From: Peter Marko <peter.marko@...> Backport based on https://github.com/c-ares/c-ares/issues/496 Signed-off-by: Peter Marko <peter.marko@...> --- .../c-ares/c-ares/CVE-2022-4904.patch | 66 ++++++++++

Fix build with musl/aarch64 Signed-off-by: Khem Raj <raj.khem@...> --- meta-oe/recipes-test/cmocka/cmocka_1.1.7.bb | 1 + ...or-previous-declaration-of-uintptr_t.patch | 43 +++++++++++++++++++ 2 files

ChangeLog: https://github.com/CESNET/libyang/releases/tag/v2.1.55 * Generate cases list dynamically in run-ptest. * Add a patch to fix ptest. Signed-off-by: Yi Zhao <yi.zhao@...> --- ...ntext-skip-tes

From: Changqing Li <changqing.li@...> Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial-o

From: Changqing Li <changqing.li@...> This upgrade contains two CVE fixes, CVE-2023-25690 (CRITICAL) CVE-2023-27522 (HIGH) Signed-off-by: Changqing Li <changqing.li@...> --- .../apache2/{apache2_2.4.5

The following changes since commit 613dc6e1076efcb8c0aadf7728433e5841e6a6aa: nodejs: Upgrade 16.19.0 -> 16.19.1 (2023-03-12 11:51:57 -0400) are available in the Git repository at: https://git.openembe

From: Changqing Li <changqing.li@...> Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial

Some python modules (e.g. SciPy, scikit-image) use meson-python (a.k.a. mesonpy) in pyproject.toml: [build-system] build-backend = 'mesonpy' This class, together with python3-meson-python and its depe

Pgpool-II is a middleware that works between PostgreSQL servers and a PostgreSQL database client. It is distributed under a license similar to BSD and MIT. It provides the following features. Signed-o

Switch the SRC_URI branch from master to stable-1.1 The 1.1.5 version was actually a bit ahead of that tag but the ChangeLog comment for the two releases are: Thu Feb 23 2023 Andreas Schneider <asn@..

From: Stefan Ghinea <stefan.ghinea@...> An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically,

There has been a strong desire to have our SPDX support in the Dunfell LTS release. As such, I've put together a patch series in poky-contrib to try this out, which can be found here: https://git.yoct

Remove memcached from rv64, its not buildable yet Signed-off-by: Khem Raj <raj.khem@...> --- .../recipes-core/packagegroups/packagegroup-meta-networking.bb | 2 ++ 1 file changed, 2 insertions(+) diff

Signed-off-by: Khem Raj <raj.khem@...> --- .../packagegroups/packagegroup-meta-oe.bbappend | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-oe/dynamic-layers/meta-python/

Because they get renamed, it is better to ignore them and let a dependency build them Fixes errors like ERROR: packagegroup-meta-multimedia-1.0-r0 do_package_write_ipk: An allarch packagegroup shouldn

From: Wang Mingyu <wangmy@...> Changelog: ========== - rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. - mod_ldap: LDAPConnect

Dear maintainers, CVE-2018-5996 and CVE-2016-9296 were fixed in dunfell but these patched did not make it to master (and thus also not to langdale and kirkstone). Could you please pick them to these t

Signed-off-by: Khem Raj <raj.khem@...> --- ...prototype-of-des3_encrypt-des3_decry.patch | 46 +++++++++++++++++++ .../recipes-support/libssh/libssh_0.10.4.bb | 1 + 2 files changed, 47 insertions(+) cr

Ensures that it picks up definitions of strlcpy() from string.h Signed-off-by: Khem Raj <raj.khem@...> --- meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.15.bb | 3 +++ 1 file changed, 3 inserti

ChangeLog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 Security Fixes: CVE-2022-46392: https://nvd.nist.gov/vuln/detail/CVE-2022-46392 CVE-2022-46393: https://nvd.nist.gov/vuln/detail/CVE