4258 Commits

Author SHA1 Message Date
Wang Mingyu
f266b3db88
atftp: upgrade 0.8.0 -> 0.8.1
License-Update: update LICENSE from https://www.gnu.org/licenses/

Changelog:
=============
- merge README* to single README.md
- Merge pull request #2 from feckert/pr/20250902-build-fixes
- Fix fortify abort when LTO is enabled
- Fix uninitialized buffer data.
- Enable listening on IPv6
- test.sh: redirect stderr to /dev/null when counting lines
- Declare variable D as local in stop_and_clean
- Fix pthread_t format warning for fprintf
- Fix incompatible-pointer-types for pcre2_substring_list_free

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-14 08:59:29 -07:00
Gyorgy Sarvari
054e388728
wolfssl: upgrade 5.9.0 -> 5.9.1
Contains many CVE fixes.
Changelog: https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.1-stable

There are a number of fixed CVEs in this version that are tracked without
version by NVD - mark them as patched explicitly.

Ptests passed:
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-14 02:16:51 -07:00
Khem Raj
b5d466f731
ntp: Fix build with -std=gnu23
Backport a patch from openLDAP to fix the configure errors with clang-22 -std=gnu23
Fix another issue by dropping C89 signatures in favor of C99 function prototypes

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-13 19:15:56 -07:00
Gyorgy Sarvari
85f7185fec
ez-ipupdate: add CVE tag to CVE-fixing patch
An already existing patch fixes a CVE (CVE-2004-0980), but it
since the patch didn't have the CVE tag, the cve checker did not
pick it up.

Rectify this ommission.

CVE details: https://nvd.nist.gov/vuln/detail/CVE-2004-0980
The same patch is used by Gentoo to mitigate this issue.
Gentoo CVE advisory: https://security.gentoo.org/glsa/200411-20
Linked Gentoo bug, containing this patch: https://bugs.gentoo.org/69658

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-13 15:28:24 -07:00
Gyorgy Sarvari
af73e716bc
corosync: patch CVE-2026-35092
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-35092

Pick the patch that mentions the CVE ID explicitly (the same commit
was identified by Debian also[1])

[1]: https://security-tracker.debian.org/tracker/CVE-2026-35092

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-13 15:28:24 -07:00
Gyorgy Sarvari
701b22fda3
corosync: patch CVE-2026-35091
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-35091

Pick the patch that mentions the CVE ID explicitly (it was identified
by Debian also as the fix[1])

[1]: https://security-tracker.debian.org/tracker/CVE-2026-35091

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-13 15:28:24 -07:00
Ayoub Zaki
96a803a50d
tailscale: upgrade 1.84.3 -> 1.94.2
-Update tailscale recipe to version 1.94.2
-Regenerate go module dependencies and license checksums
-Export GOFLAGS with build tags so do_update_modules discovers all dependencies
-Manually verify and complete Unknown license entries

Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-12 16:42:05 -07:00
Khem Raj
9583c6c401
netperf: Fix build with std=gnu23
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-12 16:42:04 -07:00
Gyorgy Sarvari
dd885c12e4
samba: upgrade 4.19.9 -> 4.23.5
Samba has a new build-time dependency, libquic[1]. The repository
builds an out-of-tree  kernel module and a regular userspace library
with the same build script, however the Makefile seems to be fairly
hostile to cross-compilation. The Samba tarball also vendors the
same with their own build script - for now, this venodred version is used.

There are some efforts that the kernel part is mainlined[2], once it
happens it should be possible to easily remove this from the recipe.

pyldb was removed from RDEPENDS, as it seems that samba now builds its
own version of it.

Patches updated, unneeded patches dropped. Some patches contained a
considerable amount of whitespace changes - those were trimmed for
the ease of rebasing.

Changelog:
https://gitlab.com/samba-team/samba/-/blob/samba-4.23.5/WHATSNEW.txt?ref_type=tags
(Switch to other branches to see earlier changelogs)

[1]: https://github.com/lxin/quic/
[2]: https://github.com/lxin/net-next/commits/quic/

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-11 08:44:33 -07:00
Wang Mingyu
da03a64bd7
dovecot: Fix checksum mismatch
Update the sha256sum to match the current upstream archive.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 17:25:50 -07:00
Khem Raj
7ef73b7db8
freeradius: Update to latest on 3.2 release
Drop backports which are already in this SHA update
Add -DTLS_STORAGE_CLASS=__thread via cflags

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 17:25:49 -07:00
Peter Marko
d8726e8917
mjansson-mdns: add new recipe
Public domain mDNS/DNS-SD library in C

Add github namespace to recipe name and handle it in CVE_PRODUCT because
there already is a different mdns recipe in meta-openembedded.

Example application is built but not installed.
This is good to verify that current toolchain is copatible with headers.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 08:03:23 -07:00
Wang Mingyu
c1f4f04b15
nbdkit: upgrade 1.47.5 -> 1.47.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 07:59:54 -07:00
Zhixiong Chi
c90f012855
networkmanager: Do not ship initrd specific services into rootfs
Those systemd services were added in 1.54 upstream
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2089

According the comments we can see they are meant for the inird
other than using for rootfs. They will conflict with the main
services and can lead to potentially confusing error messages.
So remove them for now to avoid the following issue.

>$systemd-analyze --man=false verify \
> /lib/systemd/system/NetworkManager-wait-online-initrd.service
  Failed to put bus name to hashmap: File exists
  NetworkManager-initrd.service: Two services allocated for the \
  same bus name org.freedesktop.NetworkManager, refusing operation.

Test:
PASS: bitbake core-image-minimal
PASS: runqemu qemux86-64
PASS: systemd-analyze --man=false verify \
      /lib/systemd/system/NetworkManager.service

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 07:59:51 -07:00
Gianfranco Costamagna
fa1fd093ac
ettercap: 0.8.4-> 0.8.4.1
1. Changelog
   https://github.com/Ettercap/ettercap/releases/tag/v0.8.4.1

2. Remove following patches as they were merged upstream
   CVE-2026-3606.patch

Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-10 07:59:50 -07:00
Zheng Ruoqin
e39c811dc2
linux-atm: Add kernel-module as RRECOMMENDS
Runtime command line atmtcp depends on kernel module atmtcp,
so add it as RRECOMMENDS.

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 18:51:59 -07:00
Gyorgy Sarvari
c789281ecf
tinyproxy: patch CVE-2026-3945
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3945

Backport the patches which are references by the NVD avisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 10:03:48 -07:00
Gyorgy Sarvari
d8c66c4428
tinyproxy: upgrade 1.11.2 -> 1.11.3
Drop patch that was merged upstream.

Shortlog: https://github.com/tinyproxy/tinyproxy/compare/1.11.2...1.11.3

Ptests passed successfully:

root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T15:25
BEGIN: /usr/lib/tinyproxy/ptest
starting web server... done. listening on 127.0.0.3:32123
starting tinyproxy... done (listening on 127.0.0.2:12321)
waiting for 1 seconds. 1  done
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
signaling tinyproxy to reload config...ok
checking direct connection to web server... ok
testing connection through tinyproxy... ok
requesting statspage via stathost url... ok
checking bogus request... ok, got expected error code 400
testing connection to filtered domain... ok, got expected error code 403
requesting connect method to denied port... ok, got expected error code 403
testing unavailable backend... ok, got expected error code 502
0 errors
killing tinyproxy... ok
killing webserver... ok
done
PASS: run_tests.sh
DURATION: 2
END: /usr/lib/tinyproxy/ptest
2026-04-06T15:25
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 10:03:48 -07:00
Gyorgy Sarvari
6a15ff3e9e
wolfssl: ignore fixed CVEs
These CVEs are tracked without a version by NVD, but all of them
have been fixed in the current recipe version.

The relevant fixes (from the NVD reports):

CVE-2026-0819: 2d3941056b
CVE-2026-2646: 7245ad02bb
  and 67abcc6f2d
CVE-2026-3503: cc2fdda54c
CVE-2026-3548: 84ca4a05fa
  and b3f08f33b8

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 09:46:32 -07:00
Gyorgy Sarvari
e32b974754
strongswan: mark CVE-2026-25075 as patched
The CVE is fixed in the current version already, however
NVD tracks it without version - suppress the report explicitly.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 09:46:31 -07:00
Gyorgy Sarvari
fe1b038cd8
mbedtls: upgrade 3.6.5 -> 3.6.6
Contains fixes for CVE-2026-25833, CVE-2026-25834, CVE-2026-25835,
CVE-2026-34872, CVE-2026-34873, CVE-2026-34874 and CVE-2026-34875.

Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.6

Ptests passed successfully:
root@qemux86-64:~# ptest-runner
START: ptest-runner
2026-04-06T14:04
BEGIN: /usr/lib/mbedtls/ptest
PASS: test_suite_aes.cbc
PASS: test_suite_aes.cfb
PASS: test_suite_aes.ctr
...
PASS: test_suite_version
PASS: test_suite_x509parse
PASS: test_suite_x509write
DURATION: 24
END: /usr/lib/mbedtls/ptest
2026-04-06T14:04
STOP: ptest-runner

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 09:46:31 -07:00
Gyorgy Sarvari
05f47c9374
mbedtls: drop recipe for v2
It has been unmaintained/EOL for over a year - there is
a recipe for a newer, still supported version.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 09:46:31 -07:00
Gyorgy Sarvari
e99441755f
dovecot: ignore already fixed CVEs
The following CVEs are fixed in the current version already,
however they are tracked without version info.

Upstream has confirmed[1] that these vulnerabilities are fixed,
and Debian has also identified the relevant commits:

CVE-2025-30189: https://security-tracker.debian.org/tracker/CVE-2025-30189
CVE-2026-0394: https://security-tracker.debian.org/tracker/CVE-2026-0394
CVE-2026-24031: https://security-tracker.debian.org/tracker/CVE-2026-24031
CVE-2026-27855: https://security-tracker.debian.org/tracker/CVE-2026-27855
CVE-2026-27860: https://security-tracker.debian.org/tracker/CVE-2026-27860

[1]: https://seclists.org/fulldisclosure/2026/Mar/13

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-06 09:46:30 -07:00
Khem Raj
1d12cee712
ez-ipupdate: Update to 3.0.11b8
Drop upstreamed patches
Add a patch to fix C23 build break

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-05 07:48:16 +00:00
Zhang Xiao
584fec0f74
ebtables: Use update alternatives for "ebtables"
The ebtables utility can be provided by both ebtables and iptables
packages. Set higher priority for the version provided by iptables
to prefer it.

Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-02 16:05:46 +00:00
Zheng Ruoqin
dadc302a67
vsftpd: Fix multilib install conflicts
Fix following error when multilib is used:
  Running transaction test
  Error: Transaction test error:
    file /etc/pam.d/vsftpd conflicts between attempted installs of vsftpd-3.0.5-r0.x86_64_v3 and lib32-vsftpd-3.0.5-r0.core2_32

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 19:29:12 -07:00
Wang Mingyu
bd0446e5d0
ngtcp2: upgrade 1.21.0 -> 1.22.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 19:29:06 -07:00
Gyorgy Sarvari
e43a6cf3c3
networkmanager: remove (another) obsolete CLAGS extension
The incompatible pointer warning/error has been fixed upstream[1],
no need for custom CFLAGS for this anymore.

[1]: 43bcfbcdf5

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:43 -07:00
Gyorgy Sarvari
50c5b6a117
networkmanager: remove obsolete CLAGS extension
Compilation with musl has been fixed by upstream[1], no need for custom
CFLAGS for this anymore.

[1]: d38b5d92ee

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:43 -07:00
Yi Zhao
13dac80c6f
freeradius: fix radiusd startup failure due to missing openssl legacy provider
Radiusd fails to start because the openssl legacy provider is no longer
built by default[1]:

$ radiusd -C -X
FreeRADIUS Version 3.2.8
[snip]
(TLS) Failed loading legacy provider

Add PACKAGECONFIG[legacy-openssl] to enable openssl legacy provider
support. When disabled, pass --enable-fips-workaround to configure
instead.

Backport two patches to fix the --enable-fips-workaround option.

[1] https://git.openembedded.org/openembedded-core/commit/?id=a150c3580f7f4962152444272c0fe07cfdb72df5

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:42 -07:00
Gyorgy Sarvari
4ce91ada09
strongswan: upgrade 6.0.4 -> 6.0.5
Beside other fixes, it contains a remediation for CVE-2026-25075

Changelog: https://github.com/strongswan/strongswan/releases/tag/6.0.5

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:42 -07:00
Anuj Mittal
b18b9d0c0f
netcf: remove recipe
It isn't maintained anymore and requires workarounds when gnulib is
updated.

It was only used by libvirt and with the upstream [1] and meta-virt
changes to not require it anymore, this can be dropped.

[1] 35d5b26aa4

Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:41 -07:00
Yi Zhao
9c7e2aa21b
tftp-hpa: upgrade 5.2 -> 5.3
* Use git instead of tarball in SRC_URI.
* Update configuration options.
* Clean up and refresh local patches.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:41 -07:00
Gyorgy Sarvari
0c78085b36
dovecot: upgrade 2.4.2 -> 2.4.3
Drop patch which is included in this release, and add a patch that
adapts a lua api call to the lua version that is used in OE.

License-Change: the unicode license text has been updated, there should
be no material change. However while examining these changes, I noticed
that some parts of the code are covered by licenses not mentined in the
recipe. It should reflect all licenses now.

Tis version contains fixes fox CVE-2025-59028, CVE-2025-59031, CVE-2026-24031,
CVE-2026-27859, CVE-2026-27860, CVE-2026-27857, CVE-2026-27856 and CVE-2026-27855

Changelog: https://github.com/dovecot/core/blob/main/NEWS

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:40 -07:00
Changqing Li
274be7aad5
strongswan: update PACKAGECONFIG soup
Refer [1], this can fix do_configure failure:
| checking for libsoup-3.0... no
| configure: error: Package requirements (libsoup-3.0) were not met:
|
| Package 'libsoup-3.0' not found

[1] 6ddabf52d5

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:39 -07:00
Michal Sieron
a4b25c01a5
postfix: Convert confusing appends to override syntax
While in this case `RDEPENDS:class-target +=` wouldn't result in any
unwanted override, there is no guarantee there won't be a change, which
would be hidden by this override. To avoid any surprises in the future
let's use `:append:class-target =` syntax here.

Signed-off-by: Michal Sieron <michalwsieron@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-04-01 13:16:37 -07:00
Haixiao Yan
79201ef95e
openvpn: fix ptest
The openvpn 2.7.0 upgrade refactored
tests/unit_tests/openvpn/Makefile.am, changing how test_binaries is
defined. This caused autoreconf to generate Makefiles where
buildtest-TESTS and runtest-TESTS no longer have rule bodies, breaking
the existing ptest recipe which relied on these targets for compilation
and execution. The fix replaces these internal automake targets with
stable interfaces: check-am for compilation and direct binary execution
on target.

Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-27 09:09:05 -07:00
Wang Mingyu
0fa5048df9
lldpd: upgrade 1.0.20 -> 1.0.21
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-27 09:08:54 -07:00
Wang Mingyu
6bcc44f923
libdaq: upgrade 3.0.25 -> 3.0.27
Changelog:
==========
- libdaq: add a ChangeLog.md file to track changes
- pcap: add basic rewind feature upon reaching EOF (excluding stdin and pcapng)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-27 09:08:53 -07:00
Zoltán Böszörményi
d03b346047
openvpn: Upgrade to 2.7.0
Release notes:
https://community.openvpn.net/ReleaseHistory#openvpn-270-released-11-february-2026

Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-24 23:32:48 -07:00
Ricardo Simoes
0ad13811e5
mbedtls: Update HOMEPAGE
Mbed OS has reached its ends of life in 2024 [1], the annoucement also
includes the change of the Mbed TLS homepage. This commit updates the
HOMEPAGE variable in the mbedtls recipe to reflect the new URL.

Additionally, the BUGTRACKER variable is added, as it is a required
field [2].

[1] https://os.mbed.com/blog/entry/Important-Update-on-Mbed/
[2] https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#required-variables

Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-24 09:13:49 -07:00
Ankur Tyagi
84b2e83ab0
wolfssl: upgrade 5.8.4 -> 5.9.0
Conatins many CVE fixes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.0-stable

Dropped CVE_STATUS for version 5.8.4 specific CVE conflicts.

Ptests:

START: ptest-runner
2026-03-23T10:28
BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.Y7VEJ2/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 130
END: /usr/lib/wolfssl/ptest
2026-03-23T10:30
STOP: ptest-runner
TOTAL: 1 FAIL: 0

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-23 13:34:21 -07:00
Aviv Daum
cec3e0fd96
lldpd: fix xml PACKAGECONFIG dependency
The xml PACKAGECONFIG entry uses libxm2, which is a typo and not a
valid dependency in OE.

Replace it with libxml2 so enabling PACKAGECONFIG:xml pulls in the
correct provider.

Signed-off-by: Aviv Daum <aviv.daum@gmail.com>
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-23 13:34:20 -07:00
Yi Zhao
a5cf65f55f
frr: upgrade 10.5.2 -> 10.5.3
ChangeLog:
https://github.com/FRRouting/frr/releases/tag/frr-10.5.3

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-23 11:03:27 -07:00
Khem Raj
752aad0e32
netcf: Fix build with newer autotools and gnulib
Newer gnulib use python implementation by default if it
finds py3 on the system. However, netcf is old package
and its not expecting python implementation, therefore
make the shell implementation be used.

REALLOC_N is gone in latest gnulib so house a local
macro

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-22 22:37:12 -07:00
Khem Raj
01134021ff
ntopng: Upgrade to 6.6
Fix build with Lua 5.5
Add fixes to build with ndpi 5.0

Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-22 14:13:01 -07:00
Alex Kiernan
fdc07c4469
mdns: Upgrade 2881.0.25 -> 2881.80.4.0.1
Add new patch to fix breakage from Apple Wireless Direct Link support on
macOS.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
2026-03-21 14:56:25 -07:00
Andrej Kozemcak
bc155291f1
mosquitto: upgrade 2.0.22 -> 2.1.2
License-Update: Change license to EPL-2.0 OR BSD-3-Clause
  Clarify license in LICENSE.txt: f466e454e0
  Updated NOTICE.md: https://github.com/eclipse-mosquitto/mosquitto/commit/827c803cb8d6376891548b856a1faa3f0ab5

Removed patch included in this release

Update PACKAGECONFIG/cmake options:

- manpages: -DDOCUMENTATION → -DWITH_DOCS (the CMake option was renamed in 2.1.x)
- ssl: removed -DWITH_EC=ON/-DWITH_EC=OFF; the WITH_EC option was dropped in 2.1.x
       since Elliptic Curve support is now always included with TLS
- websockets — adapt websockets to properly use with picohttpparser
- persist-sqlite -  for persistence support in the broker, have sqlite3 dependency
- ctrl-shell: mosquitto_ctrl interactive shell, have libedit dependency

Disable `DWITH_ADNS` option because it required Argon2, which is not part of
meta-oe layer

Disable `DWITH_TESTS` option because mosquitto start using GoogleTest
and we hit a common Yocto + CMake + GoogleTest problem

Improve shipped package to modern version

Changelog:
v2.1.2:
  https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.2/ChangeLog.txtgT

  Broker:
    - Forbid running with `persistence true` and with a persistence plugin at the
      same time.

  Build:
    - Build fixes for OpenBSD. Closes #3474.
    - Add missing libedit to docker builds. Closes #3476.
    - Fix static/shared linking of libwebsockets under cmake.

v2.1.1:
  https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.1/ChangeLog.txt

v2.1.0:
  https://github.com/eclipse-mosquitto/mosquitto/blob/v2.1.0/ChangeLog.txt

Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-03-20 14:13:11 -07:00
Khem Raj
4938f15e42
tunctl: Make cflags weak in makefile
ensures it used flags from OE env

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-03-20 14:13:04 -07:00
Khem Raj
62d8c7ee7d
ndpi: Upgrade to 5.0 release
Drop downstream cross compile patch, the relevant code is removed in new version

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-03-20 14:13:03 -07:00