summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* gstreamer1.0-plugins-good: upgrade to version 1.16.1Carlos Rafael Giani2019-11-253-84/+2
| | | | | | | | | | | | | * 0001-scaletempo-Advertise-interleaved-layout-in-caps-temp.patch * headerfix.patch Removed since these changes are already included in 1.16.1 (From OE-Core rev: f992741666ddc83ccbf3149f1544b95958150620) Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-base: upgrade to version 1.16.1Carlos Rafael Giani2019-11-251-2/+2
| | | | | | | | | (From OE-Core rev: 91fb2701cb84959eb35da2aaf605ab815eaa95dc) Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0: upgrade to version 1.16.1Carlos Rafael Giani2019-11-251-2/+2
| | | | | | | | | | | | | | | (From OE-Core rev: 8946642d425099717d7fc00a01ced9954263517c) Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Ross Burton <ross.burton@intel.com> [ Bug fix only update per release notes: https://gstreamer.freedesktop.org/releases/1.16/#1.16.1] 1.16.1 The first 1.16 bug-fix release (1.16.1) was released on 23 September 2019 This release only contains bugfixes and it should be safe to update from 1.16.0. ] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2019-6471 and CVE-2018-5743Kai Kang2019-11-259-0/+2723
| | | | | | | | | | | | | | | | Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind. CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the other 6 patches are for CVE-2018-5743. And backport one more patch to fix compile error on arm caused by these 6 commits. (From OE-Core rev: 3c39d4158677b97253df63f23b74c3a9dd5539f6) (From OE-Core rev: 07a8d013383b622eabfcefec9378c857b5265c05) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Refresh patchZheng Ruoqin2019-11-251-45/+26
| | | | | | | | | | Refresh CVE-2019-7663.patch as it can't be applyed when using PATCHTOOL = "patch". (From OE-Core rev: 9c44ecdb9bd6d70f0dfde2a8f0b52015fb6a1d86) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: update to 2.7.17Alexander Kanavin2019-11-2514-904/+49
| | | | | | | | | | | | | | | | | | | | | Drop backports, rebase a couple of patches. This is the second last release of py 2.x; upstream support ends on 1 January 2020, there will be one final 2.x afterwards. Note that the only thing that still needs python 2.x in oe-core is u-boot; when the next u-boot update arrives, we should find out where the py3 migration is for that component before merging the update. (From OE-Core rev: 184b60eb905bb75ecc7a0c29a175e624d8555fac) (From OE-Core rev: d8cd909e7c073eb6365732e5c906f52933fe2e66) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"Alexander Kanavin2019-11-251-1/+1
| | | | | | | | | | | | | | | | | This reverts commit 41d225f4a37d02e9f79bdbfb79caac8cd3d291ce. Unfortunately this change broke 'devtool upgrade' functionality, causing 'devtool finish' to write out an upgraded recipe that no longer includes the original upstream source in SRC_URI. (From OE-Core rev: 2d6e55192dba0bf7f6e23e5ab5b3dbc68835bb28) (From OE-Core rev: 2bb221ee5689f13d44b7452738f5a97baa1815a1) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: fix build for x32Anuj Mittal2019-11-252-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | Commit: d336110b94 boost: update to 1.67.0 dropped the patch that ensured boost doesn't over-ride the architecture flags set by us resulting in errors: | build/tmp/work/x86_64_x32-poky-linux-gnux32/boost/1.69.0-r0/recipe-sysroot/usr/include/bits/long-double.h:44:10: fatal error: bits/long-double-64.h: No such file or directory | #include <bits/long-double-64.h> | ^~~~~~~~~~~~~~~~~~~~~~~ | compilation terminated. Remove the relevant part from gcc.jam again to ensure we are passing them correctly again. Fixes [YOCTO #13598] (From OE-Core rev: aad28f42b1c8aa1335c040630ebff4a69be07e35) (From OE-Core rev: ebbfe23acfbc820ad7b71c95539b5af97a8be49d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: fetch CVE data once at a time instead of in a single callRoss Burton2019-11-251-10/+10
| | | | | | | | | | | | | | | | | | | | | This code used to construct a single SQL statement that fetched the NVD data for every CVE requested. For recipes such as the kernel where there are over 2000 CVEs to report this can hit the variable count limit and the query fails with "sqlite3.OperationalError: too many SQL variables". The default limit is 999 variables, but some distributions such as Debian set the default to 250000. As the NVD table has an index on the ID column, whilst requesting the data CVE-by-CVE is five times slower when working with 2000 CVEs the absolute time different is insignificant: 0.05s verses 0.01s on my machine. (From OE-Core rev: 53d0cc1e9b7190fa66d7ff1c59518f91b0128d99) (From OE-Core rev: 3ded9a64c95ae02df7562fc69e2af08c150d2452) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: neaten get_cve_infoRoss Burton2019-11-251-13/+5
| | | | | | | | | | | | | Remove obsolete Python 2 code, and use convenience methods for neatness. (From OE-Core rev: f19253cc9e70c974a8e21a142086c13d7cde04ff) (From OE-Core rev: 98162c04c877925c737674a1635b08cf998b92f5) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: rewrite look to fix false negativesRoss Burton2019-11-251-29/+34
| | | | | | | | | | | | | | | | | | | A previous optimisation was premature and resulted in false-negatives in the report. Rewrite the checking algorithm to first get the list of potential CVEs by vendor:product, then iterate through every matching CPE for that CVE to determine if the bounds match or not. By doing this in two stages we can know if we've checked every CPE, instead of accidentally breaking out of the scan too early. (From OE-Core rev: d61aff9e22704ad69df1f7ab0f8784f4e7cc0c69) (From OE-Core rev: 0f42a1d4dbb74ab39e81449cf222302bcc04f7db) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: clean up proxy handlingRoss Burton2019-11-251-26/+5
| | | | | | | | | | | | | | urllib handles adding proxy handlers if the proxies are set in the environment, so call bb.utils.export_proxies() to do that and remove the manual setup. (From OE-Core rev: 6b73004668b3b71c9c38814b79fbb58c893ed434) (From OE-Core rev: 15f6b4b59805db40df4eff6d5a2809f6f05b66c1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: add an index on the CVE ID columnRoss Burton2019-11-251-0/+3
| | | | | | | | | | | | | | Create an index on the PRODUCTS table which contains a row for each CPE, drastically increasing the performance of lookups for a specific CVE. (From OE-Core rev: b4048b05b3a00d85c40d09961f846eadcebd812e) (From OE-Core rev: 1b4a524da1532d15eb34a96c5bda5ff2af25a953) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: don't hardcode the database nameRoss Burton2019-11-251-2/+2
| | | | | | | | | | | | | | Don't hardcode the database filename, there's a variable for this in cve-check.bbclass. (From OE-Core rev: 0d188a9dc4ae64c64cd661e9d9c3841e86f226ab) (From OE-Core rev: 1c10a3189aad5109f04d1fc208d579225bdd1431) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: don't refresh more than once an hourRoss Burton2019-11-251-1/+9
| | | | | | | | | | | | | | | We already fetch the yearly CVE metadata and check that for updates before downloading the full data, but we can speed up CVE checking further by only checking the CVE metadata once an hour. (From OE-Core rev: 50d898fd360c58fe85460517d965f62b7654771a) (From OE-Core rev: f9e9107dbe23293eb96e049d7f821d2e33c23f06) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: we don't actually need to unpack to checkRoss Burton2019-11-251-2/+1
| | | | | | | | | | | | | | The patch scanner works with patch files in the layer, not in the workdir, so it doesn't need to unpack. (From OE-Core rev: 2cba6ada970deb5156e1ba0182f4f372851e3c17) (From OE-Core rev: 02e6b727bf62858be7dba061879a6d57bd5a725d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup: set CVE_PRODUCTRoss Burton2019-11-251-0/+2
| | | | | | | | | | (From OE-Core rev: 424ea81c3b9965b5d5e45c1dc922dcc910fadc05) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lz4: Whitelist CVE-2014-4715Adrian Bunk2019-11-251-0/+3
| | | | | | | | | (From OE-Core rev: 4471cd22dbf13feb79171b098b9ec4eeded54ae7) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa: reproducible: Add option to capture bad packagesJoshua Watt2019-11-251-0/+20
| | | | | | | | | | | | | Adds an option that can be used to copy the offending packages to a temp directory for later evaluation. This is useful on the Autobuilder to investigate failures. (From OE-Core rev: 91d657a0c4cbb273e1e74d38bfd6b4b05d9b372e) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest: check that 'devtool upgrade' correctly drops backported patchesAlexander Kanavin2019-11-254-5/+65
| | | | | | | | | | | | There was a regression in this functionality that went unnoticed due to lack of tests. (From OE-Core rev: da4c28d5fdc6501a7d3b256cb62cba778e81d16e) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cairo: the component is dual licensedAlexander Kanavin2019-11-251-6/+6
| | | | | | | | | | | | | | Somehow, over the years, no one noticed that cairo does in fact offer a choice between mpl and lgpl, but the COPYING makes it clear: https://gitlab.freedesktop.org/cairo/cairo/blob/1.16/COPYING (From OE-Core rev: fd209dac3f717daa9d2f44ada092ab054ac2ede8) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest/sstatetests: Ensure we don't use hashequiv for sstatesigs testsRichard Purdie2019-11-251-0/+12
| | | | | | | | (From OE-Core rev: 7f424c32589b94192842f52235c064cb8c19288e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity: Add check for tar older than 1.28Richard Purdie2019-11-251-1/+4
| | | | | | | | | | | | Older versions break opkg-build when reproducible builds are enabled. Rather than trying to be selective based on which features are enabled, lets just make this a minimum version. (From OE-Core rev: 96f5c7c2f8dda7d47af5398b3463aa25921f5301) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* core-image-full-cmdline: Add lessRichard Purdie2019-11-251-0/+1
| | | | | | | | | | | | Less was coming from busybox in these images, add the full version. [YOCTO #13630] (From OE-Core rev: 2880164ca74ac1fd7b860c61017efe3d55fb4038) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg-utils: Fix silent empty/broken opkg package creationRichard Purdie2019-11-252-0/+34
| | | | | | | | | | | | | | | opkg-build was failing on hosts where tar < 1.28 and reproducibile builds were enabled but it was doing this silently and generating corrupted (empty) ipk files. Add a fix for this (submitted upstream). The fix requires bash but if you're building ipk files this shoudn't be a problem. (From OE-Core rev: 5d774331226f967a2d00c9594c4811ee378cd572) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg: Add upstream fixes for empty packagesRichard Purdie2019-11-253-0/+102
| | | | | | | | | | | An ipk with a zero size data.tar file caused opkg to crash with a double free abort. Add the upstream fixes for this. (From OE-Core rev: ea1ded0b47e85d039dfad2b59580817bfb335739) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: runqueue: Ensure failed harddependencies in scenequeue are ↵Richard Purdie2019-11-251-1/+8
| | | | | | | | | | | | | | | | | | accounted for in migrations Setscene hard dependencies were not being correctly handled during task migration. For example, do_package of recipe X might become valid due to hashequiv yet we're still rebuilding pseudo-native, a harddep of do_package. This would mean it would try to execute that setscene task despite pseudo not being present. Fix this by ignoring tasks with failed harddependencies. This does mean stlightly more rebuilds than is optimal but it avoids build crashes. Ultimately the new runqueue model can likely better handle these cases than the older codebase could but that is for another more invasive patch. (Bitbake rev: 9a1072060350dc2e0eee14a5cc5af20c900f8a6d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: runqueue: Improve sstate rehashing outputRichard Purdie2019-11-251-12/+16
| | | | | | | | | | | | | | Bibake is currently too 'chatty' when hash equivalence is enabled. Fix this by only printing the log output if a rehash happens and it matches an sstate object. Also, pass a summary option to the hash checking function. This was already changed to a mechanism which allows addition of new parameters so this should be backwards and forwards compatible. (Bitbake rev: c5c5d786ca968d0e48002fe8acbcc8a63a954b67) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: siggen: Fix hashequiv bug where new hash wasn't referenced correctlyRichard Purdie2019-11-251-0/+1
| | | | | | | | | | | If a hash is reported to the hash server, the stamp written out by the current task didn't account for any new hash the server may have provided. Fix this so the correct stamp is written. This means "bitbake X; bitbake X" no longer rebuilds lots of things when hashequiv is active. (Bitbake rev: 4299afdd290f9d1c5616598f5fe83c195a64b63c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: prserv/serv: Only restart the server if settings changeRichard Purdie2019-11-251-7/+13
| | | | | | | | | | The server is now restarting when running commands which doesn't make sense. Only restart if its configuration has changed. This should potentially fix various memory resident bitbake usages too. (Bitbake rev: 7c847b01c30fc42cc78244f00fdf5eaa7b5df716) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: runqueue: Fix hash equivalence duplicate tasks runningRichard Purdie2019-11-251-4/+10
| | | | | | | | | | | | | | | | | The key problem is that currently running setscene tasks are not accounted for when processing task migrations. This means can allow two of the same task to execute at the same time with unpredictable effects. This change allows us to stop doing that and refactor the code slightly to make it clearer that these conditions don't arrive even with deferred tasks. (Bitbake rev: 33ffc2128b1a74fa7179a8341db68cddf402536f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2/clearcase: Fix warnings from python 3.8Richard Purdie2019-11-251-3/+3
| | | | | | | | | | | | | | | | | | bitbake/lib/bb/fetch2/clearcase.py:148: SyntaxWarning: "is" with a literal. Did you mean "=="? if command is 'mkview': bitbake/lib/bb/fetch2/clearcase.py:155: SyntaxWarning: "is" with a literal. Did you mean "=="? elif command is 'rmview': bitbake/lib/bb/fetch2/clearcase.py:159: SyntaxWarning: "is" with a literal. Did you mean "=="? elif command is 'setcs': Python 3.8 is quite correct and we so mean "==" here, fix it to avoid the warnings. (Bitbake rev: 2cccc14304855cb55f339e465f6ba6ed0c69a7ab) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: utils: also use mmap for SHA256 and SHA1, for performanceRoss Burton2019-11-251-20/+14
| | | | | | | | | | | | md5_file() uses a mmap() window to improve performance when hashing files, so refactor the code and do the same for SHA1 and SHA256. (Bitbake rev: 94ede642dce8cdbf09f566e3f7e9e260d33fda27) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests: add test for the hashing functionsRoss Burton2019-11-251-0/+26
| | | | | | | | | | | Add a basic test for bb.utils.md5_file() etc. (Bitbake rev: d535e78b14136e74d6e96ff24d3464d62637459d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: cooker: Remove a left-over comment about expanded_dataPeter Kjellerstedt2019-11-251-4/+0
| | | | | | | | | | | | This should have been removed together with expanded_data in commit e3694e73 (cooker/command: Drop expanded_data). (Bitbake rev: 987996f01d55bc6433aeb7f43c209eb12f6d796b) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: prserv: fix ResourceWarning due to unclosed socketGavin Li2019-11-251-0/+1
| | | | | | | | | | | | | | | | | | | | With PRSERV_HOST = "localhost:0", this message would occasionally pop up during the initial cache read: WARNING: /home/matic/ambayocto/poky/bitbake/lib/bb/cache.py:446: ResourceWarning: unclosed <socket.socket fd=10, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('127.0.0.1', 45655)> value = pickled.load() The file location stated is irrelevant; it just happens to be wherever CPython decides to run the garbage collector. The issue is that after we fork off a PRServer, self.socket is also duplicated. The parent side of it also needs to be closed. (Bitbake rev: cd970c9efa805ec3e7ba952df1701b347441ec7b) Signed-off-by: Gavin Li <gavin@matician.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2/hg: Fix various runtime issuesVolker Vogelhuber2019-11-251-10/+17
| | | | | | | | | | | | Fix mercurial fetching after breakage from changes to the core fetcher. Fix username and password usage and setting moddir needed by setup_revisions. (Bitbake rev: c61c8356cce4d7307f74147dcf2b2cf103db84a8) Signed-off-by: Volker Vogelhuber <v.vogelhuber@digitalendoscopy.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: tests/fetch: add test for fetching shallow revsChristopher Larson2019-11-251-0/+20
| | | | | | | | | | | [YOCTO #13586] (Bitbake rev: 566a6fe8c217c02f1ba5afc621ae9c3523f35d03) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2/git: fetch shallow revs when neededChristopher Larson2019-11-251-7/+16
| | | | | | | | | | | | | | | | When bitbake determines if a git clone needs updating, it only checks for the needed srcrevs, not the revs listed in BB_GIT_SHALLOW_REVS, which will fail if using shallow and the needed rev was added to the upstream git repo after a previous fetch. Ensure that we also check for shallow revs. [YOCTO #13586] (Bitbake rev: 24e3c7189e7d41bcbb46078a41c3a9daf391202a) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iputils: Whitelist CVE-2000-1213 CVE-2000-1214Adrian Bunk2019-11-191-0/+4
| | | | | | | | | | | (From OE-Core rev: 9fea7c3fae30bb1eecb31ec3bf777db981dc1eed) (From OE-Core rev: 6431e869998baa1ddfe04d2d1fb7a81f60725ed2) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysstat: Correct when to use the package provided systemd unit filesPeter Kjellerstedt2019-11-191-2/+4
| | | | | | | | | | | | | | | | There have been a number of changes back and forth as to when and how to use the systemd unit files provided by the package. The correct condition is actually that both cron and systemd need to be enabled for them to be installed. (From OE-Core rev: d6c975160197f67937dfbe91b08100b0f597c589) (From OE-Core rev: 18e1c8c967eb4512f226919cd2b6b1fb4795ccb1) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysstat: Correct our systemd unit filePeter Kjellerstedt2019-11-192-3/+3
| | | | | | | | | | | | | | | | | | | In commit 8862f21e (sysstat: 12.1.3 -> 12.1.6), sa_lib_dir was changed from "${libdir}/sa" to "${libexecdir}/sa" to avoid problems with multilib. However, the systemd unit file was not changed accordingly, which lead to the following error when trying to start the service: systemd[4698]: sysstat.service: Failed at step EXEC spawning /usr/lib/sa/sa1: No such file or directory (From OE-Core rev: 0fd691b9801b5313ff2e2c2cd5ca13fd50063235) (From OE-Core rev: e5c5ffb048e9ebce333d855254ef88eda2f3bf6b) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: fix CVE-2019-16935Chen Qi2019-11-192-0/+102
| | | | | | | | | | | (From OE-Core rev: 1a7593bcdaf8a8cf15259aee8a0e2686247f2987) (From OE-Core rev: c0fcbf327288ef61e30fdbe27453875916ca32ba) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2019-16275Ross Burton2019-11-192-0/+83
| | | | | | | | | | | (From OE-Core rev: d7b5a2ebdb6e74a21059ac2496b5dbea4597eb87) (From OE-Core rev: 1c1c70ee26078357c4fe3647581f4adec1a8a97d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-17451Trevor Gamblin2019-11-192-0/+52
| | | | | | | | | | | | | | | Backport upstream fix. No upstream release version of binutils it yet, so backport the fix independently. (From OE-Core rev: 3693a0a8b9461521b95613a76b7fd79c86a3bf8f) (From OE-Core rev: 8e2a1cdd7572d051cc23350bf8838a984dfbd2bc) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-17450Trevor Gamblin2019-11-192-0/+100
| | | | | | | | | | | | | | | Backport upstream fix. No upstream release version of binutils it yet, so backport the fix independently. (From OE-Core rev: a4ead72b958ded4941f96741029f4955930ba758) (From OE-Core rev: 8b33aeb4122be31b2aed29e40dcac01ea4643b63) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add statx support to fix fedora30 issuesRichard Purdie2019-11-132-0/+107
| | | | | | | | | | | | Modern distros (e.g. fedora30) are starting to use the new statx() syscall through the newly exposed glibc wrapper function in software like coreutils (e.g. the ls command). Add support to intercept this to pseudo. (From OE-Core rev: f47017ff7f1ae1731412524768af372791068689) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possibleHaris Okanovic2019-11-131-0/+4
| | | | | | | | | | | | | | | Without this change, efibootmgr is unable to recover BootOrder if lost during a previous write operation, e.g. exceeded storage capacity. This is problematic using EFI to manage boot flow from Linux (E.g. via RAUC). https://www.kernel.org/doc/Documentation/filesystems/efivarfs.txt (From OE-Core rev: adc0a31169f59d0183c327347b9ab3bcebb1aef2) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtirpc: create the symbol link for rpc header filesZhixiong Chi2019-11-131-0/+14
| | | | | | | | | | | | | | | | Since the Sun RPC is deprecated in glibc, the rpc header files are not provided any more, but it allows alternative RPC implementations, such as TIRPC or rpcsvc-proto, to be used. So we create the symbol link for rpc header files for tirpc to be more compatible with the glibc version and the application usage. (From OE-Core rev: 0b9748c655b6f733b504e70288f4b91dca2e4d58) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rm_work: Promote do_image_qa stamps to setscene versionsJacob Kroon2019-11-131-0/+9
| | | | | | | | | | | | [ YOCTO #13212 ] Suggested-by: Romuald Jeanne <romuald.jeanne@st.com> (From OE-Core rev: 624897ee788fe026a04951baaf770daca43e892c) Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-11 20:52:07 +0000