[OE-core][kirkstone 00/19] Patch review

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by end
of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3703

The following changes since commit d3beac233558242ab6895e9ba8536a6df9df8eb3:

  selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES (2022-05-22 11:40:26 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexander Kanavin (15):
  gst-devtools: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0: upgrade 1.20.1 -> 1.20.2
  gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2
  libcgroup: upgrade 2.0.1 -> 2.0.2
  mesa: upgrade 22.0.2 -> 22.0.3
  mobile-broadband-provider-info: upgrade 20220315 -> 20220511
  sqlite3: upgrade 3.38.3 -> 3.38.5

Hitendra Prajapati (1):
  pcre2: CVE-2022-1586 Out-of-bounds read

Peter Kjellerstedt (1):
  license_image.bbclass: Make QA errors fail the build

Ross Burton (1):
  oeqa/selftest/cve_check: add tests for recipe and image reports

Steve Sakoman (1):
  go: upgrade 1.17.8 -> 1.17.10

 meta/classes/license_image.bbclass            |  2 +
 meta/lib/oeqa/selftest/cases/cve_check.py     | 77 ++++++++++++++++++-
 .../mobile-broadband-provider-info_git.bb     |  4 +-
 ...{libcgroup_2.0.1.bb => libcgroup_2.0.2.bb} |  2 +-
 .../go/{go-1.17.8.inc => go-1.17.10.inc}      |  2 +-
 ..._1.17.8.bb => go-binary-native_1.17.10.bb} |  4 +-
 ...1.17.8.bb => go-cross-canadian_1.17.10.bb} |  0
 ...go-cross_1.17.8.bb => go-cross_1.17.10.bb} |  0
 ...sssdk_1.17.8.bb => go-crosssdk_1.17.10.bb} |  0
 ...-native_1.17.8.bb => go-native_1.17.10.bb} |  0
 ...untime_1.17.8.bb => go-runtime_1.17.10.bb} |  0
 .../go/{go_1.17.8.bb => go_1.17.10.bb}        |  0
 .../{mesa-gl_22.0.2.bb => mesa-gl_22.0.3.bb}  |  0
 meta/recipes-graphics/mesa/mesa.inc           |  2 +-
 .../mesa/{mesa_22.0.2.bb => mesa_22.0.3.bb}   |  0
 ...tools_1.20.1.bb => gst-devtools_1.20.2.bb} |  2 +-
 ...1.20.1.bb => gstreamer1.0-libav_1.20.2.bb} |  2 +-
 ...x_1.20.1.bb => gstreamer1.0-omx_1.20.2.bb} |  2 +-
 ....bb => gstreamer1.0-plugins-bad_1.20.2.bb} |  2 +-
 ...bb => gstreamer1.0-plugins-base_1.20.2.bb} |  2 +-
 ...bb => gstreamer1.0-plugins-good_1.20.2.bb} |  2 +-
 ...bb => gstreamer1.0-plugins-ugly_1.20.2.bb} |  2 +-
 ....20.1.bb => gstreamer1.0-python_1.20.2.bb} |  2 +-
 ....bb => gstreamer1.0-rtsp-server_1.20.2.bb} |  2 +-
 ...1.20.1.bb => gstreamer1.0-vaapi_1.20.2.bb} |  2 +-
 ...er1.0_1.20.1.bb => gstreamer1.0_1.20.2.bb} |  2 +-
 .../libpcre/libpcre2/CVE-2022-1586.patch      | 58 ++++++++++++++
 .../recipes-support/libpcre/libpcre2_10.39.bb |  5 +-
 .../{sqlite3_3.38.3.bb => sqlite3_3.38.5.bb}  |  2 +-
 29 files changed, 158 insertions(+), 22 deletions(-)
 rename meta/recipes-core/libcgroup/{libcgroup_2.0.1.bb => libcgroup_2.0.2.bb} (93%)
 rename meta/recipes-devtools/go/{go-1.17.8.inc => go-1.17.10.inc} (92%)
 rename meta/recipes-devtools/go/{go-binary-native_1.17.8.bb => go-binary-native_1.17.10.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.17.8.bb => go-cross-canadian_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.17.8.bb => go-cross_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.17.8.bb => go-crosssdk_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.17.8.bb => go-native_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.17.8.bb => go-runtime_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.17.8.bb => go_1.17.10.bb} (100%)
 rename meta/recipes-graphics/mesa/{mesa-gl_22.0.2.bb => mesa-gl_22.0.3.bb} (100%)
 rename meta/recipes-graphics/mesa/{mesa_22.0.2.bb => mesa_22.0.3.bb} (100%)
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.1.bb => gst-devtools_1.20.2.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.1.bb => gstreamer1.0-libav_1.20.2.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.1.bb => gstreamer1.0-omx_1.20.2.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.1.bb => gstreamer1.0-plugins-bad_1.20.2.bb} (98%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.1.bb => gstreamer1.0-plugins-base_1.20.2.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.1.bb => gstreamer1.0-plugins-good_1.20.2.bb} (97%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.1.bb => gstreamer1.0-plugins-ugly_1.20.2.bb} (94%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.1.bb => gstreamer1.0-python_1.20.2.bb} (91%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.1.bb => gstreamer1.0-rtsp-server_1.20.2.bb} (90%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.1.bb => gstreamer1.0-vaapi_1.20.2.bb} (95%)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.1.bb => gstreamer1.0_1.20.2.bb} (97%)
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
 rename meta/recipes-support/sqlite/{sqlite3_3.38.3.bb => sqlite3_3.38.5.bb} (86%)

-- 
2.25.1

[OE-core][kirkstone 01/19] pcre2: CVE-2022-1586 Out-of-bounds read

[Steve Sakoman]

From: Hitendra Prajapati <hprajapati@mvista.com>

Backport from https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
CVE-2022-1586: pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
(cherry picked from commit 7519eb1cb624bb576cfe60f7470d40c566818ac3)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libpcre/libpcre2/CVE-2022-1586.patch      | 58 +++++++++++++++++++
 .../recipes-support/libpcre/libpcre2_10.39.bb |  5 +-
 2 files changed, 61 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch

diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
new file mode 100644
index 0000000000..10d88d7b73
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
@@ -0,0 +1,58 @@
+From e881ed5028622959cf8859c053501fb1b16387f1 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Mon, 23 May 2022 13:52:39 +0530
+Subject: [PATCH] CVE-2022-1586
+
+Upstream-Status: Backport from https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
+
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ ChangeLog               | 3 +++
+ src/pcre2_jit_compile.c | 2 +-
+ src/pcre2_jit_test.c    | 3 +++
+ 3 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index d27542d..cd3da65 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -63,6 +63,9 @@ Version 10.39 29-October-2021
+ 
+   Reformat slightly to make it C89 compatible again.
+ 
++23. Fixed a unicode properrty matching issue in JIT. The character was not
++fully read in caseless matching.
++
+ 
+ Version 10.38 01-October-2021
+ -----------------------------
+diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
+index db2ce65..5baca9b 100644
+--- a/src/pcre2_jit_compile.c
++++ b/src/pcre2_jit_compile.c
+@@ -7473,7 +7473,7 @@ while (*cc != XCL_END)
+     {
+     SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP);
+     cc++;
+-    if (*cc == PT_CLIST)
++    if (*cc == PT_CLIST && *cc == XCL_PROP)
+       {
+       other_cases = PRIV(ucd_caseless_sets) + cc[1];
+       while (*other_cases != NOTACHAR)
+diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
+index 8dee16e..7bb307e 100644
+--- a/src/pcre2_jit_test.c
++++ b/src/pcre2_jit_test.c
+@@ -412,6 +412,9 @@ static struct regression_test_case regression_test_cases[] = {
+ 	{ MUP, A, 0, 0 | F_PROPERTY, "[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", "\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" },
+ 	{ PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB  baaa" },
+ 	{ MUP, 0, 0, 0 | F_NOMATCH, "[^\\p{Hangul}\\p{Z}]", " " },
++	{ MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
++	{ MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
++	{ CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" },
+ 
+ 	/* Possible empty brackets. */
+ 	{ MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" },
+-- 
+2.35.3
+
diff --git a/meta/recipes-support/libpcre/libpcre2_10.39.bb b/meta/recipes-support/libpcre/libpcre2_10.39.bb
index b5ec62fe18..36c51d700a 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.39.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.39.bb
@@ -10,8 +10,9 @@ SECTION = "devel"
 LICENSE = "BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://LICENCE;md5=43cfa999260dd853cd6cb174dc396f3d"
 
-SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2"
-
+SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2 \
+           file://CVE-2022-1586.patch \
+"
 UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases"
 
 SRC_URI[sha256sum] = "0f03caf57f81d9ff362ac28cd389c055ec2bf0678d277349a1a4bee00ad6d440"
-- 
2.25.1

[OE-core][kirkstone 02/19] oeqa/selftest/cve_check: add tests for recipe and image reports

[Steve Sakoman]

From: Ross Burton <ross.burton@arm.com>

Add a test to verify that the JSON reports are generated correctly for
both single recipe builds and image builds.

More tests are needed, but this is better than nothing.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit df0f35555b09c4bc75470eb45ec9c74e6587d460)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/lib/oeqa/selftest/cases/cve_check.py | 77 ++++++++++++++++++++++-
 1 file changed, 76 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index d1947baffc..2f26f606d7 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -1,9 +1,13 @@
-from oe.cve_check import Version
+import json
+import os
 from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_vars
 
 class CVECheck(OESelftestTestCase):
 
     def test_version_compare(self):
+        from oe.cve_check import Version
+
         result = Version("100") > Version("99")
         self.assertTrue( result, msg="Failed to compare version '100' > '99'")
         result = Version("2.3.1") > Version("2.2.3")
@@ -42,3 +46,74 @@ class CVECheck(OESelftestTestCase):
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'")
         result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch")
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'")
+
+
+    def test_recipe_report_json(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json")
+
+        try:
+            os.remove(summary_json)
+            os.remove(recipe_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("m4-native -c cve_check")
+
+        def check_m4_json(filename):
+            with open(filename) as f:
+                report = json.load(f)
+            self.assertEqual(report["version"], "1")
+            self.assertEqual(len(report["package"]), 1)
+            package = report["package"][0]
+            self.assertEqual(package["name"], "m4-native")
+            found_cves = { issue["id"]: issue["status"] for issue in package["issue"]}
+            self.assertIn("CVE-2008-1687", found_cves)
+            self.assertEqual(found_cves["CVE-2008-1687"], "Patched")
+
+        self.assertExists(summary_json)
+        check_m4_json(summary_json)
+        self.assertExists(recipe_json)
+        check_m4_json(recipe_json)
+
+
+    def test_image_json(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_DIR", "CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        report_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        print(report_json)
+        try:
+            os.remove(report_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("core-image-minimal-initramfs")
+        self.assertExists(report_json)
+
+        # Check that the summary report lists at least one package
+        with open(report_json) as f:
+            report = json.load(f)
+        self.assertEqual(report["version"], "1")
+        self.assertGreater(len(report["package"]), 1)
+
+        # Check that a random recipe wrote a recipe report to deploy/cve/
+        recipename = report["package"][0]["name"]
+        recipe_report = os.path.join(vars["CVE_CHECK_DIR"], recipename + "_cve.json")
+        self.assertExists(recipe_report)
+        with open(recipe_report) as f:
+            report = json.load(f)
+        self.assertEqual(report["version"], "1")
+        self.assertEqual(len(report["package"]), 1)
+        self.assertEqual(report["package"][0]["name"], recipename)
-- 
2.25.1

[OE-core][kirkstone 03/19] go: upgrade 1.17.8 -> 1.17.10

[Steve Sakoman]

go1.17.9 (released 2022-04-12) includes security fixes to the crypto/elliptic and
encoding/pem packages, as well as bug fixes to the linker and runtime.

go1.17.10 (released 2022-05-10) includes security fixes to the syscall package,
as well as bug fixes to the compiler, runtime, and the crypto/x509 and
net/http/httptest packages.

Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/{go-1.17.8.inc => go-1.17.10.inc}    | 2 +-
 ...go-binary-native_1.17.8.bb => go-binary-native_1.17.10.bb} | 4 ++--
 ...-cross-canadian_1.17.8.bb => go-cross-canadian_1.17.10.bb} | 0
 .../go/{go-cross_1.17.8.bb => go-cross_1.17.10.bb}            | 0
 .../go/{go-crosssdk_1.17.8.bb => go-crosssdk_1.17.10.bb}      | 0
 .../go/{go-native_1.17.8.bb => go-native_1.17.10.bb}          | 0
 .../go/{go-runtime_1.17.8.bb => go-runtime_1.17.10.bb}        | 0
 meta/recipes-devtools/go/{go_1.17.8.bb => go_1.17.10.bb}      | 0
 8 files changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-devtools/go/{go-1.17.8.inc => go-1.17.10.inc} (92%)
 rename meta/recipes-devtools/go/{go-binary-native_1.17.8.bb => go-binary-native_1.17.10.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.17.8.bb => go-cross-canadian_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.17.8.bb => go-cross_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.17.8.bb => go-crosssdk_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.17.8.bb => go-native_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go-runtime_1.17.8.bb => go-runtime_1.17.10.bb} (100%)
 rename meta/recipes-devtools/go/{go_1.17.8.bb => go_1.17.10.bb} (100%)

diff --git a/meta/recipes-devtools/go/go-1.17.8.inc b/meta/recipes-devtools/go/go-1.17.10.inc
similarity index 92%
rename from meta/recipes-devtools/go/go-1.17.8.inc
rename to meta/recipes-devtools/go/go-1.17.10.inc
index 649c09ec1d..e71feb5d02 100644
--- a/meta/recipes-devtools/go/go-1.17.8.inc
+++ b/meta/recipes-devtools/go/go-1.17.10.inc
@@ -17,7 +17,7 @@ SRC_URI += "\
     file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
     file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
 "
-SRC_URI[main.sha256sum] = "2effcd898140da79a061f3784ca4f8d8b13d811fb2abe9dad2404442dabbdf7a"
+SRC_URI[main.sha256sum] = "299e55af30f15691b015d8dcf8ecae72412412569e5b2ece20361753a456f2f9"
 
 # Upstream don't believe it is a signifiant real world issue and will only
 # fix in 1.17 onwards where we can drop this.
diff --git a/meta/recipes-devtools/go/go-binary-native_1.17.8.bb b/meta/recipes-devtools/go/go-binary-native_1.17.10.bb
similarity index 83%
rename from meta/recipes-devtools/go/go-binary-native_1.17.8.bb
rename to meta/recipes-devtools/go/go-binary-native_1.17.10.bb
index 1b85cd50d6..0f49cebcb7 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.17.8.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.17.10.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
 PROVIDES = "go-native"
 
 SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "980e65a863377e69fd9b67df9d8395fd8e93858e7a24c9f55803421e453f4f99"
-SRC_URI[go_linux_arm64.sha256sum] = "57a9171682e297df1a5bd287be056ed0280195ad079af90af16dcad4f64710cb"
+SRC_URI[go_linux_amd64.sha256sum] = "87fc728c9c731e2f74e4a999ef53cf07302d7ed3504b0839027bd9c10edaa3fd"
+SRC_URI[go_linux_arm64.sha256sum] = "649141201efa7195403eb1301b95dc79c5b3e65968986a391da1370521701b0c"
 
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb b/meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.17.10.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.17.8.bb b/meta/recipes-devtools/go/go-cross_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.17.8.bb
rename to meta/recipes-devtools/go/go-cross_1.17.10.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.17.8.bb b/meta/recipes-devtools/go/go-crosssdk_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.17.8.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.17.10.bb
diff --git a/meta/recipes-devtools/go/go-native_1.17.8.bb b/meta/recipes-devtools/go/go-native_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.17.8.bb
rename to meta/recipes-devtools/go/go-native_1.17.10.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.17.8.bb b/meta/recipes-devtools/go/go-runtime_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.17.8.bb
rename to meta/recipes-devtools/go/go-runtime_1.17.10.bb
diff --git a/meta/recipes-devtools/go/go_1.17.8.bb b/meta/recipes-devtools/go/go_1.17.10.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.17.8.bb
rename to meta/recipes-devtools/go/go_1.17.10.bb
-- 
2.25.1

[OE-core][kirkstone 04/19] gst-devtools: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

The second 1.20 bug-fix release (1.20.2) was released on 2 May 2022.

This release only contains bugfixes and it should be safe to update from 1.20.x.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b4c976ea07ff276ae705110769c8e9741827615b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{gst-devtools_1.20.1.bb => gst-devtools_1.20.2.bb}          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.1.bb => gst-devtools_1.20.2.bb} (95%)

diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.2.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gst-devtools_1.20.2.bb
index ade7cb7dc3..4819a34b26 100644
--- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.2.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV}
            file://0001-connect-has-a-different-signature-on-musl.patch \
            "
 
-SRC_URI[sha256sum] = "81f1c7ef105b8bdb63412638952f6320723b3161c96a80f113b020e2de554b2b"
+SRC_URI[sha256sum] = "b28dba953a92532208b30467ff91076295e266f65364b1b3482b4c4372d44b2a"
 
 DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
 RRECOMMENDS:${PN} = "git"
-- 
2.25.1

[OE-core][kirkstone 05/19] gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix only release:

video decoders: fix frame leak on negotiation error
Fix build on systems without C++ compiler
avviddec: Remove vc1/wmv3 override (fixing crash with FFmpeg 5
Segfaults on ASF/WMV files with FFMPEG 5.0+

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 208ddca121bb213a9e79d21b448547df58b9a511)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...streamer1.0-libav_1.20.1.bb => gstreamer1.0-libav_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.1.bb => gstreamer1.0-libav_1.20.2.bb} (91%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.2.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.2.bb
index 16a298ab14..4ef9755c07 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.2.bb
@@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \
                     "
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "91a71fb633b75e1bd52e22a457845cb0ba563a2972ba5954ec88448f443a9fc7"
+SRC_URI[sha256sum] = "b5c531dd8413bf771c79dab66b8e389f20b3991f745115133f0fa0b8e32809f9"
 
 S = "${WORKDIR}/gst-libav-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 06/19] gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

No changes in omx from 1.20.1 -> 1.20.2

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f9b5b0d8274b5a4990c93edb30c3170de3f87a4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{gstreamer1.0-omx_1.20.1.bb => gstreamer1.0-omx_1.20.2.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.1.bb => gstreamer1.0-omx_1.20.2.bb} (95%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.2.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.2.bb
index 835f9a31fd..c4f5d719bb 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.2.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "86b52e30ebd0f59fcb5cf81a163211975f73ef32e5a6782562804646316bcd7c"
+SRC_URI[sha256sum] = "7efed7cc5b0acf9a669e38c5360a7892430a4e86c858daac6faa1ade2b151668"
 
 S = "${WORKDIR}/gst-omx-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 07/19] gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

av1parse: Fix several issues about the colorimetry.
av1parse: fix up various possible logic errors
dashsink: fix missing mutex unlock in error code path when failing to get content
d3d11videosink: Fix for unhandled mouse double click events
interlace: Also handle a missing "interlace-mode" field as progressive
msdk: fix build with MSVC
mxfdemux: Fix issues at EOS
mxfdemux: Handle empty VANC packets
nvh264dec, nvh265dec: Fix broken key-unit trick and reverse playback
nvvp9sldec: Increase DPB size to cover render delay
rvsg: fix cairo include
tsdemux: Fix AC-4 detection in MPEG-TS
tsdemux: Handle "empty" PMT gracefully
va: pool: don't advertise the GST_BUFFER_POOL_OPTION_VIDEO_ALIGNMENT option any more
v4l2codecs: Fix memory leak
v4l2videodec: set frame duration according to framerate
webrtcbin: Update documentation of 'get-stats' action signal
webrtcbin: Check data channel transport for notifying 'ice-gathering-state'
webrtcbin: Avoid access of freed memory
wpe: Reintroduce persistent WebContext
Build: use CMake to find some openssl and exr deps
Fix multiple "unused-but-set variable" compiler warnings

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 70ff1c8f54bfb47307cce4d2cb731cc775cd7e21)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...plugins-bad_1.20.1.bb => gstreamer1.0-plugins-bad_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.1.bb => gstreamer1.0-plugins-bad_1.20.2.bb} (98%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.2.bb
similarity index 98%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.2.bb
index 7c4665ae80..bb33e3822e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.2.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad
            file://0003-ensure-valid-sentinals-for-gst_structure_get-etc.patch \
            file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
            "
-SRC_URI[sha256sum] = "09d3c2cf5911f0bc7da6bf557a55251779243d3de216b6a26cc90c445b423848"
+SRC_URI[sha256sum] = "4adc4c05f41051f8136b80cda99b0d049a34e777832f9fea7c5a70347658745b"
 
 S = "${WORKDIR}/gst-plugins-bad-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 08/19] gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

appsrc: Clarify buffer ref semantics in signals documentation
appsrc: fix annotations for bindings
typefind: Skip extension parsing for data:// URIs, fixing regression with mp4 files serialised to data uris
playbin3: various fixes
playbin3: fix missing lock when unknown stream type in pad-removed cb
decodebin3: fix collection leaks
decodebin3: Don't duplicate stream selections
discoverer: chain up to parent finalize methods in all our types to fix memory leaks
glmixerbin: slightly better pad/element creation
gltransformation: let graphene alloc its structures memory aligned
ogg: fix possible buffer overrun
rtpbasepayload: Don't write header extensions if there's no corresponding...
rtpbasepayload: always store input buffer meta before negotiation
rtpbasepayload: fix transfer annotation for push and push_list
subparse: don't try to index string with -1
riff-media: fix memory leak after usage for g_strjoin()
playbin/playbin3: Allow setting a NULL URI
playsink: Complete reconfiguration on pad release.
parsebin: Expose streams of unknown type
pbutils: Fix wmv screen description detection
subparse: don't deref a potentially NULL variable
rawvideoparse: set format from caps in gst_raw_video_parse_set_config_from_caps
videodecoder: release stream lock after handling gap events
videorate: fix assertion when pushing last and only buffer without duration
videorate: Revert "don't reset on segment update" to fix segment handling regressions
gst-play-1.0, gst-launch-1.0: Enable win32 high-resolution timer also for MinGW build

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 905766e63a6159535b9da86c4f0af62956285199)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ugins-base_1.20.1.bb => gstreamer1.0-plugins-base_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.1.bb => gstreamer1.0-plugins-base_1.20.2.bb} (97%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.2.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.2.bb
index 0953261a98..e47851700a 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.2.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba
            file://0003-viv-fb-Make-sure-config.h-is-included.patch \
            file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
            "
-SRC_URI[sha256sum] = "96d8a6413ba9394fbec1217aeef63741a729d476a505a797c1d5337d8fa7c204"
+SRC_URI[sha256sum] = "ab0656f2ad4d38292a803e0cb4ca090943a9b43c8063f650b4d3e3606c317f17"
 
 S = "${WORKDIR}/gst-plugins-base-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 09/19] gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

deinterlace: silence unused-but-set werror from imported code
qtdemux: fix leak of channel_mapping
rtpopusdepay: missing sprop-stereo should not assume mono
rtpjitterbuffer: Fix invalid memory access in rtp_jitter_buffer_pop()
rtpptdemux: fix leak of caps when ignoring a pt
rtpredenc: quieten warning about ignoring header extensions
soup: Fix pre-processor macros in souploader for libsoup-3.0
twcc: Note that twcc-stats packet loss counts reordering as loss + add some logging
video4linux2: Manual backports for RPi users
wavparse: handle URI query in any parse state, fixing audio track selection issue in GES
wavparse: Unset DISCONT buffer flag for divided into multiple buffers in push mode

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3594cbc054d0f0eb3342282f8100a0285fc9d1fd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ugins-good_1.20.1.bb => gstreamer1.0-plugins-good_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.1.bb => gstreamer1.0-plugins-good_1.20.2.bb} (97%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.2.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.2.bb
index 1f61d9a10e..6c52fb35b9 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.2.bb
@@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go
            file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
            "
 
-SRC_URI[sha256sum] = "3c66876f821d507bcdbebffb08b4f31a322727d6753f65a0f02c905ecb7084aa"
+SRC_URI[sha256sum] = "83589007bf002b8f9ef627718f308c16d83351905f0db8e85c3060f304143aae"
 
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 10/19] gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

x264enc: Don't try to fixate ANY allowed caps

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 49c5fdf15c70862c867bf7f17ed1f4ca57de2307)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...ugins-ugly_1.20.1.bb => gstreamer1.0-plugins-ugly_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.1.bb => gstreamer1.0-plugins-ugly_1.20.2.bb} (94%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.2.bb
similarity index 94%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.2.bb
index b0746c087a..edc2ece979 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.2.bb
@@ -14,7 +14,7 @@ LICENSE_FLAGS = "commercial"
 SRC_URI = " \
             https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
             "
-SRC_URI[sha256sum] = "42035145e29983308d2828207bb4ef933ed0407bb587fb3a569738c6a57fdb19"
+SRC_URI[sha256sum] = "b43fb4df94459afbf67ec22003ca58ffadcd19e763f276dca25b64c848adb7bf"
 
 S = "${WORKDIR}/gst-plugins-ugly-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 11/19] gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

Fix build on systems without C++ compiler

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 762c930a49022ee7f56e746d3e768087eafd2ac1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...reamer1.0-python_1.20.1.bb => gstreamer1.0-python_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.1.bb => gstreamer1.0-python_1.20.2.bb} (91%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.2.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.2.bb
index a8ae274631..34bc4bf4f4 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.2.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "ba6cd59faa3db3981d8c6982351c239d823c0b8e80b1acf58d2997b050289422"
+SRC_URI[sha256sum] = "853ea35a1088c762fb703e5aea9c30031a19222b59786b6599956e154620fa2f"
 
 DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
 RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
-- 
2.25.1

[OE-core][kirkstone 12/19] gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

rtspclientsink: fix possible shutdown deadlock in collect_streams()
Minor spelling fixes

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6c2cb116bf41312673afbbd71076a2ca8f59cf0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...rtsp-server_1.20.1.bb => gstreamer1.0-rtsp-server_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.1.bb => gstreamer1.0-rtsp-server_1.20.2.bb} (90%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.2.bb
similarity index 90%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.2.bb
index 90d788ab80..fd6e16c2bf 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.2.bb
@@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "4745bc528ad7de711a41d576ddce7412266e66d05c4cfcc636c9ba4da5521509"
+SRC_URI[sha256sum] = "6a8e9d136bbee4fc03858a0680dd5cbf91e2e989c43da115858eb21fb1adbcab"
 
 S = "${WORKDIR}/${PNREAL}-${PV}"
 
-- 
2.25.1

[OE-core][kirkstone 13/19] gstreamer1.0: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

devicemonitor: clean up signal handlers and hidden providers list
Leaks tracer: fix pthread_atfork return value check leading to bogus warning in log
Rust plugins: Not picked up by the plugin loader on macOS
Failed to use plugins of latest GStreamer version 1.20.x installed by brew on macOS
ptpclock: Allow at least 100ms delay between Sync/Follow_Up and Delay_Req/Delay_Resp messages. Fixes problems acquiring initial sync with certain devices
meson: Add -Wl,-rpath,${libdir} on macOS
registry: skip Rust dep builddirs when searching for plugins recursively

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb113caee72db30124f6cf8aa12fbaa14277fab5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../{gstreamer1.0_1.20.1.bb => gstreamer1.0_1.20.2.bb}          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.1.bb => gstreamer1.0_1.20.2.bb} (97%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.2.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.2.bb
index 81b94928d9..3aa9aa7048 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.2.bb
@@ -23,7 +23,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x
            file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
            file://0005-tests-remove-gstbin-test_watch_for_state_change-test.patch \
            "
-SRC_URI[sha256sum] = "de094a404a3ad8f4977829ea87edf695a4da0b5c8f613ebe54ab414bac89f031"
+SRC_URI[sha256sum] = "df24e8792691a02dfe003b3833a51f1dbc6c3331ae625d143b17da939ceb5e0a"
 
 PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
                    check \
-- 
2.25.1

[OE-core][kirkstone 14/19] gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

No changes in vaapi between 1.20.1 -> 1.20.2

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 423d901d58e7f14d65b657d2cc61245ed9210daa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...streamer1.0-vaapi_1.20.1.bb => gstreamer1.0-vaapi_1.20.2.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.1.bb => gstreamer1.0-vaapi_1.20.2.bb} (95%)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.2.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.2.bb
index 48b571f563..40dc21cf45 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.1.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.2.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "87fbf6c537af9079c99a9aefe951da119e16e5bcc9cc8614f5035f062bf21137"
+SRC_URI[sha256sum] = "30126ab6e3105dab8da76bd9951a68886149bcd70c7fee0bac68de564de41d3d"
 
 S = "${WORKDIR}/${REALPN}-${PV}"
 DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
-- 
2.25.1

[OE-core][kirkstone 15/19] libcgroup: upgrade 2.0.1 -> 2.0.2

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Bug fix release:

Fix extra spaces in configure.ac's --enable-bindings
Fix potential segfault if there are more than 100 cgroup mount points

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2139fd56da0d8e3769bcc0b337c446e7e4b98f90)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../libcgroup/{libcgroup_2.0.1.bb => libcgroup_2.0.2.bb}        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-core/libcgroup/{libcgroup_2.0.1.bb => libcgroup_2.0.2.bb} (93%)

diff --git a/meta/recipes-core/libcgroup/libcgroup_2.0.1.bb b/meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
similarity index 93%
rename from meta/recipes-core/libcgroup/libcgroup_2.0.1.bb
rename to meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
index 857a4e86fd..7ade372cae 100644
--- a/meta/recipes-core/libcgroup/libcgroup_2.0.1.bb
+++ b/meta/recipes-core/libcgroup/libcgroup_2.0.2.bb
@@ -13,7 +13,7 @@ DEPENDS = "bison-native flex-native"
 
 SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz"
 
-SRC_URI[sha256sum] = "2dd9c566a90a053e7a5f47607e225648ba7aa9bb7763514dd4778e2ed530fe90"
+SRC_URI[sha256sum] = "8ef63b32e0aff619547dbb8a25e1f6bab152d7c4864795cf915571a5994d0cf8"
 UPSTREAM_CHECK_URI = "https://github.com/libcgroup/libcgroup/releases/"
 
 DEPENDS:append:libc-musl = " fts "
-- 
2.25.1

[OE-core][kirkstone 16/19] mesa: upgrade 22.0.2 -> 22.0.3

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Mesa 22.0.3 is a bug fix release

New features:

None

Bug fixes:

freedreno: fragile location packing can break cull/clip distance
turnip: dEQP-VK.spirv_assembly.instruction.compute.float_controls.fp16.generated_args.* failures
piglit ext_image_dma_buf_import.ext_image_dma_buf_import* regression
piglit ext_image_dma_buf_import.ext_image_dma_buf_import* regression
Grid Autosport via proton/vulkan: glitches on the grass on amdgpu, fine on amdgpu-pro
[Bisected] r600: Big performance regression on some games
Huge amount of anon_inode:sync_file file descriptor created
anv regressions from commit 57445adc891 “anv: Re-enable CCS_E on TGL+”
NIR validation failed after nir_opt_if
intel: integer_mad_hi / integer_mad_sat / integer_mul_hi produce invalid results
Aperture Desk Job rendering artifacts Intel TGL
intel: integer_sub_sat produces stack corruption / OpISubBorrow compilation issue
r300/rv530: “Black rendering” of Baldur’s Gate Dark Alliance in Xbox emulator CXBX-R under wine with Gallium Nine and RADEON_DEBUG=use_tgsi
radv/aco: xfb bug
Occasional flicker corruption in Rage 2, e.g. after loading, with ACO on RX 5700 XT
RADV: Quake 2 RTX v1.6.0 Corrupted Graphics
‘../src/amd/common/ac_surface.c:1575: void ac_copy_dcc_equation(const struct radeon_info *, ADDR2_COMPUTE_DCCINFO_OUTPUT *, struct gfx9_meta_equation *): assertion “dcc->equation.gfx9.num_bits <= ARRAY_SIZE(equation->u.gfx9.bit)” failed’

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f5831ec66c6a7e7b0f21a63cc46307aa68c5b96)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../mesa/{mesa-gl_22.0.2.bb => mesa-gl_22.0.3.bb}               | 0
 meta/recipes-graphics/mesa/mesa.inc                             | 2 +-
 meta/recipes-graphics/mesa/{mesa_22.0.2.bb => mesa_22.0.3.bb}   | 0
 3 files changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-graphics/mesa/{mesa-gl_22.0.2.bb => mesa-gl_22.0.3.bb} (100%)
 rename meta/recipes-graphics/mesa/{mesa_22.0.2.bb => mesa_22.0.3.bb} (100%)

diff --git a/meta/recipes-graphics/mesa/mesa-gl_22.0.2.bb b/meta/recipes-graphics/mesa/mesa-gl_22.0.3.bb
similarity index 100%
rename from meta/recipes-graphics/mesa/mesa-gl_22.0.2.bb
rename to meta/recipes-graphics/mesa/mesa-gl_22.0.3.bb
diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc
index f5a5c14e72..d7bce3a008 100644
--- a/meta/recipes-graphics/mesa/mesa.inc
+++ b/meta/recipes-graphics/mesa/mesa.inc
@@ -22,7 +22,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \
            file://0001-util-format-Check-for-NEON-before-using-it.patch \
            "
 
-SRC_URI[sha256sum] = "df4fa560dcce6680133067cd15b0505fc424ca703244ce9ab247c74d2fab6885"
+SRC_URI[sha256sum] = "9f2b30f5276a9abaf71aafc6979685e2636189de1a87aea2c9e69744a6d0ebb9"
 
 UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P<pver>\d+(\.\d+)+)"
 
diff --git a/meta/recipes-graphics/mesa/mesa_22.0.2.bb b/meta/recipes-graphics/mesa/mesa_22.0.3.bb
similarity index 100%
rename from meta/recipes-graphics/mesa/mesa_22.0.2.bb
rename to meta/recipes-graphics/mesa/mesa_22.0.3.bb
-- 
2.25.1

[OE-core][kirkstone 17/19] mobile-broadband-provider-info: upgrade 20220315 -> 20220511

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f14c8094e7a049ac1b04c45b76855d0503559932)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../mobile-broadband-provider-info_git.bb                     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index 781b9216c5..e6f216e5cb 100644
--- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -5,8 +5,8 @@ SECTION = "network"
 LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
 
-SRCREV = "4cbb44a9fe26aa6f0b28beb79f9488b37c097b5e"
-PV = "20220315"
+SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041"
+PV = "20220511"
 PE = "1"
 
 SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
-- 
2.25.1

[OE-core][kirkstone 18/19] sqlite3: upgrade 3.38.3 -> 3.38.5

[Steve Sakoman]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Additional changes in version 3.38.4 (2022-05-04):

Fix a byte-code problem in the Bloom filter pull-down optimization added by release 3.38.0 in which an error in the byte code causes the byte code engine to enter an infinite loop when the pull-down optimization encounters a NULL key. Forum thread 2482b32700384a0f.
Other minor patches. See the timeline for details.

Additional changes in version 3.38.5 (2022-05-06):

Fix a blunder in the CLI of the 3.38.4 release.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1bd414792ae2576685b2a352a5cc93343f06985)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../sqlite/{sqlite3_3.38.3.bb => sqlite3_3.38.5.bb}             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/sqlite/{sqlite3_3.38.3.bb => sqlite3_3.38.5.bb} (86%)

diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.3.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
similarity index 86%
rename from meta/recipes-support/sqlite/sqlite3_3.38.3.bb
rename to meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index 286987b708..d56a3a0209 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.38.3.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -4,7 +4,7 @@ LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
 
 SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz"
-SRC_URI[sha256sum] = "61f2dd93a2e38c33468b7125967c3218bf9f4dd8365def6025e314f905dc942e"
+SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"
 
 # -19242 is only an issue in specific development branch commits
 CVE_CHECK_IGNORE += "CVE-2019-19242"
-- 
2.25.1

[OE-core][kirkstone 19/19] license_image.bbclass: Make QA errors fail the build

[Steve Sakoman]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

If, e.g., license-file-missing is added to ERROR_QA, then the build
should fail if any licenses are missing.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dd91c4bec8335cab2bbd0b33caf50d314ca72bdc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes/license_image.bbclass | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/classes/license_image.bbclass b/meta/classes/license_image.bbclass
index 7e1d0e08a9..3213ea758e 100644
--- a/meta/classes/license_image.bbclass
+++ b/meta/classes/license_image.bbclass
@@ -104,6 +104,8 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True):
                                        "The license listed %s was not in the "\
                                        "licenses collected for recipe %s"
                                        % (lic, pkg_dic[pkg]["PN"]), d)
+    oe.qa.exit_if_errors(d)
+
     # Two options here:
     # - Just copy the manifest
     # - Copy the manifest and the license directories
-- 
2.25.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by end
of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4160

with the exception of an autobuilder NAS timeout on qemux86-world which
passed on subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/108/builds/3450

The following changes since commit 92f122e0c1a7589bec3b628474548aad7fe159b4:

  wic: depend on cross-binutils (2022-08-31 04:16:07 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexander Kanavin (1):
  bind: upgrade 9.18.4 -> 9.18.5

Andrei Gherzan (4):
  linux-yocto: Fix COMPATIBLE_MACHINE regex match
  shadow: Enable subid support
  rootfspostcommands.py: Cleanup subid backup files generated by
    shadow-utils
  shadow: Avoid nss warning/error with musl

Bruce Ashfield (4):
  linux-yocto/5.15: update to v5.15.60
  linux-yocto/5.15: update to v5.15.62
  linux-yocto/5.10: update to v5.10.136
  linux-yocto/5.10: update to v5.10.137

Khem Raj (5):
  xinetd: Pass missing -D_GNU_SOURCE
  watchdog: Include needed system header for function decls
  pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses
  apr: Use correct strerror_r implementation based on libc type
  gcr: Define _GNU_SOURCE

Mateusz Marciniec (1):
  util-linux: Remove --enable-raw from EXTRA_OECONF

Pavel Zhukov (1):
  parselogs: Ignore xf86OpenConsole error

Ross Burton (1):
  libxml2: wrap xmllint to use the correct XML catalogues

Steve Sakoman (1):
  lttng-modules: fix build for kernel 5.10.137

ghassaneben (1):
  sqlite: fix CVE-2022-35737

 meta/lib/oeqa/runtime/cases/parselogs.py      |  1 +
 meta/lib/rootfspostcommands.py                |  7 ++
 ...1-avoid-start-failure-with-bind-user.patch |  0
 ...d-V-and-start-log-hide-build-options.patch |  0
 ...ching-for-json-headers-searches-sysr.patch |  0
 .../bind/{bind-9.18.4 => bind-9.18.5}/bind9   |  0
 .../{bind-9.18.4 => bind-9.18.5}/conf.patch   |  0
 .../generate-rndc-key.sh                      |  0
 ...t.d-add-support-for-read-only-rootfs.patch |  0
 .../make-etc-initd-bind-stop-work.patch       |  0
 .../named.service                             |  0
 .../bind/{bind_9.18.4.bb => bind_9.18.5.bb}   |  2 +-
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |  2 +
 .../util-linux/util-linux_2.37.4.bb           |  2 +-
 ...f-message-when-not-in-place-eg.-musl.patch | 27 ++++++
 meta/recipes-extended/shadow/shadow.inc       |  9 ++
 ...guard-sys-quota.h-sys-swap.h-and-sys.patch | 37 ++++++++
 .../watchdog/watchdog_5.16.bb                 |  1 +
 .../xinetd/xinetd_2.3.15.4.bb                 |  2 +
 meta/recipes-gnome/gcr/gcr_3.40.0.bb          |  2 +
 meta/recipes-kernel/linux/linux-yocto-dev.bb  |  2 +-
 .../linux/linux-yocto-rt_5.10.bb              |  8 +-
 .../linux/linux-yocto-rt_5.15.bb              |  8 +-
 .../linux/linux-yocto-tiny_5.10.bb            | 10 +-
 .../linux/linux-yocto-tiny_5.15.bb            |  8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb | 26 +++---
 meta/recipes-kernel/linux/linux-yocto_5.15.bb | 28 +++---
 ...djust-range-v5.10.137-in-block-probe.patch | 92 +++++++++++++++++++
 .../lttng/lttng-modules_2.13.4.bb             |  1 +
 ...CHE_CHECK-for-strerror_r-return-type.patch | 52 +++++++++++
 meta/recipes-support/apr/apr_1.7.0.bb         |  4 +
 .../pinentry/pinentry_1.2.0.bb                |  3 +
 ...riables-in-the-printf-implementation.patch | 26 ++++++
 33 files changed, 313 insertions(+), 47 deletions(-)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/0001-avoid-start-failure-with-bind-user.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/0001-named-lwresd-V-and-start-log-hide-build-options.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/bind-ensure-searching-for-json-headers-searches-sysr.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/bind9 (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/conf.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/generate-rndc-key.sh (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/init.d-add-support-for-read-only-rootfs.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/make-etc-initd-bind-stop-work.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.4 => bind-9.18.5}/named.service (100%)
 rename meta/recipes-connectivity/bind/{bind_9.18.4.bb => bind_9.18.5.bb} (97%)
 create mode 100644 meta/recipes-extended/shadow/files/0001-Drop-nsswitch.conf-message-when-not-in-place-eg.-musl.patch
 create mode 100644 meta/recipes-extended/watchdog/watchdog/0001-shutdown-Do-not-guard-sys-quota.h-sys-swap.h-and-sys.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-adjust-range-v5.10.137-in-block-probe.patch
 create mode 100644 meta/recipes-support/apr/apr/0001-add-AC_CACHE_CHECK-for-strerror_r-return-type.patch
 create mode 100644 meta/recipes-support/sqlite/files/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch

-- 
2.25.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4645

The following changes since commit 45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2:

  build-appliance-image: Update to kirkstone head revision (2022-12-13 15:59:33 +0000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alex Stewart (1):
  lsof: add update-alternatives logic

Carlos Alberto Lopez Perez (1):
  xwayland: libxshmfence is needed when dri3 is enabled

Chen Qi (2):
  bc: extend to nativesdk
  rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work

Florin Diaconescu (1):
  python3: upgrade 3.10.8 -> 3.10.9

Hitendra Prajapati (2):
  golang: CVE-2022-41715 regexp/syntax: limit memory used by parsing
    regexps
  libxml2: Fix CVE-2022-40303 && CVE-2022-40304

Marta Rybczynska (1):
  efibootmgr: update compilation with musl

Mathieu Dubois-Briand (1):
  dbus: Add missing CVE product name

Peter Marko (2):
  externalsrc: fix lookup for .gitmodules
  oeqa/selftest/externalsrc: add test for srctree_hash_files

Richard Purdie (1):
  yocto-check-layer: Allow OE-Core to be tested

Ross Burton (4):
  lib/buildstats: fix parsing of trees with reduced_proc_pressure
    directories
  combo-layer: remove unused import
  combo-layer: dont use bb.utils.rename
  combo-layer: add sync-revs command

Wang Mingyu (3):
  bind: upgrade 9.18.8 -> 9.18.9
  mpfr: upgrade 4.1.0 -> 4.1.1
  libxcrypt-compat: upgrade 4.4.30 -> 4.4.33

 meta/classes/externalsrc.bbclass              |   2 +-
 meta/classes/rm_work.bbclass                  |   2 +-
 meta/lib/oeqa/selftest/cases/externalsrc.py   |  44 ++
 meta/recipes-bsp/efibootmgr/efibootmgr_17.bb  |   2 -
 ...1-avoid-start-failure-with-bind-user.patch |   0
 ...d-V-and-start-log-hide-build-options.patch |   0
 ...ching-for-json-headers-searches-sysr.patch |   0
 .../bind/{bind-9.18.8 => bind-9.18.9}/bind9   |   0
 .../{bind-9.18.8 => bind-9.18.9}/conf.patch   |   0
 .../generate-rndc-key.sh                      |   0
 ...t.d-add-support-for-read-only-rootfs.patch |   0
 .../make-etc-initd-bind-stop-work.patch       |   0
 .../named.service                             |   0
 .../bind/{bind_9.18.8.bb => bind_9.18.9.bb}   |   2 +-
 meta/recipes-core/dbus/dbus_1.14.4.bb         |   2 +
 ...t_4.4.30.bb => libxcrypt-compat_4.4.33.bb} |   0
 meta/recipes-core/libxcrypt/libxcrypt.inc     |   2 +-
 .../libxml/libxml2/CVE-2022-40303.patch       | 624 ++++++++++++++++++
 .../libxml/libxml2/CVE-2022-40304.patch       | 106 +++
 meta/recipes-core/libxml/libxml2_2.9.14.bb    |   2 +
 meta/recipes-devtools/go/go-1.17.13.inc       |   1 +
 .../go/go-1.18/CVE-2022-41715.patch           | 270 ++++++++
 .../python/python3/CVE-2022-42919.patch       |  70 --
 .../python/python3/cve-2022-37454.patch       | 108 ---
 .../{python3_3.10.8.bb => python3_3.10.9.bb}  |   3 +-
 meta/recipes-extended/bc/bc_1.07.1.bb         |   2 +-
 meta/recipes-extended/lsof/lsof_4.94.0.bb     |   9 +
 .../xwayland/xwayland_22.1.5.bb               |   2 +-
 .../mpfr/{mpfr_4.1.0.bb => mpfr_4.1.1.bb}     |   2 +-
 scripts/combo-layer                           |  30 +-
 scripts/lib/buildstats.py                     |   4 +-
 scripts/lib/checklayer/__init__.py            |  11 +-
 scripts/lib/checklayer/cases/bsp.py           |   2 +-
 scripts/lib/checklayer/cases/common.py        |   3 +
 scripts/lib/checklayer/cases/distro.py        |   2 +-
 scripts/yocto-check-layer                     |   5 +-
 36 files changed, 1107 insertions(+), 205 deletions(-)
 create mode 100644 meta/lib/oeqa/selftest/cases/externalsrc.py
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/0001-avoid-start-failure-with-bind-user.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/0001-named-lwresd-V-and-start-log-hide-build-options.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/bind-ensure-searching-for-json-headers-searches-sysr.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/bind9 (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/conf.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/generate-rndc-key.sh (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/init.d-add-support-for-read-only-rootfs.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/make-etc-initd-bind-stop-work.patch (100%)
 rename meta/recipes-connectivity/bind/{bind-9.18.8 => bind-9.18.9}/named.service (100%)
 rename meta/recipes-connectivity/bind/{bind_9.18.8.bb => bind_9.18.9.bb} (97%)
 rename meta/recipes-core/libxcrypt/{libxcrypt-compat_4.4.30.bb => libxcrypt-compat_4.4.33.bb} (100%)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-40303.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-40304.patch
 create mode 100644 meta/recipes-devtools/go/go-1.18/CVE-2022-41715.patch
 delete mode 100644 meta/recipes-devtools/python/python3/CVE-2022-42919.patch
 delete mode 100644 meta/recipes-devtools/python/python3/cve-2022-37454.patch
 rename meta/recipes-devtools/python/{python3_3.10.8.bb => python3_3.10.9.bb} (99%)
 rename meta/recipes-support/mpfr/{mpfr_4.1.0.bb => mpfr_4.1.1.bb} (91%)

-- 
2.25.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, October 31

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/362

The following changes since commit 983e3efb51ab22f1fa5f90cbbfba2d701aa425fc:

  kmscube: create_framebuffer: backport modifier fix (2024-10-16 06:55:13 -0700)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Antoine Lubineau (1):
  cve-check: add CVSS vector string to CVE database and reports

Ashish Sharma (1):
  ghostscript: Backport CVE-2024-29508

Eilís 'pidge' Ní Fhlannagáin (1):
  nativesdk-intercept: Fix bad intercept chgrp/chown logic

Khem Raj (3):
  zip: Make configure checks to be more robust
  zip: Fix build with gcc-14
  util-linux: Define pidfd_* function signatures

Martin Jansa (3):
  vala: add -Wno-error=incompatible-pointer-types work around
  libffi: backport a fix to build libffi-native with gcc-14
  at-spi2-core: backport a patch to fix build with gcc-14 on host

Peter Marko (3):
  openssl: patch CVE-2024-9143
  python3: ignore fixed CVEs
  cve-check: add support for cvss v4.0

Rohini Sangam (1):
  vim: Upgrade 9.1.0698 -> 9.1.0764

Siddharth Doshi (1):
  vim: Upgrade 9.1.0682 -> 9.1.0698

Steve Sakoman (1):
  bmap-tools: update HOMEPAGE and SRC_URI

Wang Mingyu (1):
  orc: upgrade 0.4.39 -> 0.4.40

Yogita Urade (1):
  qemu: fix CVE-2023-3019

Zoltan Boszormenyi (1):
  cracklib: Modify patch to compile with GCC 14

baruch@tkos.co.il (1):
  overlayfs-etc: add option to skip creation of mount dirs

 meta/classes/cve-check.bbclass                |  12 +-
 meta/classes/overlayfs-etc.bbclass            |   5 +-
 meta/files/overlayfs-etc-preinit.sh.in        |  16 +-
 .../openssl/openssl/CVE-2024-9143.patch       | 202 ++++++
 .../openssl/openssl_3.0.15.bb                 |   1 +
 .../meta/cve-update-nvd2-native.bb            |  19 +-
 meta/recipes-core/util-linux/util-linux.inc   |   1 +
 .../0001-check-for-sys-pidfd.h.patch          |  50 ++
 .../orc/{orc_0.4.39.bb => orc_0.4.40.bb}      |   2 +-
 .../python/python3_3.10.15.bb                 |   2 +
 meta/recipes-devtools/qemu/qemu.inc           |  18 +-
 .../qemu/qemu/CVE-2023-3019-0001.patch        | 622 ++++++++++++++++++
 .../qemu/qemu/CVE-2023-3019-0002.patch        |  91 +++
 meta/recipes-devtools/vala/vala.inc           |   4 +
 ...port-dictionary-byte-order-dependent.patch |   2 +-
 .../ghostscript/CVE-2024-29508-1.patch        | 308 +++++++++
 .../ghostscript/CVE-2024-29508-2.patch        |  29 +
 .../ghostscript/ghostscript_9.55.0.bb         |   2 +
 ...e-dirent.h-for-closedir-opendir-APIs.patch |  45 ++
 ...y-correct-function-signatures-and-de.patch | 134 ++++
 meta/recipes-extended/zip/zip_3.0.bb          |   2 +
 .../0001-Fix-function-prototype.patch         |  27 +
 .../atk/at-spi2-core_2.42.0.bb                |   1 +
 .../bmap-tools/bmap-tools_git.bb              |   4 +-
 ...ward-declare-open_temp_exec_file-764.patch |  47 ++
 meta/recipes-support/libffi/libffi_3.4.4.bb   |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 scripts/nativesdk-intercept/chgrp             |   5 +-
 scripts/nativesdk-intercept/chown             |   5 +-
 29 files changed, 1630 insertions(+), 31 deletions(-)
 create mode 100755 meta/recipes-connectivity/openssl/openssl/CVE-2024-9143.patch
 create mode 100644 meta/recipes-core/util-linux/util-linux/0001-check-for-sys-pidfd.h.patch
 rename meta/recipes-devtools/orc/{orc_0.4.39.bb => orc_0.4.40.bb} (92%)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0001.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-3019-0002.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29508-1.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29508-2.patch
 create mode 100644 meta/recipes-extended/zip/zip-3.0/0001-configure-Include-dirent.h-for-closedir-opendir-APIs.patch
 create mode 100644 meta/recipes-extended/zip/zip-3.0/0001-configure-Specify-correct-function-signatures-and-de.patch
 create mode 100644 meta/recipes-support/atk/at-spi2-core/0001-Fix-function-prototype.patch
 create mode 100644 meta/recipes-support/libffi/libffi/0001-Forward-declare-open_temp_exec_file-764.patch

-- 
2.34.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, November 14

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/426

The following changes since commit 2e8819c0b9ada2b600aecc40c974a18eb7c0a666:

  xmlto: backport a patch to fix build with gcc-14 on host (2024-11-05 14:15:16 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Alexandre Belloni (1):
  pseudo: Update to pull in fd leak fix

Archana Polampalli (1):
  ghostscript: fix CVE-2023-46361

Khem Raj (1):
  pseudo: Disable LFS on 32bit arches

Ola x Nilsson (1):
  patch.py: Use shlex instead of deprecated pipe

Peter Marko (4):
  curl: patch CVE-2024-9681
  gstreamer1.0: ignore CVE-2024-0444
  expat: patch CVE-2024-50602
  glib-2.0: patch regression of CVE-2023-32665

Philip Lorenz (1):
  cmake: Fix sporadic issues when determining compiler internals

Richard Purdie (10):
  pseudo: Update to pull in linux-libc-headers race fix
  pseudo: Switch back to the master branch
  pseudo: Update to include logic fix
  pseudo: Update to pull in syncfs probe fix
  pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept
  pseudo: Update to pull in fchmodat fix
  pseudo: Update to pull in python 3.12+ fix
  pseudo: Fix to work with glibc 2.40
  pseudo: Update to include open symlink handling bugfix
  pseudo: Fix envp bug and add posix_spawn wrapper

 meta/lib/oe/patch.py                          | 11 ++-
 .../expat/expat/CVE-2024-50602-01.patch       | 56 ++++++++++++
 .../expat/expat/CVE-2024-50602-02.patch       | 38 +++++++++
 meta/recipes-core/expat/expat_2.5.0.bb        |  2 +
 ...aliser-Convert-endianness-of-offsets.patch | 68 +++++++++++++++
 meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb |  1 +
 meta/recipes-devtools/cmake/cmake.inc         |  1 +
 ...mpilerABI-Strip-pipe-from-compile-fl.patch | 52 ++++++++++++
 .../pseudo/files/glibc238.patch               | 23 ++---
 meta/recipes-devtools/pseudo/pseudo_git.bb    | 11 ++-
 .../ghostscript/CVE-2023-46361.patch          | 32 +++++++
 .../ghostscript/ghostscript_9.55.0.bb         |  1 +
 .../gstreamer/gstreamer1.0_1.20.7.bb          |  3 +
 .../curl/curl/CVE-2024-9681.patch             | 85 +++++++++++++++++++
 meta/recipes-support/curl/curl_7.82.0.bb      |  1 +
 15 files changed, 362 insertions(+), 23 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-50602-01.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2024-50602-02.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/0001-gvariant-serialiser-Convert-endianness-of-offsets.patch
 create mode 100644 meta/recipes-devtools/cmake/cmake/0001-CMakeDetermineCompilerABI-Strip-pipe-from-compile-fl.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-46361.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2024-9681.patch

-- 
2.34.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, November 26

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/505

The following changes since commit fb45c5cf8c2b663af293acb069d446610f77ff1a:

  build-appliance-image: Update to kirkstone head revision (2024-11-15 12:18:46 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Aleksandar Nikolic (1):
  scripts/install-buildtools: Update to 4.0.22

Archana Polampalli (6):
  ffmpeg: fix CVE-2024-32230
  ffmpeg: fix CVE-2023-51793
  ffmpeg: fix CVE-2023-50008
  ffmpeg: fix CVE-2024-31582
  ffmpeg: fix CVE-2024-31578
  ffmpeg: fix CVE-2023-51794

Chen Qi (1):
  toolchain-shar-extract.sh: exit when post-relocate-setup.sh fails

Khem Raj (1):
  webkitgtk: Fix build on 32bit arm

Liyin Zhang (1):
  lttng-modules: fix build error after kernel update to 5.15.171

Ovidiu Panait (1):
  webkitgtk: fix perl-native dependency

Regis Dargent (1):
  udev-extraconf: fix network.sh script did not configure hotplugged
    interfaces

Ross Burton (1):
  webkitgtk: reduce size of -dbg package

Steve Sakoman (1):
  llvm: reduce size of -dbg package

Vijay Anusuri (4):
  ghostscript: Backport fix for multiple CVE's
  libsoup: Fix for CVE-2024-52530 and CVE-2024-52532
  libsoup-2.4: Backport fix for CVE-2024-52530 and CVE-2024-52532
  glib-2.0: Backport fix for CVE-2024-52533

Wang Mingyu (1):
  wireless-regdb: upgrade 2024.07.04 -> 2024.10.07

 meta/files/toolchain-shar-extract.sh          |   4 +
 .../glib-2.0/glib-2.0/CVE-2024-52533.patch    |  49 +++
 meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb |   1 +
 .../udev/udev-extraconf/network.sh            |  32 --
 meta/recipes-devtools/llvm/llvm_git.bb        |   2 +
 .../ghostscript/CVE-2024-46951.patch          |  31 ++
 .../ghostscript/CVE-2024-46952.patch          |  62 ++++
 .../ghostscript/CVE-2024-46953.patch          |  67 ++++
 .../ghostscript/CVE-2024-46955.patch          |  60 ++++
 .../ghostscript/CVE-2024-46956.patch          |  30 ++
 .../ghostscript/ghostscript_9.55.0.bb         |   5 +
 ...c-fix-tracepoint-mm_page_alloc_zone_.patch |  61 ++++
 .../lttng/lttng-modules_2.13.14.bb            |   1 +
 ....07.04.bb => wireless-regdb_2024.10.07.bb} |   2 +-
 .../ffmpeg/ffmpeg/CVE-2023-50008.patch        |  29 ++
 .../ffmpeg/ffmpeg/CVE-2023-51793.patch        |  67 ++++
 .../ffmpeg/ffmpeg/CVE-2023-51794.patch        |  35 +++
 .../ffmpeg/ffmpeg/CVE-2024-31578.patch        |  49 +++
 .../ffmpeg/ffmpeg/CVE-2024-31582.patch        |  34 ++
 .../ffmpeg/ffmpeg/CVE-2024-32230.patch        |  35 +++
 .../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb |   6 +
 ...44e17d258106617b0e6d783d073b188a2548.patch | 296 ++++++++++++++++++
 meta/recipes-sato/webkit/webkitgtk_2.36.8.bb  |   7 +-
 .../libsoup/libsoup-2.4/CVE-2024-52530.patch  | 149 +++++++++
 .../libsoup-2.4/CVE-2024-52532-1.patch        |  36 +++
 .../libsoup-2.4/CVE-2024-52532-2.patch        |  42 +++
 .../libsoup/libsoup-2.4_2.74.2.bb             |   3 +
 .../libsoup/libsoup/CVE-2024-52530.patch      | 149 +++++++++
 .../libsoup/libsoup/CVE-2024-52532-1.patch    |  36 +++
 .../libsoup/libsoup/CVE-2024-52532-2.patch    |  42 +++
 meta/recipes-support/libsoup/libsoup_3.0.7.bb |   6 +-
 scripts/install-buildtools                    |   4 +-
 32 files changed, 1395 insertions(+), 37 deletions(-)
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2024-52533.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-46951.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-46952.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-46953.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-46955.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-46956.patch
 create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-fix-mm-page_alloc-fix-tracepoint-mm_page_alloc_zone_.patch
 rename meta/recipes-kernel/wireless-regdb/{wireless-regdb_2024.07.04.bb => wireless-regdb_2024.10.07.bb} (94%)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-51793.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-51794.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-32230.patch
 create mode 100644 meta/recipes-sato/webkit/webkitgtk/0d3344e17d258106617b0e6d783d073b188a2548.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52530.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-2.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52530.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52532-1.patch
 create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2024-52532-2.patch

-- 
2.34.1

[OE-core][kirkstone 00/19] Patch review

[Steve Sakoman]

Please review this set of changes for kirkstone and have comments back by
end of day Thursday, January 9

Passed a-full on autobuilder:

https://valkyrie.yoctoproject.org/#/builders/29/builds/758

The following changes since commit fb9ebc811800eb8880e3687243d75bafab77a700:

  ovmf-native: remove .pyc files from install (2025-01-06 05:56:49 -0800)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
  https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut

Bruce Ashfield (10):
  linux-yocto/5.15: update to v5.15.167
  linux-yocto/5.10: update to v5.10.226
  linux-yocto/5.10: update to v5.10.227
  linux-yocto/5.15: update to v5.15.168
  linux-yocto/5.15: update to v5.15.169
  linux-yocto/5.15: update to v5.15.170
  linux-yocto/5.15: update to v5.15.171
  linux-yocto/5.15: update to v5.15.173
  linux-yocto/5.15: update to v5.15.174
  linux-yocto/5.15: update to v5.15.175

Vijay Anusuri (9):
  gstreamer1.0-plugins-base: Fix for multiple CVE's
  gstreamer1.0: Backport fix for CVE-2024-47606
  gstreamer1.0-plugins-good: fix several CVE's
  gstreamer1.0-plugins-good: Fix for CVE-2024-47599
  gstreamer1.0-plugins-good: Fix multiple CVEs
  gstreamer1.0-plugins-good: Fix CVE-2024-47606
  gstreamer1.0-plugins-good: Fix CVE-2024-47613
  gstreamer1.0-plugins-good: Fix CVE-2024-47774
  gstreamer1.0-plugins-good: Fix multiple CVE's

 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-rt_5.15.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 .../linux/linux-yocto-tiny_5.15.bb            |   6 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +-
 meta/recipes-kernel/linux/linux-yocto_5.15.bb |  26 +-
 .../CVE-2024-47538.patch                      |  35 ++
 .../CVE-2024-47541-1.patch                    |  38 ++
 .../CVE-2024-47541-2.patch                    |  99 ++++
 .../CVE-2024-47542.patch                      |  64 +++
 .../CVE-2024-47600.patch                      |  38 ++
 .../CVE-2024-47607.patch                      |  41 ++
 .../CVE-2024-47615-1.patch                    |  79 +++
 .../CVE-2024-47615-2.patch                    | 168 +++++++
 .../CVE-2024-47835.patch                      |  39 ++
 .../gstreamer1.0-plugins-base_1.20.7.bb       |   9 +
 ...7544_47545_47546_47596_47597_47598-1.patch |  64 +++
 ...544_47545_47546_47596_47597_47598-10.patch |  97 ++++
 ...544_47545_47546_47596_47597_47598-11.patch |  36 ++
 ...544_47545_47546_47596_47597_47598-12.patch |  37 ++
 ...7544_47545_47546_47596_47597_47598-2.patch |  73 +++
 ...7544_47545_47546_47596_47597_47598-3.patch |  36 ++
 ...7544_47545_47546_47596_47597_47598-4.patch |  63 +++
 ...7544_47545_47546_47596_47597_47598-5.patch |  44 ++
 ...7544_47545_47546_47596_47597_47598-6.patch | 120 +++++
 ...7544_47545_47546_47596_47597_47598-7.patch | 449 ++++++++++++++++++
 ...7544_47545_47546_47596_47597_47598-8.patch |  56 +++
 ...7544_47545_47546_47596_47597_47598-9.patch |  49 ++
 ...4_47545_47546_47596_47597_47598-pre1.patch | 127 +++++
 ...2024-47540_47601_47602_47603_47834-1.patch |  56 +++
 ...2024-47540_47601_47602_47603_47834-2.patch |  31 ++
 ...2024-47540_47601_47602_47603_47834-3.patch |  39 ++
 ...2024-47540_47601_47602_47603_47834-4.patch |  47 ++
 ...2024-47540_47601_47602_47603_47834-5.patch |  48 ++
 ...2024-47540_47601_47602_47603_47834-6.patch |  39 ++
 ...2024-47540_47601_47602_47603_47834-7.patch |  40 ++
 .../CVE-2024-47599.patch                      |  99 ++++
 .../CVE-2024-47606.patch                      |  44 ++
 .../CVE-2024-47613.patch                      |  53 +++
 .../CVE-2024-47774.patch                      |  46 ++
 .../CVE-2024-47775_47776_47777_47778-1.patch  | 171 +++++++
 .../CVE-2024-47775_47776_47777_47778-2.patch  |  38 ++
 .../CVE-2024-47775_47776_47777_47778-3.patch  |  62 +++
 .../CVE-2024-47775_47776_47777_47778-4.patch  |  34 ++
 .../CVE-2024-47775_47776_47777_47778-5.patch  |  37 ++
 .../CVE-2024-47775_47776_47777_47778-6.patch  |  44 ++
 .../CVE-2024-47775_47776_47777_47778-7.patch  |  38 ++
 .../gstreamer1.0-plugins-good_1.20.7.bb       |  31 ++
 .../gstreamer1.0/CVE-2024-47606.patch         |  56 +++
 .../gstreamer/gstreamer1.0_1.20.7.bb          |   1 +
 50 files changed, 2953 insertions(+), 38 deletions(-)
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47538.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47541-1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47541-2.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47542.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47600.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47607.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47615-1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47615-2.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-47835.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-10.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-11.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-12.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-2.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-3.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-4.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-5.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-6.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-7.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-8.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-9.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47537_47539_47543_47544_47545_47546_47596_47597_47598-pre1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-2.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-3.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-4.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-5.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-6.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47540_47601_47602_47603_47834-7.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47599.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47606.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47613.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47774.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-1.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-2.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-3.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-4.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-5.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-6.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/CVE-2024-47775_47776_47777_47778-7.patch
 create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0/CVE-2024-47606.patch

-- 
2.43.0