From patchwork Wed Apr 15 20:19:21 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86165 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB10AF428E0 for ; Wed, 15 Apr 2026 20:19:51 +0000 (UTC) Received: from mail-qk1-f179.google.com (mail-qk1-f179.google.com [209.85.222.179]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4573.1776284386444988967 for ; Wed, 15 Apr 2026 13:19:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=ngNHyFDG; spf=pass (domain: konsulko.com, ip: 209.85.222.179, mailfrom: scott.murray@konsulko.com) Received: by mail-qk1-f179.google.com with SMTP id af79cd13be357-8c9f6b78ca4so848805885a.0 for ; Wed, 15 Apr 2026 13:19:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284385; x=1776889185; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BOajnEUAWdGhadAr0KsjO9e0qb1yiolOX9SX5/g4cNo=; b=ngNHyFDG3BBxzxeEU9OjYpnCjwZ2BiOZ70bWI9Sy7VrwNDUckKqxe/lSZNsmaCjvIn 6sj8OhAIAp+UPPWpO9c5eOjlXHNwEuws/pGPBr1qs7WyFjgeKz3WzE3WxjyaWY9D7Gqa THnrnmKF3ZPvVc0PwwLxq5/ivRj8wBtGVkplY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284385; x=1776889185; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=BOajnEUAWdGhadAr0KsjO9e0qb1yiolOX9SX5/g4cNo=; b=L7KIywwUw7qfgxKUKSFAJriu/aDp6lFkB3fJnRqxBT3Ev651rePqY5hVCBiWM8hr/0 LYxU0/1tOppenKUmFWmHoDiNNNRcFRxg+4CyS0tVGUDIWZ3V+rad1FwU5SP2ER3kfyEI oAHIWhPBR9m4zreY1vMphnUXfvOEE5qm9XdbEeqTrqp3h1S1DD1mJTU1nDwNMiJ7fwGG GL3jOtBxmv3+CFg/ExCss/ZlZuxHM1sOLGipaXWugq1aQeLi9Dobm6e6iEtyX46liVXH DD6Xgv/UPnVxuGh4O1U2M1WIWDGulmaFVX5KNoN5fh4PVd0mAwlvh6Q2bnEGiA6Fo0MS g0Dw== X-Gm-Message-State: AOJu0YwzprtUwl8tFwEbNCNVo5phgb7AjiRKBaPoU3fBqYCIeWjw1UkV 8vPBSDe40supK0UAuIZSD+eWRBCPuGhtJzSQOeNm1T2rLUlLTmRtGWK0gaMJLugTnFcySnN1gcH 8oLtH X-Gm-Gg: AeBDievyKRdV0z1pU+6KA3lDHugQKYMAJ98141A0hD4CSdC/Qk4PdYeGNECQa6m6xLT d9nVoaNWMrFJCWzncKpa/vBAPycnfybzk1Y3XM5r4uV2nfhA8gyhunUfTmkfXcClE0pBIBgGiw0 JUirIY4qi/wtqhSptFQ15Dq9/FjvtxQ4BjJdcV7NW0fstb8Eb9pbxf9wENtd6qFvrgGGdy5ddBS 7iUjxCHOLWffGKiZa3+oY5HmKSEvVqbAo2lRJ2J18WiQgWXLsExtIU201cUVsbhph+Wo45WgtlR Cv+9r1MVXalaoTjIHUTJJd+ZiRQ5Edo7kQP6bwJ1Dypw+DOH7vNiYhlnbVNNJ9gW7yKee+5aB5U VXGFsgMBWP6/QAghHdLsSpVEp+CYCFnso4Nwrq6EZWgWZR9TNVctZP68A1NY2qdsLkplQb9d/+2 HB9o3FahJuBtwcYDFnmiFfMzFu/Zr+Odn3iEg6XSHsl2IsBQmIcrRxGnvmjRSK6yFC3rBYfGZ87 dC+rncfqNy8Do7cgVpdtifOYnzD/C6AlGAHYFFQRgdNtIYpP4H2c3rGYTko3VRy X-Received: by 2002:a05:620a:4713:b0:8cd:8fc7:831f with SMTP id af79cd13be357-8ddcfca61aemr3525779785a.56.1776284385026; Wed, 15 Apr 2026 13:19:45 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:44 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 1/7] libtpms: fix build with glibc 2.43 Date: Wed, 15 Apr 2026 16:19:21 -0400 Message-ID: <62a62bc7c0231c86d9e759a6f976d9b5e410a62c.1776283733.git.scott.murray@konsulko.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:51 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3709 From: Peter Marko Backport patch stable-0.10 branch (not tagged yet). Signed-off-by: Peter Marko Signed-off-by: Scott Murray --- ...ilation-error-in-TPMLIB_GetPlaintext.patch | 34 +++++++++++++++++++ meta-tpm/recipes-tpm/libtpm/libtpms_0.10.0.bb | 4 ++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 meta-tpm/recipes-tpm/libtpm/libtpms/0001-Fix-a-compilation-error-in-TPMLIB_GetPlaintext.patch diff --git a/meta-tpm/recipes-tpm/libtpm/libtpms/0001-Fix-a-compilation-error-in-TPMLIB_GetPlaintext.patch b/meta-tpm/recipes-tpm/libtpm/libtpms/0001-Fix-a-compilation-error-in-TPMLIB_GetPlaintext.patch new file mode 100644 index 0000000..3a82473 --- /dev/null +++ b/meta-tpm/recipes-tpm/libtpm/libtpms/0001-Fix-a-compilation-error-in-TPMLIB_GetPlaintext.patch @@ -0,0 +1,34 @@ +From a20f8b6a22f1ae60d96ae7e554f5e13dd431471b Mon Sep 17 00:00:00 2001 +From: Stefan Berger +Date: Fri, 2 Jan 2026 11:37:31 -0500 +Subject: [PATCH] Fix a compilation error in TPMLIB_GetPlaintext + +Fix a compilation error that newer gcc versions may complain about: + +tpm_library.c: In function 'TPMLIB_GetPlaintext': +tpm_library.c:441:11: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers] + 441 | start = strstr(stream, starttag); + | ^ +At top level: +cc1: note: unrecognized command-line option '-Wno-self-assign' may have been intended to silence earlier diagnostics +cc1: all warnings being treated as errors + +Upstream-Status: Backport [https://github.com/stefanberger/libtpms/commit/a20f8b6a22f1ae60d96ae7e554f5e13dd431471b] +Signed-off-by: Stefan Berger +--- + src/tpm_library.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tpm_library.c b/src/tpm_library.c +index f48f4fd3..7b2ea687 100644 +--- a/src/tpm_library.c ++++ b/src/tpm_library.c +@@ -435,7 +435,7 @@ static unsigned char *TPMLIB_GetPlaintext(const char *stream, + const char *endtag, + size_t *length) + { +- char *start, *end; ++ const char *start, *end; + unsigned char *plaintext = NULL; + + start = strstr(stream, starttag); diff --git a/meta-tpm/recipes-tpm/libtpm/libtpms_0.10.0.bb b/meta-tpm/recipes-tpm/libtpm/libtpms_0.10.0.bb index 3727bb3..7f00216 100644 --- a/meta-tpm/recipes-tpm/libtpm/libtpms_0.10.0.bb +++ b/meta-tpm/recipes-tpm/libtpm/libtpms_0.10.0.bb @@ -3,7 +3,9 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=e73f0786a936da3814896df06ad225a9" SRCREV = "17f253a767f6b5b7813ae33f12bc79c479576cdc" -SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-0.10;protocol=https" +SRC_URI = "git://github.com/stefanberger/libtpms.git;branch=stable-0.10;protocol=https \ + file://0001-Fix-a-compilation-error-in-TPMLIB_GetPlaintext.patch \ +" PE = "2" From patchwork Wed Apr 15 20:19:22 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86167 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A018F428EC for ; Wed, 15 Apr 2026 20:19:52 +0000 (UTC) Received: from mail-qv1-f45.google.com (mail-qv1-f45.google.com [209.85.219.45]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4574.1776284386983647268 for ; Wed, 15 Apr 2026 13:19:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=po2dawUQ; spf=pass (domain: konsulko.com, ip: 209.85.219.45, mailfrom: scott.murray@konsulko.com) Received: by mail-qv1-f45.google.com with SMTP id 6a1803df08f44-8a4b8c3a30bso81361436d6.3 for ; Wed, 15 Apr 2026 13:19:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284386; x=1776889186; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZO/Txp+v1hd+xfMkX/JULc80qjePhEStAJLUEtj/5ok=; b=po2dawUQ4O/y/Rqu+x9RMmvmGfxPNRkjzVk2vAZuILDlZ1d3JQzPhszHzWKyyymhGj CAUjE/LFkmfvzle18NnlyXJab3GgRW6EF9WyFt6fRueyHzpXn0SK0/Qoh57nzyKjOm2a d71EZHv7tufOwL8tAlMnHc1FCy7KDPFh2ciy8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284386; x=1776889186; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=ZO/Txp+v1hd+xfMkX/JULc80qjePhEStAJLUEtj/5ok=; b=esrvwwu6EmMGLo23we/XPHiZmoEKov+S1By1yelM3b8p8n5i7r1qLSZtYlr2NHJuId V2gYEkiAKE64+FBvrse+pwIagZddGylxBi7go/lRs0uWkdXEJBS0Y3yGGeHs3q7uJgAy Rvj9ypt8cyGp3kVDV0sshh2aQmhxXYnF78xTu9j+wmj9RtBOb7H8KWGeAquR3nYFRp2g 0TemmmkGXGQX8Cj0n1YnTxJlABgp/M5AsOjFt5e/uGv4+oE2BLiVYc5cVzzlA3IY6J/k 4uuWwVgBHFQN00hJ/hKfU0AqBl8X+48A4EfPHmB2uM1wbZ6ozOKccqCEIvzt0SGpfKdO V1RQ== X-Gm-Message-State: AOJu0YzNLXDqDmu+HUl7g4fgzTu5yBcfwayr7559Qx/GBIxaZP3bwvZ/ 6NKYApOn6PjparmhAsKObSvTXYto8LDPMA60XnDPU2UnlFgvIKhATz1Pg3JYTZN+5Un1PbFSnq7 NeKab X-Gm-Gg: AeBDieu22Vr7UMxflY5oeZKOR05trWrKHlnLPV9nX/2ojgpN60d6wrIExlN2pCHqlOb gHI3l9mibyAA7OaR47q88l/lK7pC8NwxsQ1aGbMNyAtjayNENjIfy5YoX7S084Dt7TrcoiIuzSB zkCHqfYYwUliG68tgN2GQAUta+GE0FU04u9IdY0+j9h2PQtXYi/i1cl/r3ZVDJ30Yzs3FRwYFmx arICwxJ9AxOaY8ZYZogLqrG+hr7PssVRGTJT0YA54hh7dQ81HmVr0n4SpGqQqOuU8lvfQ0Af8OA 4geVCKDjhCwpFlzdA/fG8AZeg3unpnjdbWRw6nmySWi37dZv32018YN/FapJ09bCUADyqT/wLQ7 01hJJH1wDLzw2pp7oQ3mYweJnkKgkH8i1J5FP1YYWj22uQWD4Me9YDhh0HLX/T2nBkVgKvJkm8C /PXdyb2tRSbxBxWzcaiESbfAc/hj5UH+FDFhCPdXrRYc/QBA1vTr7d4NcwbPtrjY1zE2Hny/0qb T7av2ZkAwQfBPrPp7UxDJLivRAY7UJxQLb3Rjyj5C9/VqVAfQyucNqObSQhySBA X-Received: by 2002:a0c:e00d:0:b0:8ac:b31c:9961 with SMTP id 6a1803df08f44-8acb31c9b95mr170272056d6.43.1776284385710; Wed, 15 Apr 2026 13:19:45 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:45 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 2/7] scap-security-guide: upgrade 0.1.78 -> 0.1.80 Date: Wed, 15 Apr 2026 16:19:22 -0400 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3710 From: Yi Zhao ChangeLog: https://github.com/ComplianceAsCode/content/releases/tag/v0.1.80 Signed-off-by: Yi Zhao Signed-off-by: Scott Murray --- ...p-security-guide_0.1.78.bb => scap-security-guide_0.1.80.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename recipes-compliance/scap-security-guide/{scap-security-guide_0.1.78.bb => scap-security-guide_0.1.80.bb} (97%) diff --git a/recipes-compliance/scap-security-guide/scap-security-guide_0.1.78.bb b/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb similarity index 97% rename from recipes-compliance/scap-security-guide/scap-security-guide_0.1.78.bb rename to recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb index 919a09c..ab495db 100644 --- a/recipes-compliance/scap-security-guide/scap-security-guide_0.1.78.bb +++ b/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb @@ -6,7 +6,7 @@ HOME_URL = "https://www.open-scap.org/security-policies/scap-security-guide/" LIC_FILES_CHKSUM = "file://LICENSE;md5=9bfa86579213cb4c6adaffface6b2820" LICENSE = "BSD-3-Clause" -SRCREV = "f7d794851971087db77d4be8eeb716944a1aae21" +SRCREV = "a1b32362394c7739a7a94426c61c7cb24449d9a0" SRC_URI = "git://github.com/ComplianceAsCode/content.git;protocol=https;branch=stable \ file://run_eval.sh \ " From patchwork Wed Apr 15 20:19:23 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86170 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D960F428F4 for ; Wed, 15 Apr 2026 20:19:53 +0000 (UTC) Received: from mail-qv1-f53.google.com (mail-qv1-f53.google.com [209.85.219.53]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4575.1776284388099921470 for ; Wed, 15 Apr 2026 13:19:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=tTWCI2gm; spf=pass (domain: konsulko.com, ip: 209.85.219.53, mailfrom: scott.murray@konsulko.com) Received: by mail-qv1-f53.google.com with SMTP id 6a1803df08f44-8a08fa355a1so99470656d6.0 for ; Wed, 15 Apr 2026 13:19:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284387; x=1776889187; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xr4UGeEuEPMgzFsI5rjN/XaisWeHYkYQrc7ln7vsvyg=; b=tTWCI2gmPF91WRbuwDksRhfr2ctgcduofAYavzoUetfOnCoZNTV1OTb0o/pVesePRw xb8Wr3WjQhTKOMydZxlxmuByL/chGLGWAHRKsycB7yQk9TKKs9b1ftTR+03F07AUmxKu JUQ21F3KSasd03mq25Z53ciPRvNAMZUkF58sE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284387; x=1776889187; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=xr4UGeEuEPMgzFsI5rjN/XaisWeHYkYQrc7ln7vsvyg=; b=sZcDFpCQuYXSsIZZZWDRqLBAuXucjHX90atgW0z5wJreL2Fba4TQuyepdwVOctiL5o k+fI97SbM1tlZP2qD30TNump4LGoapF5AefwX0oDIuHXtDxbkr9gHZGLKjesGN3Zv9S4 gktOlxOdOPtUvMfJR0+tp33jRlYNEzW/FKTK9tBNUSp+ZHRiZ4kkhf0upwii/Q52vjUk 7Crw7rNkisicAl9YBFNlkQMg2y9bBcJ8prs70Uvm6n79OHcCMdr5/sYS5kDkTaxJxjrs 2mS4+Ic7D/AGDBaHw/02F8GGROGzJ1bMxIF0UH09fhxLQuFXkhdu9JLQYPHIQETYwMnq q/nw== X-Gm-Message-State: AOJu0YyNv3G9hmVEAxZho1DpApAQqFpnwZmQPoqEshUa8wAnrI8rNiaK P5HSilmi3Am5DL4JMtR1C0lpEhkfKGgIsDJk4bMzlxMRnaift3AJ+ThSzgqHIBDpdBWAZ1oxb5V sjHrV X-Gm-Gg: AeBDieuw5qenDuKfTBfXr+IjRrVehHddB6Udx27kBgcsP0wS695S3yJsvvHUaSsfQ7T d5/eZzDk0qalfT541SM9KzOls7lWgvbeSrK+GCQiqdYdrN0Ten4fPVdVQSLhwfuXLmwdJrWK3Lu cUkMaIJBp4I6P0XUlorgL6ymyOCqS/nn0CmqwPI9dlVxegBVSQjM76YNDz8q3wJ9R134HloE+u7 9tVAEK8kgrGi7zDymvRvwecePb6X+If+tu7CoPYjFvvn43uwOWrIvul/DAwMFP4s/FFVbiQsAuF ZHgzGl/FeveJUzozK35vOVxUl1h8gyI4b7ogulsWnAiweZc4AhiiiEUG74HwLjsYTG5mQPwNRgD QrXVdna4cagsW9eSkFmeyYjTtamk5oZ0ljcKI6nNaq6g9ZQRUUxlUZoTKxRSamCX9MeIP5s40u9 EYIxS3w+flSdLOGoTlGg5FRr+UQHyY0mYl9Ln0eB/FRi+9XV3bPauvpbHHvrksyJpuBKc0SlxKy PPLHotaRBcbawM+S9NX2S3q4DanlEUlk3TT1et4dB29kw/7TjX4uN73sNV6k1vn X-Received: by 2002:a05:6214:3f88:b0:89c:d419:778e with SMTP id 6a1803df08f44-8ac86319cb0mr372189026d6.54.1776284386624; Wed, 15 Apr 2026 13:19:46 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:46 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 3/7] openscap: upgrade 1.4.2 -> 1.4.3 Date: Wed, 15 Apr 2026 16:19:23 -0400 Message-ID: <1ed57b9ee1b7fdc2a4dab815f4aac5ec010b934d.1776283733.git.scott.murray@konsulko.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:53 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3711 From: Yi Zhao ChangeLog: https://github.com/OpenSCAP/openscap/releases/tag/1.4.3 Signed-off-by: Yi Zhao Signed-off-by: Scott Murray --- .../openscap/{openscap_1.4.2.bb => openscap_1.4.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename recipes-compliance/openscap/{openscap_1.4.2.bb => openscap_1.4.3.bb} (98%) diff --git a/recipes-compliance/openscap/openscap_1.4.2.bb b/recipes-compliance/openscap/openscap_1.4.3.bb similarity index 98% rename from recipes-compliance/openscap/openscap_1.4.2.bb rename to recipes-compliance/openscap/openscap_1.4.3.bb index 7b3786e..e1cb295 100644 --- a/recipes-compliance/openscap/openscap_1.4.2.bb +++ b/recipes-compliance/openscap/openscap_1.4.3.bb @@ -13,7 +13,7 @@ SRC_URI = "git://github.com/OpenSCAP/openscap.git;branch=main;protocol=https \ file://0001-CMakeLists.txt-fix-installation-directory-for-system.patch \ " -SRCREV = "e9b2a41f5796f5ead3d1e2d9df1fb06818a569ac" +SRCREV = "24986066961363e24fcff83294995b3cfe4058ba" COMPATIBLE_HOST:libc-musl = "null" From patchwork Wed Apr 15 20:19:24 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86171 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9DF0AF428F6 for ; Wed, 15 Apr 2026 20:19:53 +0000 (UTC) Received: from mail-qv1-f51.google.com (mail-qv1-f51.google.com [209.85.219.51]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4576.1776284388649375151 for ; Wed, 15 Apr 2026 13:19:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=LA72ucRf; spf=pass (domain: konsulko.com, ip: 209.85.219.51, mailfrom: scott.murray@konsulko.com) Received: by mail-qv1-f51.google.com with SMTP id 6a1803df08f44-8a093c784b0so87326086d6.3 for ; Wed, 15 Apr 2026 13:19:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284387; x=1776889187; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UGuN/p2AdVvShBfqA4gnAgz6efLOkw7nTrAWz7BrR/4=; b=LA72ucRfANVIMQDVflRpN2ylBpX0pScnf4V7uViqBA/ucKvZjWDgZZMO6io9jGZ43M AQedGFdRc3BjPHTBhVB3r1shz0Epoc64dK2PiI0ac5kpwjXCa7G6vDLZVBafaYrsriF5 nqqC7MNV56iReSzyXVLTL1kV7ggaPIbAINCNk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284387; x=1776889187; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=UGuN/p2AdVvShBfqA4gnAgz6efLOkw7nTrAWz7BrR/4=; b=j1Rr+sN7RftUsTfohs2cForue764zSBzE4EXU9o2C3ZDZV07m32hGv+TFSgObZnK/T znMo0XtFV0nsQKCNutgQy3gAVRMpNZFVA1ZJhp64sKNnADWAzO8YsqKV3/mjQWgu8dEC ynIP32SC1UiIkI+eItSpXPLMHdePf5imxbnM4ZrBK/BprzHdQBjwGnOU42ychlPWXh6Y lvJXu3lIQd85s6gM3iOKsXBWRaYwcuzD9Dyy/seDdscIRd6ByHbHWQQI5zA9lwEt7C+R 8l/6qr8eIrL+51t6HvKbXQJuhnCyhquQmRLnsSFpVTF/Li24kPajlF3VYVDQW6+L1mfz qCGQ== X-Gm-Message-State: AOJu0YyyZUVn2Fb8F3YhYs+FVngnocuvj7jzHR3Ag80KSEUNWpfsWNjU Vplbf4Pphnx32mHCbIiYT0CcHZUTP2szMTIXbAxwSGi6Xq8jhQ/j/4GzQwTwGoYixcBJadRAUA0 k0nqm X-Gm-Gg: AeBDievE60jyfUT2TpK8q7RuKr/vXDtkcdIgLxvI2/ny9U/4ZKOzdkE+5tsKBnA38gB Zr/j8HMoPA+cDwv9WZWuTOumSs7z+rW1cIcmzqO5gGVwsDNtxK8fCBe/eLISLx0dSFNiG1UVj4U 9/mynP1yKrOuPQDDC/TgjUAvlg8Kz3xzPXKMl2CGw+XZ00B3dKIge6qHtj0B4tm66X6D4S5fIZg 6hlGzGc+6kSPD/RoojIYDjNgesGQ7felZSceI2gCrizKcNWzhTcqjTJcEiuzam+8YnViOLJ2Nfm hr+430wCnN2Biqir8gMd0ovGhZFdknl5v84mvixSRBYiwLwCYIyXt5jXzSfztoJLd4BKQu1fwIa J/Ai9XTPsNrO+Ahke4+j7ZX/ZX0XB9Fq3PSTvBdTdELATxURmXrPpJzbbRd+Ns0cBIfh9Ga7Bgm p7+fzHGFu6FHhGAhVy+geQNj8Z/DPvpA9QfT790nYzLhCERCYD1AYFQfPR8OPDgKwC/wCBijxkQ OoDOS1EQpGQKtFQ22I4/6QPQbuNm3OUuINZalXPDmGbxxloy9XNZ6VF55Zohohz X-Received: by 2002:a05:6214:258f:b0:899:fd8c:55c3 with SMTP id 6a1803df08f44-8ac861b7754mr349530606d6.22.1776284387390; Wed, 15 Apr 2026 13:19:47 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:47 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 4/7] wic: wic need to be moved to files/wic within the layer to be found/used Date: Wed, 15 Apr 2026 16:19:24 -0400 Message-ID: <596b966a0d047c2f48cb768821558e918ae0c477.1776283733.git.scott.murray@konsulko.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:53 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3712 From: Khem Raj Signed-off-by: Khem Raj Signed-off-by: Scott Murray --- {wic => files/wic}/beaglebone-yocto-verity.wks.in | 0 {wic => files/wic}/systemd-bootdisk-dmverity-hash.wks.in | 0 {wic => files/wic}/systemd-bootdisk-dmverity.wks.in | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename {wic => files/wic}/beaglebone-yocto-verity.wks.in (100%) rename {wic => files/wic}/systemd-bootdisk-dmverity-hash.wks.in (100%) rename {wic => files/wic}/systemd-bootdisk-dmverity.wks.in (100%) diff --git a/wic/beaglebone-yocto-verity.wks.in b/files/wic/beaglebone-yocto-verity.wks.in similarity index 100% rename from wic/beaglebone-yocto-verity.wks.in rename to files/wic/beaglebone-yocto-verity.wks.in diff --git a/wic/systemd-bootdisk-dmverity-hash.wks.in b/files/wic/systemd-bootdisk-dmverity-hash.wks.in similarity index 100% rename from wic/systemd-bootdisk-dmverity-hash.wks.in rename to files/wic/systemd-bootdisk-dmverity-hash.wks.in diff --git a/wic/systemd-bootdisk-dmverity.wks.in b/files/wic/systemd-bootdisk-dmverity.wks.in similarity index 100% rename from wic/systemd-bootdisk-dmverity.wks.in rename to files/wic/systemd-bootdisk-dmverity.wks.in From patchwork Wed Apr 15 20:19:25 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86168 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 22A55F428E3 for ; Wed, 15 Apr 2026 20:19:52 +0000 (UTC) Received: from mail-qv1-f53.google.com (mail-qv1-f53.google.com [209.85.219.53]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4577.1776284389285420549 for ; Wed, 15 Apr 2026 13:19:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=KsEsIoWJ; spf=pass (domain: konsulko.com, ip: 209.85.219.53, mailfrom: scott.murray@konsulko.com) Received: by mail-qv1-f53.google.com with SMTP id 6a1803df08f44-899a5db525cso56616226d6.3 for ; Wed, 15 Apr 2026 13:19:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284388; x=1776889188; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=T9vUmqE6XkYEFOuykPYe5gYE2YnVQF45LI4gwNdOV7U=; b=KsEsIoWJT7AK29P8LsPnjLUuPLu11tnpqCX36DS+E0L9ByMPdtC22EBLzpBuRq4eaE lT9QjBB5WmL08KC4OlWOehc8XoOYsCMD78n4srsyLuFAPvxs6AHsGgwad/yFP7b3LqdG BS7EvJX62Y8CwEeODaNrLcqMq1ddN6iyy0RRk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284388; x=1776889188; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=T9vUmqE6XkYEFOuykPYe5gYE2YnVQF45LI4gwNdOV7U=; b=kfdykh/KRiv++zGw2x5yn2vS0NAUy56celCW+wrcFeNWxEVBhJJnWNrCv/+xuRb8fF YYOH2VAAb6jIt7OptaNmhH7TPL6eZfij+B72TszD985Nrqarh2GGtzJ+ptDKET/A1bA7 9OKQNS3tMspAAAEZtt7PTRebIM2Ke1RgIKYoKuJCK9lCIRTnze8XPVrJiVQ5IuqulWH5 JUidpgjBunTe242QBMXq0CpCUNfR39igexbiohG09zUXreJIupsbaPJrPKret75I8HS5 UvT0w4NyNSQ19GY7ZfRoXQg7whD5fLhIxFeaMVfwNr1iR3yJQOW+cmdcRvLpGWPrfDt6 TVbA== X-Gm-Message-State: AOJu0YxmOu+IYvYqBihbGjs70npbL7TosQvYFKtROV4EzHqMNWdiidKk JDKck4GTAe+xUJsLVr7uz5iADNMx1F9jm+cc8CA+WgXyznaFhmCkoj7vgvqSjvH+nQ8GYsaOfOD 5XaO0 X-Gm-Gg: AeBDievb9an22N8o73vsfS03UK/iz8wjwQlZQwyLzPhQBneJbyBXHiAlEdMWAOf5AoC camKOeuWPfxoO8fEwyXdVd35iR0ObeCZi9sgqt1jpCiJpwj3orlzOQJ/PdOWqpaORxU9bvnA+RT XEdO6QFeA6sbLd3Pl/hk9EpDAwR9Eu1jfoBXfPSVrOCqAI5mnyBK0mPHpMgF0GKIO+H9Xk+LZEI oCCf4QjdtlACNdla5NbufNDeDWJgcD5MIASAKrkJrUJISNwJcK7vRPVAZxpLV9FUvTQ/aKvaODl Rtmt5P3d2oWmWpxW4aQTq3Ccdq/eZBZlWpU4Yx+zyTHdTiCR1btU32LaPr1rlFiHJVQSe28ZXk5 g+4UKzwjOPVxvAKLOw/ISpFKbV1psqGGhGQuckCREA3wFz5xGenS/BM47/ysNcp3PfY7TVF5Uwo zUH6ObNJx69aj+AeIlVS5yk79I4Kp+qw45pwjh3q/kU1t36ejLDDiaOmsH9Zw4sTrHZxsfFUirQ m+RO63xp+UdOlQxSYoE4tvQ8AKjKzKvxGnzG/ufgM+M2/hIEZ+QaE+X9mjTKQvDE8kqC91J8sw= X-Received: by 2002:a05:6214:5402:b0:8a2:97cc:af82 with SMTP id 6a1803df08f44-8ac861c6671mr386115976d6.27.1776284387951; Wed, 15 Apr 2026 13:19:47 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:47 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 5/7] tpm2-pkcs11: fix build failure Date: Wed, 15 Apr 2026 16:19:25 -0400 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3713 From: Peter Marko Use patch submitted upstream to fix build error: | src/lib/tpm.c: In function ‘tpm_unseal’: | src/lib/tpm.c:1040:16: error: incompatible types when returning type ‘_Bool’ but ‘twist’ {aka ‘const char *’} was expected | 1040 | return false; | | ^~~~~ Signed-off-by: Peter Marko Signed-off-by: Scott Murray --- ...eturn-NULL-for-twist-on-auth-failure.patch | 28 +++++++++++++++++++ .../tpm2-pkcs11/tpm2-pkcs11_1.9.1.bb | 1 + 2 files changed, 29 insertions(+) create mode 100644 meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-src-lib-tpm-return-NULL-for-twist-on-auth-failure.patch diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-src-lib-tpm-return-NULL-for-twist-on-auth-failure.patch b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-src-lib-tpm-return-NULL-for-twist-on-auth-failure.patch new file mode 100644 index 0000000..2992b11 --- /dev/null +++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/files/0001-src-lib-tpm-return-NULL-for-twist-on-auth-failure.patch @@ -0,0 +1,28 @@ +From 0db779aecaae93633be963ffb8fdb097c85cc166 Mon Sep 17 00:00:00 2001 +From: Peter Marko +Date: Thu, 9 Apr 2026 00:00:00 +0000 +Subject: [PATCH] src/lib/tpm: return NULL for twist on auth failure + +`tpm_unseal` returns `twist` (a const char pointer alias). Returning +`false` in the error path is a type mismatch that fails with stricter +compiler settings. Return `NULL` instead. + +Upstream-Status: Submitted [https://github.com/tpm2-software/tpm2-pkcs11/pull/923] +Signed-off-by: Peter Marko +--- + src/lib/tpm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/tpm.c b/src/lib/tpm.c +index 5fff5d5..c51d984 100644 +--- a/src/lib/tpm.c ++++ b/src/lib/tpm.c +@@ -1037,7 +1037,7 @@ twist tpm_unseal(tpm_ctx *ctx, uint32_t handle, twist objauth) { + + bool result = set_esys_auth(ctx->esys_ctx, handle, objauth); + if (!result) { +- return false; ++ return NULL; + } + + TPM2B_SENSITIVE_DATA *unsealed_data = NULL; diff --git a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.1.bb b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.1.bb index 331dc4f..762b82f 100644 --- a/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.1.bb +++ b/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.9.1.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab" DEPENDS = "autoconf-archive pkgconfig sqlite3 openssl libtss2-dev tpm2-tools libyaml p11-kit python3-setuptools-native" SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN}-${PV}.tar.gz" +SRC_URI += "file://0001-src-lib-tpm-return-NULL-for-twist-on-auth-failure.patch" SRC_URI[sha256sum] = "ce24aa5ec2471545576e892b6f64fd873a424371bbf9be4ca3a0e689ea11c9b7" From patchwork Wed Apr 15 20:19:26 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86169 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 307E8F428E6 for ; Wed, 15 Apr 2026 20:19:52 +0000 (UTC) Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com [209.85.160.171]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.4578.1776284389927750561 for ; Wed, 15 Apr 2026 13:19:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=QCj6VIxI; spf=pass (domain: konsulko.com, ip: 209.85.160.171, mailfrom: scott.murray@konsulko.com) Received: by mail-qt1-f171.google.com with SMTP id d75a77b69052e-50b3488fb31so88997391cf.1 for ; Wed, 15 Apr 2026 13:19:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284389; x=1776889189; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Q5SFYSrjEPY51IgVCd8Dn7uKGYNSz1YWsQ5MkW70FFw=; b=QCj6VIxIJdU1P6kZkbcZw2fvXXlbwcJoVRBZoGp8r5KSbRZODd0v0yStRYb/7nvMJP Y6uNEvopxTuE3Gx2s2uVZWNlzdvAkd6CeWUD4JPLMZXl2HK1d/Acnz543o26gs83VdKw OwjG0tuOD+SewzLskmeFJDUOnNolp+UXAYAPw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284389; x=1776889189; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=Q5SFYSrjEPY51IgVCd8Dn7uKGYNSz1YWsQ5MkW70FFw=; b=PIvDADJqXF0OZMSXOqtnaa8bydPtopOKdZfZeqMitW10bWGDUcbRah04w13ingIGxq EeHVEUiy6+J74rebjbUPRqKunPZQ1fz9Rh/0mhlrXzazSb0POVQWTe2Tt1AUabzIhrrb RSVG46jcp8z7WSUa8sM7D+4+thzB7IsoKcBgtmX6IbIssA3/tO7m9V/8UjCMorIY2GSX KsDqcJ/3CtcBq4Rwi3JV+Am2R+sMxuogrrHYxv1uw2CVml2ZPTlPS3cMKU0iOigMHS8O 30DxVH55LCtDPSyg6xhrYe1B47ouK8wHStVjy1cE+k9GBreroJziPxtoV9sM+m34r8ro keag== X-Gm-Message-State: AOJu0YwIAHDI0MzWjjkmvXaJzH6awtkQHF99BjVrR+BWed0iiiQENoyV agkXWmJPwbdhojqN9bO0yrQJV2+b70EVmEB5AhfGkafckt0WvKkVQ27mPWhciQFg1c1AWIDI1hf aMMel X-Gm-Gg: AeBDieuor2TJZ1I/+hpA37u49k+ootv6KHQQdIJ5jC2p/3GpJMeLL4H4nNmfLa4o7Gu qtgv5gyU8bvk7BOfiBep5PfZwaJ3QHRkHnBZYTVqGDfOKwLfk+dmJ6SK940oeCGi3deSseoQt28 awoYIdaIH9BoZU9cge/eZ4+Tye21uSLeHY90tZqWAZ19gwETWuX8YekaPolYCaNDW9IwxfWOMur 9ajAI6m703sFaMMVToC4AW9ek28tXgagfLGLsHXUaHdrKz0uIBeHRovEzuMp5zc9wCPaT923Wi5 NgccvhueCM2iiu3NA9aYVl3N+/+s62BRxHBpIcd9WF3FBQRfFDKP1jWqCx/C2mgL9T3wXeVSGPn kmwzOKayx/wBxhf9XwsBdGR72C5TgQw5fg15s9TKbMA5hUBHC9QVJTWNTgp818UWqbYNWw0ocDD h0FTV0FHcYVgbuVWzra6qaSaLWnjN2zKGb/ZQlgu0LIQtYW3lsQEjHiJzPOHRHfLqCJ+D0/SIVm 9NjeEU/a218485YCkCQM1wIr89z2x2fY09Ylp8r+ATuFtkKV+hCvRm7wlAaMgQS X-Received: by 2002:a05:622a:190e:b0:50b:6d63:6a2b with SMTP id d75a77b69052e-50e24abddb2mr16783341cf.2.1776284388599; Wed, 15 Apr 2026 13:19:48 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:48 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 6/7] meta-security: fix incorrect HOMEPAGE variable names Date: Wed, 15 Apr 2026 16:19:26 -0400 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:52 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3714 From: Zhang Peng Several recipes used non-standard variable names for the homepage URL (HOME_PAGE, HOME_URL, HOMEDIR) which are not recognized by bitbake. Rename them all to the correct HOMEPAGE variable. Affected recipes: - glome: HOME_PAGE -> HOMEPAGE - google-authenticator-libpam: HOME_PAGE -> HOMEPAGE - arpwatch: HOME_PAGE -> HOMEPAGE - openscap: HOME_URL -> HOMEPAGE - scap-security-guide: HOME_URL -> HOMEPAGE - lynis: HOMEDIR -> HOMEPAGE Signed-off-by: Zhang Peng Signed-off-by: Scott Murray --- recipes-compliance/lynis/lynis_3.1.6.bb | 2 +- recipes-compliance/openscap/openscap_1.4.3.bb | 2 +- .../scap-security-guide/scap-security-guide_0.1.80.bb | 2 +- recipes-scanners/arpwatch/arpwatch_3.3.bb | 2 +- recipes-security/glome/glome_git.bb | 2 +- .../google-authenticator-libpam_1.09.bb | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/recipes-compliance/lynis/lynis_3.1.6.bb b/recipes-compliance/lynis/lynis_3.1.6.bb index 722072f..0b81ea9 100644 --- a/recipes-compliance/lynis/lynis_3.1.6.bb +++ b/recipes-compliance/lynis/lynis_3.1.6.bb @@ -2,7 +2,7 @@ # Released under the MIT license (see COPYING.MIT for the terms) SUMMARY = "Lynis is a free and open source security and auditing tool." -HOMEDIR = "https://cisofy.com/lynis/" +HOMEPAGE = "https://cisofy.com/lynis/" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=3edd6782854304fd11da4975ab9799c1" diff --git a/recipes-compliance/openscap/openscap_1.4.3.bb b/recipes-compliance/openscap/openscap_1.4.3.bb index e1cb295..1b6d9af 100644 --- a/recipes-compliance/openscap/openscap_1.4.3.bb +++ b/recipes-compliance/openscap/openscap_1.4.3.bb @@ -2,7 +2,7 @@ # Released under the MIT license (see COPYING.MIT for the terms) SUMMARY = "NIST Certified SCAP 1.2 toolkit" -HOME_URL = "https://www.open-scap.org/tools/openscap-base/" +HOMEPAGE = "https://www.open-scap.org/tools/openscap-base/" LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" LICENSE = "LGPL-2.1-only" diff --git a/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb b/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb index ab495db..3777e36 100644 --- a/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb +++ b/recipes-compliance/scap-security-guide/scap-security-guide_0.1.80.bb @@ -2,7 +2,7 @@ # Released under the MIT license (see COPYING.MIT for the terms) SUMARRY = "SCAP content for various platforms, upstream version" -HOME_URL = "https://www.open-scap.org/security-policies/scap-security-guide/" +HOMEPAGE = "https://www.open-scap.org/security-policies/scap-security-guide/" LIC_FILES_CHKSUM = "file://LICENSE;md5=9bfa86579213cb4c6adaffface6b2820" LICENSE = "BSD-3-Clause" diff --git a/recipes-scanners/arpwatch/arpwatch_3.3.bb b/recipes-scanners/arpwatch/arpwatch_3.3.bb index 84f93da..3ab5993 100644 --- a/recipes-scanners/arpwatch/arpwatch_3.3.bb +++ b/recipes-scanners/arpwatch/arpwatch_3.3.bb @@ -1,6 +1,6 @@ SUMARRY = "The ethernet monitor program; for keeping track of ethernet/ip address pairings" LICENSE = "BSD-4-Clause" -HOME_PAGE = "http://ee.lbl.gov/" +HOMEPAGE = "http://ee.lbl.gov/" LIC_FILES_CHKSUM = "file://configure;md5=0f6cca2f69f384a14e2f5803210ca92e" DEPENDS += "libpcap" diff --git a/recipes-security/glome/glome_git.bb b/recipes-security/glome/glome_git.bb index 5a0300f..68f2132 100644 --- a/recipes-security/glome/glome_git.bb +++ b/recipes-security/glome/glome_git.bb @@ -1,5 +1,5 @@ SUMMARY = "GLOME Login Client" -HOME_PAGE = "https://github.com/google/glome" +HOMEPAGE = "https://github.com/google/glome" DESCRIPTION = "GLOME is used to authorize serial console access to Linux machines" PV = "0.1+git${SRCPV}" diff --git a/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.09.bb b/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.09.bb index 60f2c9e..333caab 100644 --- a/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.09.bb +++ b/recipes-security/google-authenticator-libpam/google-authenticator-libpam_1.09.bb @@ -1,5 +1,5 @@ SUMMARY = "Google Authenticator PAM module" -HOME_PAGE = "https://github.com/google/google-authenticator-libpam" +HOMEPAGE = "https://github.com/google/google-authenticator-libpam" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" LICENSE = "Apache-2.0" From patchwork Wed Apr 15 20:19:27 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Scott Murray X-Patchwork-Id: 86166 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D2D3AF428DA for ; Wed, 15 Apr 2026 20:19:51 +0000 (UTC) Received: from mail-qt1-f173.google.com (mail-qt1-f173.google.com [209.85.160.173]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.4553.1776284390705975404 for ; Wed, 15 Apr 2026 13:19:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@konsulko.com header.s=google header.b=eH47dIUv; spf=pass (domain: konsulko.com, ip: 209.85.160.173, mailfrom: scott.murray@konsulko.com) Received: by mail-qt1-f173.google.com with SMTP id d75a77b69052e-50da9a7928cso59193951cf.3 for ; Wed, 15 Apr 2026 13:19:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=konsulko.com; s=google; t=1776284389; x=1776889189; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=n42Pm9HXSilayI0BBx+UdA1zswjNZVrjfKavR/wDRm8=; b=eH47dIUvgOS9Sfhs2cDRq1VxjukcEprDlMW74ebIBeWxtbZxHmOIWuxdbiefdRHCoS uvkONwwXD9SRv6USbjjBhN908G2+5/GXVJ0wzwXAeNEO/JLzykEmHmCaWsvAxrAXFIK1 nk2/ehV6uNQmEWnZsKScC8x3tyzl5JNbqrTY0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776284389; x=1776889189; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=n42Pm9HXSilayI0BBx+UdA1zswjNZVrjfKavR/wDRm8=; b=N81AH7cTiBZqxKU0DfkyGn1UjRZaFIdhupRGjVKrXMe9Z2vT0ZRiTeRrymw0WVbfEr 7RTHE1oK+uyydPVxsqjjYxjbnJnZkF/yFpmKQYJNQP6eKESGUoCGidjaXBISVr+rbuCI zj6+wEi0j+Y8dCBXB8xBB9i1Tv9O1HsovAftA21in8HBzRPurnTOf5E7QPNdjdvd/nB0 +tC7e5ZXCWYYLV4SPvuVYLrzxZ5vdnHNW6PAdo2vECNk5uZL7H8DFEXrgNB3SzzD3dLH 4Hckp+boTQxhDUqLzPp8OmiIfjV5irimPCIor2SJ0+2XQOPAfbC46KkAbBC4dbWoxnYv zieQ== X-Gm-Message-State: AOJu0Yxuh90iJo7ytBYRPZvWX16Bef52jK2loalHfzuMhMkNx2Ce6ySv pwPsKe9MZXbB3c16E3BgEk3X9yKy7dumqMfSn0eu2EkR1VGYJ5amehycWKbzmHukWcwtoxLim5r /jcHo X-Gm-Gg: AeBDietF3ZoVoGBTsBWIm8bboW5Xi+K0I3GLjEYQGCqHiHVUtjVoxpAjx1KKWeuFEMh Lty5SZ9SksHc6G11ItIGT1oobq2CtEtIQzVBMeA0pC+wfpyIinDoOzID/hE1nBas7jCFkXss5c5 O6dR+e6k62OTlZGb0uuJ/+BeuhYgyDRrY5bgh+jqGYyLeL9ABGfv0tw0i3AiBOvfm8//aY06790 2pp9iqJ9bVYk/dEYxjacL8bFKddWx2MCqevobDIJpNc1S1Vr0XT7po5choYyPvI/8UyE+q/Iz7J lAx903eK16f9r02damCQID6iQKhUN3tH2UnbVk8x2VaYj/C256+N361sDaXeoQJK05jrIuWZ9QF jFMYtmUHKlkHiJT323bpJ5RI7b7IBA2m4+agH9YCJOdunNIrcf4Ikyqdx0cH8ZoWGq//BYJHh12 vN81dW0lo/TS43cgdUM+qaBDQkNl5X1NRlA/HArRVjztAkkXykCsRqBnItWgZYtG8xeWTfCBQXG SHbcY8vqsGa3uK7gRBldKL3L1zVtijoWMhQgqcjorcSQNb2o+YvFf2rtObcY3Bm9uqjLF0d8Zs= X-Received: by 2002:ac8:5f47:0:b0:509:1766:2f4f with SMTP id d75a77b69052e-50dd5c1c7a5mr343436371cf.54.1776284389470; Wed, 15 Apr 2026 13:19:49 -0700 (PDT) Received: from ghidorah.spiteful.org (107-179-213-3.cpe.teksavvy.com. [107.179.213.3]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8ae6ceb80f6sm18569376d6.46.2026.04.15.13.19.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 13:19:48 -0700 (PDT) From: Scott Murray To: yocto-patches@lists.yoctoproject.org Subject: [meta-security][PATCH 7/7] isic: fix RDEPNEDS typo Date: Wed, 15 Apr 2026 16:19:27 -0400 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 15 Apr 2026 20:19:51 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3715 From: Haiqing Bai Fix typo: RDEPNEDS -> RDEPENDS Signed-off-by: Haiqing Bai (fixed RDEPENDS:${PN}) Signed-off-by: Scott Murray --- recipes-security/isic/isic_0.07.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-security/isic/isic_0.07.bb b/recipes-security/isic/isic_0.07.bb index 8e0f5ce..9ebb669 100644 --- a/recipes-security/isic/isic_0.07.bb +++ b/recipes-security/isic/isic_0.07.bb @@ -31,4 +31,4 @@ do_configure () { oe_runconf } -RDEPNEDS += "libnet" +RDEPENDS:${PN} += "libnet"