summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fixed checksum information in RT packagegroupwarriorDaniel BORNAZ2019-10-041-3/+1
| | | | | | | packagegroup-enea-rt contained licensing information generating build errors. Change-Id: Idddddf9e61033c4a885d405da944cf487a36ed79
* libxslt: remove patch for CVE-2015-9019Adrian Stratulat2019-09-052-60/+0
| | | | | | | | | | | | CVE-2015-9019 affects libxslt 1.1.29, while the 'warrior' branch uses libxslt 1.1.33. This patch is not applicable anymore. References: https://nvd.nist.gov/vuln/detail/CVE-2015-9019 https://git.enea.com/cgit/linux/poky.git/tree/meta/recipes-support/libxslt?h=warrior Change-Id: I0ec21f4f3f574d06a6cf00eca9f1a221028c175b Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
* glibc: remove patch for CVE-2018-11237Adrian Stratulat2019-09-052-80/+0
| | | | | | | | | | | CVE-2018-11237 affects glibc 2.27, while the 'warrior' branch uses glibc 2.29. This patch is not applicable anymore. References: https://nvd.nist.gov/vuln/detail/CVE-2018-11237 https://git.enea.com/cgit/linux/poky.git/tree/meta/recipes-core/glibc?h=warrior Change-Id: I2b01931064a7828264de1a72c1044109e9030e87
* distro/enea.conf: update release version numberAdrian Stratulat2019-09-051-1/+1
| | | | | Change-Id: I2540a2a81a2eacd872d2a44e4d1e00dba6cb1a1d Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
* libpcre: remove workaround for CVE-2017-11164Adrian Stratulat2019-09-055-362/+0
| | | | | | | | | | | | CVE-2017-11164 affects libpcre 8.41, while the 'warrior' branch uses libpcre 8.43. This patch is not applicable anymore. References: https://nvd.nist.gov/vuln/detail/CVE-2017-11164 https://git.enea.com/cgit/linux/poky.git/tree/meta/recipes-support/libpcre Change-Id: I820e23de5d21648c8c5d0ddef4ad16030a592c80 Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
* distro/enea.conf: update preferred kernel versionsAdrian Stratulat2019-09-051-8/+7
| | | | | Change-Id: I08f23aeccc6e4751eba76caf2a0262e8962c6e8d Signed-off-by: Adrian Stratulat <adrian.stratulat@enea.com>
* python: Remove CVE patchesAdrian Mangeac2019-08-092-154/+0
| | | | | | | | | The following patches were fixed in upstream: CVE-2018-1060 CVE-2018-1061 Change-Id: I063270d94aa1214ded8c51842cfada3410bbe70c Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
* Remove patches fixed in upstreamAdrian Mangeac2019-07-314-98/+0
| | | | | | | | CVE-2016-6252 CVE-2018-13785 Change-Id: I4d016e267929d7df020ee86366a76b5723908705 Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
* Update layer compatibility to warriorAdrian Mangeac2019-07-301-1/+1
| | | | | Change-Id: I9610bc687508bc7b735be9789ae1bdf0286be785 Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
* glibc_2.27: Fix for CVE-2018-11237sumoAdrian Mangeac2018-09-272-0/+80
| | | | | | | | Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-11237 Change-Id: I703ff10f4c95d85eb183ee791d7be2a450353616 Signed-off-by: Adrian Mangeac <Adrian.Mangeac@enea.com>
* libpng: fix for CVE-2018-13785Sona Sarmadi2018-09-172-0/+45
| | | | | | | ref: https://nvd.nist.gov/vuln/detail/CVE-2018-13785 Change-Id: I1e4f17816bca50dd405ac7ee7c16d8d9aa7e0b21 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* libpcre: 8.41 -> 8.42Sona Sarmadi2018-09-175-0/+362
| | | | | | | | | | The update fixes CVE-2017-11164. Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-11164 Backport from upstream master branch. Change-Id: I18acd817fa4385974749996685a5aeeb7506d474 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* python: fix for CVE-2018-1060 & CVE-2018-1061Sona Sarmadi2018-09-142-0/+154
| | | | | | | | | | | | References: https://bugs.python.org/issue32981 https://nvd.nist.gov/vuln/detail/CVE-2018-1060 https://nvd.nist.gov/vuln/detail/CVE-2018-1061 Patch is taken from https://github.com/python/cpython/tree/2.7 Change-Id: I3c561499076480c344fe7d34d2edea84615ac9fa Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* Merge "distro/enea.conf: Set kernel preferred version to 4.14" into sumoSona Sarmadi2018-09-051-7/+8
|\
| * distro/enea.conf: Set kernel preferred version to 4.14Adrian Dudau2018-08-221-7/+8
| | | | | | | | | | Change-Id: I02b7a0dcb2b60523ba2c489d741868b6edb9d0fd Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* | partrt: add coreutils dependencyMartin Borg2018-08-231-1/+1
|/ | | | | | | partrt needs 'nproc --all' which is not available in busybox nproc Change-Id: Id0a63d70033364b427f3c1e87e2be9d49fb507e5 Signed-off-by: Martin Borg <martin.borg@enea.com>
* bitcalc: fix GCC7 implicit fallthrough warningsMartin Borg2018-07-112-0/+31
| | | | Signed-off-by: Martin Borg <martin.borg@enea.com>
* Update distro name for EL8Sona Sarmadi2018-07-111-1/+1
| | | | | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* layer.conf: add LAYERSERIES_COMPATMartin Borg2018-07-101-0/+2
| | | | Signed-off-by: Martin Borg <martin.borg@enea.com>
* This is fixed in the upstream sumo branchSona Sarmadi2018-07-052-49/+0
| | | | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
* Revert "Revert "enea distro: increase wget timeout""Adrian Dudau2018-06-191-0/+3
| | | | | | | | | | | This reverts commit 3f946c2e7ecd26f401b2c7de6d0937bc22872c19. Revert the revert. The timeout on fetching openjdk is back, but this time it seems to be a true timeout, and should be fixed by increasing the wget -T param. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* distro/enea.conf: Update maintainer address and drop CONNECTIVITY_CHECKAdrian Dudau2018-05-031-4/+1
| | | | | | | CONNECTIVITY_CHECK URIs are not very useful to our distro. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* curl: Drop CVE patchesMartin Borg2018-05-035-292/+0
| | | | | | | curl was upgraded to 7.58.0 on upstream poky rocko branch and this version already contains all our CVE patches. Signed-off-by: Martin Borg <martin.borg@enea.com>
* Revert "openssl: update 1.0.2n -> 1.0.2o"Martin Borg2018-05-0337-7315/+0
| | | | | | openssl was upgraded to 1.0.2o on poky rocko branch. This reverts commit 833374e8e7eb5b9e53117d4c2f966094b7017ecc.
* openssl: update 1.0.2n -> 1.0.2oSona Sarmadi2018-04-2537-0/+7315
| | | | | | | | OpenSSL security advisory: https://www.openssl.org/news/secadv/20180327.txt Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* harfbuzz: fix error when cve-check-tool is enabledSona Sarmadi2018-04-031-0/+4
| | | | | | | | | | When cve-check-tool is enabled, harfbuzz intermittently fails to build: ERROR: harfbuzz-1.4.8-r0 do_configure: autoreconf execution failed. This patch could solve this issue according to the mail conversation below: https://www.mail-archive.com/yocto@yoctoproject.org/msg36472.html Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* systemd: fix for CVE-2017-15908Sona Sarmadi2018-03-132-0/+49
| | | | | | | | | | Infinite loop in the dns_packet_read_type_window() function Upstream patch: https://github.com/systemd/systemd/commit/8aeadf3052a2130b88d5bccf5439890e1034f28d Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* curl: fix for CVE-2018-1000005Sona Sarmadi2018-03-132-0/+42
| | | | | | | | | | | | | Out-of-bounds read in code handling HTTP/2 trailers References: https://curl.haxx.se/docs/adv_2018-824a.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005 Affects libcurl 7.49.0 to and including 7.57.0 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* Update README for rocko branchMartin Borg2018-03-121-1/+1
| | | | | Signed-off-by: Martin Borg <martin.borg@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* curl: fixed build errorSona Sarmadi2018-03-021-9/+10
| | | | | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* curl: Drop CVE patchesMartin Borg2018-03-015-712/+1
| | | | | | The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com>
* freetype/libarchive/gnutls: Drop CVE patchesMartin Borg2018-03-017-220/+0
| | | | | | The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com>
* qemu: Drop CVE patchesMartin Borg2018-03-017-362/+0
| | | | | | The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com>
* openssl: Drop CVE patchesMartin Borg2018-02-283-97/+0
| | | | | | The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com>
* Drop CVE patches that have been fixed in upstream poky/rockoMartin Borg2018-02-2822-2475/+0
| | | | Signed-off-by: Martin Borg <martin.borg@enea.com>
* kern-tools-native: remove bbappendMartin Borg2018-02-262-88/+0
| | | | | | The patch is already included by upstream rocko branch. Signed-off-by: Martin Borg <martin.borg@enea.com>
* systemtap: Add dependency on systemtap-nativeAdrian Dudau2018-01-251-0/+2
| | | | | | | This allows running systemtap remotely using the crosstap script. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* enea-image-extra: Add dev and dbg packages to the SDKAdrian Dudau2018-01-231-0/+6
| | | | | Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* packagegroup-core-tools-debug: Drop bbappendAdrian Dudau2018-01-221-1/+0
| | | | | | | | Neither rsync not systemtap are debug tools, so they have no place in this packagegroup. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* enea-image-extra: Add kernel-vmlinuxAdrian Dudau2018-01-191-1/+1
| | | | | | | | This installs the kernel vmlinux image under /boot in both the rootfs and SDK. This is used for kernel debugging and profiling. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* Update contents of enea-image-extraAdrian Dudau2018-01-151-35/+2
| | | | | | | | This will in turn update the contents of enea-image-standard-sdk from the Standard profile. Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Martin Borg <martin.borg@enea.com>
* DPKG: Fix and test case for CVE-2017-8283Sona Sarmadi2017-12-143-0/+279
| | | | | | | | | | | Directory Traversal Vulnerability References: https://nvd.nist.gov/vuln/detail/CVE-2017-8283 http://www.securityfocus.com/bid/98064/info Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* openssl: Fix for CVE-2017-3737Sona Sarmadi2017-12-142-0/+50
| | | | | | | | | | | Read/write after SSL object in error state References: https://www.openssl.org/news/secadv/20171207.txt https://nvd.nist.gov/vuln/detail/CVE-2017-3737 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* openssl: Fix for CVE-2017-3735Sona Sarmadi2017-12-142-0/+47
| | | | | | | | | | | openssl: Malformed X.509 IPAdressFamily could cause OOB read References: https://www.openssl.org/news/secadv/20170828.txt https://nvd.nist.gov/vuln/detail/CVE-2017-3735 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* run-postinsts: don't call update-rc.d if systemd is presentGabriel Ionescu2017-12-061-4/+11
| | | | | | | | This patch removes the call to update-rc.d in order to fix the console login issue for the Cavium board. Signed-off-by: Gabriel Ionescu <gabriel.ionescu@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* curl: security fix for CVE-2017-8817Sona Sarmadi2017-12-062-0/+135
| | | | | | | | | | | FTP wildcard out of bounds read References: https://curl.haxx.se/docs/adv_2017-ae72.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* curl: security fix for CVE-2017-8816Sona Sarmadi2017-12-062-0/+70
| | | | | | | | | | | NTLM buffer overflow via integer overflow References: https://curl.haxx.se/docs/adv_2017-12e7.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* curl: Security fix for CVE-2017-1000257Sona Sarmadi2017-12-062-0/+40
| | | | | | | | | | | IMAP FETCH response out of bounds read References: https://curl.haxx.se/docs/adv_20171023.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* curl: Security fix for CVE-2017-1000254Sona Sarmadi2017-12-062-0/+140
| | | | | | | | | | | FTP PWD response parser out of bounds read References: https://curl.haxx.se/docs/adv_20171004.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
* spp: only return files that match KMACHINE and KTYPEMartin Borg2017-12-042-0/+88
| | | | | | | | | | | | | | | | | The search utility of spp was incorrect and was returning files that matched only a defined ktype. This leads to the system potentially building the wrong BSP, and not being able to report an error. We fix the search to only return files that match both ktype and kmachine, as well as return 0/1 for success/fail in the search. Patch backported from yocto-kernel-tools master branch: http://git.yoctoproject.org/cgit/cgit.cgi/yocto-kernel-tools/commit/?id=0571411cc033c11df7827508dd786876ce2f8c83 Signed-off-by: Martin Borg <martin.borg@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-05 15:52:59 +0000