4343 Commits

Author SHA1 Message Date
Khem Raj
1c03eacdcc
weechat: upgrade 4.8.2 -> 4.9.2
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:51 -07:00
Khem Raj
45d3d975f2
lftp: upgrade 4.9.2 -> 4.9.3
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:51 -07:00
Khem Raj
f89a53ca87
networkmanager-openconnect: upgrade 1.2.8 -> 1.2.10
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:51 -07:00
Khem Raj
e4e566dd74
libmaxminddb: upgrade 1.4.3 -> 1.13.3
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:51 -07:00
Khem Raj
f2941797ca
samba: upgrade 4.23.5 -> 4.23.8
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
ad9ddd7a85
restinio: upgrade 0.6.13 -> 0.6.19
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
07b5a47ce1
ncftp: upgrade 3.2.7 -> 3.3.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
746cf86783
squid: upgrade 7.5 -> 7.6
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
10b019a148
drbd: upgrade 9.2.1 -> 9.3.2
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
2f9806d726
libldb: upgrade 2.8.2 -> 2.9.2
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:50 -07:00
Khem Raj
ecfcf5929e
fetchmail: upgrade 6.6.2 -> 6.6.4
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
389a3ec08e
strongswan: upgrade 6.0.6 -> 6.0.7
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
c58f407e63
geoipupdate: upgrade 2.5.0 -> 3.1.1
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
20feb7fd95
openvpn: upgrade 2.7.0 -> 2.7.4
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
1c4721fa41
pgpool2: upgrade 4.6.6 -> 4.7.2
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
b411c0c71d
libowfat: upgrade 0.32 -> 0.34
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:49 -07:00
Khem Raj
d452d31302
nbd: upgrade 3.26.1 -> 3.27.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:48 -07:00
Khem Raj
60d12a4186
rp-pppoe: upgrade 3.15 -> 4.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:48 -07:00
Khem Raj
6819199777
dlm: upgrade 4.2.0 -> 4.3.0
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:48 -07:00
Xiaozhan Li
9c88053122
radvd: upgrade radvd from 2.20 to 2.21
Release notes: https://github.com/radvd-project/radvd/releases/tag/v2.21

Signed-off-by: Xiaozhan Li <Xiaozhan.Li.CN@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-15 22:43:46 -07:00
Wang Mingyu
3572bbbe74
opensaf: fix build error by adding const to comparators
Comparator objects used in standard containers (such as std::set)
must be invocable as const. Opensaf contains several comparators
that lack the 'const' qualifier, leading to compilation failures like:

  error: passing 'const XxxCompare*' as 'this' argument discards qualifiers

Add a backported patch to fix the comparators in imm_xmlw_dump.cc
and amfd/node.h by adding the missing 'const' to operator().

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-14 23:13:34 -07:00
Naman Jain
2c3c725a3b
nftables: Conditionally add ${PN}-python as RDEPENDS for ptest
This commit updates the RDEPENDS for the ptest package to include
${PN}-python only when the 'python' PACKAGECONFIG option is enabled.

This change will ensure that we dont get below failure when ptest is enabled in the distro features,
and packageconfig is not set.
It causes this error-
ERROR: Nothing RPROVIDES 'nftables-python' (meta-openembedded/meta-networking/recipes-filter/nftables/nftables_1.1.6.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'nftables-python' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['nftables-python']
ERROR: Required build target 'nftables' has no buildable providers.
Missing or unbuildable dependency chain was: ['nftables', 'nftables-python']

Signed-off-by: Naman Jain <namanj1@kpit.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-12 07:29:02 -07:00
Khem Raj
47ab5b9a8d
python3-scapy: Replace oe.utils.all_distro_featuresc with bb.utils.filter
oe.utils.all_distro_features is being removed.

Suggested-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-12 07:17:28 -07:00
Wang Mingyu
88de7c1468
proftpd: upgrade 1.3.9a -> 1.3.9b
Changelog:
==========
- Issue 2057 - SQL Injection in mod_wrap2_sql via reverse DNS
  hostname (CVE-2026-44331).
- Issue 2056 - Incomplete fix for session management with OpenSSL 3.2.x or
  later, when using TLSv1.2 or earlier.  This complements the fix for
  Issue #1963.
- Issue 2098 - Hard quota limits on uploads do not cause SFTP WRITE requests
  to fail as expected.
- Issue 2102 - SSH payload length underflow calculation for ETM/ChaChaPoly
  algorithms in mod_sftp.
- Issue 2104 - SSH packet with empty payload triggers null pointer dereference
  in mod_sftp.
- Issue 2106 - Bad DSA signatures can lead to out-of-bounds read of heap memory
  in mod_sftp.
- Issue 2108 - Mismatched RSA/DSA algorithm signatures can lead to null
  dereference in mod_sftp.
- Issue 2115 - SFTP request payload length underflow calculation in mod_sftp.
- Issue 2120 - Several modules fail to build using OpenSSL 4.0.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:35 -07:00
Wang Mingyu
6bf220159d
freeradius: upgrade 3.2.9 -> 3.2.10
Changelog:
 Correct bug where detail file reader would not read files.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:34 -07:00
Mingli Yu
8ed8512f7b
freeradius: Fix do_patch fuzz QA Issue
Fixes:
  ERROR: freeradius-3.2.9-r0.wr2600 do_patch: QA Issue: Fuzz detected:

  checking file src/main/version.c
  Hunk #1 succeeded at 622 with fuzz 1 (offset 8 lines).

  patching file src/main/version.c
  Hunk #1 succeeded at 622 with fuzz 1 (offset 8 lines).

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-09 07:26:33 -07:00
Abhishek Bachiphale
44ec3710d5
dnsmasq: upgrade 2.92 -> 2.93
ChangeLog:
https://dnsmasq.org/CHANGELOG

- Update checksum
- Remove obsolete patches
- Verified build and runtime functionality

Security fixes (included upstream in 2.93) :
- CVE-2026-2291
- CVE-2026-4890
- CVE-2026-4891
- CVE-2026-4892
- CVE-2026-4893
- CVE-2026-5172

- Removed patches corresponding to the above CVEs
  as fixes are now part of upstream release

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:50 -07:00
Ankur Tyagi
9f62f16461
freeradius: upgrade 3.2.8 -> 3.2.9
Added tag to the SRC_URI and dropped setting PV in the recipe.

https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_9

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:49 -07:00
Markus Volk
d29b453950
miniupnpd: fix build
After the recent recipe update I see this build error:
| Makefile.linux:67: config.mk: No such file or directory
| make: *** No rule to make target '/configure', needed by 'config.mk'.  Stop.

Run the configure script so that config.mk gets created

Also fix LIC_FILE_CHECKSUM. Copyright year has been changed

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:49 -07:00
Alex Kiernan
d48ec5aec6
mdns: Add additional clients
Several useful clients are available as part of the overall mDNSResponder
build, package these alongside the main binary.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:46 -07:00
Alex Kiernan
8ab1198601
mdns: Unpick directory changes during install
Be explicit about where we're taking the installation pieces from rather than
having the complexity of mixed build/source pieces based on current directory
and then confusing anyone who tries to append to do_install.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:46 -07:00
Alex Kiernan
c7271e11c7
mdns: Add PACKAGECONFIGs for idlesleepcontrol, spc and unicast
These three knobs are exposed to reduce the code size for embedded (see
mDNSCore/mDNSEmbeddedAPI.h). If you need them, you'll know you need
them, everyone else almost certainly doesn't.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:46 -07:00
Filipe Pires
357c098d2d
miniupnpd: upgrade 2.1.20191006 -> 2.3.10
Drop 0001-Add-OpenEmbedded-cross-compile-case.patch as genconfig.sh
  was removed upstream in 2.3.x.

Signed-off-by: Filipe Pires <filipe.pires@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:33 -07:00
Filipe Pires
50ae207ad7
vnstat: upgrade 2.6 -> 2.13
Signed-off-by: Filipe Pires <filipe.pires@konsulko.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-06-07 18:21:33 -07:00
Filipe Pires
373b497fdb
igmpproxy: upgrade 0.3 -> 0.4
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:56 -07:00
Wang Mingyu
861e56d1ee
wireshark: upgrade 4.6.5 -> 4.6.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:55 -07:00
Wang Mingyu
faf6da8c05
unbound: upgrade 1.25.0 -> 1.25.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:55 -07:00
Wang Mingyu
f553e9bdd6
postfix: upgrade 3.11.2 -> 3.11.3
0001-Fix-build-with-musl.patch
refreshed for 3.11.3

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:49 -07:00
Wang Mingyu
dfbd7a910c
nbdkit: upgrade 1.47.8 -> 1.47.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:49 -07:00
Wang Mingyu
aab5fcaf79
memcached: upgrade 1.6.41 -> 1.6.42
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:49 -07:00
Adam Duskett
f08a6e7c7e
tailscale: upgrade 1.94.2 -> 1.98.3
-Regenerate go module dependencies and license checksums
  -Manually verify and complete Unknown license entries

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-31 03:08:46 -07:00
Wang Mingyu
74cd808dbd
lldpd: upgrade 1.0.21 -> 1.0.22
* Fix:
   + Fix out-of-bound read access when removing VLAN tag (CVE-2026-46433, #787)
   + Reject 0-length management address in LLDP
   + Fix race condition when creating the control socket
   + Fix FDP MAC address
   + Fix memory leak in the BSD bridge query path
   + Fix duplicate management addresses when merging EDP VLAN frames

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:33 -07:00
Wang Mingyu
05fe4e2bfc
dovecot: upgrade 2.4.3 -> 2.4.4
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:32 -07:00
Abhishek Bachiphale
44c8962f48
dnsmasq: fix CVE-2026-5172
A buffer overflow in dnsmasq’s extract_addresses() function allows
an attacker to trigger a heap out-of-bounds read and crash by
exploiting a malformed DNS response, enabling extract_name()
to advance the pointer past the record’s end.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-5172 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:31 -07:00
Abhishek Bachiphale
b4c4853624
dnsmasq: fix CVE-2026-4893
An information disclosure vulnerability in dnsmasq allows remote
attackers to bypass source checks via a crafted DNS packet with
RFC 7871 client subnet information.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4893 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:31 -07:00
Abhishek Bachiphale
21c3d7eb6f
dnsmasq: fix CVE-2026-4892
A heap-based out-of-bounds write vulnerability in the DHCPv6
implementation of dnsmasq allows local attackers to execute
arbitrary code with root privileges via a crafted DHCPv6 packet.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4892 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:31 -07:00
Abhishek Bachiphale
a9de48a9fa
dnsmasq: fix CVE-2026-4891
A heap-based out-of-bounds read vulnerability in the
DNSSEC validation of dnsmasq allows remote attackers
to cause a denial of service via a crafted DNS packet.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4891 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:31 -07:00
Abhishek Bachiphale
78162615f5
dnsmasq: fix CVE-2026-4890
A Denial of Service (DoS) vulnerability in the DNSSEC
validation of dnsmasq allows remote attackers to cause
a denial of service via a crafted DNS packet.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-4890 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:30 -07:00
Abhishek Bachiphale
a53328688a
dnsmasq: fix CVE-2026-2291
dnsmasqs extract_name() function can be abused to cause a heap buffer
overflow, allowing an attacker to inject false DNS cache entries,
which could result in DNS lookups to redirect to an attacker-controlled
IP address, or to cause a DoS.

Reference:
[ https://nvd.nist.gov/vuln/detail/CVE-2026-2291 ]

Signed-off-by: Abhishek Bachiphale <Abhishek.Bachiphale@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-20 21:18:30 -07:00
Wang Mingyu
6133cecab2
pgpool2: 4.6.4 -> 4.6.6
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-05-14 23:15:56 -07:00