From: Changqing Li <changqing.li@...> This upgrade contains two CVE fixes, CVE-2023-25690 (CRITICAL) CVE-2023-27522 (HIGH) Signed-off-by: Changqing Li <changqing.li@...> --- .../apache2/{apache2_2.4.5

The following changes since commit 613dc6e1076efcb8c0aadf7728433e5841e6a6aa: nodejs: Upgrade 16.19.0 -> 16.19.1 (2023-03-12 11:51:57 -0400) are available in the Git repository at: https://git.openembe

From: Changqing Li <changqing.li@...> Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial

Pgpool-II is a middleware that works between PostgreSQL servers and a PostgreSQL database client. It is distributed under a license similar to BSD and MIT. It provides the following features. Signed-o

Switch the SRC_URI branch from master to stable-1.1 The 1.1.5 version was actually a bit ahead of that tag but the ChangeLog comment for the two releases are: Thu Feb 23 2023 Andreas Schneider <asn@..

From: Stefan Ghinea <stefan.ghinea@...> An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically,

There has been a strong desire to have our SPDX support in the Dunfell LTS release. As such, I've put together a patch series in poky-contrib to try this out, which can be found here: https://git.yoct

Remove memcached from rv64, its not buildable yet Signed-off-by: Khem Raj <raj.khem@...> --- .../recipes-core/packagegroups/packagegroup-meta-networking.bb | 2 ++ 1 file changed, 2 insertions(+) diff

Signed-off-by: Khem Raj <raj.khem@...> --- .../packagegroups/packagegroup-meta-oe.bbappend | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-oe/dynamic-layers/meta-python/

Because they get renamed, it is better to ignore them and let a dependency build them Fixes errors like ERROR: packagegroup-meta-multimedia-1.0-r0 do_package_write_ipk: An allarch packagegroup shouldn

From: Wang Mingyu <wangmy@...> Changelog: ========== - rotatelogs: Add -T flag to allow subsequent rotated logfiles to be truncated without the initial logfile being truncated. - mod_ldap: LDAPConnect

Dear maintainers, CVE-2018-5996 and CVE-2016-9296 were fixed in dunfell but these patched did not make it to master (and thus also not to langdale and kirkstone). Could you please pick them to these t

Signed-off-by: Khem Raj <raj.khem@...> --- ...prototype-of-des3_encrypt-des3_decry.patch | 46 +++++++++++++++++++ .../recipes-support/libssh/libssh_0.10.4.bb | 1 + 2 files changed, 47 insertions(+) cr

Ensures that it picks up definitions of strlcpy() from string.h Signed-off-by: Khem Raj <raj.khem@...> --- meta-networking/recipes-protocols/rp-pppoe/rp-pppoe_3.15.bb | 3 +++ 1 file changed, 3 inserti

ChangeLog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 Security Fixes: CVE-2022-46392: https://nvd.nist.gov/vuln/detail/CVE-2022-46392 CVE-2022-46393: https://nvd.nist.gov/vuln/detail/CVE

Results: $ ptest-runner mbedtls START: ptest-runner 2023-03-20T08:11 BEGIN: /usr/lib/mbedtls/ptest PASS: test_suite_aes.cbc PASS: test_suite_aes.cfb PASS: test_suite_aes.ecb PASS: test_suite_aes.ofb P

Dummy module to indicate the presence of patchelf. Used by python3-meson-python. The CMakeLists.txt file is a crippled copy from this patchelf python module's sources, removing almost everything, and

Some python modules rely on "import ninja". Only build and ship the python parts, and don't download and build ninja from sources. Use the already built ninja instead. The CMakeLists.txt file is a cri

Results: $ ptest-runner mbedtls START: ptest-runner 2023-03-20T08:11 BEGIN: /usr/lib/mbedtls/ptest PASS: test_suite_aes.cbc PASS: test_suite_aes.cfb PASS: test_suite_aes.ecb PASS: test_suite_aes.ofb P

Used by inherit python_mesonpy. Signed-off-by: Zoltán Böszörményi <zboszor@...> --- .../remove-hardcoded-setup-args.patch | 123 ++++++++++++++++++ .../use-installed-mesonpy.patch | 9 ++ .../python3-me