| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
hardcode sw version for some recipes
Change-Id: I396fcf119baa604b52e11037c707d6f9fe7fb507
Signed-off-by: Catalin Iova <Catalin.Iova@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- CONFIG_CHRT=y
* rootfs: chrt is provided by util-linux;
* installer: not used;
- CONFIG_HTTPD et al.
* rootfs: httpd is provided by apache2;
* installer: not used, web-server embedded in web-installer;
- CONFIG_TASKSET et al.
* rootfs: taskset is provided by util-linux;
* installer: not used;
- CONFIG_FEATURE_TAR_NOPRESERVE_TIME=y
* already upstream in hardknott;
The size impact is very small (<2% for the busybox package), but it
gets our busybox .config closer to upstream defconfig, all the
configuration differences now being handled in one place in
meta-enea-virtualization.
Change-Id: I0effffdb43c122c996de247f7fb5158de104ed23
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|\
| |
| |
| | |
Change-Id: I78b76278d9cccbd211419b1045e39a2d13b3b744
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Include upstream fix [1]: partrt: Fix move cpumask comparison.
[1] https://github.com/OpenEneaLinux/rt-tools/commit/b46c7232
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: I9025fcd4cef288efcf1daa8c7f824fa56dc11d32
|
| |\
| |/
|/|
| | |
Change-Id: Ia56972d927244728b2adad39a788cdbe8f796886
|
| |
| |
| |
| |
| | |
Change-Id: I0ddd01804a9a654f54413ade6ecc47e79c30ee3a
Signed-off-by: Matei Valeanu <Matei.Valeanu@enea.com>
|
| |
| |
| |
| |
| | |
Change-Id: I83bf43dd14798452a9312d4e1edce7d03972cdbb
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- bump all 3 recipes to the latest upstream commit to include
python3 compatibility changes in partrt;
- partrt: add missing 'bitcalc' RDEPENDS;
- minor cleanup;
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: I1c4874eb8a2a02d0443f0ba873ce5df2e95d5a8f
|
| |
| |
| |
| |
| | |
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Change-Id: Ibc1f11b1c020dacfacda16eaca385519db6de814
|
|/
|
|
|
|
|
|
| |
This is an initial commit, containing quick fixes and hacks to allow
building the images. All these issues will be re-evaluated and fixed
properly in their own commits.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
| |
This would add too much overhead when switching branches.
Change-Id: I553cc7f19027a5de7ada9d631c2e3d77c7068cb9
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
Set DISTRO_VERSION_MAJOR to a weaker default assignment, so that
it can be easily overriden from local.conf
Change-Id: Ibe02347a75197d67f6f0e77b1d04a812bfab3383
Signed-off-by: Matei Valeanu <Matei.Valeanu@enea.com>
|
|
|
|
|
| |
Change-Id: Ie8f8946971855b4270a090d8419775a61b72a16d
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
| |
Change-Id: Id3739b2572460e178c1b8b30d935798788c63ab4
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 3f946c2e7ecd26f401b2c7de6d0937bc22872c19.
Revert the revert. The timeout on fetching openjdk is back, but this
time it seems to be a true timeout, and should be fixed by increasing
the wget -T param.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
| |
CONNECTIVITY_CHECK URIs are not very useful to our distro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
| |
curl was upgraded to 7.58.0 on upstream poky rocko branch
and this version already contains all our CVE patches.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
openssl was upgraded to 1.0.2o on poky rocko branch.
This reverts commit 833374e8e7eb5b9e53117d4c2f966094b7017ecc.
|
|
|
|
|
|
|
|
| |
OpenSSL security advisory:
https://www.openssl.org/news/secadv/20180327.txt
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
When cve-check-tool is enabled, harfbuzz intermittently fails to build:
ERROR: harfbuzz-1.4.8-r0 do_configure: autoreconf execution failed.
This patch could solve this issue according to the mail conversation below:
https://www.mail-archive.com/yocto@yoctoproject.org/msg36472.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Infinite loop in the dns_packet_read_type_window() function
Upstream patch:
https://github.com/systemd/systemd/commit/8aeadf3052a2130b88d5bccf5439890e1034f28d
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds read in code handling HTTP/2 trailers
References:
https://curl.haxx.se/docs/adv_2018-824a.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005
Affects libcurl 7.49.0 to and including 7.57.0
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
| |
Signed-off-by: Martin Borg <martin.borg@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
| |
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The CVEs have been fixed in upstream poky/rocko.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The CVEs have been fixed in upstream poky/rocko.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The CVEs have been fixed in upstream poky/rocko.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The CVEs have been fixed in upstream poky/rocko.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
| |
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The patch is already included by upstream rocko branch.
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
| |
This allows running systemtap remotely using the crosstap script.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
| |
Neither rsync not systemtap are debug tools, so they have no place in
this packagegroup.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
| |
This installs the kernel vmlinux image under /boot in both the rootfs
and SDK. This is used for kernel debugging and profiling.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
| |
This will in turn update the contents of enea-image-standard-sdk from
the Standard profile.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Directory Traversal Vulnerability
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-8283
http://www.securityfocus.com/bid/98064/info
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Read/write after SSL object in error state
References:
https://www.openssl.org/news/secadv/20171207.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3737
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
openssl: Malformed X.509 IPAdressFamily could cause OOB read
References:
https://www.openssl.org/news/secadv/20170828.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3735
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
This patch removes the call to update-rc.d in order to fix the console login
issue for the Cavium board.
Signed-off-by: Gabriel Ionescu <gabriel.ionescu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
FTP wildcard out of bounds read
References:
https://curl.haxx.se/docs/adv_2017-ae72.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
NTLM buffer overflow via integer overflow
References:
https://curl.haxx.se/docs/adv_2017-12e7.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8816
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
IMAP FETCH response out of bounds read
References:
https://curl.haxx.se/docs/adv_20171023.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000257
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
FTP PWD response parser out of bounds read
References:
https://curl.haxx.se/docs/adv_20171004.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The search utility of spp was incorrect and was returning files
that matched only a defined ktype.
This leads to the system potentially building the wrong BSP, and
not being able to report an error.
We fix the search to only return files that match both ktype and
kmachine, as well as return 0/1 for success/fail in the search.
Patch backported from yocto-kernel-tools master branch:
http://git.yoctoproject.org/cgit/cgit.cgi/yocto-kernel-tools/commit/?id=0571411cc033c11df7827508dd786876ce2f8c83
Signed-off-by: Martin Borg <martin.borg@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
| |
Signed-off-by: Martin Borg <martin.borg@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
| |
This reverts commit d74d2d2928ef9d5cffab2c9c19b4b6d50532962c.
This is the distro name and version used for the upcoming EL7 release.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
The patch is already applied in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
| |
This patch has already been applied in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
| |
These CVEs have been fixed in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|