| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Infinite loop in the dns_packet_read_type_window() function
Upstream patch:
https://github.com/systemd/systemd/commit/8aeadf3052a2130b88d5bccf5439890e1034f28d
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
| |
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
| |
Neither rsync not systemtap are debug tools, so they have no place in
this packagegroup.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
This patch has already been applied in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
| |
These have been fixed already in upstream poky/pyro.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
refuse to load units with errors
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
(From OE-Core rev: a6eaef0f179a341c0b96bb30aaec2d80862a11d6)
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082
Backport from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=b7e7b5e294f944c27fb1d2be61c0cf38f6c81ba8
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds read in htmlParseTryOrFinish
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872
Backported from:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=d2b60efe20f4d9dce03f8f351715b103a85b7338
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds write in systemd-resolved due to allocating too
small buffer in dns_packet_new
References:
https://bugzilla.redhat.com/attachment.cgi?id=1290017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes memory leak in sunrpc when decoding malformed XDR
References:
https://security-tracker.debian.org/tracker/CVE-2017-8804
Upstream patch:
https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DNS stub resolver in the glibc or libc6 before version 2.26,
when EDNS support is enabled, will solicit large UDP responses
from name servers, potentially simplifying off-path DNS
spoofing attacks due to IP fragmentation.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-12132
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
glibc contains a vulnerability that allows specially crafted
LD_LIBRARY_PATH values to manipulate the heap/stack, causing
them to alias, potentially resulting in arbitrary code execution.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-1000366
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A remote code execution vulnerability in libxml2 could enable an attacker
using a specially crafted file to execute arbitrary code within the context
of an unprivileged process. This issue is rated as High due to the
possibility of remote code execution in an application that uses this library.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-0663
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
References:
CVE-2017-9049: Heap-based buffer over-read in function xmlDictComputeFastKey
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
CVE-2017-9050: Heap-based buffer over-read in function xmlDictAddString
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
References:
CVE-2017-9047: Buffer overflow in function xmlSnprintfElementContent
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
CVE-2017-9048: Stack-based buffer overflow in function
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a NULL pointer dereference in libxml2, when using
xmllint --recover. A maliciously crafted file, when parsed
in recovery mode, could cause the application to crash.
Reference
https://bugzilla.gnome.org/show_bug.cgi?id=778519
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
Added new recipe for the bitcalc tool. Removed list2mask recipe and updated
the partrt and the count-ticks recipes.
Signed-off-by: Dragos Motrea <Dragos.Motrea@enea.com>
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
from recipe
rpm-build and rpm-common packages does not exist anymore after
the replacement of the smart package manager with the DNF, so the
nativesdk-packagegroup-sdk-host recipe should be updated.
Signed-off-by: Dragos Motrea <Dragos.Motrea@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
| |
Not all architectures/targets use u-boot, so we shouldn't force mkimage
in every SDK.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
| |
poky/LICENSE has changed and the md5 throws a warning
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
packagegroup-enea-ptest has been removed because it is obsolete and
world image cannot be created due to unmet dependencies.
The new way of running ptests is through the new package defined in
one of the internal layers (meta-enea-test).
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
This packagegroup creates a dependency on an internal layer which
generates build errors when building without that layer. Aside that,
it is not of much use since testing is done by installing required
packages at runtime. Hence, this package is removed.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Mihaela Martinas <Mihaela.Martinas@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
packagegroup-enea-sys has been removed since it is no longer needed, all
its packages can be installed at runtime through smart package manager.
Aside that, some of its RRECOMMENDS packages can only be found within an
internal layer, which creates build errors when that layer is not
included.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Mihaela Martinas <Mihaela.Martinas@enea.com>
|
|
|
|
|
| |
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
| |
packagroup-enea-core-boot was a legacy from older releases, all of its
useful content can be found in packagegroup-core-boot from poky
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of packagegroup-enea-debug content can be found within
packagegroup-core-tools-debug which is provided through tools-debug
image feature.
rsync and systemtap are provided through a bbappend; kexec-tools is
provided through tools-testapps image feature.
Other variables such as PACKAGES, PACKAGE_ARCH, ALLOW_EMPTY are already
provided through inherited packagegroup.bbclass, hence enea-debug
packagegroup is deleted.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Test formerly executed by systest are defined as separate packages,
ltptest-runner and posix-runner. Updated packagegroup's definition
accordingly.
Original commit: 9ee9a4896c9ce973e0e3d8f99978e23dcd0fa166
on meta-enea/dizzy-enea.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Removing fm-ucode (licensed under Freescale EULA) since
meta-enea-base should be free from proprietary code.
Original commit on meta-enea/dizzy-enea:
63136bcdc1dd97f99b5e6a8dc2bd04ed6f5e48d0
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
|
|
|
|
| |
This change is not applicable to our distro and can
therefore be removed. There is no need to give all execution
right on shutdown.
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Renaming the recipe in order for the configurations added to
the poky version to apply to all versions of busybox.
* The 3 first configurations are necessary to install the
tools 'taskset' and 'chrt' to simpify core-partitioning.
* The following 14 configurations enables httpd and adds the
-m parameter to busybox's 'tar'-command.
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-3532 is fixed in dbus [1] and exists in dbus
version 1.8.20 which poky master is using.
[1] http://cgit.freedesktop.org/dbus/dbus/commit/?id=9ca90648fc870c24d852ce6d7ce9387a9fc9a94a
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
The patch files were upstreamed and are available in poky
since commit 6f837cc142ccad39856cb846a205a2999658b16e.
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
| |
Internal tests handled in meta-enea-test.
Signed-off-by: George Nita <george.nita@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service in file descriptor passing feature
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532
https://bugs.freedesktop.org/show_bug.cgi?id=80163
http://openwall.com/lists/oss-security/2014/07/02/4
Upstream commit:
http://cgit.freedesktop.org/dbus/dbus/commit/?id=
9ca90648fc870c24d852ce6d7ce9387a9fc9a94a
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
perf-networking was for network performance tests which are
not run anymore. Moreover, it depends on netperf which has
a non-commenrcial license.
It's a port of meta-enea 29415d496decf2df2a68427d2ec6c1b698271702
change.
Signed-off-by: George Nita <george.nita@enea.com>
|
|
|
|
|
| |
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
result of splitting up meta-enea
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|