Merge latest upstream#61
Closed
pratheekshasn wants to merge 15 commits intoni:nilrt/master/kirkstonefrom
Closed
Conversation
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
With the inclusion of commit 85102dd the same patch was introduced again, thus this copy can be deleted (which accidently was never used, since I originally forgot to add it to the SRC_URI, whoops). Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 56e2e5d) Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Align to commit 8e297cd ("nginx: Remove obsolete patch") by removing reference to removed patch file. By doing so we mitigate the following BitBake complaint: WARNING: .../meta-openembedded/meta-webserver/recipes-httpd/nginx/nginx_1.21.1.bb: Unable to get checksum for nginx SRC_URI entry 0001-HTTP-2-per-iteration-stream-handling-limit.patch: file could not be found Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
CVE-2024-24974: Previously, the VPN tool’s Windows implementation allowed remote access to its service pipe, posing a security risk. Using compromised credentials, a threat actor could communicate with OpenVPN to orchestrate attacks. CVE-2024-27903: OpenVPN has mitigated the risk by restricting plugin load. Plugins can now only be loaded from the software’s install directory, the Windows system directory, and the plugin_dir directory under the software’s installation. CVE-2024-27459: This vulnerability affects the interactive service component, potentially leading to local privilege escalation when triggered by an oversized message.To mitigate this risk, the VPN solution now terminates connections upon detecting excessively large messages, preventing stack overflow exploits. References: https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/ https://socradar.io/openvpn-fixed-multiple-vulnerabilities-on-windows/ https://community.openvpn.net/openvpn/wiki/CVE-2024-27903 https://community.openvpn.net/openvpn/wiki/CVE-2024-27459 https://community.openvpn.net/openvpn/wiki/CVE-2024-24974 Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
The first version of this patch introduced a problem with python3-pyqt5. Python emitted the following error message when one attempted to import PyQt5.Qt: ImportError: dynamic module does not define module export function (PyInit_Qt) This came about due to segfault in sip when executed in do_configure of python3-pyqt5. This resulted in a zero-length sipQtcmodule.c file being produced. This compiled successfully which meant no build failure was observed. The segfault was caused by a mistake in backporting the patch from SIP 6. The generateCompositeCpp() function uses the generate_include_sip_h() helper function in later versions which doesn't exist in SIP 4. We must replace the first parameter passed to isPY_SSIZE_T_CLEAN() from mod to pt->module to account for this. The change is not necessary for generateInternalAPIHeader() To simplify the patch we can remove the generated lexer and parser files and run flex and bison in do_configure instead. Signed-off-by: Rob Woolley <rob.woolley@windriver.com> Tested-by: Toby Flynn <campingandskiing@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
import patch from ubuntu to fix CVE-2022-24795 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/yajl/tree/debian/patches/?h=ubuntu%2Ffocal-security Upstream commit ppisar/yajl@23cea2d] Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Backport fix to work with new glib-2.0. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upstream-Status: Backport from [https://git.savannah.gnu.org/cgit/nano.git/commit/?id=5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2] CVE's Fixed: CVE-2024-5742 nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to latest version giflib v5.2.2. This version fixes bugs listed in link below: Link: https://sourceforge.net/p/giflib/code/ci/5.2.2/tree/NEWS Fixes for CVE-2023-48161, CVE-2022-28506, CVE-2023-39742 Link: https://clients.neighbourhood.ie/yocto/1-40.html#:~:text=CVE%2D2023%2D39742%3A%20giflib%3Agiflib%2Dnative Added dependency on ImageMagick which includes "convert" utility, to ensure availability of required tool during compilation process. Add patch to rename binary used in Makefile from "convert" to "convert.im7" as installed by imagemagick package. Drop CVE-2022-28506.patch as it is fixed in this version. Signed-off-by: Bhabu Bindu <bhabubindu@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
<cstdint> need to be included explicitly when compiling with gcc-13. Upstream-Status: Backport [1.6.0 pauldreik/rdfind@f6c3f69] Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Includes fix for CVE-2024-5458, CVE-2024-2408 and other bugs Changelog: https://www.php.net/ChangeLog-8.php#8.1.29 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off by: Pratheeksha S N <pratheeksha.s.n@ni.com>
Shreejit-03
pushed a commit
to Shreejit-03/meta-openembedded
that referenced
this pull request
Feb 23, 2026
Remove patches that have been integrated upstream: - Serial setup handling respecting user intent - POSIX-compliant termios baud rate configuration - Type safety and error handling improvements $ git --no-pager log --oneline 1a81f3c7be08..e3461097252e e3461097252e Merge pull request ni#61 from MaxKrummenacher/master 988deaad893b Merge pull request ni#69 from ivitro/fix/termios-use-cfset-speed 03aae5517cda Merge pull request ni#68 from ivitro/fix-serial-setup-handling e124c19e97e9 Fix -Wstringop-overflow warning in process_write_data 363f569a531f Use cfsetispeed/cfsetospeed for baud configuration 9012c3366433 Fix serial setup handling to respect user intent 8a8aba302529 linux-serial-test.c: fix potential hang in while loop 8a5709984363 linux-serial-test.c: fix returned error code Signed-off-by: Vitor Soares <vitor.soares@toradex.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a regular NILRT distro upstream merge with 2.0 upstream branch.
There were no merge conflicts.
#AB2755009
Testing
Note
Signed-off by: Pratheeksha S N pratheeksha.s.n@ni.com