3218d6bd6195 selftests: Calculate udpgso segment count without header adjustment
0a2e9f6a8f33 udp: using datalen to cap ipv6 udp max gso segments
db484d35a948 net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
cc926b8f4d39 scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
44937652afdb selinux: initialize proto variable in selinux_ip_postroute_compat()
b536e357e73c recordmcount.pl: fix typo in s390 mcount regex
8d86b486e0de memblock: fix memblock_phys_alloc() section mismatch error
4606bfdaeb16 platform/x86: apple-gmux: use resource_size() with res
930d4986a432 tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
7978ddae240b Input: i8042 - enable deferred probe quirk for ASUS UM325UA
f93d5dca7d84 Input: i8042 - add deferred probe support
940e68e57ab6 tee: handle lookup of shm with reference count 0
4b38b12092b4 HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 7926ddc3c5..9832de5880 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "66f69e8b3cc56e22c8b78f3141fd736fc1c5859b"
-SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
+SRCREV_machine ?= "693f365a839705814228d4d7a9fb362285af3542"
+SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.169"
+LINUX_VERSION ?= "5.4.170"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 60f13669e1..c5e6e16357 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.169"
+LINUX_VERSION ?= "5.4.170"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "092520553603d101c48aafd95aac45f5f455882a"
-SRCREV_machine ?= "d44538a3be2f25dc1c768d0ed31d18af18cc2aee"
-SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
+SRCREV_machine_qemuarm ?= "f0f037abc011fc633c51f9557471babb368668f3"
+SRCREV_machine ?= "0c76d34c0744a8f3d8b4a41860fc9f12624b082a"
+SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 0e8fe724e3..d7af5fe1cb 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "69471f4c5c895fe6ccef696800c7ef2bda3ad2fd"
-SRCREV_machine_qemuarm64 ?= "e0b9164ac4b0d53e7bd42bf1d2322eb5ce462d68"
-SRCREV_machine_qemumips ?= "7bf5ddb8e9ae1284cb4e02bed7f9429bec0b39c4"
-SRCREV_machine_qemuppc ?= "b0054e5e7451561a7c6a6d6a401395fbd0395801"
-SRCREV_machine_qemuriscv64 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
-SRCREV_machine_qemux86 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
-SRCREV_machine_qemux86-64 ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
-SRCREV_machine_qemumips64 ?= "e8483ea124a1715790eba584ee2ad8aac1e15edf"
-SRCREV_machine ?= "01fe83c50f9aeb4da7c7c7d63a6c7afea83216ef"
-SRCREV_meta ?= "dcbd44e70b6bc80a04cc92b625b1a3eaa2f78fc0"
+SRCREV_machine_qemuarm ?= "2ee0677973f1c676d52c6864c0a227b8d0a91a3d"
+SRCREV_machine_qemuarm64 ?= "205b919a1a53a5c46ff432cfc7292cbf688f34ce"
+SRCREV_machine_qemumips ?= "ff59072d3f2b8189e65f1006357d003ef68ec03b"
+SRCREV_machine_qemuppc ?= "bd68bc38761902dea6a823853f6044f6688751ca"
+SRCREV_machine_qemuriscv64 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
+SRCREV_machine_qemux86 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
+SRCREV_machine_qemux86-64 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
+SRCREV_machine_qemumips64 ?= "8aa05337ebd7798187b81f2561de15f2074a5eca"
+SRCREV_machine ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
+SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.169"
+LINUX_VERSION ?= "5.4.170"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 07/11] linux-yocto/5.4: update to v5.4.171

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    0a4ce4977bbe Linux 5.4.171
    0101f118529d mISDN: change function names to avoid conflicts
    34821931e18e atlantic: Fix buff_ring OOB in aq_ring_rx_clean
    44065cc11797 net: udp: fix alignment problem in udp4_seq_show()
    0ad45baead37 ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
    8b36aa5af4da scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
    6a3ffcc9ffd0 usb: mtu3: fix interval value for intr and isoc
    f0e57098243c ipv6: Do cleanup if attribute validation fails in multipath route
    c94999cfbbbe ipv6: Continue processing multipath route even if gateway attribute is invalid
    2a6a811a45fd phonet: refcount leak in pep_sock_accep
    db0c834abbc1 rndis_host: support Hytera digital radios
    72eb522ae6f1 power: reset: ltc2952: Fix use of floating point literals
    159eaafee69b power: supply: core: Break capacity loop
    102af6edfd3a xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
    10f2c336929d net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8081
    c0db2e1e60c6 sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
    bcbfc7780047 batman-adv: mcast: don't send link-local multicast to mcast routers
    76936ddb4913 lwtunnel: Validate RTA_ENCAP_TYPE attribute length
    2ebd777513d9 ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
    a02d2be7eb48 ipv6: Check attribute length for RTA_GATEWAY in multipath route
    34224e936a9d ipv4: Check attribute length for RTA_FLOW in multipath route
    125d91f07233 ipv4: Check attribute length for RTA_GATEWAY in multipath route
    1f46721836ee i40e: Fix incorrect netdev's real number of RX/TX queues
    f98acd3b4dcf i40e: Fix for displaying message regarding NVM version
    c340d45148c4 i40e: fix use-after-free in i40e_sync_filters_subtask()
    38fbb1561d66 mac80211: initialize variable have_higher_than_11mbit
    7646a340b25b RDMA/uverbs: Check for null return of kmalloc_array
    5eb5d9c6591d RDMA/core: Don't infoleak GRH fields
    415fc3f59595 iavf: Fix limit of total number of queues to active queues of VF
    23ebe9cfda5e ieee802154: atusb: fix uninit value in atusb_set_extended_addr
    aa171d748a36 tracing: Tag trace_percpu_buffer as a percpu pointer
    db50ad6eec87 tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
    cbbed1338d76 selftests: x86: fix [-Wstringop-overread] warn in test_process_vm_readv()
    6904679c8400 Input: touchscreen - Fix backport of a02dcde595f7cbd240ccd64de96034ad91cffc40
    6e80d2ee44c6 f2fs: quota: fix potential deadlock

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 9832de5880..6b1a10476c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "693f365a839705814228d4d7a9fb362285af3542"
-SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
+SRCREV_machine ?= "2e96217d85f653d79f1e691c84aaf178931550a7"
+SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.170"
+LINUX_VERSION ?= "5.4.171"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index c5e6e16357..80d260cf88 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.170"
+LINUX_VERSION ?= "5.4.171"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "f0f037abc011fc633c51f9557471babb368668f3"
-SRCREV_machine ?= "0c76d34c0744a8f3d8b4a41860fc9f12624b082a"
-SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
+SRCREV_machine_qemuarm ?= "59c50d08a8c111c9941b53cc3903cafc7b9339f0"
+SRCREV_machine ?= "da1b138e527f276887038d0091980ec5bfbd0824"
+SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index d7af5fe1cb..2d7703ec0e 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "2ee0677973f1c676d52c6864c0a227b8d0a91a3d"
-SRCREV_machine_qemuarm64 ?= "205b919a1a53a5c46ff432cfc7292cbf688f34ce"
-SRCREV_machine_qemumips ?= "ff59072d3f2b8189e65f1006357d003ef68ec03b"
-SRCREV_machine_qemuppc ?= "bd68bc38761902dea6a823853f6044f6688751ca"
-SRCREV_machine_qemuriscv64 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
-SRCREV_machine_qemux86 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
-SRCREV_machine_qemux86-64 ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
-SRCREV_machine_qemumips64 ?= "8aa05337ebd7798187b81f2561de15f2074a5eca"
-SRCREV_machine ?= "d4f5a7cecc479dcfff63bd7e92507521956fb8b8"
-SRCREV_meta ?= "3ff7377107711b2670620aac2be36b3edefe7f37"
+SRCREV_machine_qemuarm ?= "c961afa9250955e8bc4e286fba5942181cdfce45"
+SRCREV_machine_qemuarm64 ?= "0408baf57ccb7975ea0291418f44c1bf241b9792"
+SRCREV_machine_qemumips ?= "1e20719de0a733cf6c9f1f5467a16e8449dd1eb3"
+SRCREV_machine_qemuppc ?= "40c08791a68abb946948e1aea7532dc156e9eaa5"
+SRCREV_machine_qemuriscv64 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
+SRCREV_machine_qemux86 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
+SRCREV_machine_qemux86-64 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
+SRCREV_machine_qemumips64 ?= "31c53aae874ab1a677be38ffe29dc0e7084a08f4"
+SRCREV_machine ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
+SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.170"
+LINUX_VERSION ?= "5.4.171"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 08/11] linux-yocto/5.4: update to v5.4.172

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    b7f70762d158 Linux 5.4.172
    f415409551b0 staging: greybus: fix stack size warning with UBSAN
    65c2e7176f77 drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()
    86ded7a6cf40 staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn()
    a459686f986c media: Revert "media: uvcvideo: Set unique vdev name based in type"
    7e07bedae159 random: fix crash on multiple early calls to add_bootloader_randomness()
    517ab153f503 random: fix data race on crng init time
    90ceecdaa062 random: fix data race on crng_node_pool
    a4fa4377c91b can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
    e90a7524b5c8 can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data
    9e9241d3345a drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions
    ada3805f1423 mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
    d08a0a88db88 veth: Do not record rx queue hint in veth_xmit
    a6722b497401 mmc: sdhci-pci: Add PCI ID for Intel ADL
    1199f0928488 USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
    43aac50196f3 USB: core: Fix bug in resuming hub's handling of wakeup requests
    ed5c2683b67b Bluetooth: bfusb: fix division by zero in send path
    784e873af3dc Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
    ad07b60837b2 workqueue: Fix unbind_workers() VS wq_worker_running() race

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 6b1a10476c..9e8281c7a1 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "2e96217d85f653d79f1e691c84aaf178931550a7"
-SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
+SRCREV_machine ?= "e92d76afe6d8592917c0e7b948912c085e661df2"
+SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.171"
+LINUX_VERSION ?= "5.4.172"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 80d260cf88..a75570df93 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.171"
+LINUX_VERSION ?= "5.4.172"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "59c50d08a8c111c9941b53cc3903cafc7b9339f0"
-SRCREV_machine ?= "da1b138e527f276887038d0091980ec5bfbd0824"
-SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
+SRCREV_machine_qemuarm ?= "10b4756eee78aa43ff9ed64da700ec6e8d97ff22"
+SRCREV_machine ?= "6ab93fdc53b64e146e4f16363375c1beb37b82e4"
+SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 2d7703ec0e..2d7f7559e5 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "c961afa9250955e8bc4e286fba5942181cdfce45"
-SRCREV_machine_qemuarm64 ?= "0408baf57ccb7975ea0291418f44c1bf241b9792"
-SRCREV_machine_qemumips ?= "1e20719de0a733cf6c9f1f5467a16e8449dd1eb3"
-SRCREV_machine_qemuppc ?= "40c08791a68abb946948e1aea7532dc156e9eaa5"
-SRCREV_machine_qemuriscv64 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
-SRCREV_machine_qemux86 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
-SRCREV_machine_qemux86-64 ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
-SRCREV_machine_qemumips64 ?= "31c53aae874ab1a677be38ffe29dc0e7084a08f4"
-SRCREV_machine ?= "3889c10487e465acf5a2ecf182be8a9adb8ce863"
-SRCREV_meta ?= "17ac54a7a0b472a035fea8aacd1f31c1fa322ff0"
+SRCREV_machine_qemuarm ?= "8de1da3dc354dedef2e435e694eec6d6e72c9822"
+SRCREV_machine_qemuarm64 ?= "eed7c0a64f3a7a91a130bc2e507304dc8b446a31"
+SRCREV_machine_qemumips ?= "996a9660e4fab70db5cecec9c831141cd03c3d36"
+SRCREV_machine_qemuppc ?= "0197cf5754b1bd4eb035c342af9cc27e8c3339ca"
+SRCREV_machine_qemuriscv64 ?= "c6b015510134942076c0e111e56357656acf3dd5"
+SRCREV_machine_qemux86 ?= "c6b015510134942076c0e111e56357656acf3dd5"
+SRCREV_machine_qemux86-64 ?= "c6b015510134942076c0e111e56357656acf3dd5"
+SRCREV_machine_qemumips64 ?= "fe2769a7c268ed224ec70fd2aaab850e4eef70dc"
+SRCREV_machine ?= "c6b015510134942076c0e111e56357656acf3dd5"
+SRCREV_meta ?= "98cce1c95fcc9a26965cbc5f038fd71d53c387c8"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.171"
+LINUX_VERSION ?= "5.4.172"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.25.1

[OE-core][dunfell 09/11] kernel: introduce python3-dtschema-wrapper

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

The 5.16 kernel introduced mandatory schema checking on any dtb file
built through the kernel.

That funcionality is provided via python3-dt-schema.

The dependencies to enable that functionality is not small, and may
not always be desired (in particular on architectures that do not
support dtbs, or in development cycles). It may also be useful for
allowing a non-conformant dts to be compiled.

This commit introduces a set of wrapper scripts that when added
as a depenency to the kernel, can pass both the validation testing
and validation steps of a dts.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Backported from oe-core commit 2566563ad49d.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/conf/distro/include/maintainers.inc      |  1 +
 .../python3-dtschema-wrapper/dt-doc-validate  | 20 +++++++++++++++++++
 .../dtc/python3-dtschema-wrapper/dt-mk-schema | 20 +++++++++++++++++++
 .../dtc/python3-dtschema-wrapper/dt-validate  | 20 +++++++++++++++++++
 .../dtc/python3-dtschema-wrapper_2021.10.bb   | 17 ++++++++++++++++
 5 files changed, 78 insertions(+)
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 895cf89487..1575fce8c7 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -576,6 +576,7 @@ RECIPE_MAINTAINER_pn-python3 = "Oleksandr Kravchuk <open.source@oleksandr-kravch
 RECIPE_MAINTAINER_pn-python3-async = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-dbus = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
 RECIPE_MAINTAINER_pn-python3-docutils = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
+RECIPE_MAINTAINER_pn-python3-dtschema-wrapper = "Bruce Ashfield <bruce.ashfield@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-pycryptodome = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-pycryptodomex = "Joshua Watt <JPEWhacker@gmail.com>"
 RECIPE_MAINTAINER_pn-python3-extras = "Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>"
diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
new file mode 100644
index 0000000000..2aa57851c7
--- /dev/null
+++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
@@ -0,0 +1,20 @@
+#!/bin/sh
+# dt-doc-validate wrapper to allow kernel dt-validation to pass
+#
+# Copyright (C) 2021 Bruce Ashfield <bruce.ashfield@gmail.com>
+# License: MIT (see COPYING.MIT at the root of the repository for terms)
+
+for arg; do
+    case "$arg" in
+        --version)
+            echo "v2021.10"
+            ;;
+    esac
+done
+
+# TBD: left for future consideration
+# exec dt-doc-validate.real "$@"
+
+# we always succeed
+exit 0
+
diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
new file mode 100644
index 0000000000..24b89d8619
--- /dev/null
+++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
@@ -0,0 +1,20 @@
+#!/bin/sh
+# dt-mk-schema wrapper to allow kernel dt-validation to pass
+#
+# Copyright (C) 2021 Bruce Ashfield <bruce.ashfield@gmail.com>
+# License: MIT (see COPYING.MIT at the root of the repository for terms)
+
+for arg; do
+    case "$arg" in
+        --version)
+            echo "v2021.10"
+            ;;
+    esac
+done
+
+# TBD: left for future consideration
+# exec dt-mk-schema.real "$@"
+
+# we always succeed
+exit 0
+
diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
new file mode 100644
index 0000000000..8a4710a7ed
--- /dev/null
+++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
@@ -0,0 +1,20 @@
+#!/bin/sh
+# dt-validate wrapper to allow kernel dt-validation to pass
+#
+# Copyright (C) 2021 Bruce Ashfield <bruce.ashfield@gmail.com>
+# License: MIT (see COPYING.MIT at the root of the repository for terms)
+
+for arg; do
+    case "$arg" in
+        --version)
+            echo "v2021.10"
+            ;;
+    esac
+done
+
+# TBD: left for future consideration
+# exec dt-validate.real "$@"
+
+# we always succeed
+exit 0
+
diff --git a/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb b/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb
new file mode 100644
index 0000000000..c869274d09
--- /dev/null
+++ b/meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb
@@ -0,0 +1,17 @@
+DESCRIPTION = "Wrapper for tooling for devicetree validation using YAML and jsonschema"
+HOMEPAGE = "https://yoctoproject.org"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+SRC_URI = "file://dt-doc-validate \
+           file://dt-mk-schema \
+           file://dt-validate"
+
+do_install() {
+    install -d ${D}${bindir}/
+    install -m 755 ${WORKDIR}/dt-doc-validate ${D}${bindir}/
+    install -m 755 ${WORKDIR}/dt-mk-schema ${D}${bindir}/
+    install -m 755 ${WORKDIR}/dt-validate ${D}${bindir}/
+}
+
+BBCLASSEXTEND = "native nativesdk"
-- 
2.25.1

[OE-core][dunfell 10/11] lttng-tools: Add missing DEPENDS on bison-native

[Steve Sakoman]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

This was being provided by other pieces of the dependency chain but is
specifically required by configure and could fail if those pieces come
from sstate. Fix such builds by adding the missing dependency.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ba2587beb2a3fb0ef9139f846e161542d2c5c4ae)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb b/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb
index e830475d0d..6306193809 100644
--- a/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb
+++ b/meta/recipes-kernel/lttng/lttng-tools_2.11.5.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=01d7fc4496aacf37d90df90b90b0cac1 \
                     file://gpl-2.0.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
                     file://lgpl-2.1.txt;md5=0f0d71500e6a57fd24d825f33242b9ca"
 
-DEPENDS = "liburcu popt libxml2 util-linux"
+DEPENDS = "liburcu popt libxml2 util-linux bison-native"
 RDEPENDS_${PN} = "libgcc"
 RDEPENDS_${PN}-ptest += "make perl bash gawk babeltrace procps perl-module-overloading coreutils util-linux kmod lttng-modules sed python3-core"
 RDEPENDS_${PN}-ptest_append_libc-glibc = " glibc-utils"
-- 
2.25.1

[OE-core][dunfell 11/11] Revert "weston: Use systemd notify,"

[Steve Sakoman]

From: Marek Vasut <marex@denx.de>

Commit 4efdcc1090 ("weston: Use systemd notify,") has non-trivial to
backport dependencies without which it cannot work, revert backport.

In oe-core dunfell, weston is still started using /usr/bin/weston-start
script in meta/recipes-graphics/wayland/weston-init/weston@.service .
Since 76ed534267 ("weston-init: Use weston-launch when starting weston
as the first windowing system"), the weston-start script starts weston
using weston-launch executable in case $DISPLAY is not set, i.e. when
weston is started as the primary compositor.

When weston is started via weston-launch, the notification to systemd
is not delivered, and weston service fails to start with the following:
"
weston@root.service: start operation timed out. Terminating.
"

The weston systemd service has been reworked considerably since oe-core
dunfell in commit c21fa5a291 ("weston-init: Redefine weston service and
add socket activation option"), which replaced the use of weston-start
in weston@.service with plain weston, and has been further improved in
commit dd83fb40f7 ("weston-init: Stop running weston as root") . The
commit reverted here, oe-core/master commit c8aa0222ce ("weston: wrapper
for weston modules argument"), landed only with the two aforementioned
reworks already in place, therefore the commit could have never been
tested with weston started via weston-launch executable and the timeout
at delivering systemd notification could not have happened in master.

Both c21fa5a291 ("weston-init: Redefine weston service and add socket
activation option") and dd83fb40f7 ("weston-init: Stop running weston
as root") are large feature patches and thus unsuitable for stable
backports, hence this revert seems to be the least problematic way.

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Joshua Watt <JPEWhacker@gmail.com>
Cc: Pavel Zhukov <pavel.zhukov@huawei.com>
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../wayland/weston-init/weston-start                 | 12 ------------
 .../wayland/weston-init/weston@.service              |  6 ------
 .../wayland/weston/systemd-notify.weston-start       |  9 ---------
 .../wayland/weston/xwayland.weston-start             |  3 ++-
 meta/recipes-graphics/wayland/weston_8.0.0.bb        |  6 ------
 5 files changed, 2 insertions(+), 34 deletions(-)
 delete mode 100644 meta/recipes-graphics/wayland/weston/systemd-notify.weston-start

diff --git a/meta/recipes-graphics/wayland/weston-init/weston-start b/meta/recipes-graphics/wayland/weston-init/weston-start
index 97471df80d..ccc7093425 100755
--- a/meta/recipes-graphics/wayland/weston-init/weston-start
+++ b/meta/recipes-graphics/wayland/weston-init/weston-start
@@ -23,15 +23,6 @@ add_openvt_argument() {
 	openvt_args="$openvt_args $1"
 }
 
-## Add module to --modules argument
-add_weston_module() {
-	if [ -z "${weston_modules}" ]; then
-		weston_modules="--modules "
-	fi;
-	weston_modules="${weston_modules}${1},"
-}
-
-
 if [ -n "$WAYLAND_DISPLAY" ]; then
 	echo "ERROR: A Wayland compositor is already running, nested Weston instance is not supported yet."
 	exit 1
@@ -74,9 +65,6 @@ if [ -d "$modules_dir" ]; then
 		# process module
 		. $m
 	done
-	if [ -n "${weston_modules}" ]; then
-		add_weston_argument "${weston_modules} "
-	fi;
 fi
 
 if test -z "$XDG_RUNTIME_DIR"; then
diff --git a/meta/recipes-graphics/wayland/weston-init/weston@.service b/meta/recipes-graphics/wayland/weston-init/weston@.service
index 70c706d75c..39e193014a 100644
--- a/meta/recipes-graphics/wayland/weston-init/weston@.service
+++ b/meta/recipes-graphics/wayland/weston-init/weston@.service
@@ -1,7 +1,3 @@
-# SPDX-FileCopyrightText: Huawei Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-
 [Unit]
 Description=Weston Wayland Compositor
 RequiresMountsFor=/run
@@ -9,8 +5,6 @@ Conflicts=plymouth-quit.service
 After=systemd-user-sessions.service plymouth-quit-wait.service
 
 [Service]
-Type=notify
-NotifyAccess=all
 User=%i
 PAMName=login
 EnvironmentFile=-/etc/default/weston
diff --git a/meta/recipes-graphics/wayland/weston/systemd-notify.weston-start b/meta/recipes-graphics/wayland/weston/systemd-notify.weston-start
deleted file mode 100644
index fdb48cb609..0000000000
--- a/meta/recipes-graphics/wayland/weston/systemd-notify.weston-start
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-
-# SPDX-FileCopyrightText: Huawei Inc.
-# SPDX-License-Identifier: Apache-2.0
-
-
-if [[ -x "/usr/lib/weston/systemd-notify.so" ]]; then
-	add_weston_module "systemd-notify.so"
-fi
diff --git a/meta/recipes-graphics/wayland/weston/xwayland.weston-start b/meta/recipes-graphics/wayland/weston/xwayland.weston-start
index 22984f50a4..b483c97cf1 100644
--- a/meta/recipes-graphics/wayland/weston/xwayland.weston-start
+++ b/meta/recipes-graphics/wayland/weston/xwayland.weston-start
@@ -2,5 +2,6 @@
 
 if type Xwayland  >/dev/null 2>/dev/null; then
 	mkdir -p /tmp/.X11-unix
-	add_weston_module "xwayland.so"
+
+	add_weston_argument "--modules=xwayland.so"
 fi
diff --git a/meta/recipes-graphics/wayland/weston_8.0.0.bb b/meta/recipes-graphics/wayland/weston_8.0.0.bb
index e647fbc686..5e4e2032c9 100644
--- a/meta/recipes-graphics/wayland/weston_8.0.0.bb
+++ b/meta/recipes-graphics/wayland/weston_8.0.0.bb
@@ -5,11 +5,9 @@ LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d79ee9e66bb0f95d3386a7acae780b70 \
                     file://libweston/compositor.c;endline=27;md5=6c53bbbd99273f4f7c4affa855c33c0a"
 
-
 SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
            file://weston.png \
            file://weston.desktop \
-           file://systemd-notify.weston-start \
            file://xwayland.weston-start \
            file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch \
            file://0002-desktop-shell-Remove-no-op-de-activation-of-the-xdg-.patch \
@@ -106,10 +104,6 @@ do_install_append() {
 		install -Dm 644 ${WORKDIR}/xwayland.weston-start ${D}${datadir}/weston-start/xwayland
 	fi
 
-	if [ "${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'yes', 'no', d)}" = "yes" ]; then
-	        install -Dm 644 ${WORKDIR}/systemd-notify.weston-start ${D}${datadir}/weston-start/systemd-notify
-	fi
-
 	if [ "${@bb.utils.contains('PACKAGECONFIG', 'launch', 'yes', 'no', d)}" = "yes" ]; then
 		chmod u+s ${D}${bindir}/weston-launch
 	fi
-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3537

with the exception of a known issue with meta-intel due to the zlib CVE fix, see:

https://lists.openembedded.org/g/openembedded-core/message/163793

The intent is to fix meta-intel after this patch set is merged to dunfell.

The following changes since commit aa762b7ca2417b80dd114a4ab263d69074912f82:

  tzdata: update to 2022a (2022-04-04 04:22:32 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexandre Belloni (1):
  pseudo: Fix handling of absolute links

Martin Jansa (1):
  license_image.bbclass: close package.manifest file

Peter Kjellerstedt (1):
  metadata_scm.bbclass: Use immediate expansion for the METADATA_*
    variables

Ralph Siemsen (3):
  gzip: fix CVE-2022-1271
  xz: fix CVE-2022-1271
  apt: add -fno-strict-aliasing to CXXFLAGS to fix SHA256 bug

Richard Purdie (4):
  vim: Upgrade 8.2.4524 -> 8.2.4681
  git: Ignore CVE-2022-24975
  pseudo: Add patch to workaround paths with crazy lengths
  libxshmfence: Correct LICENSE to HPND

Ross Burton (1):
  zlib: backport the fix for CVE-2018-25032

 .../recipeutils/recipeutils-test_1.2.bb       |   2 +-
 meta/classes/license_image.bbclass            |   4 +-
 meta/classes/metadata_scm.bbclass             |  10 +-
 .../zlib/zlib/CVE-2018-25032.patch            | 347 ++++++++++++++++++
 meta/recipes-core/zlib/zlib_1.2.11.bb         |   1 +
 meta/recipes-devtools/apt/apt.inc             |   4 +
 meta/recipes-devtools/git/git.inc             |   5 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   2 +-
 .../gzip/gzip-1.10/CVE-2022-1271.patch        |  45 +++
 meta/recipes-extended/gzip/gzip_1.10.bb       |   1 +
 .../xz/xz/CVE-2022-1271.patch                 |  96 +++++
 meta/recipes-extended/xz/xz_5.2.4.bb          |   4 +-
 .../xorg-lib/libxshmfence_1.3.bb              |   2 +-
 meta/recipes-support/vim/vim.inc              |   6 +-
 14 files changed, 515 insertions(+), 14 deletions(-)
 create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
 create mode 100644 meta/recipes-extended/gzip/gzip-1.10/CVE-2022-1271.patch
 create mode 100644 meta/recipes-extended/xz/xz/CVE-2022-1271.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3738

The following changes since commit add860e1a69f848097bbc511137a62d5746e5019:

  oeqa/selftest/cve_check: add tests for recipe and image reports (2022-05-24 04:31:18 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dan Tran (1):
  ncurses: Fix CVE-2022-29458

Ernst Sjöstrand (2):
  cve-check: Add helper for symlink handling
  cve-check: Only include installed packages for rootfs manifest

Ranjitsinh Rathod (3):
  ruby: Upgrade ruby to 2.7.6 for security fix
  ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
  libsdl2: Add fix for CVE-2021-33657

Richard Purdie (2):
  vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
  cve-check: Allow warnings to be disabled

Riyaz (1):
  libxml2: Fix CVE-2022-29824 for libxml2

Virendra Thakur (1):
  ffmpeg: Fix for CVE-2022-1475

leimaohui (1):
  cve-check.bbclass: Added do_populate_sdk[recrdeptask].

 meta/classes/cve-check.bbclass                | 109 ++++--
 .../libxml2/CVE-2022-29824-dependent.patch    |  53 +++
 .../libxml/libxml2/CVE-2022-29824.patch       | 348 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |   2 +
 .../ncurses/files/CVE-2022-29458.patch        | 135 +++++++
 meta/recipes-core/ncurses/ncurses_6.2.bb      |   1 +
 .../ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb}     |   8 +-
 .../libsdl2/libsdl2/CVE-2021-33657.patch      |  38 ++
 .../libsdl2/libsdl2_2.0.12.bb                 |   1 +
 .../ffmpeg/ffmpeg/CVE-2022-1475.patch         |  36 ++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 12 files changed, 694 insertions(+), 42 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2022-29458.patch
 rename meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} (90%)
 create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4058

The following changes since commit 73d2b640ad665f6ff3c4fbe8f5da4ef0dbb175f2:

  libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections (2022-07-28 06:26:48 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssh: Add openssh-sftp-server to openssh RDEPENDS

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.208
  linux-yocto/5.4: update to v5.4.209

Hitendra Prajapati (2):
  grub2: Fix several security issue of integer underflow
  gdk-pixbuf: CVE-2021-46829 a heap-based buffer overflow

Jose Quaresma (1):
  gstreamer1.0: use the correct meson option for the capabilities

Khem Raj (1):
  libmodule-build-perl: Use env utility to find perl interpreter

Martin Jansa (1):
  libxml2: Port gentest.py to Python-3

Richard Purdie (1):
  insane: Fix buildpaths test to work with special devices

Ross Burton (1):
  cve_check: skip remote patches that haven't been fetched when
    searching for CVE tags

Steve Sakoman (1):
  selftest: skip virgl test on fedora 36

 meta/classes/insane.bbclass                   |   6 +-
 meta/lib/oe/cve_check.py                      |   5 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +
 .../grub/files/CVE-2022-28733.patch           |  60 ++
 .../grub/files/CVE-2022-28734.patch           |  67 ++
 .../grub/files/CVE-2022-28736.patch           | 275 ++++++
 meta/recipes-bsp/grub/grub2.inc               |   3 +
 .../openssh/openssh_8.2p1.bb                  |   2 +-
 .../0001-Port-gentest.py-to-Python-3.patch    | 813 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |  11 +
 .../perl/libmodule-build-perl_0.4231.bb       |   1 +
 .../gdk-pixbuf/CVE-2021-46829.patch           |  61 ++
 .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb           |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../gstreamer/gstreamer1.0_1.16.3.bb          |   2 +-
 17 files changed, 1321 insertions(+), 24 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28733.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28734.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28736.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-46829.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Sunday.

This is the final patch set for the 3.1.19 release.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4098

The following changes since commit ac6ea1a96645d2a4dd54660256603f0b191bb4d3:

  gstreamer1.0: use the correct meson option for the capabilities (2022-08-10 05:04:10 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  linux-firmware: update 20220610 -> 20220708

Dmitry Baryshkov (1):
  linux-firwmare: restore WHENCE_CHKSUM variable

Hitendra Prajapati (3):
  qemu: CVE-2020-27821 heap buffer overflow in msix_table_mmio_write
  gnutls: CVE-2022-2509 Double free during gnutls_pkcs7_verify
  zlib: CVE-2022-37434 a heap-based buffer over-read

Ming Liu (1):
  rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}

Pascal Bach (1):
  bin_package: install into base_prefix

Randy MacLeod (1):
  vim: update from 9.0.0063 to 9.0.0115

Richard Purdie (2):
  vim: Upgrade 9.0.0021 -> 9.0.0063
  kernel-arch: Fix buildpaths leaking into external module compiles

Shruthi Ravichandran (1):
  initscripts: run umountnfs as a KILL script

 meta/classes/bin_package.bbclass              |   3 +-
 meta/classes/kernel-arch.bbclass              |   2 +-
 meta/classes/rootfs-postcommands.bbclass      |   2 +-
 .../initscripts/initscripts_1.0.bb            |   2 +-
 .../zlib/zlib/CVE-2022-37434.patch            |  44 +++
 meta/recipes-core/zlib/zlib_1.2.11.bb         |   1 +
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2020-27821.patch            |  73 +++++
 ...20220610.bb => linux-firmware_20220708.bb} |  14 +-
 .../gnutls/gnutls/CVE-2022-2509.patch         | 282 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |   1 +
 meta/recipes-support/vim/files/racefix.patch  |  33 --
 meta/recipes-support/vim/vim.inc              |  10 +-
 13 files changed, 418 insertions(+), 50 deletions(-)
 create mode 100644 meta/recipes-core/zlib/zlib/CVE-2022-37434.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27821.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220610.bb => linux-firmware_20220708.bb} (98%)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch
 delete mode 100644 meta/recipes-support/vim/files/racefix.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4469

The following changes since commit babcb7cd3bbefe9c0ea28e960e4fd6cefbc03cae:

  bluez5: add dbus to RDEPENDS (2022-11-04 07:52:01 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssl: upgrade 1.1.1q to 1.1.1s

Hitendra Prajapati (1):
  bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c

Martin Jansa (1):
  externalsrc.bbclass: fix git repo detection

Peter Kjellerstedt (1):
  externalsrc.bbclass: Remove a trailing slash from ${B}

Ross Burton (1):
  sanity: check for GNU tar specifically

Sundeep KOKKONDA (2):
  binutils: stable 2.34 branch updates
  glibc : stable 2.31 branch updates.

Sunil Kumar (1):
  go: Security Fix for CVE-2022-2879

Vivek Kumbhar (2):
  curl: fix CVE-2022-32221 POST following PUT
  qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt()
    may lead to out-of-bounds write

ciarancourtney (1):
  wic: swap partitions are not added to fstab

 meta/classes/externalsrc.bbclass              |   6 +-
 meta/classes/sanity.bbclass                   |   8 ++
 meta/recipes-connectivity/bluez5/bluez5.inc   |   1 +
 .../bluez5/bluez5/CVE-2022-3637.patch         |  39 ++++++
 .../{openssl_1.1.1q.bb => openssl_1.1.1s.bb}  |   2 +-
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 .../glibc/glibc/CVE-2021-33574_1.patch        |  26 ++--
 .../binutils/binutils-2.34.inc                |   2 +-
 .../binutils/binutils/CVE-2020-16593.patch    |   4 +-
 .../binutils/binutils/CVE-2021-3549.patch     |  80 ++++++-------
 meta/recipes-devtools/go/go-1.14.inc          |   1 +
 .../go/go-1.14/CVE-2022-2879.patch            | 111 ++++++++++++++++++
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2021-3638.patch             |  80 +++++++++++++
 .../curl/curl/CVE-2022-32221.patch            |  29 +++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   1 +
 scripts/lib/wic/plugins/imager/direct.py      |   2 +-
 17 files changed, 329 insertions(+), 66 deletions(-)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5324

The following changes since commit 1bc254e7969f3d5470bacf9ad9f065d38b7b7fde:

  run-postinsts: Set dependency for ldconfig to avoid boot issues (2023-05-11 07:47:14 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20230210 -> 20230404

Hitendra Prajapati (2):
  git: fix CVE-2023-29007
  git: fix CVE-2023-25652

Khem Raj (1):
  perf: Depend on native setuptools3

Marek Vasut (1):
  cpio: Fix wrong CRC with ASCII CRC for large files

Martin Jansa (1):
  populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO
    override

Randolph Sapp (1):
  wic/bootimg-efi: if fixed-size is set then use that for mkdosfs

Siddharth (1):
  curl: ammend fix for CVE-2023-27534 to fix error when ssh is enabled

Steve Sakoman (1):
  selftest: skip virgl test on ubuntu 22.10, fedora 37, and all rocky

Thomas Roos (1):
  oeqa/utils/metadata.py: Fix running oe-selftest running with no distro
    set

 meta/classes/populate_sdk_ext.bbclass         |   3 +-
 meta/classes/pypi.bbclass                     |   2 +
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   6 +
 meta/lib/oeqa/utils/metadata.py               |   6 +-
 .../git/files/CVE-2023-25652.patch            |  94 +++++++++++
 .../git/files/CVE-2023-29007.patch            | 159 ++++++++++++++++++
 meta/recipes-devtools/git/git.inc             |   2 +
 ...g-CRC-with-ASCII-CRC-for-large-files.patch |  39 +++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 ...20230210.bb => linux-firmware_20230404.bb} |   6 +-
 meta/recipes-kernel/perf/perf.bb              |   2 +-
 .../curl/curl/CVE-2023-27534-pre1.patch       |  51 ++++++
 .../curl/curl/CVE-2023-27534.patch            | 122 ++------------
 meta/recipes-support/curl/curl_7.69.1.bb      |   1 +
 scripts/lib/wic/plugins/source/bootimg-efi.py |   7 +
 15 files changed, 387 insertions(+), 114 deletions(-)
 create mode 100644 meta/recipes-devtools/git/files/CVE-2023-25652.patch
 create mode 100644 meta/recipes-devtools/git/files/CVE-2023-29007.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230210.bb => linux-firmware_20230404.bb} (99%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27534-pre1.patch

-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5422

The following changes since commit e4b98a42970574296e0da06842691b9fc1ffc9a1:

  selftest: skip virgl test on ubuntu 22.10, fedora 37, and all rocky (2023-05-20 06:02:24 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssh: Move sshdgenkeys.service to sshd.socket

Ashish Sharma (1):
  golang: Fix CVE-2023-24539

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.238
  linux-yocto/5.4: update to v5.4.240
  linux-yocto/5.4: update to v5.4.241
  linux-yocto/5.4: update to v5.4.242
  linux-yocto/5.4: update to v5.4.243

Nikhil R (1):
  ffmpeg: Fix CVE-2022-48434

Vijay Anusuri (3):
  ghostscript: Fix CVE-2023-28879
  xserver-xorg: Security fix CVE-2023-0494 and CVE-2023-1393
  go: Security fix CVE-2023-24540

 .../openssh/openssh/sshd.socket               |   1 +
 .../openssh/openssh/sshd@.service             |   2 -
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2023-24539.patch           |  60 ++++++++
 .../go/go-1.14/CVE-2023-24540.patch           |  90 ++++++++++++
 .../ghostscript/CVE-2023-28879.patch          |  54 +++++++
 .../ghostscript/ghostscript_9.52.bb           |   1 +
 .../xserver-xorg/CVE-2023-0494.patch          |  38 +++++
 .../xserver-xorg/CVE-2023-1393.patch          |  46 ++++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |   2 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +--
 .../ffmpeg/ffmpeg/CVE-2022-48434.patch        | 136 ++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 15 files changed, 449 insertions(+), 20 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch

-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Thursday, October 12.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6026

The following changes since commit 9a800a2e2c2b14eab8c1f83cb4ac3b94a70dd23c:

  glibc: Fix CVE-2023-4911 "Looney Tunables" (2023-10-05 13:10:56 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Hitendra Prajapati (1):
  xdg-utils: Fix CVE-2022-4055

Julian Haller (2):
  dbus: Backport fix for CVE-2023-34969
  dbus: Add missing CVE_PRODUCT

Marek Vasut (2):
  busybox: Backport CVE-2022-48174 fix
  cpio: Replace fix wrong CRC with ASCII CRC for large files with
    upstream backport

Shinu Chandran (1):
  libpcre2 : Follow up fix CVE-2022-1586

Shubham Kulkarni (1):
  go: Update fix for CVE-2023-24538 & CVE-2023-39318

Sourav Pramanik (1):
  openssl: Upgrade 1.1.1v -> 1.1.1w

Vijay Anusuri (3):
  cups: Backport fix for CVE-2023-32360 and CVE-2023-4504
  gawk: backport Debian patch to fix CVE-2023-4156
  ghostscript: Backport fix CVE-2023-43115

 .../{openssl_1.1.1v.bb => openssl_1.1.1w.bb}  |   2 +-
 .../busybox/busybox/CVE-2022-48174.patch      |  82 +++
 meta/recipes-core/busybox/busybox_1.31.1.bb   |   1 +
 meta/recipes-core/dbus/dbus.inc               |   3 +
 .../dbus/dbus/CVE-2023-34969.patch            |  96 +++
 meta/recipes-devtools/go/go-1.14.inc          |   5 +-
 .../go/go-1.14/CVE-2023-24538-1.patch         |   4 +-
 .../go/go-1.14/CVE-2023-24538-2.patch         | 447 ++++++++++++-
 .../go/go-1.14/CVE-2023-24538_3.patch         | 393 ++++++++++++
 .../go/go-1.14/CVE-2023-24538_4.patch         | 497 +++++++++++++++
 .../go/go-1.14/CVE-2023-24538_5.patch         | 585 ++++++++++++++++++
 ...3-24538-3.patch => CVE-2023-24538_6.patch} | 175 +++++-
 .../go/go-1.14/CVE-2023-39318.patch           |  38 +-
 ...g-CRC-with-ASCII-CRC-for-large-files.patch |  39 --
 ...-calculation-of-CRC-in-copy-out-mode.patch |  58 ++
 ...appending-to-archives-bigger-than-2G.patch | 312 ++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   3 +-
 meta/recipes-extended/cups/cups.inc           |   2 +
 .../cups/cups/CVE-2023-32360.patch            |  31 +
 .../cups/cups/CVE-2023-4504.patch             |  40 ++
 .../gawk/gawk/CVE-2023-4156.patch             |  28 +
 meta/recipes-extended/gawk/gawk_5.0.1.bb      |   1 +
 .../ghostscript/CVE-2023-43115.patch          |  62 ++
 .../ghostscript/ghostscript_9.52.bb           |   1 +
 .../xdg-utils/xdg-utils/CVE-2022-4055.patch   | 165 +++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |   1 +
 .../libpcre2/CVE-2022-1586-regression.patch   |  30 +
 .../recipes-support/libpcre/libpcre2_10.34.bb |   1 +
 28 files changed, 3041 insertions(+), 61 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1v.bb => openssl_1.1.1w.bb} (98%)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2022-48174.patch
 create mode 100644 meta/recipes-core/dbus/dbus/CVE-2023-34969.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_4.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_5.patch
 rename meta/recipes-devtools/go/go-1.14/{CVE-2023-24538-3.patch => CVE-2023-24538_6.patch} (53%)
 delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0003-Fix-calculation-of-CRC-in-copy-out-mode.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0004-Fix-appending-to-archives-bigger-than-2G.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32360.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-4504.patch
 create mode 100644 meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-43115.patch
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586-regression.patch

-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, December 8

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6293

The following changes since commit 0764da7e3f1d71eb390e5eb8a9aa1323c24d1c19:

  vim: use upstream generated .po files (2023-11-28 12:31:43 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ashish Sharma (1):
  mdadm: Backport fix for CVE-2023-28938

Bruce Ashfield (3):
  linux-yocto/5.4: update to v5.4.258
  linux-yocto/5.4: update to v5.4.260
  linux-yocto/5.4: update to v5.4.262

Lee Chee Yang (2):
  epiphany: fix CVE-2022-29536
  qemu: ignore CVE-2021-20295 CVE-2023-2680

Steve Sakoman (1):
  cve-exclusion_5.4.inc: update for 5.4.262

Tim Orling (1):
  vim: upgrade 9.0.2068 -> 9.0.2130

Vivek Kumbhar (1):
  libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c

poojitha adireddy (2):
  binutils 2.34: Fix CVE-2021-46174
  binutils: Mark CVE-2022-47696 as patched

 .../binutils/binutils-2.34.inc                |  1 +
 .../binutils/binutils/CVE-2021-46174.patch    | 35 ++++++++
 .../binutils/binutils/CVE-2023-25588.patch    |  3 +
 meta/recipes-devtools/qemu/qemu.inc           |  7 ++
 .../mdadm/files/CVE-2023-28938.patch          | 80 +++++++++++++++++++
 meta/recipes-extended/mdadm/mdadm_4.1.bb      |  1 +
 .../recipes-gnome/epiphany/epiphany_3.34.4.bb |  1 +
 .../epiphany/files/CVE-2022-29536.patch       | 46 +++++++++++
 .../linux/cve-exclusion_5.4.inc               | 79 ++++++++++++++----
 .../linux/linux-yocto-rt_5.4.bb               |  6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 ++---
 .../libsndfile1/CVE-2022-33065.patch          | 46 +++++++++++
 .../libsndfile/libsndfile1_1.0.28.bb          |  3 +-
 meta/recipes-support/vim/vim.inc              |  4 +-
 15 files changed, 306 insertions(+), 36 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2021-46174.patch
 create mode 100644 meta/recipes-extended/mdadm/files/CVE-2023-28938.patch
 create mode 100644 meta/recipes-gnome/epiphany/files/CVE-2022-29536.patch
 create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch

-- 
2.34.1