summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* oeqa/runtime_test: Disable test_testimage_virgl_gtkwarriorRichard Purdie2020-09-161-1/+1
| | | | | | | | | | | | This test keeps failing on the autobuilder and is proving extremely annoying. It works much better in later releases but for zeus and earlier, lets just stop running it as it doesn't really tell us anything useful at this point, nobody has any plans to improve the distro exclusions or otherwise fix it in the older releases. (From OE-Core rev: 856674d6f75e2b99ae961d5ab869ff071ff5c362) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update: handle baseMetricV2 as optionalKonrad Weihmann2020-09-161-4/+9
| | | | | | | | | | | Currently in NVD DB an item popped up, which hasn't set baseMetricV2. Let the parser handle it as an optional item. In case use baseMetricV2 before baseMetricV3 (From OE-Core rev: 77f119baf6f4b85194a9b26d8442ddc7fb3bb97c) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/signing: Ensure build path relocation is safeRichard Purdie2020-09-161-1/+3
| | | | | | | | | Similarly to 04ee0e8b95cd8ed890374e0007f976684206b630, ensure only full build paths are replaced in the environment to avoid breaking buildtools. (From OE-Core rev: be07d93a4f59d4563f2d064be1997b39f05e9f0e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers: Add entry for buildtools-extended-tarballRichard Purdie2020-09-161-0/+1
| | | | | | | | | | | (From OE-Core rev: 4281342a04078990bb0a110760ff2dc053eccc93) (From OE-Core rev: 665ef4274e0261bb8351c8d4fd2c8496a2dc27e7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 61d4d3d5a9f27e0fbf1d7ed6db818a779643b8f3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-testtools: Avoid traceback2 module requirementRichard Purdie2020-09-162-0/+25
| | | | | | | | | | | | | | | | | | traceback2 adds traceback for python2. Rather than depend on traceback2, we're python3 only so just use traceback. This caused breakage in oe-selftest -j which uses testtools on the autobuilder using buildtools-tarball. [YOCTO #13652] (From OE-Core rev: ee80a06c107375e3cf0d246ea17c09dda4536dab) (From OE-Core rev: ee82e3c24fe5727ce81e972cadedca431d6086c5) (From OE-Core rev: be4470c9590183b388d9ff176331d0c50984dec8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* attr: Disable parallel make installRichard Purdie2020-09-161-0/+3
| | | | | | | | | | | | do_install fails on newer versions of make with interesting and hard to debug errors. Disablle parallle make install as a workaround. Later verisons of attr in newer releases don't have the issue. (From OE-Core rev: 6043b9a2ea879f8960897b11eb947801508a94da) (From OE-Core rev: f06861bbe402fff3f370687585e43c0270609d00) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: Ensure buildtools in environment variables isn't replacedRichard Purdie2020-09-161-1/+1
| | | | | | | | | | | | | | | This avoids the seeing broken replacements like: oe-selftest-centos/build/build-st-926tools/sysroots/x86_64-pokysdk-linux/etc/ssl/certs/ca-certificates.crt which understandably break builds. (From OE-Core rev: 04ee0e8b95cd8ed890374e0007f976684206b630) (Cherry-picked from f930e2cadb9ee69759720b6c49aeeb6dd43a7edd but adjusted for thud) (From OE-Core rev: b51a8c390714357713e91d828708c85cf5f68971) (From OE-Core rev: cf51a1e4447010f927a9e3f4ff5a5c305be0c0c9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/testsdk: Use original PATHRichard Purdie2020-09-161-5/+2
| | | | | | | | | | | | | | | | | | We want to test the SDK with PATH from the original host, not with our own tools injected via HOSTTOOLS. It even uses some tools which aren't in HOSTTOOLS. This is necessary after changing the SDK to not reset PATH to the system default which is bad for other reasons and brings the testing into sync with that change. (From OE-Core rev: 87c9602fd0dedc7bcf75b822aaf5f6ebfc17737c) (From OE-Core rev: de3f405b6cf96311ced86bccf7202370e4d1481a) (From OE-Core rev: aad4b41c49b1a63a767150a3451e10d15e8bcf31) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Upgrade to 2.9Khem Raj2020-09-161-5/+5
| | | | | | | | | | | This supports glibc upto 2.32 which is now rolling into distributions (From OE-Core rev: 622371678ddb013fc456eaf75def26fc4e142d15) (From OE-Core rev: 4543eeacd65eebe74ff3a44182915a732ba26e47) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: add nativesdk-libxcrypt-devJeremy Puhlman2020-09-161-0/+1
| | | | | | | | | | | | | | | | | virtual/crypt-native is assume provided in bitbake.conf, so buildtools-extended-tarball shoud provide crypt since it doesn't use the host's headers/libraries. [YOCTO #13714] (From OE-Core rev: da948b25d5ef452fb35275d108e18d2a2829f4fb) (From OE-Core rev: bc42406d83310398bc4d4db4244252411eff117d) (From OE-Core rev: 6f6d7278358b042aca3e911aefd0d6128480f32d) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Update nativesdk locale relocation patchRichard Purdie2020-09-161-2/+32
| | | | | | | | | | | | | | The locale binary reported incorrect locale lists in relocated toolchains as some path references were not relocated by this patch. Fix this missing relocations so the locale binary correctly reports the locales. (From OE-Core rev: f7a6a72880009380ae81bc7fc863921a26811c8c) (From OE-Core rev: e4c4337e642f565e9988a4a2c50a995090d1f49e) (From OE-Core rev: c9e8b7a40b2628331c7cb564aa3f3d9e1822fe36) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: add nativesdk-pythonJeremy Puhlman2020-09-161-0/+1
| | | | | | | | | (From OE-Core rev: 6467eb4461f3cab16cab2ba63154c92fc2adacef) (From OE-Core rev: 848c61a07f691638fa529bbe0f0ff1dfded4a967) Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: export OPENSSL_CONF in environment setupSteve Sakoman2020-09-161-0/+1
| | | | | | | | | | | | | | | The autobuilder has been experiencing SSL: CERTIFICATE_VERIFY_FAILED errors during error report uploads when using buildtools due to looking for certs in /opt/poky (From OE-Core rev: 197f1d5d14b8e57295f5a81c03c86abba5328614) (From OE-Core rev: 35c6ab2501672083cf8b974d8b9c3daa3202de36) (From OE-Core rev: 0cb479a5e99289b75e89b2ed5058f33605f15936) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: export OPENSSL_CONF for opensslLiwei Song2020-09-161-0/+1
| | | | | | | | | | | | | export OPENSSL_CONF to aviod SDK openssl can not find openssl.cnf. (From OE-Core rev: 0aaf3dd17dcde959e9c0d62543cb91c9b33551b4) (From OE-Core rev: 63d8569b2c9f66e8123e2672a7f8fb8e7cc1f0b4) (From OE-Core rev: e733a5f3b0e3c3b8a830db5ae99b3fc6b7e56921) Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: Add libstc++.aJeremy Puhlman2020-09-161-0/+1
| | | | | | | | | | | | | | | | Builds like native-openjdk, really wants a to link some tools against the static version. Since when using the extended tarball, its the only place to get it, add the library. (From OE-Core rev: 59c4a3fdbbfd5a6aaba7e0a1675dcd5866a7f3a4) (From OE-Core rev: 152709dec03bbac582ca63b65f2efb835e0b33fb) (From OE-Core rev: 5e3664e5f9a0dde07b0f8a56cdce1321456abaa5) Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-buildtools-perl-dummy: add dependencies for autoconf and automakeTim Orling2020-09-161-0/+3
| | | | | | | | | | | | | | * For buildtools-extended-tarball, where we are adding all of build-essentials to the nativesdk, we need additional perl modules for autoconf and automake. (From OE-Core rev: f0f766160663407ea7683d31bbf5f011accc9ba2) (From OE-Core rev: e7ade58a7da52ebb40120020dd86dd3ae9b2148e) (From OE-Core rev: ed9d60fb5d471b4ec472088cc9307fd8575b187a) Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: Add locale commandRichard Purdie2020-09-161-0/+1
| | | | | | | | | | | | | The eSDK installation code checks installed locales with the locale command which is from glibc-utils. Add this so that we find the correct locales from the buildtools. (From OE-Core rev: 7d35e4bc6ff94a2d03c48827d7d60a6855c9029d) (From OE-Core rev: d99b6432decec0964ac0e08698abc782c9b114f5) (From OE-Core rev: 3562a6848aa3e866ad8e2d3caed3211971817234) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* files/toolchain-shar-extract.sh: Rework PATH cleaningRichard Purdie2020-09-161-8/+3
| | | | | | | | | | | | | | | Trying to create a clean PATH breaks cases where we install a buildtools tarball on hosts to provide newer versions of gcc. Rework the fix for #8698 to clean up directories in PATH which don't exist isntead. Do it with python as the shell version was too fraught with corner cases. (From OE-Core rev: 7674b63819aa7ca95ca5ca5477a5cce32e9691eb) (From OE-Core rev: 9825236deacf6eb311121d233435a46288c02cdb) (From OE-Core rev: dac6cc21bbd29e55399b71a3e359a935776118de) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Install non-alternatives links for nativesdkRichard Purdie2020-09-161-0/+3
| | | | | | | | | | | | | In the SDK we need the plain symlinks and don't use alternative providers. When these are missing the toolchain can work incorrectly so fix this. (From OE-Core rev: 0c06cfaa016d06cc56d80dc1c244a938f3d38a3c) (From OE-Core rev: 0d299c5dc04407d2d54574157f4014f50f2d0468) (From OE-Core rev: aa37b5fe0620122e47f36165f5c7a07d3328dba3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix relocation of ld.so.conf in nativesdk buildsRichard Purdie2020-09-162-0/+82
| | | | | | | | | | | | | | | | | | | | | We need binutils to look at our ld.so.conf file within the SDK to ensure we search the SDK's libdirs as well as those from the host system. There add a patch which passes in the directory to the code using a define, then add it to a section we relocate in a similar way to the way we relocate the gcc internal paths. This ensures that ld works correctly in our buildtools tarball. Standard sysroot relocation doesn't work since we're not in a sysroot, we want to use both the host system and SDK libs. (From OE-Core rev: f6c1089642934ad93056ef19a0888965486ee030) (From OE-Core rev: 09a2b16ac2bd1e3e415131e46315c851373aa7e0) (From OE-Core rev: d0b7811b0e8654cf83d1b0f8256c7941fc3d9c41) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-tarball: Add an ld.so.conf for nativesdk-binutilsRichard Purdie2020-09-161-0/+4
| | | | | | | | | | | | | We need to search our own libdirs, then fall back to the system ones as our customised dynamic loader will. Have ld.so.conf reflect that. This ensures that binutils finds libraries here when linking too. (From OE-Core rev: ab729c362684474a8346e5256d636200826feb47) (From OE-Core rev: 8de0aee6befc0541fa40563f63dfe1cc36f064fe) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildtools-extended-tarball: add recipe with build-essentialsTim Orling2020-09-161-0/+32
| | | | | | | | | | | | | | | | | | | | | * For some aging distros, such as CentOS 7, the native version of gcc is simply too ancient and is a constant source of headaches for moving forward. * Add an extended version of buildtools-tarball which adds all of build-essential, so that the host is now modernized and capable of compiling the latest versions of components. Fixes [YOCTO #13714] (From OE-Core rev: f0377af2325613b63716b0bb4db1ab253d79f388) (From OE-Core rev: bb4979f0e8367b475cc9a5274933a61bb0eb64b3) (From OE-Core rev: f492e172e133a4b52dbe818d806cab783204e575) Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests/fetch: Allow wget upgrade tests to run against a local serverRichard Purdie2020-09-0940-20/+7691
| | | | | | | | | | | Currently these tests rely upon multiple uptream webservers which may change or be unavailable. Add local copies of the test data, copy the httpserver from OE-Core (used for testing there) and run these tests against a local server instead. (Bitbake rev: b4860b292406698f3c8af9a3708a09df21c96300) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2: Change git fetcher not to destroy old referencesRichard Purdie2020-09-081-1/+1
| | | | | | | | | | | | | | | | It looks like we're about to see a lot of changes in branch names in repos. If we have the prune option here, those old names are lost, the changes propagate to our source mirrors and our old releases break. We have the force option so any replaced references should be replaced, its only orphaned branches which will now be preserved. I believe this behaviour will cause us fewer problems given the changes that look likely to happen. (Bitbake rev: 4c7e0352c56dc956fc19439713e8dce9f6248c86) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests/fetch: Switch from git.infradead.org to a YP mirrorRichard Purdie2020-07-021-1/+2
| | | | | | | | | | Upstream is unavailable, breaking tests. Switch to a YP mirror since if we can't reach that there are bigger problems. This should remove a source of intermittent failures on the autobuilder. (Bitbake rev: 417f635fca1aa2484c7ccba9ffbbfe9601d41d66) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to warrior head revisionyocto-2.7.4warrior-21.0.4Richard Purdie2020-05-271-1/+1
| | | | | | (From OE-Core rev: db3ce703d03b18e8a4120969d32ff7f344f34fe9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* prservice.py: fix do_package with newer Python in Ubuntu 20.04Martin Jansa2020-05-271-0/+4
| | | | | | | | | | | | | | | * with Ubuntu 20.04 which is using python 3.8 I'm seeing a lot of errors like: ERROR: libxml2-2.9.10-r0 do_package: Can NOT get PRAUTO, exception No module named '_sysconfigdata' not sure what caused this from python 3.8, but this seems to work * PRserv is enabled with: PRSERV_HOST = "localhost:0" (From OE-Core rev: 4b26eaf7152fb712aba47a0c746333578f58ee8d) (From OE-Core rev: eaa6de34442906ad6285aa069f17a7cb2a64e970) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to warrior head revisionRichard Purdie2020-05-261-1/+1
| | | | | | (From OE-Core rev: bcd9ae6fbb2258787bdea260fed5663791353f5a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: Bump version for 2.7.4 warrior releaseRichard Purdie2020-05-261-1/+1
| | | | | | (From meta-yocto rev: e16269fae87b674a686c96488daa2120f0ea8ba7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: CPE version '-' as all versionLee Chee Yang2020-05-222-2/+2
| | | | | | | | | | | | | | | | | | | | | CPE version could be '-' to mean no version info. Current cve_check treat it as not valid and does not report these CVE but some of these could be a valid vulnerabilities. Since non-valid CVE can be whitelisted, so treat '-' as all version and report all these CVE to capture possible vulnerabilities. Non-valid CVE to be whitelisted separately. [YOCTO #13617] (From OE-Core rev: 1d06fedf46c8f67fccde7a00d7199d7052c33b30) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c69ee3594079589d27c10db32bc288566ebde9ef) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1f -> 1.1.1gJan Luebbe2020-05-221-1/+1
| | | | | | | | | | | This also fixes CVE-2020-1967. (From OE-Core rev: 620d69e7ad0d0c40ecd135e48f96aaf368c7f242) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1fAlexander Kanavin2020-05-221-1/+1
| | | | | | | | | | | | | | This also un-breaks python3 ptest which got broken with 1.1.1e update. (From OE-Core rev: c74958fe05db584289ee560584190b3a0b25155d) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4ddf5b9d8cd769b7026663f93c8bc69b55d8cbf) [AK: bugfix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1d -> 1.1.1eAdrian Bunk2020-05-222-761/+1
| | | | | | | | | | | | | Backported patch removed. (From OE-Core rev: 4dc340d63d29e632c8402342cf4b66a41c9c5f93) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 710bc0f8544f54750c8fb7b8affa243932927a24) [AK: bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: recommend cryptodev-module for corresponding PACKAGECONFIGDenys Dmytriyenko2020-05-221-1/+1
| | | | | | | | | | (From OE-Core rev: 5de53272951bfc3c8c73bd09fd0b296e2ffff322) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 57fcf9b517fe95e871122946cb99fe7fa9fd2e26) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix reproducibility issueRichard Purdie2020-05-222-0/+33
| | | | | | | | | | | | | | | | | There was a build architecture leaking into the target ptest which could vary depending upon host. Remove it as its cosmetic. [YOCTO #13770] (From OE-Core rev: 37db519eedb7eb5cd4f14d05f30f5d580aa7458d) (From OE-Core rev: c31c676319812e6fc036741db2ab8e16eccff723) (From OE-Core rev: 4a8d927dc3ef569830c417d46e5d0a0318a69cde) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: Upgrade 2.7.17 -> 2.17.18Adrian Bunk2020-05-223-3/+3
| | | | | | | | | | | LICENSE checksum changed due to 2019 -> 2020 update. (From OE-Core rev: 65ab890bbdd5b104867d80b721be117a9d269aff) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Upgrade 2.20.1 -> 2.20.4Adrian Bunk2020-05-222-11/+11
| | | | | | | | | | This includes the fixes for CVE-2020-5260 and CVE-2020-11008. (From OE-Core rev: fe5aee43db25f622f4cbacc69765f94eca51395c) Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Documenation: Prepared for the 2.7.4 releaseakuster2020-05-179-37/+72
| | | | | | | (From yocto-docs rev: 3fd1432890f04fd659952c0f20f5750fb8c3a909) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative.inc: version 2.8 updates glibc to 2.31Michael Halstead2020-04-081-5/+5
| | | | | | | | | | | | | Allow sstate use in Tumbleweed and other distros as they update glibc. (From OE-Core rev: ae341aed81be28232cc34daf4684bc0922f17699) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ccb374c279b260b1fd3460f6bfd1567240816055) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 2da4ee30335d0b127b79a6eedad68c8559606c57) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Upgrade 3.7.6 -> 3.7.7Adrian Bunk2020-04-081-3/+3
| | | | | | | | | | | THE LICENSE checksum changed in this update due to copyright notice added for 2020. (From OE-Core rev: 2af49cebd669bd2992d57a586e2a06bbad09e945) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.16 -> 2.2.17Anuj Mittal2020-04-081-3/+2
| | | | | | | | | | | | | | | | Also fixes CVE-2019-13050. Announcement: https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html (From OE-Core rev: c6e46323f0d62daf8bd424e642581fdcba920ef7) (From OE-Core rev: ae33f509d753821111bb6b30343b02b37d996339) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.15 -> 2.2.16Zang Ruochen2020-04-081-2/+2
| | | | | | | | | | | | (From OE-Core rev: 825be9d66ae9f503f1dd2dce0fac530554057613) (From OE-Core rev: bb12f99a5bce3fcee1ef36406197231723647a8d) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: update to 2.2.15Oleksandr Kravchuk2020-04-082-7/+10
| | | | | | | | | | | | (From OE-Core rev: e60b3994d4bc282191302e1fd9b7d2106ee2f6cb) (From OE-Core rev: 431bd084f71f9479c2ff9f37237799ad1f02d289) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Upgrade 1.0.2r -> 1.0.2uAdrian Bunk2020-04-081-2/+2
| | | | | | | | (From OE-Core rev: a691b1e072805b4d2c6fe81554f5e95739a912b5) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Add CVE_PRODUCTAdrian Bunk2020-04-081-0/+2
| | | | | | | | (From OE-Core rev: 718294820ddfaf408a70b9005e05829371d9c93d) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: Backport the CVE-2019-20386 fixAdrian Bunk2020-04-082-0/+36
| | | | | | | | (From OE-Core rev: 891200e728c520a02f24028e7d430a4a7e3c20fd) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: backport upstream patchAnuj Mittal2020-04-082-0/+77
| | | | | | | | | | | | | | | | | | | Fixes a bug wherein a use after free could potentially be used to run malicious code if a user can be tricked into running e2fsck on a maliciously crafted file system. Also see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948517 (From OE-Core rev: 23c1b157362609bd8d85c7d35e6c7f0f60c32c88) (From OE-Core rev: bdd978f8f68e24dd35e2c19b46cbe71b06e4fe42) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: fix CVE-2019-5188Anuj Mittal2020-04-083-0/+108
| | | | | | | | | | | | | | | Also see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948508 (From OE-Core rev: 09bdcef183d885025da6aa87a7c2bf7e8268774e) (From OE-Core rev: f454e207eac6fb85eb217554e13c2d3e69f41522) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security fix CVE-2020-8597Yi Zhao2020-04-082-0/+48
| | | | | | | | | | | | | | | | | | | CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. References: https://nvd.nist.gov/vuln/detail/CVE-2020-8597 Patch from: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 (From OE-Core rev: 4ea1d88702d422d4eff5c78698a123563bda4138) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: add CVE_VERSIONAnuj Mittal2020-04-081-0/+2
| | | | | | | | | | | | | Include the version number in a format that is comparable to what we get from NVD. (From OE-Core rev: 359c199634ef82d2b406858b8b71672058f76290) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>