Signed-off-by: Alexander Kanavin <alex@...> --- .../python/python3-pybluez/py-3.11.patch | 454 ++++++++++++++++++ .../python/python3-pybluez_0.23.bb | 3 +- 2 files

Force regeneration of cython files in particular (and strip build paths out of them afterwards). Signed-off-by: Alexander Kanavin <alex@...> --- .../python/python3-gevent/py-3.11.patch

pre-generated cython files in the tarball are not compatible with python 3.11, and adding a dependency will regenerate them. Signed-off-by: Alexander Kanavin <alex@...> ---

On the equivalent patch set against master branch, Ross Burton suggested to not add the CVE to the white list but instead get the CPE modified. We might want to do the same thing here. Best

Yes, makes sense. We can skip this patch if we manage to have the CPE fixed. Mathieu

Oh yeh, good question ! Previous LICENSE file was Apache 2.0 license, now we have three files: - LICENSE, who basically says "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later".

Signed-off-by: Devendra Tewari <devendra.tewari@...> --- meta-multimedia/recipes-multimedia/libcamera/libcamera.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git

Why did the LIC_FILES_CHKSUM change? - armin

clang errors out linking lto objects riscv64-yoe-linux-musl-ld: /tmp/lto-llvm-d497c5.o: can't link soft-float modules with double-float modules This is something needs to be addressed in clang for

If possible it’s best to contact NIST and get the CPE entries updated instead of whitelisting, as more accurate data is always better. It’s complicated in this situation because of the backports,

Probably, only cmake scares me every time I have to touch it :) When I was digging through all of this, I wondered if going back to autotools would be preferable and fixing up the lld case (the

Service release. Issues resolved: https://github.com/eclipse/paho.mqtt.c/milestone/18?clos= ed=3D1 Signed-off-by: Matthias Klein <matthias@...> --- .../{paho-mqtt-c_1.3.10.bb =3D>

Hi Khem Raj, Have added the “[kirkstone]” in subject. Do I need to send the patch again ? Best Regards, Narpat Mali Sent from Mail for Windows From: Khem Raj Sent: 04 October

Hi, Fixing the CVE product name from mbedtls uncover a lot of CVEs. Some of these are fixed in the last 2.16 version, but some remain. Here is what I found: - CVE-2020-36477 and CVE-2022-35409: I

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- .../recipes-connectivity/mbedtls/mbedtls_2.16.12.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- .../mbedtls/mbedtls/CVE-2020-36477.patch | 64 +++++++++++++++++++ .../mbedtls/mbedtls/CVE-2022-35409.patch | 41 ++++++++++++

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- .../mbedtls/{mbedtls_2.16.6.bb => mbedtls_2.16.12.bb} | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) rename

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- .../recipes-connectivity/mbedtls/mbedtls_2.28.1.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git

Signed-off-by: Mathieu Dubois-Briand <mbriand@...> --- meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git