summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* autotools.bbclass: mkdir ${B} -> mkdir -p ${B}Robert Yang2015-09-191-1/+1
| | | | | | | | | | | | ${B} is the default cwd of tasks, so there might be race issues such as: | mkdir: cannot create directory `${B}': File exists [snip] NOTE: recipe perf-1.0-r9: task do_configure: Failed (From OE-Core rev: 3390dde6addaafad84c635eb37d2eae1ac22fcb7) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: mkdir ${B} -> mkdir -p ${B}Robert Yang2015-09-191-1/+1
| | | | | | | | | | | | ${B} is the default cwd of tasks, so there might be race issues such as: | mkdir: cannot create directory `/path/to/work/qemux86-poky-linux/perf/1.0-r9/perf-1.0/': File exists [snip] NOTE: recipe perf-1.0-r9: task do_configure: Failed (From OE-Core rev: 197d9fb922cc234294e8ca090bddfcd023fc82ce) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: prserv/serv: Improve exit handlingRichard Purdie2015-09-021-5/+9
| | | | | | | | | | | | | | | | | | | | | Currently, I'm not sure how the prserver managed to shut down cleanly. These issues may explain some of the hangs people have reported. This change: * Ensures the connection acceptance thread monitors self.quit * We wait for the thread to exit before exitting * We sync the database when the thread exits * We do what the comment mentions, timeout after 30s and sync the database if needed. Previously, there was no timeout (the 0.5 applies to sockets, not the Queue object) (Bitbake rev: bd9d827ae6ef02ec9a0577fb2fd19b830ccb4416) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0926492295d485813d8a4f6b77c7b152e4c5b4c4) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake: cooker: properly fix bitbake.lock handlingRichard Purdie2015-09-015-23/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the PR server or indeed any other child process takes some time to exit (which it sometimes does when saving its database), it can end up holding bitbake.lock after the UI exits, which led to errors if you ran bitbake commands successively - we saw this when running the PR server oe-selftest tests in OE-Core. The recent attempt to fix this wasn't quite right and ended up breaking memory resident bitbake. This time we close the lock file when cooker shuts down (inside the UI process) instead of unlocking it, and this is done in the cooker code rather than the actual UI code so it doesn't matter which UI is in use. Additionally we report that we're waiting for the lock to be released, using lsof or fuser if available to list the processes with the lock open. The 'magic' in the locking is due to all spawned subprocesses of bitbake holding an open file descriptor to the bitbake.lock. It is automatically unlocked when all those fds close the file (as all the processes terminate). We close the UI copy of the lock explicitly, then close the server process copy, any remaining open copy is therefore some proess exiting. (The reproducer for the problem is to set PRSERV_HOST = "localhost:0" and add a call to time.sleep(20) after self.server_close() in lib/prserv/serv.py, then run "bitbake -p; bitbake -p" ). Cleanup work done by Paul Eggleton <paul.eggleton@linux.intel.com>. This reverts bitbake commit 69ecd15aece54753154950c55d7af42f85ad8606 and e97a9f1528d77503b5c93e48e3de9933fbb9f3cd. (Bitbake rev: a29780bd43f74b7326fe788dbd65177b86806fcf) (Bitbake rev: 830b8f31459ca484bdaf2caa8ff4b7cbf21c77ac) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Conflicts: bitbake/lib/bb/cooker.py bitbake/lib/bb/main.py bitbake/lib/bb/tinfoil.py bitbake/lib/bb/ui/knotty.py Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: runqueue: Add message to explain the problem if diffsigs multiple ↵Richard Purdie2015-09-011-0/+2
| | | | | | | | tasks don't exist (Bitbake rev: 3bfc0105ae993a3304face1fc0af75e012673567) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: fix test_incremental_image_generation for changes in log outputYi Zhao2015-09-011-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | test_incremental_image_generation case failed because the log output chanaged: FAIL: test_incremental_image_generation (oeqa.selftest.buildoptions.ImageOptionsTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/buildarea3/yzhao1/poky-build/meta/lib/oeqa/utils/decorators.py", line 90, in wrapped_f return func(*args) File "/buildarea3/yzhao1/poky-build/meta/lib/oeqa/selftest/buildoptions.py", line 25, in test_incremental_image_generation self.assertEqual(0, res.status, msg="No match for openssh-sshd in log.do_rootfs") AssertionError: 0 != 1 : No match for openssh-sshd in log.do_rootfs ---------------------------------------------------------------------- Using re search instead grep (From OE-Core rev: 1872a9430cec0c61f1ec349df198160addd430de) (From OE-Core rev: afecc84cdd491789e62fb191a4f03de61e408629) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemurunner: Improves checking for server and target IPs on qemus parametersAlejandro Hernandez2015-09-011-5/+8
| | | | | | | | | | | | | Fixes OS hanging infinitely waiting for qemus process to release bitbake.lock (From OE-Core rev: d168bf34c553dbe5de7511e158cd83869d7a88bc) (From OE-Core rev: 99ac0971aecb1b6bc113da28b79d169095e6b671) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/utils/qemurunner: fix loggingPaul Eggleton2015-09-011-25/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | OE-Core commit 519e381278d40bdac79add340e4c0460a9f97e17 unfortunately broke logging in two different ways: 1) it prevented logging to the task log from working within bitbake -c testimage. This is due to the logger object being set up too early which interferes with BitBake's own logging. If we prefix the name with "BitBake." everything works (and we don't need to set the logging level). 2) Additionally because it called the log functions on the logging module and not the logger object it set up, this caused the oe-selftest logging to start printing everything from that point forward. Fix these two issues and return us to the desired behaviour for do_testimage. (From OE-Core rev: 429b1971be06d5146bb1c14f4697966cddab3b33) (From OE-Core rev: 144c6a2d711f7cf4dafc22999ed8cf4cdb329dfc) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/QemuRunner: don't use bb for loggingRoss Burton2015-09-011-29/+32
| | | | | | | | | | | | | | | | | Instead of using bb.note() etc for logging use logging.Logger directly, allowing the use of QemuRunner outside of bitbake. Also clean up the logging/errors by moving create_socket() out of __init__()/restart() and into start(). (From OE-Core rev: 519e381278d40bdac79add340e4c0460a9f97e17) (From OE-Core rev: c3c87fa26fec8c6e620ad2f1ce95b989f8c108ed) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu-slirp: CVE-2014-3640Sona Sarmadi2015-09-012-0/+49
| | | | | | | | | | | | | | | | | Fixes NULL pointer deref in sosendto(). Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640 Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=9a72433843d912a45046959b1953861211d1838d (From OE-Core rev: f63a4f706269b4cd82c56d92f37c881de824d8bc) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: fix unexpected operator for LICENSE values with spaceMartin Jansa2015-09-011-1/+1
| | | | | | | | | | | | | | | * add quotes around pkged_lic so that it works correctly with spaces * fixes following error: run.license_create_manifest.50601: 193: [: GPLv2: unexpected operator (From OE-Core rev: 2bb8b2abb689d91b7b7e28e6bd528747bde94dd2) (From OE-Core rev: 4c31f726cf1ea2e01b1fbf1c23e96a110fbb9623) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license_class: fix license.manifest shows LICENSE field differently to recipeAníbal Limón2015-09-011-6/+7
| | | | | | | | | | | | | | | | Drop removal of [|&()*] operators in pkged_lic because this removal is only needed to validate if license is collected. [YOCTO #6757] (From OE-Core rev: 57e5f74382d51f2a8df00e18b6008e3d2b44ad1a) (From OE-Core rev: a5fe29ff72dc2ce1667caa2ab1fdfbf2c1a4413b) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-conf: fix SRC_URI_appendMartin Jansa2015-09-011-3/+3
| | | | | | | | | | | | | | | * add leading space so that it works even with some .bbappend adding additional files to SRC_URI without trailing space (From OE-Core rev: 0f282f1d4946ac6e81959c66172c115405632a26) (From OE-Core rev: 55b183aa476754b050779d36dfbb03eb936443ad) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu-vnc: CVE-2014-7815Sona Sarmadi2015-09-012-0/+54
| | | | | | | | | | | | | | | | | | | | Fixes an uninitialized data structure use flaw in qemu-vnc which allows remote attackers to cause a denial of service (crash). Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=b2f1d90530301d7915dddc8a750063757675b21a References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 http://www.securityfocus.com/bid/70998 (From OE-Core rev: 31e3d1bab6612d8116086f9ada048a0c094fb2c8) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: CVE-2014-7840Sona Sarmadi2015-09-012-0/+58
| | | | | | | | | | | | | | | | | Fixes insufficient parameter validation during ram load Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit; h=0be839a2701369f669532ea5884c15bead1c6e08 (From OE-Core rev: 0bd4b0c7ede8a52559e4bf05085a3f0d46a0a280) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind9.9.5: CVE-2015-5477Sona Sarmadi2015-09-012-0/+46
| | | | | | | | | | | | | | | Fixed a flaw in the way BIND handled requests for TKEY DNS resource records. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477 https://kb.isc.org/article/AA-01272 (From OE-Core rev: 18a01db3f2430095a4e6966aed5afd738dbc112e) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Use SSTATE_DIR for FILESPATHRichard Purdie2015-09-011-1/+3
| | | | | | | | | | | | | | | FILESPATH was only being overridden in one fetch location, it should be equally handled in both. Also use SSTATE_DIR as FILESPATH so that mirror urls which do remapping can search the local SSTATE_DIR for other paths. Also ensure that MIRRORS is removed in both locations, previously it was only unset in one but both codepaths should be consistent. (From OE-Core rev: d66a45c52200f73e67ebb3e6e447907bb3334319) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnome: move introspection options to gnomebaseRoss Burton2015-09-012-4/+3
| | | | | | | | | | The gnome class is really a convenience class to include other classes, so move the introspection arguments into gnomebase.bbclass. (From OE-Core rev: d0bf0e5fd9c2cb18437ccca14b2f41d410aa832a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata, tzcode-native: drop older versions 2014h, 2015bMartin Jansa2015-09-014-34/+0
| | | | | | | | | * unlike in master, the older versions weren't dropped when upgrading to 2015d (From OE-Core rev: 1341554e582407e85697f05e3fcc82fcf29c9d56) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Add backslash lost from previous commitRichard Purdie2015-08-201-1/+1
| | | | | | (From OE-Core rev: 4621675632518caae3a8c2098ee36896b9372551) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Use the backport patch from grubSaul Wold2015-08-201-0/+1
| | | | | | | | | This fixes the build error seen on newer distros that use gcc5 such as Fedora22 (From OE-Core rev: ac135bd462dc4e674260fdb97c9e2e79c2e96460) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license_class: Fix choose_lic_set into incompatible licenseAníbal Limón2015-08-201-1/+2
| | | | | | | | | | | | Use canonical_license when doing evaluation of license expresion since INCOMPATIBLE_LICENSE are already canonized. [YOCTO #8080] (From OE-Core rev: 8687b8bb8233e7f867539d69463671aa9c0806e9) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Fix tarfix.patchRichard Purdie2015-07-271-7/+7
| | | | | | | | | Accidentally forgot to merge the backport changes into the commit. Fix so the patch applies correctly. (From OE-Core rev: 5f50f90ed824ea6a8d1d1b41a5345f51a15c443f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Fix for Fedora22 and new versions of tarRichard Purdie2015-07-272-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | They managed to 'break' tar. Again. Sorry, they fixed a regression which broke dpkg-deb. The addition of: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=163e96a0e619a900eab6de827c7c5749ecc9d3f2 ("Bugfix: entries read from the -T file did not get proper matching_flag.") means that the no-recursion option gets lost. This leads to many files getting included multiple times, along with files which shouldn't be there. The commit message is horrendous. The patch actually makes the option positional (as documnted since 2003) and therefore doesn't affect the input from the -T option. Moving the --no-reursion option to earlier in the command avoids the bug. The bug was not present in tar 1.28 however it has been backported in at least Fedora 22 and heading into Fedora 21. Redhat reports of issue: https://bugzilla.redhat.com/show_bug.cgi?id=1230762 [tar] https://bugzilla.redhat.com/show_bug.cgi?id=1241508 [dpkg] Discussion of bug in upstream tar: http://www.mail-archive.com/bug-tar@gnu.org/msg04799.html [YOCTO #7988] (From OE-Core rev: 6be698b7270f73f40d38713ecf13f12aec0ced61) (From OE-Core rev: 386898afde40971653af646d55e64aef65807e3b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-devtools/dpkg/dpkg_1.17.25.bb
* oeqa/bbtests: Fix to ensure DL_DIR is setRichard Purdie2015-07-261-6/+9
| | | | | | | | | | | write_config overwrites the config rather than appends to it, so ensure we write both variables in one go. (From OE-Core rev: c94ba6160d5965d4d2071154b43112eb87f4c898) (From OE-Core rev: c58814c910d813a761b5c0e3ba63d6fddef86cc9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/bbtests: Fix race over DL_DIR and SSTATE_DIRRichard Purdie2015-07-261-0/+6
| | | | | | | | | | | | | | | | | | | | Running "-c cleanall" on shared DL_DIR and SSTATE_DIR is antisocial. It leads to hard to debug races where we wonder why files disappear and reappear from those directories. Fix this by using a specific set of directories for these tests. This avoids a long standing bug on the autobuilder where aspell and man sources would disappear. [YOCTO #6276] (From OE-Core rev: 6b089c4a79dc3aae00c8a6e7ab0f6ba4b4b5f138) (From OE-Core rev: f1447c256e027553442cf507e217323f7868000c) (From OE-Core rev: e4434982e0d2c086ee946d3742c257daf31e8bfd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Fix subversion-native on Fedora22Richard Purdie2015-07-261-0/+1
| | | | | | | | | | | | | | | | Similarly to: http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=9b19d6548a345009a6de79a6820c07a72054d961 we also need to fix the subversion-native case with gcc5 by using the same fix to the BUILD_CPPFLAGS. (From OE-Core rev: a5e7a1e597e7bbe3bbc547f43a89d00a8a9a9924) (From OE-Core rev: 7d445547df528aa9e5bfb85568a7270e27f633ef) (From OE-Core rev: 7e57945be22c1d141c6a9be6f73f585cd07938a6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Add -P to CPPFLAGSKhem Raj2015-07-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | see https://gcc.gnu.org/gcc-5/porting_to.html we need to stop the preprocessor from generating the #line directives or we run into issues like | checking for apr_int64_t Python/C API format string... | configure: error: failed to recognize APR_INT64_T_FMT on this platform | Configure failed. The contents of all config.log files follows to aid debugging | ERROR: oe_runconf failed Rightly subversion should be fixed but lets leave that to subversion folks Change-Id: I02a89798ff949f79967ab0a73adcddaa4218662d (From OE-Core rev: 7793b1c425077ed6ed11a9bc2a8b1b96612b1c96) (From OE-Core rev: 4954cd6abad556d75beec860e82750bb1090a109) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross-localedef-native: Use older C standards for older codeRichard Purdie2015-07-261-1/+1
| | | | | | | | | | This older code needs specific compiler options to allow it to work with gcc 5. These options are used in the 2.21 recipe in master/fido so this simply backports them. (From OE-Core rev: 447dba2a6a077c83083556ab79ab265d4b8a048f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Backport const qualifier fix for gcc-5Khem Raj2015-07-262-0/+34
| | | | | | | | | | | | | | | | gcc-5 is stricter and complains about const to non-const conversions, we backport the patch from upstream into 2.00 Change-Id: I17db365fdd253daaa1ab726e2a70ecad0ac7b2ae (From OE-Core rev: ea3d48471db19a2432e4afd86df8caad51ee5166) (From OE-Core rev: f396bcfdc4f05d0a047903262edc5b52f3c85b6e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-bsp/grub/grub2.inc
* binutils: fix native builds when host has gcc5George McCollister2015-07-262-0/+77
| | | | | | | | | | | | Cherry pick upstream commit to fix -Werror=logical-not-parentheses error when building with native gcc5. (From OE-Core rev: b3bd0dba3139a3e79bfcebe137248c7bdcadf04d) (From OE-Core rev: c8bc2d7913e11278990d1fe82066e26f7fc1c11b) Signed-off-by: George McCollister <george.mccollister@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix native builds when host has gcc5Martin Stolpe2015-07-261-0/+1
| | | | | | | | | | | | | | | | GCC"s preprocessor starts to add newlines which are not handled properly by ncurses build system startin from version 5.0. See also: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7870 (From OE-Core rev: 3a5435b371c84ec28b6936b8c8fa6541a592d061) (From OE-Core rev: 8492e143af25bf64d07fc117e7f1607aadf89f09) Signed-off-by: Martin Stolpe <martin.stolpe@gmail.com> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Security Advisory - libxml2 - CVE-2015-1819Yue Tao2015-07-202-0/+182
| | | | | | | | | | | | | | | | | | for CVE-2015-1819 Enforce the reader to run in constant memory (From OE-Core rev: 9e67d8ae592a37d7c92d6566466b09c83e9ec6a7) (From OE-Core rev: de6e4114d5285ea0d2a53d19c93ce96430cc9e30) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-core/libxml/libxml2.inc Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Fix CVE-2013-6435Leonardo Sandoval2015-07-202-0/+110
| | | | | | | | | | | | | | | | | | | Backport to fix CVE-2013-6435. Description on [1] and original patch taken from [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6435 [2] https://bugzilla.redhat.com/attachment.cgi?id=956207 [YOCTO #7181] (From OE-Core rev: 6bf846ed5ccd1a4d01b36630708b2b9aa9e69ed5) (From OE-Core rev: 74d4895c4d30a45af5856228a00810bd14e5e071) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Fix CVE-2014-8118Leonardo Sandoval2015-07-202-0/+44
| | | | | | | | | | | | | | | | | | | Backport patch to fix CVE-2014-8118. Description is on [1] and original patch taken from [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1168715 [2] https://bugzilla.redhat.com/attachment.cgi?id=962159 [YOCTO #7181] (From OE-Core rev: 0a1f924157cb75d0f67cf534762c89dc8656d352) (From OE-Core rev: f61750cfc3dd14a72b1ade4274b1a577136111fe) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: drop 12-cve-2014-9636-test-compr-eb.patchRoy Li2015-07-202-46/+0
| | | | | | | | | | | | | | 12-cve-2014-9636-test-compr-eb.patch is same as unzip-6.0_overflow3.diff, is to fix CVE-2014-9636 (From OE-Core rev: 9cf42db4e545cd260faf45931d3b3c63ab3b3aab) (From OE-Core rev: 7567dbc552819906a876b729e2a599ec412139a3) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: Package Marvell pci8897 and usb8897 firmwareNg Wei Tee2015-07-201-3/+16
| | | | | | | | | (From OE-Core rev: 86106da1068ec802ec9e1dd7bcdd9baf78182cb7) Signed-off-by: Ng Shui Lei <shui.lei.ng@intel.com> Signed-off-by: Ng Wei Tee <wei.tee.ng@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dbus: CVE-2015-0245: prevent forged ActivationFailureJussi Kukkonen2015-07-202-0/+49
| | | | | | | | | | | | Fix CVE-2015-0245 by preventing non-root and non-systemd processes from fooling the dbus daemon into thinking systemd service activation failed. (From OE-Core rev: a8aa06b2405dec31a306fdf47bd1fdf740fde7bd) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix four CVE defectsRoy Li2015-07-205-0/+278
| | | | | | | | | | | | | | Port four patches from unzip_6.0-8+deb7u2.debian.tar.gz to fix: cve-2014-8139 cve-2014-8140 cve-2014-8141 cve-2014-9636 (From OE-Core rev: 429ab46f975c05f65120beddf50099c7cb0b2f86) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315Roy Li2015-07-203-1/+451
| | | | | | | | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315 Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. (From OE-Core rev: f86a178fd7036541a45bf31a46bddf634c133802) (From OE-Core rev: 7c667c6aa0302649c125b0325a2e6f641810cb09) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* test-dependencies.sh: strip only .bb suffixMartin Jansa2015-07-201-2/+2
| | | | | | | | | | | | * we were stripping too much when stripping recipe name from line like this: ERROR: Task 12016 (/some/patch/something.dot.bar.bb, do_fetch) failed with exit code '1' where the recipe name contains dots and doesn't end with _<version>.bb (From OE-Core rev: f4953004ec26c97fb696854f8e31d36b8bbeb8bf) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: update --with-llvm-shared-libs configure optionAndre McCurdy2015-07-201-1/+1
| | | | | | | | | | | | | | As per the Mesa 10.2 release notes, "--with-llvm-shared-libs" has been renamed to "--enable-llvm-shared-libs". http://www.mesa3d.org/relnotes/10.2.html (From OE-Core rev: b534c13bb13c1ab2739daaf32b59d917e93106fd) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: install populate-extfs.shMartin Jansa2015-07-201-0/+2
| | | | | | | | | | | | | | | | * install populate-extfs.sh from contrib, be aware that in order to use it you need to set DEBUGFS shell variable, otherwise it will try to use debugfs from relative path which is almost always incorrect: CONTRIB_DIR=$(dirname $(readlink -f $0)) DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs" (From OE-Core rev: 1a3a7a1ba8c271acd13cb1d740ef83ee02829e33) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: fix CVE-2014-3564Kai Kang2015-07-202-1/+59
| | | | | | | | | | | | | | | | | | Backport patch to fix CVE-2014-3564. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f (From OE-Core rev: 421e21b08a6a32db88aaf46033ca503a99e49b74) (From OE-Core rev: 7643fe96bbce57995580162b5339674cc4a9c81f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-support/gpgme/gpgme_1.4.3.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflowHaris Okanovic2015-07-202-0/+46
| | | | | | | | | | | | | | | | | | | | | | | Backport Arjun Shankar's patch for CVE-2015-1781: A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. https://sourceware.org/bugzilla/show_bug.cgi?id=18287 (From OE-Core rev: c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6) (From OE-Core rev: 96ff830b79c64d8f35c311b66906b492cbeeeb55) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2015-3456Kai Kang2015-07-202-0/+93
| | | | | | | | | | | | | | | | | | | | Backport patch to fix qemuc CVE issue CVE-2015-3456. Refs: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c (From OE-Core rev: 1d9e6ef173bea8181fabc6abf0dbb53990b15fd8) (From OE-Core rev: e4c1374330679f84436796a3f6c50b486465a7ed) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-devtools/qemu/qemu_2.1.0.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security Advisory - CVE-2015-3310Roy Li2015-07-202-0/+30
| | | | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not effected, but I found this buggy codes are same between 2.4.6 and 2.4.7, and 2.4.7 should have this issue. (From OE-Core rev: 5b549c6d73e91fdbd0b618a752d618deb1449ef9) (From OE-Core rev: d2f15f2ec2d9e8ecdb9aa69a413663f3615d7e0c) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qt4: add patch for BMP denial-of-service vulnerabilityJonathan Liu2015-07-202-0/+45
| | | | | | | | | | | | | | | | | | | did not include aarch64 patches. For further details, see: https://bugreports.qt.io/browse/QTBUG-44547 (From OE-Core rev: 840fccf8ec7691f03deeb167487cde941ebea8bf) (From OE-Core rev: c050f01d56c1eaf747ebb471b0b726b9cb3794d8) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-qt/qt4/qt4-4.8.6.inc Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile: Security Advisory - libsndfile - CVE-2014-9496Yue Tao2015-07-203-1/+264
| | | | | | | | | | | Backport two commits from libsndfile upstream to fix a segfault and two potential buffer overflows. (From OE-Core rev: e2fdc340c109bd64b1520443b27bd42a0faef0e0) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: set dirs for do_populate_lic_setsceneRobert Yang2015-07-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Fixed: ERROR: Build of do_populate_lic failed ERROR: Traceback (most recent call last): File "bitbake/lib/bb/build.py", line 497, in exec_task return _exec_task(fn, task, d, quieterr) File "bitbake/lib/bb/build.py", line 437, in _exec_task exec_func(func, localdata) File "bitbake/lib/bb/build.py", line 212, in exec_func exec_func_python(func, d, runfile, cwd=adir) File "/home/nxadm/nx/ala-blade44.1/builds-2015-03-09-163005/qemuppc_world_oe_bp/bitbake/lib/bb/build.py", line 237, in exec_func_python os.chdir(cwd) OSError: [Errno 2] No such file or directory: 'bitbake_build/tmp/work/ppc7400-wrs-linux/taglib/1.9.1-r0/build' When running setscene, the cwd is $B which maybe removed by autotools.bbclass or cmake.bbclass when rebuild. (From OE-Core rev: 29872741d1d118e32cc04469535fed1b892b92e6) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster@smtp.gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-16 20:58:14 +0000