summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* libarchive: Use pkg-config for libxml2 dependencyRichard Purdie2014-05-282-0/+26
| | | | | | (From OE-Core rev: fe277bf0a61d5d7787dba699ee1ed4d979ba5cff) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libksba: Use pkg-config for dependenciesRichard Purdie2014-05-282-19/+116
| | | | | | | | | Use pkg-config in the m4 macros for the package, ensure we have a host field in the .pc file. (From OE-Core rev: 4a971a90988435902a4a8dd9c721d440cd80c0bd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: Update to ensure we pkg-config for dependenciesRichard Purdie2014-05-281-0/+6
| | | | | | (From OE-Core rev: ffffc627b21a3cf8b407d16a437793b5fddf7127) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Use pkg-config for dependenciesRichard Purdie2014-05-282-2/+107
| | | | | | | | Use pkg-config instead of -config files in the m4 macros. (From OE-Core rev: 74d73cf1e4607cb313b5e4c7138b555d5999a46d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: Use pkg-config for dependenciesRichard Purdie2014-05-282-1/+120
| | | | | | (From OE-Core rev: f0479e60b660778ab27b946d426daa17a08a28ea) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: Convert to use pkg-config for dependenciesRichard Purdie2014-05-282-1/+96
| | | | | | | | | Use pkg-config to find pth instead of pth-config and our own macros from aclocal-copy. (From OE-Core rev: 437ad15de308769c9251a37ed41dabed5653fc96) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libassuan: Improve pkgconfig supportRichard Purdie2014-05-283-57/+163
| | | | | | | | | Add api_version and host to the .pc file and use pkg-config in the m4 macros for the package. (From OE-Core rev: 17e5793847601d2aeb497ffe14871df65543abfb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgpg-error: Extend pkgconfig support to m4 macrosRichard Purdie2014-05-281-13/+90
| | | | | | | | | | Whilst there is currently .pc file pkgconfig support, it was unused by the m4 macros. This extends the support so they're used instead of the -config scripts. (From OE-Core rev: ff573270f7e87296840911189fd2087a1bc597f7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devshell: Add interactive python shellRichard Purdie2014-05-282-0/+213
| | | | | | | | | | | | | | | Being able to interact with the python context in the Bitbake task execution environment has long been desireable. This patch introduces such a mechanism. Executing "bitbake X -c devpyshell" will open a terminal connected to a python interactive interpretor in the task context so for example you can run commands like "d.getVar('WORKDIR')" This version now includes readline support for command history and various other bug fixes such as exiting cleanly compared to previous versions. (From OE-Core rev: 36734f34fe6e4b91e293234687e63c02f5b3117e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Honor umask againPeter Seebach2014-05-281-6/+163
| | | | | | | | | | | | The fchmodat-permissions patch was fine for the fchmod case, but had the unintended side effect of disregarding umask settings for open, mknod, mkdir, and their close relatives. Start tracking umask and masking the umask bits out where appropriate. (From OE-Core rev: ce23c1cc33a015fbd184df6c16658353334ab611) Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: Avoid accidentally including libacl.hMike Crowe2014-05-281-0/+1
| | | | | | | | | | | | | | | | The cmake recipe doesn't depend on libacl yet cmake will detect libacl.h and use it by default. This risks build failures if libacl.h is unstaged during the build and it also means that the build cmake will sometimes support ACLs and sometimes not. This can be avoided by setting ENABLE_ACL=0 but until the fix for http://cmake.org/Bug/view.php?id=14866 is released we also need to set HAVE_ACL_LIBACL_H=0. (From OE-Core rev: e76973b4ef687c5b36ed6f9eb202322ae4af9b9f) Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ddimage: Support Mac OSDarren Hart2014-05-281-5/+20
| | | | | | | | | | | | | | Update the ddimage script to allow it to work on Mac OS too. The biggest difference is sysfs vs diskutil and in the syntax of the stat command between Mac OS and Linux, unfortunately. Workarounds using ls, cut, and columns got really fragile really quickly. Relying on stat and switching on uname seemed the more robust solution. (From OE-Core rev: 8962fe11a0697348affb8a1ab95abca4995470a6) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Cc: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* eglinfo: updated to compile with mesa10+Valentin Popa2014-05-271-1/+1
| | | | | | | | | | Updated to the newer 4b317648ec6cf39556a9e5d8078f605bc0edd5de. (From OE-Core rev: 9948e4239b88026804c33d84830dbfe6b0ed3e59) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxshmfence: add it to oe-coreValentin Popa2014-05-271-0/+17
| | | | | | | | | | | mesa 10+ depends on this (if the user builds mesa with dri3 support enabled). So add it to oe-core. (From OE-Core rev: afa3e8943d9e52a2d20ceea1e6a02a3133ef79fa) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dri3proto: add it to oe-coreValentin Popa2014-05-271-0/+14
| | | | | | | | | | | mesa 10+ depends on this (if the user builds mesa with dri3 support enabled). So add it to oe-core. (From OE-Core rev: 6a9717bd34854ecb56a4ab1731b6bf3cf4b471ea) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distro_features_check.bbclass: fix searching whole listSebastian Wiegand2014-05-271-3/+3
| | | | | | | | | | | Search whole list of REQUIRED_DISTRO_FEATURES. Print only the missing/conflicting feature on error. (From OE-Core rev: 4290e10c17aa5477bbd57023c35426c12fcc25cb) Signed-off-by: Sebastian Wiegand <sebastian.wiegand@gersys.de> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: upgrade to 1.5.0Tim Orling2014-05-274-35/+43
| | | | | | | | | | | | | * replace 0001-remove-dependence-on-wayland-scanner-flags.patch with disable-wayland-scanner-pkg-check.patch * add make-lcms-configureable.patch (WIP... needs work) = fix for JaMa test-dependencies (From OE-Core rev: 7c40efb62f34f866c98a0b2df50d66c60d76143a) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wayland: upgrade to 1.5.0Tim Orling2014-05-273-54/+4
| | | | | | | | | | | | * update disable-macro-checks-not-used-for-scanner.patch = trivial change to non-patched text (+ posix_fallocate) * drop just-scanner.patch, no longer needed (From OE-Core rev: f453259c6710a6b3fb3c542b3921426baf160347) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: stop perl-modules recommending perl-ptestRoss Burton2014-05-271-1/+6
| | | | | | | | | | | | | | Change the logic that generates the perl-modules recommends to be an include filter instead of an exclude filter, so that new sub-packages don't become dependants of perl-modules (such as perl-ptest). [ YOCTO #6203 ] (From OE-Core rev: 94e164c5b5316e2797c5bab51d127935002c6008) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* babeltrace: fix alignment issueRoy Li2014-05-272-1/+57
| | | | | | | | | | Fix alignment issue in babeltrace (From OE-Core rev: 862f14832d2d8a1917a5046d0299dbbbe6dc66da) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-tools: fix alignment issueRoy Li2014-05-273-0/+49
| | | | | | | | | | Fix alignment issue in lttng-tools (From OE-Core rev: 539b77a29eb24b3896c9c436c0b4ce61c6b72b34) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade to 5.19Cristian Iorga2014-05-272-3/+3
| | | | | | | | | | | | - Fixes to OBEX, AVRCP browsing, HID over GATT and handling of device unpaired events for dual-mode devices. - New features: user space based HID host implementation (for BR/EDR). (From OE-Core rev: 5dce15e6623748ce3c1456f12d5cde6edc1be939) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: fix for CVE-2010-4777yanjun.zhu2014-05-273-2/+49
| | | | | | | | | | | | | | | | | | The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777 (From OE-Core rev: 368df9f13ddf124e6aaaec06c02ab698c9e0b6c3) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: handle fchmodat better, mask out unwanted write bitsPeter Seebach2014-05-272-1/+109
| | | | | | | | | | | | | | | | | | | | | | | It turns out that pseudo's decision not to report errors from the host system's fchmodat() can break GNU tar in a very strange way, resulting in directories being mode 0700 instead of whatever they should have been. Additionally, it turns out that if you make directories in your rootfs mode 777, that results in the local copies being mode 777, which could allow a hypothetical attacker with access to the machine to add files to your rootfs image. We should mask out the 022 bits when making actual mode changes in the rootfs. This patch represents a backport to the 1.5.1 branch of three patches from the 1.6 branch, because it took a couple of tries to get this quite right. (From OE-Core rev: 45371858129bbad8f4cfb874e237374a5ba8db4c) Signed-off-by: Peter Seebach <peter.seebach@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-native : Add patch to fix configure error with gcc 4.8.Philip Balister2014-05-271-0/+1
| | | | | | | | | | | | | We apply this patch to the python recipe already. Without this patch the zeroc-ice-native recipe will not build. See: http://bugs.python.org/issue17547 for more details. (From OE-Core rev: 2335a8ed3748e687e7f34f21f27f8e4029d1e26b) Signed-off-by: Philip Balister <philip@balister.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: add default ${CPAN_MIRROR}Tim Orling2014-05-271-0/+1
| | | | | | | | | | * Set default to http://search.cpan.org/CPAN/, as it should be (From OE-Core rev: 7cf349c3f1f195d529fbd73ce4bf63a439ffa4e6) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mirrors.bbclass: add ${CPAN_MIRROR} optionTim Orling2014-05-271-0/+2
| | | | | | | | | | | * Perl modules fail to fetch because default CPAN site has been flaky lately. * Create option to use metacpan.org as a mirror. (From OE-Core rev: ffca381d9ad5de3e593c93274cfdb3d2ff4a447f) Signed-off-by: Tim Orling <TicoTimo@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-live-install: avoid using grub.d/40_customRobert Yang2014-05-271-8/+7
| | | | | | | | | | | | | | | | | | | | | | | | | We have this in recipes-bsp/grub/grub/40_custom: [snip] menuentry "Linux" { set root=(hd0,1) linux /vmlinuz root=__ROOTFS__ rw __CONSOLE__ __VIDEO_MODE__ __VGA_MODE__ quiet } [snip] These lines are only for initrdscripts/files/init-install.sh, the side effect is that it would make the target's grub-mkconfig doesn't work well since the 40_custom will be installed to /etc/grub.d/40_custom, the grub-mkconfig will run the 40_custom, and there will always be a 'menuentry "Linux"' menu in grub.cfg no matter it is valid or not, we can do this in init-install.sh rather than grub to fix the problem, which is also much simpler. (From OE-Core rev: 8ae89d08454c11035eb2826a06e2243c9f2568b4) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* taglib: Force a disable of the floating dependency on boostRichard Purdie2014-05-271-0/+2
| | | | | | | | | | | | taglib appears to depend on boost if it finds it in the sysroot. Force it not to do this. Someone with better cmake skills may be able to do this in a neater way. (From OE-Core rev: 2c6c6c98416e5a458a02106524b5aa10a4b71d60) (From OE-Core rev: 87fd1d7331f6f64a9037d97672dbe66d93f276de) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: Update to 2.0.11 versionChong Lu2014-05-212-68/+2
| | | | | | | | | | | Upgrade guile to 2.0.11 version and remove unneeded patch since it's included in new version. (From OE-Core rev: f1727bb18f35ff01e53d3d442a6ff3c613639fa6) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* byacc: Update to 20140422 versionChong Lu2014-05-211-2/+2
| | | | | | | | | | Upgrade byacc to 20140422 version. (From OE-Core rev: d58ab8819724cf460360458ac6e59a9c0ca7966c) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* flex: Update to 2.5.39 versionChong Lu2014-05-211-2/+2
| | | | | | | | | | Upgrade flex to 2.5.39 version. (From OE-Core rev: 701f1ae89926306dfbd19786fe0ddabc36fb485c) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0849Yue Tao2014-05-212-0/+37
| | | | | | | | | | | | | | | | The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849 (From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0850Yue Tao2014-05-212-0/+30
| | | | | | | | | | | | | | | The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850 (From OE-Core rev: 69f3f0f94f4fd224e5a6b275207adf0539d085c3) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0856Yue Tao2014-05-212-0/+31
| | | | | | | | | | | | | | | The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856 (From OE-Core rev: 571ccce77859435ff8010785e11627b20d8b31f4) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0854Yue Tao2014-05-212-0/+33
| | | | | | | | | | | | | | | The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854 (From OE-Core rev: b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0851Yue Tao2014-05-212-0/+30
| | | | | | | | | | | | | | | | The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851 (From OE-Core rev: 8c9868d074f5d09022efc9419ee09eb805f68394) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0858Yue Tao2014-05-212-0/+38
| | | | | | | | | | | | | | | The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858 (From OE-Core rev: 0ee8754c973f5eff3ba4d00319a5308888c12b17) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0852Yue Tao2014-05-212-0/+35
| | | | | | | | | | | | | | | The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852 (From OE-Core rev: 37f9371b44bd914fdd64e4c4e4448a2908512203) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0845Yue Tao2014-05-212-0/+62
| | | | | | | | | | | | | | | libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845 (From OE-Core rev: cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0868Yue Tao2014-05-213-0/+150
| | | | | | | | | | | | | | | | libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) len==0 cases. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868 (From OE-Core rev: 29dcc2c8e834cf43e415eedefb8fce9667b3aa40) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2014-2099Yue Tao2014-05-212-0/+51
| | | | | | | | | | | | | | | | | The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099 (From OE-Core rev: 3e27099f9aad1eb48412b07a18dcea398c18245b) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2013-0865Yue Tao2014-05-212-0/+52
| | | | | | | | | | | | | | | | The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865 (From OE-Core rev: 4a93fc0a63cedbebfdc9577e2f1deb3598fb5851) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix for Security Advisory CVE-2014-2263Yue Tao2014-05-212-0/+70
| | | | | | | | | | | | | | | | The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2263 (From OE-Core rev: 70bf8c8dea82e914a6dcf67aefb6386dbc7706cd) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distro_features_check.bbclass: fix wrong indentationSebastian Wiegand2014-05-211-2/+2
| | | | | | | | | | | To fix check of REQUIRED_DISTRO_FEATURES fix indentation in python code. [YOCTO #6349] Reported and written by: Sebastian Wiegand <sebastian.wiegand@gersys.de> (From OE-Core rev: 986db87a3931edce8be79f309d07497e4179a810) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: data_smart: Fix an unusual variable reference bugRichard Purdie2014-05-212-1/+6
| | | | | | | | | | | | | | | | | | | | If you try: Y = "" Y_remove = "X" in OE-Core, bitbake will crash with a KeyError during expansion. The reason is that no expansion of the empty value is attempted but removal from is it and hence no varparse data is present for it in the expand_cache. If the value is empty, there is nothing to remove so the best fix is simply not to check for None but check it has any value. Also add a test for this error so it doesn't get reintroduced. (Bitbake rev: af3ce0fc0280e6642fa35de400f75fdbabf329b1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: reduce redundant foreign key lookupsDavid Reyna2014-05-212-6/+29
| | | | | | | | | | | | | | | | | | Replace redundant foreign key lookups with "with" to improve all recipes page load time. Do depends pre-lookup in the view class, and use python itertation instead of filter() all to achieve x16 processing speedup. [YOCTO #6137] (Bitbake rev: a68a6dc50c11cc59e7c873414e3e22ac2644dea7) Signed-off-by: David Reyna <David.Reyna@windriver.com> Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com> Conflicts: bitbake/lib/toaster/toastergui/views.py Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: sort columns properly after edit columnsFarrell Wymore2014-05-212-14/+204
| | | | | | | | | | | | If a sorted column is made invisible through the edit columns function, resort the table the its default order. [YOCTO 5919] (Bitbake rev: 64618f7489eb9eb13a97d03cd2d353384f5faa70) Signed-off-by: Farrell Wymore <farrell.wymore@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: toaster oe-selftest supportIonut Chisanovici2014-05-211-0/+411
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds toaster tests using the oe-selftest infrastructure. You need to have builds done - the tests will verify data integrity after the toaster collection phase. Once you have your toaster builds done, to run the automated backend tests via oe-selftest do the followings: 1. Update builddir/conf/bblayers.conf to contain the meta-selftest layer 2. From the builddir run: 'oe-selftest toaster' or if you just want to run a single test: 'oe-selftest toaster.Toaster_DB_Tests.testname' This first part adds the meta/lib/oeqa toaster file. (Bitbake rev: bb5b1d6b139b886e54bfdc0c17f2b556db6a7fde) Signed-off-by: Ionut Chisanovici <ionutx.chisanovici@intel.com> Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups: fix for cups not building without avahiSaul Wold2014-05-211-0/+190
| | | | | | | | | | | Backport upstream patch for CUPS issue: STR #4402 [YOCTO #6325] (From OE-Core rev: 7decf9dce56868e39902dac5957eb72f6e1e9acd) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>