aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb (renamed from meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb)2
-rw-r--r--meta-networking/recipes-support/ifenslave/ifenslave_2.12.bb2
-rw-r--r--meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb (renamed from meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb)4
-rw-r--r--meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb (renamed from meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb)2
-rw-r--r--meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch15
-rw-r--r--meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb (renamed from meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb)2
-rw-r--r--meta-oe/recipes-connectivity/gattlib/gattlib_git.bb1
-rw-r--r--meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.3/0001-Try-to-first-find-googletest-in-the-system-before-do.patch96
-rw-r--r--meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.3.bb9
-rw-r--r--meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb2
-rw-r--r--meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch116
-rw-r--r--meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch131
-rw-r--r--meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb2
-rw-r--r--meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb2
-rw-r--r--meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb2
-rw-r--r--meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb2
-rw-r--r--meta-oe/recipes-graphics/imlib2/imlib2_git.bb2
-rw-r--r--meta-oe/recipes-shells/dash/dash_0.5.11.5.bb2
-rw-r--r--meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb17
-rw-r--r--meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb12
-rw-r--r--meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb2
-rw-r--r--meta-oe/recipes-support/udisks/udisks2_2.9.4.bb (renamed from meta-oe/recipes-support/udisks/udisks2_2.9.3.bb)2
-rw-r--r--meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb (renamed from meta-oe/recipes-test/fbtest/fb-test_git.bb)4
-rw-r--r--meta-oe/recipes-test/googletest/googletest_git.bb2
-rw-r--r--meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb (renamed from meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb)3
-rw-r--r--meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb (renamed from meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb)4
-rw-r--r--meta-python/recipes-devtools/python/python-gevent/libev-conf.patch26
-rw-r--r--meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb6
-rw-r--r--meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb6
-rw-r--r--meta-python/recipes-devtools/python/python3-django_3.2.10.bb (renamed from meta-python/recipes-devtools/python/python3-django_3.2.5.bb)2
-rw-r--r--meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb29
-rw-r--r--meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb4
-rw-r--r--meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb12
-rw-r--r--meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb2
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb)2
35 files changed, 415 insertions, 114 deletions
diff --git a/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb b/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb
index 982544d5c..98005797d 100644
--- a/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb
+++ b/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb
@@ -15,5 +15,5 @@ SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${P
file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \
file://0007-correct-signature-of-closefrom-API.patch \
"
-SRC_URI[sha256sum] = "507323d20d7b3f705f49cf8c07d437c6d8090bed07e15a3c0ec405edad54a7d4"
+SRC_URI[sha256sum] = "0f1241d456a0158e0c418abf62c52c2ff83f8f1dcf2fbdd4c40765b67789b1bc"
UPSTREAM_CHECK_REGEX = "postfix\-(?P<pver>3\.6(\.\d+)+).tar.gz"
diff --git a/meta-networking/recipes-support/ifenslave/ifenslave_2.12.bb b/meta-networking/recipes-support/ifenslave/ifenslave_2.12.bb
index 34607f94c..c8cf135b0 100644
--- a/meta-networking/recipes-support/ifenslave/ifenslave_2.12.bb
+++ b/meta-networking/recipes-support/ifenslave/ifenslave_2.12.bb
@@ -9,7 +9,7 @@ inherit manpages
MAN_PKG = "${PN}"
SRCREV = "88410a7003c31993e79471e151b24662fc2a0d64"
-SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=master"
+SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=main"
S = "${WORKDIR}/git"
diff --git a/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb
index ecc98dd8b..0b4244022 100644
--- a/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb
+++ b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb
@@ -35,8 +35,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \
S = "${WORKDIR}/OpenIPMI-${PV}"
-SRC_URI[md5sum] = "ce8eb27da016dcad7543d0128fcb3b0a"
-SRC_URI[sha256sum] = "7052f37726ff454b0dcac49f35dd030bc12c9570ca0ba5cd2d17774b8e9d9717"
+SRC_URI[md5sum] = "532404c9df7d0e8bde975b95b9e6775b"
+SRC_URI[sha256sum] = "f6d0fd4c0a74b05f80907229d0b270f54ca23294bcc11979f8b8d12766786945"
inherit autotools-brokensep pkgconfig python3native perlnative update-rc.d systemd cpan-base python3targetconfig
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb
index 6b588a5f5..2dc3af6bf 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb
@@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
-SRC_URI[sha256sum] = "f80f3c3df1b94a8892ae547df84f152583250684a24bd022ccc98ef56fa93d97"
+SRC_URI[sha256sum] = "7500df4734173bce2e95b5039079119dacaff121650b2b6ca76d2dc68bdac1c5"
# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
diff --git a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
index c1a528f90..134633f66 100644
--- a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
+++ b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
@@ -12,11 +12,11 @@ Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com>
cmake/modules/UseLemon.cmake | 49 +++++++++++++++++++++++++-----------
1 file changed, 34 insertions(+), 15 deletions(-)
-diff --git a/cmake/modules/UseLemon.cmake b/cmake/modules/UseLemon.cmake
-index 849ffc1..ca38ab7 100644
---- a/cmake/modules/UseLemon.cmake
-+++ b/cmake/modules/UseLemon.cmake
-@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated)
+Index: wireshark-3.4.11/cmake/modules/UseLemon.cmake
+===================================================================
+--- wireshark-3.4.11.orig/cmake/modules/UseLemon.cmake
++++ wireshark-3.4.11/cmake/modules/UseLemon.cmake
+@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated
SET(_out ${CMAKE_CURRENT_BINARY_DIR}/${_basename})
@@ -26,7 +26,7 @@ index 849ffc1..ca38ab7 100644
- # These files are generated as side-effect
- ${_out}.h
- ${_out}.out
-- COMMAND lemon
+- COMMAND $<TARGET_FILE:lemon>
- -T${_lemonpardir}/lempar.c
- -d.
- ${_in}
@@ -72,6 +72,3 @@ index 849ffc1..ca38ab7 100644
LIST(APPEND ${_source} ${_in})
LIST(APPEND ${_generated} ${_out}.c)
---
-2.26.2.Cisco
-
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
index faf2a3ad1..6fee972b2 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
@@ -19,7 +19,7 @@ SRC_URI += " \
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "58a7fa8dfe2010a8c8b7dcf66438c653e6493d47eb936ba48ef49d4aa4dbd725"
+SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279"
PE = "1"
diff --git a/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb b/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb
index ecff79be4..3fe4c9404 100644
--- a/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb
+++ b/meta-oe/recipes-connectivity/gattlib/gattlib_git.bb
@@ -23,6 +23,7 @@ PACKAGECONFIG[examples] = "-DGATTLIB_BUILD_EXAMPLES=ON,-DGATTLIB_BUILD_EXAMPLES=
# Set this to force use of DBus API if Bluez version is older than 5.42
PACKAGECONFIG[force-dbus] = "-DGATTLIB_FORCE_DBUS=TRUE,-DGATTLIB_FORCE_DBUS=FALSE"
+EXTRA_OECMAKE += "-DGATTLIB_PYTHON_INTERFACE=OFF"
EXTRA_OECMAKE += "-DGATTLIB_BUILD_DOCS=OFF"
inherit pkgconfig cmake
diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.3/0001-Try-to-first-find-googletest-in-the-system-before-do.patch b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.3/0001-Try-to-first-find-googletest-in-the-system-before-do.patch
new file mode 100644
index 000000000..89cb593e6
--- /dev/null
+++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-0.8.3/0001-Try-to-first-find-googletest-in-the-system-before-do.patch
@@ -0,0 +1,96 @@
+From b073e1c2b9a8138da83300f598b9a56fc9762b4b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stanislav=20Angelovi=C4=8D?= <angelovic.s@gmail.com>
+Date: Mon, 16 Nov 2020 17:05:36 +0100
+Subject: [PATCH] Try to first find googletest in the system before downloading
+ it (#125)
+
+Upstream-Status: Backport [d6fdaca]
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+
+---
+ tests/CMakeLists.txt | 62 ++++++++++++++++++++++++++++----------------
+ 1 file changed, 40 insertions(+), 22 deletions(-)
+
+diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
+index 97f7c1a..7ecc327 100644
+--- a/tests/CMakeLists.txt
++++ b/tests/CMakeLists.txt
+@@ -2,26 +2,44 @@
+ # DOWNLOAD AND BUILD OF GOOGLETEST
+ #-------------------------------
+
+-include(FetchContent)
+-
+-message("Fetching googletest...")
+-FetchContent_Declare(googletest
+- GIT_REPOSITORY https://github.com/google/googletest.git
+- GIT_TAG master
+- GIT_SHALLOW 1
+- UPDATE_COMMAND "")
+-
+-#FetchContent_MakeAvailable(googletest) # Not available in CMake 3.13 :-( Let's do it manually:
+-FetchContent_GetProperties(googletest)
+-if(NOT googletest_POPULATED)
+- FetchContent_Populate(googletest)
+- set(gtest_force_shared_crt ON CACHE INTERNAL "" FORCE)
+- set(BUILD_GMOCK ON CACHE INTERNAL "" FORCE)
+- set(INSTALL_GTEST OFF CACHE INTERNAL "" FORCE)
+- set(BUILD_SHARED_LIBS_BAK ${BUILD_SHARED_LIBS})
+- set(BUILD_SHARED_LIBS OFF)
+- add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR})
+- set(BUILD_SHARED_LIBS ${BUILD_SHARED_LIBS_BAK})
++set(GOOGLETEST_VERSION 1.10.0 CACHE STRING "Version of gmock to use")
++set(GOOGLETEST_GIT_REPO "https://github.com/google/googletest.git" CACHE STRING "A git repo to clone and build googletest from if gmock is not found in the system")
++
++find_package(GTest ${GOOGLETEST_VERSION} CONFIG)
++if (NOT TARGET GTest::gmock)
++ # Try pkg-config if GTest was not found through CMake config
++ find_package(PkgConfig)
++ if (PkgConfig_FOUND)
++ pkg_check_modules(GMock IMPORTED_TARGET GLOBAL gmock>=${GOOGLETEST_VERSION})
++ if(TARGET PkgConfig::GMock)
++ add_library(GTest::gmock ALIAS PkgConfig::GMock)
++ endif()
++ endif()
++ # GTest was not found in the system, build it on our own
++ if (NOT TARGET GTest::gmock)
++ include(FetchContent)
++
++ message("Fetching googletest...")
++ FetchContent_Declare(googletest
++ GIT_REPOSITORY ${GOOGLETEST_GIT_REPO}
++ GIT_TAG release-${GOOGLETEST_VERSION}
++ GIT_SHALLOW 1
++ UPDATE_COMMAND "")
++
++ #FetchContent_MakeAvailable(googletest) # Not available in CMake 3.13 :-( Let's do it manually:
++ FetchContent_GetProperties(googletest)
++ if(NOT googletest_POPULATED)
++ FetchContent_Populate(googletest)
++ set(gtest_force_shared_crt ON CACHE INTERNAL "" FORCE)
++ set(BUILD_GMOCK ON CACHE INTERNAL "" FORCE)
++ set(INSTALL_GTEST OFF CACHE INTERNAL "" FORCE)
++ set(BUILD_SHARED_LIBS_BAK ${BUILD_SHARED_LIBS})
++ set(BUILD_SHARED_LIBS OFF)
++ add_subdirectory(${googletest_SOURCE_DIR} ${googletest_BINARY_DIR})
++ set(BUILD_SHARED_LIBS ${BUILD_SHARED_LIBS_BAK})
++ add_library(GTest::gmock ALIAS gmock)
++ endif()
++ endif()
+ endif()
+
+ #-------------------------------
+@@ -87,11 +105,11 @@ include_directories(${CMAKE_CURRENT_SOURCE_DIR})
+
+ add_executable(sdbus-c++-unit-tests ${UNITTESTS_SRCS})
+ target_compile_definitions(sdbus-c++-unit-tests PRIVATE LIBSYSTEMD_VERSION=${LIBSYSTEMD_VERSION})
+-target_link_libraries(sdbus-c++-unit-tests sdbus-c++-objlib gmock gmock_main)
++target_link_libraries(sdbus-c++-unit-tests sdbus-c++-objlib GTest::gmock)
+
+ add_executable(sdbus-c++-integration-tests ${INTEGRATIONTESTS_SRCS})
+ target_compile_definitions(sdbus-c++-integration-tests PRIVATE LIBSYSTEMD_VERSION=${LIBSYSTEMD_VERSION})
+-target_link_libraries(sdbus-c++-integration-tests sdbus-c++ gmock gmock_main)
++target_link_libraries(sdbus-c++-integration-tests sdbus-c++ GTest::gmock)
+
+ # Manual performance and stress tests
+ option(ENABLE_PERF_TESTS "Build and install manual performance tests (default OFF)" OFF)
diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.3.bb b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.3.bb
index 12eae5c7d..35183e896 100644
--- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.3.bb
+++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_0.8.3.bb
@@ -12,19 +12,16 @@ PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'with-exte
${@bb.utils.contains('PTEST_ENABLED', '1', 'with-tests', '', d)}"
PACKAGECONFIG[with-builtin-libsystemd] = ",,sdbus-c++-libsystemd,libcap"
PACKAGECONFIG[with-external-libsystemd] = ",,systemd,libsystemd"
-PACKAGECONFIG[with-tests] = "-DBUILD_TESTS=ON -DTESTS_INSTALL_PATH=${libdir}/${BPN}/tests,-DBUILD_TESTS=OFF"
+PACKAGECONFIG[with-tests] = "-DBUILD_TESTS=ON -DTESTS_INSTALL_PATH=${libdir}/${BPN}/tests,-DBUILD_TESTS=OFF,googletest gmock"
DEPENDS += "expat"
SRCREV = "6e8e5aadb674cccea5bdd55141db5dad887fbacd"
-SRCREV_gtest = "a3460d1aeeaa43fdf137a6adefef10ba0b59fe4b"
-SRCREV_FORMAT = "default_gtest"
SRC_URI = "git://github.com/Kistler-Group/sdbus-cpp.git;protocol=https;branch=master \
- git://github.com/google/googletest.git;protocol=https;branch=master;name=gtest;destsuffix=git/tests/googletest-src \
- file://0001-Do-not-download-gtest-automatically.patch \
+ file://0001-Try-to-first-find-googletest-in-the-system-before-do.patch \
+ file://run-ptest \
"
-SRC_URI += "file://run-ptest"
EXTRA_OECMAKE = "-DBUILD_CODE_GEN=ON \
-DBUILD_DOC=ON \
diff --git a/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb b/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb
index a66504dd8..ad68dc926 100644
--- a/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb
+++ b/meta-oe/recipes-crypto/libkcapi/libkcapi_1.2.1.bb
@@ -1,6 +1,6 @@
SUMMARY = "Linux Kernel Crypto API User Space Interface Library"
HOMEPAGE = "http://www.chronox.de/libkcapi.html"
-LICENSE = "BSD | GPL-2.0"
+LICENSE = "BSD-3-Clause | GPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING;md5=c78be93ed8d1637f2a3f4a83ff9d5f54"
DEPENDS = "libtool"
diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
new file mode 100644
index 000000000..58bf81062
--- /dev/null
+++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
@@ -0,0 +1,116 @@
+From 24c2b9e42edb6d2f4ef2cead3b0aa1d6196adfce Mon Sep 17 00:00:00 2001
+From: Tom Lane <tgl@sss.pgh.pa.us>
+Date: Mon, 8 Nov 2021 11:01:43 -0500
+Subject: [PATCH 2/2] Reject extraneous data after SSL or GSS encryption
+ handshake.
+
+The server collects up to a bufferload of data whenever it reads data
+from the client socket. When SSL or GSS encryption is requested
+during startup, any additional data received with the initial
+request message remained in the buffer, and would be treated as
+already-decrypted data once the encryption handshake completed.
+Thus, a man-in-the-middle with the ability to inject data into the
+TCP connection could stuff some cleartext data into the start of
+a supposedly encryption-protected database session.
+
+This could be abused to send faked SQL commands to the server,
+although that would only work if the server did not demand any
+authentication data. (However, a server relying on SSL certificate
+authentication might well not do so.)
+
+To fix, throw a protocol-violation error if the internal buffer
+is not empty after the encryption handshake.
+
+Our thanks to Jacob Champion for reporting this problem.
+
+Security: CVE-2021-23214
+
+Upstream-Status: Backport[https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951]
+CVE: CVE-2021-23214
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+---
+ src/backend/libpq/pqcomm.c | 11 +++++++++++
+ src/backend/postmaster/postmaster.c | 23 ++++++++++++++++++++++-
+ src/include/libpq/libpq.h | 1 +
+ 3 files changed, 34 insertions(+), 1 deletion(-)
+
+diff --git a/src/backend/libpq/pqcomm.c b/src/backend/libpq/pqcomm.c
+index ee2cd86..4dd1c02 100644
+--- a/src/backend/libpq/pqcomm.c
++++ b/src/backend/libpq/pqcomm.c
+@@ -1183,6 +1183,17 @@ pq_getstring(StringInfo s)
+ }
+ }
+
++/* -------------------------------
++ * pq_buffer_has_data - is any buffered data available to read?
++ *
++ * This will *not* attempt to read more data.
++ * --------------------------------
++ */
++bool
++pq_buffer_has_data(void)
++{
++ return (PqRecvPointer < PqRecvLength);
++}
+
+ /* --------------------------------
+ * pq_startmsgread - begin reading a message from the client.
+diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
+index 5775fc0..1fcc3f8 100644
+--- a/src/backend/postmaster/postmaster.c
++++ b/src/backend/postmaster/postmaster.c
+@@ -2049,6 +2049,17 @@ retry1:
+ return STATUS_ERROR;
+ #endif
+
++ /*
++ * At this point we should have no data already buffered. If we do,
++ * it was received before we performed the SSL handshake, so it wasn't
++ * encrypted and indeed may have been injected by a man-in-the-middle.
++ * We report this case to the client.
++ */
++ if (pq_buffer_has_data())
++ ereport(FATAL,
++ (errcode(ERRCODE_PROTOCOL_VIOLATION),
++ errmsg("received unencrypted data after SSL request"),
++ errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
+ /*
+ * regular startup packet, cancel, etc packet should follow, but not
+ * another SSL negotiation request, and a GSS request should only
+@@ -2080,7 +2091,17 @@ retry1:
+ if (GSSok == 'G' && secure_open_gssapi(port) == -1)
+ return STATUS_ERROR;
+ #endif
+-
++ /*
++ * At this point we should have no data already buffered. If we do,
++ * it was received before we performed the GSS handshake, so it wasn't
++ * encrypted and indeed may have been injected by a man-in-the-middle.
++ * We report this case to the client.
++ */
++ if (pq_buffer_has_data())
++ ereport(FATAL,
++ (errcode(ERRCODE_PROTOCOL_VIOLATION),
++ errmsg("received unencrypted data after GSSAPI encryption request"),
++ errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
+ /*
+ * regular startup packet, cancel, etc packet should follow, but not
+ * another GSS negotiation request, and an SSL request should only
+diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h
+index b115247..9969692 100644
+--- a/src/include/libpq/libpq.h
++++ b/src/include/libpq/libpq.h
+@@ -73,6 +73,7 @@ extern int pq_getbyte(void);
+ extern int pq_peekbyte(void);
+ extern int pq_getbyte_if_available(unsigned char *c);
+ extern int pq_putbytes(const char *s, size_t len);
++extern bool pq_buffer_has_data(void);
+
+ /*
+ * prototypes for functions in be-secure.c
+--
+2.17.1
+
diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch
new file mode 100644
index 000000000..42b78539b
--- /dev/null
+++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch
@@ -0,0 +1,131 @@
+From 79125ead2a6a234086844bb42f06d49603fe6ca0 Mon Sep 17 00:00:00 2001
+From: Tom Lane <tgl@sss.pgh.pa.us>
+Date: Mon, 8 Nov 2021 11:14:56 -0500
+Subject: [PATCH 1/2] libpq: reject extraneous data after SSL or GSS encryption
+ handshake.
+
+libpq collects up to a bufferload of data whenever it reads data from
+the socket. When SSL or GSS encryption is requested during startup,
+any additional data received with the server's yes-or-no reply
+remained in the buffer, and would be treated as already-decrypted data
+once the encryption handshake completed. Thus, a man-in-the-middle
+with the ability to inject data into the TCP connection could stuff
+some cleartext data into the start of a supposedly encryption-protected
+database session.
+
+This could probably be abused to inject faked responses to the
+client's first few queries, although other details of libpq's behavior
+make that harder than it sounds. A different line of attack is to
+exfiltrate the client's password, or other sensitive data that might
+be sent early in the session. That has been shown to be possible with
+a server vulnerable to CVE-2021-23214.
+
+To fix, throw a protocol-violation error if the internal buffer
+is not empty after the encryption handshake.
+
+Our thanks to Jacob Champion for reporting this problem.
+
+Security: CVE-2021-23222
+
+Upstream-Status: Backport[https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45]
+CVE: CVE-2021-23222
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ doc/src/sgml/protocol.sgml | 28 ++++++++++++++++++++++++++++
+ src/interfaces/libpq/fe-connect.c | 26 ++++++++++++++++++++++++++
+ 2 files changed, 54 insertions(+)
+
+diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml
+index e26619e1b5..b692648fca 100644
+--- a/doc/src/sgml/protocol.sgml
++++ b/doc/src/sgml/protocol.sgml
+@@ -1471,6 +1471,20 @@ SELCT 1/0;<!-- this typo is intentional -->
+ and proceed without requesting <acronym>SSL</acronym>.
+ </para>
+
++ <para>
++ When <acronym>SSL</acronym> encryption can be performed, the server
++ is expected to send only the single <literal>S</literal> byte and then
++ wait for the frontend to initiate an <acronym>SSL</acronym> handshake.
++ If additional bytes are available to read at this point, it likely
++ means that a man-in-the-middle is attempting to perform a
++ buffer-stuffing attack
++ (<ulink url="https://www.postgresql.org/support/security/CVE-2021-23222/">CVE-2021-23222</ulink>).
++ Frontends should be coded either to read exactly one byte from the
++ socket before turning the socket over to their SSL library, or to
++ treat it as a protocol violation if they find they have read additional
++ bytes.
++ </para>
++
+ <para>
+ An initial SSLRequest can also be used in a connection that is being
+ opened to send a CancelRequest message.
+@@ -1532,6 +1546,20 @@ SELCT 1/0;<!-- this typo is intentional -->
+ encryption.
+ </para>
+
++ <para>
++ When <acronym>GSSAPI</acronym> encryption can be performed, the server
++ is expected to send only the single <literal>G</literal> byte and then
++ wait for the frontend to initiate a <acronym>GSSAPI</acronym> handshake.
++ If additional bytes are available to read at this point, it likely
++ means that a man-in-the-middle is attempting to perform a
++ buffer-stuffing attack
++ (<ulink url="https://www.postgresql.org/support/security/CVE-2021-23222/">CVE-2021-23222</ulink>).
++ Frontends should be coded either to read exactly one byte from the
++ socket before turning the socket over to their GSSAPI library, or to
++ treat it as a protocol violation if they find they have read additional
++ bytes.
++ </para>
++
+ <para>
+ An initial GSSENCRequest can also be used in a connection that is being
+ opened to send a CancelRequest message.
+diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
+index f80f4e98d8..57aee95183 100644
+--- a/src/interfaces/libpq/fe-connect.c
++++ b/src/interfaces/libpq/fe-connect.c
+@@ -3076,6 +3076,19 @@ keep_going: /* We will come back to here until there is
+ pollres = pqsecure_open_client(conn);
+ if (pollres == PGRES_POLLING_OK)
+ {
++ /*
++ * At this point we should have no data already buffered.
++ * If we do, it was received before we performed the SSL
++ * handshake, so it wasn't encrypted and indeed may have
++ * been injected by a man-in-the-middle.
++ */
++ if (conn->inCursor != conn->inEnd)
++ {
++ appendPQExpBufferStr(&conn->errorMessage,
++ libpq_gettext("received unencrypted data after SSL response\n"));
++ goto error_return;
++ }
++
+ /* SSL handshake done, ready to send startup packet */
+ conn->status = CONNECTION_MADE;
+ return PGRES_POLLING_WRITING;
+@@ -3175,6 +3188,19 @@ keep_going: /* We will come back to here until there is
+ pollres = pqsecure_open_gss(conn);
+ if (pollres == PGRES_POLLING_OK)
+ {
++ /*
++ * At this point we should have no data already buffered.
++ * If we do, it was received before we performed the GSS
++ * handshake, so it wasn't encrypted and indeed may have
++ * been injected by a man-in-the-middle.
++ */
++ if (conn->inCursor != conn->inEnd)
++ {
++ appendPQExpBufferStr(&conn->errorMessage,
++ libpq_gettext("received unencrypted data after GSSAPI encryption response\n"));
++ goto error_return;
++ }
++
+ /* All set for startup packet */
+ conn->status = CONNECTION_MADE;
+ return PGRES_POLLING_WRITING;
+--
+2.17.1
+
diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb b/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
index f63d23dbe..2ed0fa49b 100644
--- a/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
+++ b/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
@@ -7,6 +7,8 @@ SRC_URI += "\
file://0001-Add-support-for-RISC-V.patch \
file://0001-Improve-reproducibility.patch \
file://0001-configure.in-bypass-autoconf-2.69-version-check.patch \
+ file://CVE-2021-23214.patch \
+ file://CVE-2021-23222.patch \
"
SRC_URI[sha256sum] = "ea93e10390245f1ce461a54eb5f99a48d8cabd3a08ce4d652ec2169a357bc0cd"
diff --git a/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb b/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb
index ef066753d..25b199f57 100644
--- a/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb
+++ b/meta-oe/recipes-devtools/msgpack/msgpack-cpp_4.0.2.bb
@@ -19,4 +19,6 @@ S = "${WORKDIR}/git"
inherit cmake pkgconfig
+RDEPENDS:${PN}-dev = ""
+
BBCLASSEXTEND += "native nativesdk"
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb b/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb
index 471501979..47be000c9 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_14.17.1.bb
@@ -1,6 +1,6 @@
DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript"
HOMEPAGE = "http://nodejs.org"
-LICENSE = "MIT & BSD & Artistic-2.0"
+LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=a1016f9b7979cfe6fc3466a9bba60b1e"
DEPENDS = "openssl"
diff --git a/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb b/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb
index d3aa6d2ea..e119420d2 100644
--- a/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb
+++ b/meta-oe/recipes-devtools/xmlrpc-c/xmlrpc-c_1.54.02.bb
@@ -2,7 +2,7 @@ DESCRIPTION = "XML-RPC for C/C++ is programming libraries and related tools to h
write an XML-RPC server or client in C or C++."
HOMEPAGE = "http://xmlrpc-c.sourceforge.net/"
-LICENSE = "BSD & MIT"
+LICENSE = "BSD-3-Clause & MIT"
LIC_FILES_CHKSUM = "file://doc/COPYING;md5=aefbf81ba0750f02176b6f86752ea951"
SRC_URI = "git://github.com/mirror/xmlrpc-c.git;branch=master;protocol=https \
diff --git a/meta-oe/recipes-graphics/imlib2/imlib2_git.bb b/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
index 9e4daddd5..56d41cd39 100644
--- a/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
+++ b/meta-oe/recipes-graphics/imlib2/imlib2_git.bb
@@ -2,7 +2,7 @@ SUMMARY = "A graphic library for file loading, saving, rendering, and manipulati
HOMEPAGE = "https://sourceforge.net/projects/enlightenment/"
SECTION = "libs"
-LICENSE = "MIT & BSD"
+LICENSE = "Imlib2"
LIC_FILES_CHKSUM = "file://COPYING;md5=344895f253c32f38e182dcaf30fe8a35"
DEPENDS = "freetype "
diff --git a/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb b/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb
index 8fe601a2d..20f840411 100644
--- a/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb
+++ b/meta-oe/recipes-shells/dash/dash_0.5.11.5.bb
@@ -2,7 +2,7 @@ SUMMARY = "Small and fast POSIX-compliant shell"
HOMEPAGE = "http://gondor.apana.org.au/~herbert/dash/"
SECTION = "System Environment/Shells"
-LICENSE = "BSD & GPLv2+"
+LICENSE = "BSD-3-Clause & GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=b5262b4a1a1bff72b48e935531976d2e"
inherit autotools update-alternatives
diff --git a/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb b/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb
index 3988d5491..a729324c9 100644
--- a/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb
+++ b/meta-oe/recipes-support/lvm2/lvm2_2.03.11.bb
@@ -17,13 +17,16 @@ do_install:append() {
install -d ${D}${sysconfdir}/lvm
install -m 0644 ${WORKDIR}/lvm.conf ${D}${sysconfdir}/lvm/lvm.conf
sed -i -e 's:@libdir@:${libdir}:g' ${D}${sysconfdir}/lvm/lvm.conf
- if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
- oe_runmake 'DESTDIR=${D}' install install_systemd_units
- sed -i -e 's:/usr/bin/true:${base_bindir}/true:g' ${D}${systemd_system_unitdir}/blk-availability.service
- else
- oe_runmake 'DESTDIR=${D}' install install_initscripts
- mv ${D}${sysconfdir}/rc.d/init.d ${D}${sysconfdir}/init.d
- rm -rf ${D}${sysconfdir}/rc.d
+ # We don't want init scripts/systemd units for native SDK utilities
+ if [ "${PN}" != "nativesdk-lvm2" ]; then
+ if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ oe_runmake 'DESTDIR=${D}' install install_systemd_units
+ sed -i -e 's:/usr/bin/true:${base_bindir}/true:g' ${D}${systemd_system_unitdir}/blk-availability.service
+ else
+ oe_runmake 'DESTDIR=${D}' install install_initscripts
+ mv ${D}${sysconfdir}/rc.d/init.d ${D}${sysconfdir}/init.d
+ rm -rf ${D}${sysconfdir}/rc.d
+ fi
fi
}
diff --git a/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb b/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb
index 93b18ba1d..d90dd4304 100644
--- a/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb
+++ b/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.9.0.bb
@@ -1,11 +1,11 @@
SUMMARY = "PC/SC Lite smart card framework and applications"
HOMEPAGE = "http://pcsclite.alioth.debian.org/"
-LICENSE = "BSD & GPLv3+"
-LICENSE:${PN} = "BSD"
-LICENSE:${PN}-lib = "BSD"
-LICENSE:${PN}-doc = "BSD"
-LICENSE:${PN}-dev = "BSD"
-LICENSE:${PN}-dbg = "BSD & GPLv3+"
+LICENSE = "BSD-3-Clause & GPLv3+"
+LICENSE:${PN} = "BSD-3-Clause"
+LICENSE:${PN}-lib = "BSD-3-Clause"
+LICENSE:${PN}-doc = "BSD-3-Clause"
+LICENSE:${PN}-dev = "BSD-3-Clause"
+LICENSE:${PN}-dbg = "BSD-3-Clause & GPLv3+"
LICENSE:${PN}-spy = "GPLv3+"
LICENSE:${PN}-spy-dev = "GPLv3+"
LIC_FILES_CHKSUM = "file://COPYING;md5=628c01ba985ecfa21677f5ee2d5202f6"
diff --git a/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb b/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb
index 43ee19afb..3d07c01f0 100644
--- a/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb
+++ b/meta-oe/recipes-support/sg3-utils/sg3-utils_1.45.bb
@@ -5,7 +5,7 @@ DESCRIPTION = "This package contains low level utilities for devices that use th
HOMEPAGE = "http://sg.danny.cz/sg/sg3_utils.html"
SECTION = "console/admin"
-LICENSE = "GPLv2+ & BSD"
+LICENSE = "GPLv2+ & BSD-2-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=f90da7fc52172599dbf082d7620f18ca"
SRC_URI = "http://sg.danny.cz/sg/p/sg3_utils-${PV}.tgz \
diff --git a/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb b/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb
index 30c00d43c..ec13cfa26 100644
--- a/meta-oe/recipes-support/udisks/udisks2_2.9.3.bb
+++ b/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb
@@ -18,7 +18,7 @@ DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
RDEPENDS:${PN} = "acl"
SRC_URI = "git://github.com/storaged-project/udisks.git;branch=2.9.x-branch;protocol=https"
-SRCREV = "c430dd9a27e158693cc783e9ee91bf6e5b2a8819"
+SRCREV = "001c486e6d099ed33e2de4f5c73c03e3ee180f81"
S = "${WORKDIR}/git"
CVE_PRODUCT = "udisks"
diff --git a/meta-oe/recipes-test/fbtest/fb-test_git.bb b/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb
index 299213572..14ab41b14 100644
--- a/meta-oe/recipes-test/fbtest/fb-test_git.bb
+++ b/meta-oe/recipes-test/fbtest/fb-test_1.1.0.bb
@@ -1,12 +1,10 @@
SUMMARY = "Test suite for Linux framebuffer"
-PV = "1.1.0"
-
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a"
SRCREV = "063ec650960c2d79ac51f5c5f026cb05343a33e2"
-SRC_URI = "git://github.com/prpplague/fb-test-app.git;branch=master;protocol=https"
+SRC_URI = "git://github.com//ponty/fb-test-app.git;branch=master;protocol=https"
S = "${WORKDIR}/git"
diff --git a/meta-oe/recipes-test/googletest/googletest_git.bb b/meta-oe/recipes-test/googletest/googletest_git.bb
index 2393f9b42..ff8191eff 100644
--- a/meta-oe/recipes-test/googletest/googletest_git.bb
+++ b/meta-oe/recipes-test/googletest/googletest_git.bb
@@ -10,7 +10,7 @@ PROVIDES += "gmock gtest"
S = "${WORKDIR}/git"
SRCREV = "e2239ee6043f73722e7aa812a459f54a28552929"
-SRC_URI = "git://github.com/google/googletest.git;branch=master;protocol=https"
+SRC_URI = "git://github.com/google/googletest.git;branch=main;protocol=https"
inherit cmake
diff --git a/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb b/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb
index 4a2cb73e8..c7e5c56b6 100644
--- a/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb
+++ b/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb
@@ -13,8 +13,7 @@ file://${COMMON_LICENSE_DIR}/GPL-1.0-or-later;md5=30c0b8a5048cc2f4be5ff15ef0d8cf
SRC_URI = "${CPAN_MIRROR}/authors/id/L/LE/LEONT/File-Slurper-${PV}.tar.gz"
-SRC_URI[md5sum] = "5742c63096392dfee50b8db314bcca18"
-SRC_URI[sha256sum] = "4efb2ea416b110a1bda6f8133549cc6ea3676402e3caf7529fce0313250aa578"
+SRC_URI[sha256sum] = "e2f6a4029a6a242d50054044f1fb86770b9b5cc4daeb1a967f91ffb42716a8c5"
RDEPENDS:${PN} = " \
perl-module-carp \
perl-module-encode \
diff --git a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb
index 7e485bece..2c7d793a7 100644
--- a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb
+++ b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb
@@ -3,13 +3,13 @@ HOMEPAGE = "http://www.net-dns.org/"
SECTION = "libs"
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=27db37b42cd1a5173a53922d67072bcb"
+LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=de95b6a896d5f861d724ea854d316a0b"
DEPENDS += "perl"
SRC_URI = "http://search.cpan.org/CPAN/authors/id/N/NL/NLNETLABS/Net-DNS-${PV}.tar.gz"
-SRC_URI[sha256sum] = "b890a7b44d573f27cc713caadf1e12eaaa4478a6504d1157194df614316b5b50"
+SRC_URI[sha256sum] = "5a40e7cf524e4bd2c33cf03b82b47d5308b712083aa5ee180b0b5af54c71fbd2"
UPSTREAM_CHECK_REGEX = "Net\-DNS\-(?P<pver>(\d+\.\d+))(?!_\d+).tar"
diff --git a/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch b/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch
deleted file mode 100644
index 79c1867ba..000000000
--- a/meta-python/recipes-devtools/python/python-gevent/libev-conf.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 2294734ef9d5e2efb05820e9759a1635799bdea9 Mon Sep 17 00:00:00 2001
-From: Andrej Rode <andrej.rode@ettus.com>
-Date: Mon, 10 Apr 2017 19:25:18 -0700
-Subject: [PATCH] libev: make configure crosscompile compatible
-
-Signed-off-by: Andrej Rode <andrej.rode@ettus.com>
----
- deps/libev/configure | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/deps/libev/configure b/deps/libev/configure
-index 743817e..96c2366 100755
---- a/deps/libev/configure
-+++ b/deps/libev/configure
-@@ -2208,7 +2208,7 @@ fi
- ac_ext=c
- ac_cpp='$CPP $CPPFLAGS'
- ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
--ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-+ac_link='$CC -static -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
- ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
---
-2.10.2
-
diff --git a/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb b/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb
index 2fb48f3cf..25ff63b5e 100644
--- a/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb
+++ b/meta-python/recipes-devtools/python/python3-cryptography-vectors_3.4.8.bb
@@ -1,8 +1,10 @@
SUMMARY = "Test vectors for the cryptography package."
HOMEPAGE = "https://cryptography.io/"
SECTION = "devel/python"
-LICENSE = "Apache-2.0 | BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4"
+LICENSE = "Apache-2.0 | BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=8c3617db4fb6fae01f1d253ab91511e4 \
+ file://LICENSE.APACHE;md5=4e168cce331e5c827d4c2b68a6200e1b \
+ file://LICENSE.BSD;md5=5ae30ba4123bc4f2fa49aa0b0dce887b"
SRC_URI[sha256sum] = "4c84410257993d3de058b44b777a49e1da2ae35ebea2970a360c7e3aa0f580f2"
diff --git a/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb b/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb
index baec105a3..6c7028456 100644
--- a/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb
+++ b/meta-python/recipes-devtools/python/python3-cryptography_3.3.2.bb
@@ -1,8 +1,10 @@
SUMMARY = "Provides cryptographic recipes and primitives to python developers"
HOMEPAGE = "https://cryptography.io/"
SECTION = "devel/python"
-LICENSE = "Apache-2.0 | BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=bf405a8056a6647e7d077b0e7bc36aba"
+LICENSE = "Apache-2.0 | BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=bf405a8056a6647e7d077b0e7bc36aba \
+ file://LICENSE.APACHE;md5=4e168cce331e5c827d4c2b68a6200e1b \
+ file://LICENSE.BSD;md5=5ae30ba4123bc4f2fa49aa0b0dce887b"
LDSHARED += "-pthread"
diff --git a/meta-python/recipes-devtools/python/python3-django_3.2.5.bb b/meta-python/recipes-devtools/python/python3-django_3.2.10.bb
index c10212c4c..0c5fbb8c8 100644
--- a/meta-python/recipes-devtools/python/python3-django_3.2.5.bb
+++ b/meta-python/recipes-devtools/python/python3-django_3.2.10.bb
@@ -1,7 +1,7 @@
require python-django.inc
inherit setuptools3
-SRC_URI[sha256sum] = "3da05fea54fdec2315b54a563d5b59f3b4e2b1e69c3a5841dda35019c01855cd"
+SRC_URI[sha256sum] = "074e8818b4b40acdc2369e67dcd6555d558329785408dcd25340ee98f1f1d5c4"
RDEPENDS:${PN} += "\
${PYTHON_PN}-sqlparse \
diff --git a/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb b/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb
index 74ae6cf69..7bdf126de 100644
--- a/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb
+++ b/meta-python/recipes-devtools/python/python3-gevent_21.8.0.bb
@@ -2,32 +2,23 @@ SUMMARY = "A coroutine-based Python networking library"
DESCRIPTION = "gevent is a coroutine-based Python networking library that uses greenlet to provide \
a high-level synchronous API on top of the libevent event loop."
HOMEPAGE = "http://www.gevent.org"
-LICENSE = "MIT & Python-2.0 & BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=4de99aac27b470c29c6c309e0c279b65 \
- file://NOTICE;md5=18108df3583462cafd457f024b9b09b5 \
- file://deps/libev/LICENSE;md5=d6ad416afd040c90698edcdf1cbee347 \
- "
-DEPENDS += "libevent"
-DEPENDS += "${PYTHON_PN}-greenlet"
+LICENSE = "MIT & Python-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=4de99aac27b470c29c6c309e0c279b65"
+DEPENDS += "${PYTHON_PN}-greenlet libev c-ares"
+
RDEPENDS:${PN} = "${PYTHON_PN}-greenlet \
${PYTHON_PN}-mime \
${PYTHON_PN}-pprint \
"
-FILESEXTRAPATHS:prepend := "${THISDIR}/python-gevent:"
+SRC_URI[sha256sum] = "43e93e1a4738c922a2416baf33f0afb0a20b22d3dba886720bc037cd02a98575"
-SRC_URI:append = " \
- file://libev-conf.patch;patch=1;pnum=1 \
-"
+inherit pypi setuptools3
-SRC_URI[sha256sum] = "43e93e1a4738c922a2416baf33f0afb0a20b22d3dba886720bc037cd02a98575"
+# Don't embed libraries, link to the system instead
+export GEVENTSETUP_EMBED = "0"
-# The python-gevent has no autoreconf ability
-# and the logic for detecting a cross compile is flawed
-# so always force a cross compile
+# Delete the embedded copies of libraries so we can't accidentally link to them
do_configure:append() {
- sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/deps/libev/configure
- sed -i -e 's/^cross_compiling=no/cross_compiling=yes/' ${S}/deps/c-ares/configure
+ rm -rf ${S}/deps
}
-
-inherit pypi setuptools3
diff --git a/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb b/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb
index 669c2eaee..d5594847f 100644
--- a/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb
+++ b/meta-python/recipes-devtools/python/python3-lxml_4.6.3.bb
@@ -4,9 +4,9 @@ libxslt libraries. It provides safe and convenient access to these \
libraries using the ElementTree API. It extends the ElementTree API \
significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, \
C14N and much more."
-HOMEPAGE = "http://codespeak.net/lxml"
+HOMEPAGE = "https://lxml.de/"
SECTION = "devel/python"
-LICENSE = "BSD & GPLv2 & MIT & PSF"
+LICENSE = "BSD-3-Clause & GPLv2 & MIT & PSF"
LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=e4c045ebad958ead4b48008f70838403 \
file://doc/licenses/elementtree.txt;md5=eb34d036a6e3d56314ee49a6852ac891 \
file://doc/licenses/BSD.txt;md5=700a1fc17f4797d4f2d34970c8ee694b \
diff --git a/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb b/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb
index 2377bd525..d66ef0e3c 100644
--- a/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb
+++ b/meta-python/recipes-devtools/python/python3-posix-ipc_1.0.5.bb
@@ -1,7 +1,7 @@
DESCRIPTION = "POSIX IPC primitives (semaphores, shared memory and message queues) for Python"
HOMEPAGE = "http://semanchuk.com/philip/posix_ipc/"
SECTION = "devel/python"
-LICENSE = "BSD"
+LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=dc089fb2f37e90799a54c19a20c9880f"
PYPI_PACKAGE = "posix_ipc"
@@ -13,13 +13,3 @@ SRC_URI[md5sum] = "8c9443859492ecf3aae9182aa6b5c78c"
SRC_URI[sha256sum] = "6cddb1ce2cf4aae383f2a0079c26c69bee257fe2720f372201ef047f8ceb8b97"
inherit setuptools3 pypi
-
-# DEPENDS_default: python-pip
-
-DEPENDS += " \
- ${PYTHON_PN}-pip \
- "
-
-# RDEPENDS:default:
-RDEPENDS:${PN} += " \
- "
diff --git a/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb b/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb
index 3c91eee16..87605c2b3 100644
--- a/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb
+++ b/meta-python/recipes-devtools/python/python3-pyzmq_22.3.0.bb
@@ -1,6 +1,6 @@
SUMMARY = "Pyzmq provides Zero message queue access for the Python language"
HOMEPAGE = "http://zeromq.org/bindings:python"
-LICENSE = "BSD & LGPL-3.0"
+LICENSE = "BSD-3-Clause & LGPL-3.0"
LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=11c65680f637c3df7f58bbc8d133e96e \
file://COPYING.LESSER;md5=12c592fa0bcfff3fb0977b066e9cb69e"
DEPENDS = "zeromq"
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb
index 4b36c50d5..0bf29a744 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb
@@ -26,7 +26,7 @@ SRC_URI:append:class-target = " \
"
LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = "20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4"
+SRC_URI[sha256sum] = "0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9"
S = "${WORKDIR}/httpd-${PV}"