summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* bitbake: fetch2: Change git fetcher not to destroy old referencespyroRichard Purdie2020-09-081-1/+1
| | | | | | | | | | | | | | | | It looks like we're about to see a lot of changes in branch names in repos. If we have the prune option here, those old names are lost, the changes propagate to our source mirrors and our old releases break. We have the force option so any replaced references should be replaced, its only orphaned branches which will now be preserved. I believe this behaviour will cause us fewer problems given the changes that look likely to happen. (Bitbake rev: 08aafc53ba911337d2d3558654b06f294ae634e2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake-user-manual: Added "usehead" parameter.Yong, Jonathan2018-12-101-0/+8
| | | | | | | (Bitbake rev: 0d436ff788f019c366cd4e66097fce928b6ff6c5) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests/fetch: Update gnome.org urls after upstream changesRichard Purdie2018-08-291-2/+2
| | | | | | (Bitbake rev: 98b8ea103390d5bc3583efb2e72dbac6529822a5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Updated the release date to July 2018.Scott Rifenbark2018-08-151-1/+1
| | | | | | | | | Variable updated. (From yocto-docs rev: 67f09425798f1172da9d99aeefb9ed5b7cfc7cbe) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2/__init__: Disable pseudo in runfetchcmd()Peter Kjellerstedt2018-07-021-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a fetcher, e.g., git, is run when pseudo is active it will think it is running as root. If it in turn uses ssh (as git does), ssh too will think it is running as root. This will cause it to try to read root's ssh configuration from /root/.ssh which will fail. If ssh then needs to ask for credentials it will hang indefinitely as there is nowhere for it to ask the user for them (and even if there was it would not access the correct private keys). The solution to the above is to temporarily disable pseudo while executing any fetcher commands. There should be no reason for them to be executed under pseudo anyway so this should not be a problem. RP Ammendum: We finally did get more information about how to reproduce this problem, something needs to trigger bb.fetch2.get_srcrev() in a pseudo context, for example when AUTOREV is in use or the recipe doesn't have a defined SRCREV. That SRC_URI needs to be using protocol=ssh. This would trigger an ls-remote of the remote repo and if that happens under pseudo, the wrong ssh credentials may be attempted which can hang. [YOCTO #12464] (Bitbake rev: 5d42dce5e612060f4181c14e1cfdec2388bb7adf) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2: fix import error for Python 3.6.5Tzu Hsiang Lin2018-07-022-3/+1
| | | | | | | | | | | | When running bitbake command with Python 3.6.5 always result in import error causing by the change of distutils module. This patch replaces the method to search executable in PATH by "/usr/bin/env <command>". (Bitbake rev: 86a4cc7248afd3e561dc70f3490f45549265470a) Signed-off-by: Tzu Hsiang Lin <t9360341@ntut.org.tw> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Updated release month variable to "June 2018"Scott Rifenbark2018-05-291-1/+1
| | | | | | | | | Preparation for a 2.3.4 (Pyro) release. (From yocto-docs rev: 834733897e900da254a607527492de218d89c28f) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated release date scheme to use variable.Scott Rifenbark2018-05-249-8/+9
| | | | | | | | | | | The release date is moving on Pyro. Added a new variable that I set to "May 2018" for the release date. This way if it pushes past May, I just need to update poky.ent. (From yocto-docs rev: 928c6a2bf1c31e3819ec33e09bec6c69e2ccea76) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated Manual NotesScott Rifenbark2018-05-249-191/+311
| | | | | | | | | | | Updated the notes on the title page to give the user some advice for when he searches for the manual and gets old manuals. (From yocto-docs rev: 7dedbb67272a18bd768ab5fe637b20a09801d904) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to pyro head revisionRichard Purdie2018-05-241-1/+1
| | | | | | (From OE-Core rev: 819aa151bd634122a46ffdd822064313c67f5ba5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky: Update version to 2.3.4yocto-2.3.4pyro-17.0.4Richard Purdie2018-05-161-1/+1
| | | | | | (From meta-yocto rev: 17b7a75b22b2ca1a19d0a8656c0183b738932189) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Update to 2.4.4Armin Kuster2018-05-071-2/+2
| | | | | | | | | | | | | | | | | | | | The dot releases are maint only. 2.4.4 included: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir 2.4.3 includes: CVE-2017-17405: Command injection vulnerability in Net::FTP (From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix typo in gmp PACKAGECONFIG optionAndre McCurdy2018-05-071-1/+1
| | | | | | | | | | | | (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) (From OE-Core rev: a9b55cbec9f5ff11f92f50c529049e83ac898043) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: remove spurious db build dependencyRoss Burton2018-05-071-1/+1
| | | | | | | | | | | | | The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) (From OE-Core rev: 20d9821e9131c3d715ed629ad38eed802f737056) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.2Leonardo Sandoval2018-05-071-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) (From OE-Core rev: 4562790471c7e3f3e393cd3e8b77d28ed4196452) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.1Leonardo Sandoval2018-05-071-2/+2
| | | | | | | | | | | | | (From OE-Core rev: 3ff2d0bc7a8e7a7e8c8e953dc0ccf84d891688ef) (From OE-Core rev: b102521a146197749dc1493307f222cbf0292921) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/test-dependencies.sh: removeMartin Jansa2018-05-071-286/+0
| | | | | | | | | | | | | | | | | | * with RSS used in pyro this script isn't very useful anymore * RSS makes sure that the dependencies are almost always deterministic the only case known to me where dependencies are different based on what was already built in TMPDIR are runtime dependencies resolved by shlibs code in package.bbclass (which is using global pkgdata, not specific to given recipe and its RSS) as described here: https://bugzilla.yoctoproject.org/show_bug.cgi?id=9217#c4 but for this case it's not worth running complete test-dependencies.sh runs (From OE-Core rev: ab87b50fa0b0468c1d3640bbe8e733b3caf61ea9) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate-diff-machines.sh: Replace MACHINE_ARCH only at the beginning and ↵Martin Jansa2018-05-071-1/+1
| | | | | | | | | | | | | | separated with dash * I had some components where the MACHINE name was also included in PV of allarch recipe which was tripping the script into saying that they have different signatures (because for one MACHINE was the string in PV replaced with 'MACHINE' and not for other MACHINEs (From OE-Core rev: 90a8e984724c994b78639b7f16435b678bf294f8) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate-sysroot-cruft.sh: Extend the whitelistMartin Jansa2018-05-071-0/+2
| | | | | | | | | | * add more php5 entries (From OE-Core rev: d5b520f5c65651f53b3d58c16aaa4633920fda40) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpng: update SRC_URI to use oslArmin Kuster2018-05-071-1/+1
| | | | | | | | | | ERROR: libpng-1.6.28-r0 do_checkuri: Fetcher failure for URL: 'http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz'. URL http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz doesn't work ERROR: libpng-1.6.28-r0 do_checkuri: Function failed: do_checkuri (From OE-Core rev: c53d61712a50c5243b14b6aa39e034e080fa0bd3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpfr: Update SRC_URI to use gnuArmin Kuster2018-05-071-1/+1
| | | | | | | | | | | | ERROR: mpfr-native-3.1.5-r0 do_checkuri: Fetcher failure for URL: 'http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz'. URL http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz doesn't work ERROR: mpfr-native-3.1.5-r0 do_checkuri: Function failed: do_checkuri Found gnu has the same copy (From OE-Core rev: 90e50ec8033051367f0c649e354ddf0107be3231) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* byacc: Fic SRC_URI to use yocto sources loc.Armin Kuster2018-05-071-1/+1
| | | | | | | | | | | | ERROR: byacc-native-20161202-r0 do_checkuri: Fetcher failure for URL: 'ftp://invisible-island.net/byacc/byacc-20161202.tgz'. URL ftp://invisible-island.net/byacc/byacc-20161202.tgz doesn't work ERROR: byacc-native-20161202-r0 do_checkuri: Function failed: do_checkuri Use the file saved in the Yocto Project sources repos (From OE-Core rev: 210cef54a09daf61e4c4237f9bb3afad161658b3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpng: fix MIRRORS usageRoss Burton2018-05-071-1/+1
| | | | | | | | | | | | | | MIRRORS needs to be pairs of values for the original URL to match and the location find it on the mirror. (From OE-Core rev: a649f3da630e8ca2d3ca58b610f3918720dd5229) (From OE-Core rev: 1ea5d9f4d2afab924635462a35badfc55bd43c9c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* neon: update SRC_URIArmin Kuster2018-05-071-1/+1
| | | | | | | | | | ERROR: neon-0.30.2-r0 do_checkuri: Function failed: do_checkuri ERROR: neon-native-0.30.2-r0 do_checkuri: Fetcher failure for URL: 'http://www.webdav.org/neon/neon-0.30.2.tar.gz'. URL http://www.webdav.org/neon/neon-0.30.2.tar.gz doesn't work (From OE-Core rev: b792f5f5bf6ab26758979c7687afc25532055767) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpng: use SourceForge mirrorRoss Burton2018-05-071-2/+6
| | | | | | | | | | | | | | | | | | The Gentoo mirror also deletes old versions when they're not used, so revert back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to handle new releases moving the version we want. Original idea by Maxin B. John <maxin.john@intel.com>. (From OE-Core rev: 791a3493c88c9c249f21f6d893b2061e1d8a0af6) (From OE-Core rev: 8ced3de463f97930404fe83a9f30d5d6536ffc9b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Updated for Pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: fix header ordering for TRAP_HWBKPTDaniel Díaz2018-05-072-0/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This error can appear in gdb/nat/linux-ptrace.c because of the order in which some headers are processed: | In file included from ../../gdb-7.11.1/gdb/nat/linux-ptrace.c:20:0: | ../../gdb-7.11.1/gdb/nat/linux-ptrace.h:175:22: error: expected identifier before numeric constant | # define TRAP_HWBKPT 4 | ^ | Makefile:2357: recipe for target 'linux-ptrace.o' failed | make[2]: *** [linux-ptrace.o] Error 1 | make[2]: *** Waiting for unfinished jobs.... | make[2]: Leaving directory '/oe/build/tmp-rpb-glibc/work/aarch64-linaro-linux/gdb/7.11.1-r0/build-aarch64-linaro-linux/gdb' | Makefile:8822: recipe for target 'all-gdb' failed | make[1]: *** [all-gdb] Error 2 | make[1]: Leaving directory '/oe/build/tmp-rpb-glibc/work/aarch64-linaro-linux/gdb/7.11.1-r0/build-aarch64-linaro-linux' | Makefile:846: recipe for target 'all' failed | make: *** [all] Error 2 A patch from GDB's current master solves the issue. (From OE-Core rev: 4aaf747099714ec11158571527396ed9e818729e) (From OE-Core rev: 463e512a027966123ec113b7507eb5e55a19b072) Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: add missing TRAP_BRANCH/TRAP_HWBKPT definitionsFathi Boudra2018-05-072-0/+69
| | | | | | | | | | | | | | | Patch submitted upstream, pending to be merged: https://sourceware.org/bugzilla/show_bug.cgi?id=21286 (From OE-Core rev: 11ebb5054e5ec1171ade90249e3a30ac8174a35a) (From OE-Core rev: 77ddd969569c91b705db2307af450b4e0574ee87) Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libmpc: fix SRC_URIOleksandr Kravchuk2018-05-071-1/+1
| | | | | | | | | | | | | | | | (From OE-Core rev: 462021964a79a6c940cbce80a31a2ea3283e797c) (From OE-Core rev: 04e5af853927cff2072fb4278a9d9fa2bd99812f) (From OE-Core rev: cce8377fd66816ad012f02c3121053daa0f1ac54) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distcc: Change SRC_URIArmin Kuster2018-04-051-1/+1
| | | | | | | | | | | | | | | | | | ERROR: distcc-3.2-r0 do_fetch: Fetcher failure: Unable to find revision d8b18df3e9dcbe4f092bed565835d3975e99432c in branch 3.2 even from upstream ERROR: distcc-3.2-r0 do_fetch: Fetcher failure for URL: 'git://github.com/distcc/distcc.git;branch=3.2'. Unable to fetch URL from any source. ERROR: distcc-3.2-r0 do_fetch: Function failed: base_do_fetch [v2] upstream deleted the branch and the hash no longer exists. Took the git snapshot from yocto and created a copy on my github. There was no offical 3.2 release, only rc versions. (From OE-Core rev: f8cc08fc7db26241d996ac710484d559eff5f9c0) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: fix compatibility with glibc 2.27Tanu Kaskinen2018-04-052-0/+63
| | | | | | | | | | | | | | | | | | | | glibc 2.27 added function copy_file_range(), and e2fsprogs happens to have a different function with the same name. The conflict made e2fsprogs-native build fail. Here's a backport of a fix from upstream, the fix was released in e2fsprogs 1.43.8. The master branch doesn't need this fix, since it has new enough e2fsprogs version. At least rocko, pyro and morty need this, I haven't checked older stable branches. Apparently the problematic function was introduced in e2fsprogs version 1.43. (From OE-Core rev: 350f2a4ad6e21acf1d357a90ba37b2c149ec7864) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix memfd_create with glibc 2.27Ross Burton2018-04-052-0/+58
| | | | | | | | | | | | | glibc 2.27 has added memfd_create() but this conflicts with a copy in qemu, so take a patch from upstream to fix building with glibc 2.27. (From OE-Core rev: 8e6672055e804a0828e2f51fae9cbac81e4e834d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager.py: Explicit complementary failNiko Mauno2018-04-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running bitbake -c populate_sdk <image_name>, it is expected that packages matching SDKIMAGE_INSTALL_COMPLEMENTARY name mask (unless declared in PACKAGE_EXCLUDE_COMPLEMENTARY) are installed to resulting SDK. Underlying mechanism issues a package manager install call for set of complementary packages. However the mechanism doesn't seem to inform the user all too obviously in case the package manager command behind install_complementary() method fails -- and since it is combined with attempt_only=True option, user might end up wondering why several *-dev, *-dbg packages are missing from resulting SDK. Improve associated install() method behaviour in affected OpkgPM and DpkgPM classes so that a problematic state of affairs becomes directly obvious for bitbake user, resulting in shell output like: WARNING: someimage-1.0-r0 do_populate_sdk: Unable to install packages. Command '...' returned 1: Collected errors: * Solver encountered 1 problem(s): * Problem 1/1: * - package somepkg-dev-1.0-r0.x86 requires somepkg = 1.0-r0, but none of the providers can be installed * * Solution 1: * - allow deinstallation of someotherpkg-1.1-r1.x86 * - do not ask to install a package providing somepkg-dev * Solution 2: * - do not ask to install a package providing somepkg-dev (From OE-Core rev: 2502bd591c37bf532d02dc6b37fc1e8b5224fb0a) (From OE-Core rev: 88bbc4b84ce97f82d08c841edf25e6fc29d408b0) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0d4459e7086fced5e9e0b4ad10378c9eddec56a8) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: CVE-2018-5146Tanu Kaskinen2018-04-022-0/+101
| | | | | | | | | | | | | | Prevent out-of-bounds write in codebook decoding. The bug could allow code execution from a specially crafted Ogg Vorbis file. References: https://www.debian.org/security/2018/dsa-4140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146 (From OE-Core rev: 5c880fe974907195c563b5580cb43b3b2fb92203) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: CVE-2017-14632Tanu Kaskinen2018-04-022-0/+63
| | | | | | | | | | | | | | Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632 (From OE-Core rev: e584aca38396db5e3d461f57804519261eecedc2) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libvorbis: CVE-2017-14633Tanu Kaskinen2018-04-022-0/+43
| | | | | | | | | | | | | | In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633 (From OE-Core rev: 3ea65ee8b31a16a20f5c28c19f4c758f8deabf6e) Signed-off-by: Tanu Kaskinen <tanuk@iki.fi> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: streamline locale removalRoss Burton2018-04-021-1/+1
| | | | | | | | | | | For some reason dnf is aborting with the fairly useless "failed to read RPMDB" error during SDK creation. Luckily as we're just deleting locale packages we can pass False to remove() to use RPM directly, which doesn't crash. (From OE-Core rev: cb118806841e585ec6ca820360329ae7d122c0af) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross-localedef-native: add way to specify which locale archive to writeRoss Burton2018-04-022-0/+40
| | | | | | | | | | | | | | | localedef has no way to specify which locale archive to use, and the compile-time default isn't useful as it points to the work directory. Add support to read an environmental variable for the path, and don't fail to write a new locale archive. (From OE-Core rev: bf0f205a3c3714926649bd69db29e4df1c0ea112) (From OE-Core rev: 72ab0e7d49610f6ffcc99fa8723aeeaada852d88) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package-manager: add install_glob()Ross Burton2018-04-021-0/+23
| | | | | | | | | (From OE-Core rev: 8d1b530c82de386d4183f5673c060b9d416a3835) (From OE-Core rev: b9a7821086b5165fda9f1c8a7c79a7997803f2a6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager: improve install_complementaryRoss Burton2018-04-021-2/+2
| | | | | | | | | | | | - No need to use bb.utils.which() as subprocess will search $PATH - Clarity flow by moving the install inside the try/except (From OE-Core rev: f4d22b7195dd8f08fe26dd353c7e860208e87d6a) (From OE-Core rev: 1267df89164d7dcbbf77668ac49452bd0df87b54) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: generate locale archive and remove packagesRoss Burton2018-04-021-2/+54
| | | | | | | | | (From OE-Core rev: c6f1010a47df33b40320aa5784181b659a3254d7) (From OE-Core rev: 5256809c570e618171bcb643bef3e2a36d4440bb) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_base: depend on nativesdk-glibc-localeRoss Burton2018-04-021-0/+1
| | | | | | | | | | | | | If we're building a SDK and we're using glibc so may be installing locales, add a build-dependency on natiesdk-glibc-locale so the locales we need will exist. (From OE-Core rev: 8d6869a0a89d8cf3c6e57723fab2750ba2c885db) (From OE-Core rev: 19fce2a6f76227de88e267f65f0e124645ea280e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk: install UTF-8 locales in SDKsRoss Burton2018-04-023-3/+6
| | | | | | | | | | | | | | | | | | | | | | As glibc 2.27 can't read older locale-archives, SDKs using glibc 2.27 on hosts using glibc earlier than 2.27 won't be able to find any locales, so bitbake won't start and Python can't use UTF-8. So by default install all locales into the SDK. Special-case Extensible SDKs by installing no locales as they ship glibc in a buildtools, and that will have the locales. Locale installation requires cross-localedef, so add that to DEPENDS. Also remove the explicit en_US addition in buildtools-tarball as it is now redundant. (From OE-Core rev: 96896568d197cd06302713c24c0f7d91bfaea6c1) (From OE-Core rev: af9eb2ef36cb5bfd87ea61ff3390949810097c9b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: only install locales if we're using glibcRoss Burton2018-04-021-0/+4
| | | | | | | | | | | Using glibc-locale to install locales only makes sense if we're using glibc. (From OE-Core rev: 8fc80734053645fa893694dfe33ddaee99aa9a1a) (From OE-Core rev: 14269b953c1f74d7dd72c65df5e925d9ae4e75be) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sdk: install specified locales into SDKRoss Burton2018-04-021-0/+16
| | | | | | | | | (From OE-Core rev: 9b1c3dbe79f67d3b46e0f90a73bce6c61f094a50) (From OE-Core rev: 13ad745bf40a5e3e08a4e1f3295353b395eec43d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: relocate locale paths in nativesdkRoss Burton2018-04-022-0/+56
| | | | | | | | | | | | nativesdk is built with a specific prefix but this will be different at install time, however glibc hard-codes the path to locale files. Expand these strings to 4K and move them to a magic segment which we can relocate when the SDK is installed. (From OE-Core rev: 59e0679378aac27c4fea0b06721e0a184a93c100) (From OE-Core rev: 839479f63a6b927606742b15000d55b1223cb3af) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: don't use host locales in nativesdkRoss Burton2018-04-021-6/+0
| | | | | | | | | (From OE-Core rev: d7ded85766852689a0d774c896a11d0609004ab2) (From OE-Core rev: 6ffd0764677197e134386f2147c204823a88cfca) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* default-distrovars: don't rename locales for nativesdkRoss Burton2018-04-021-0/+1
| | | | | | | | | (From OE-Core rev: 909da982c74b2ed931a65dda248557cb18f773e0) (From OE-Core rev: 980154cb3b3862b4dc7c7b6dc78d730021e99e2d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Add comm to HOSTTOOLSNiko Mauno2018-03-301-1/+1
| | | | | | | | | | | | | | | | | This mitigates following issues during u-boot do_compile() step -- otherwise, if comm is not available, they are quietly ignored: .../scripts/check-config.sh: line 33: comm: command not found .../scripts/check-config.sh: line 39: comm: command not found Since 'comm' is provided by coreutils package, adding it to HOSTTOOLS was considered a lower impact fix compared to adding coreutils-native buildtime dependency to u-boot recipe. (From OE-Core rev: 8c370ab4352581c19c45d476a97c2c3b45a56fdb) Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* world-broken.inc: blacklist portmap on muslRichard Purdie2018-03-151-0/+4
| | | | | | | | | portmap was dropped in rocko and later and doesn't work with libtirpc so don't build it for musl (From OE-Core rev: 5e4b4874c4d81b62a32b3836d1c22ecc4c5479c6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Add compatiblity version checkRichard Purdie2018-03-152-0/+9
| | | | | | | | | | | | | | | | If glibc is newer on the host than in uninative, the failure mode is pretty nasty for clusters where the sstate is shared, including the Yocto Project autobuilder. This check aborts the use of uninative in such scenarios where a newer glibc version appears and avoids corruption of sstate caches. We use ldd to check the glibc version since that is included in libc-bin (or equivalent) which locales use so it should always be present. (From OE-Core rev: 8147911a951c7b0508f9c2aef93480d65b4362c0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-04-18 07:57:25 +0000