496a24bf06
- Remove outdated comment - Switch to git fetcher. Otherwise the official download location leads to: WARNING: exiv2-0.28.2-r0 do_recipe_qa: QA Issue: exiv2: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol [src-uri-bad] - Remove reproducibility hack. Theres no buildpath leakage in exiv2Config.cmake anymore. Changes from version 0.28.1 to 0.28.2 ------------------------------------- Release Notes: * https://github.com/Exiv2/exiv2/issues/2914 * https://github.com/Exiv2/exiv2/milestone/13?closed=1 This release also fixes two low-severity security issues in quicktimevideo.cpp: * [CVE-2024-24826](https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w): out-of-bounds read in QuickTimeVideo::NikonTagsDecoder. * [CVE-2024-25112](https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36): denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder. These vulnerabilities are in a new feature (quicktime video) that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. Changes from version 0.28.0 to 0.28.1 ------------------------------------- Release Notes: https://github.com/Exiv2/exiv2/issues/2813 This release also fixes [CVE-2023-44398](https://github.com/Exiv2/exiv2/security/advisories/GHSA-hrw9-ggg3-3r4r), an out-of-bounds write in `BmffImage::brotliUncompress`. The vulnerability is in new code that was added in version 0.28.0, so earlier versions of Exiv2 are not affected. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3a9fc5ba68d8c121e70c018d4f4a782693def40b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta-oe
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: scarthgap
luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed packages to fullfit this might have different names on different host distributions e.g. on archlinux based distributions install prerequisites like below
pacman -S lib32-gcc-libs lib32-glibc
Ubuntu sudo apt-get install gcc-multilib linux-libc-dev:i386
Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][scarthgap]' in the subject'
When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][scarthgap][PATCH"'
You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch.
Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well, 'git fetch ' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI.
layer maintainer: Armin Kuster akuster808@gmail.com