| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently we've begun seeing issues with apt SHA256 generation/checking on some
distros (fedora 35, alma 8). The version of apt in dunfell uses its own
SHA256 code, not a standard library.
Investigation reveals that the issue is related to -fstrict-aliasing enabled by
-O2 optimization, so turn it off with -fno-strict-aliasing
(From OE-Core rev: dc61dfd7791976c70c93e0d253a8fdbd40d27f3b)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fixes:
NOTE: Executing write_package_manifest ...
DEBUG: Executing python function write_package_manifest
/OE/build/oe-core/openembedded-core/meta/classes/license_image.bbclass:23: ResourceWarning: unclosed file <_io.TextIOWrapper name='/OE/build/oe-core/tmp-glibc/deploy/licenses/core-image-minimal-qemux86-64/package.manifest' mode='w+' encoding='UTF-8'>
'w+').write(output)
ResourceWarning: Enable tracemalloc to get the object allocation traceback
DEBUG: Python function write_package_manifest finished
[YOCTO #14772]
(From OE-Core rev: 3e88c663e65fbc1b2e77a8616af4371224ed0ca5)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b3114d5d438b7a63a276b4e825b62f3b1ebceed6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to a version of pseudo which has a fix for absolute links,
evaluating them from the chroot path.
(From OE-Core rev: 4e79b3fa07d6b8d044f2fb21e691ff3683aee1ea)
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 33147b89bc3c9e9bdd53a942a5551d8a1d06130c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to a version of pseudo which includes a workaround for crazy
long paths, as shown by the libfm failures from the libtool upgrade.
(From OE-Core rev: 5cac1e855e397b58c3c2b251a9794f3d480c8ad6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 67dfa32d82b8862e6e543c37315f211aba3ec28b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Everyone I've talked to doesn't see this as a major issue. The CVE
asks for a documentation improvement on the --mirror option to
git clone as deleted content could be leaked into a mirror. For OE's
general users/use cases, we wouldn't build or ship docs so this wouldn't
affect us.
(From OE-Core rev: f35500a442d6a4564d52e23f9602a3f90a4ceee5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5dfe2dd5482c9a446f8e722fe51903d205e6770d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Malicious filenames can make xzgrep to write to arbitrary files
or (with a GNU sed extension) lead to arbitrary code execution.
Upstream-Status: Backport [https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch]
CVE: CVE-2022-1271
(From OE-Core rev: da4180062f12aa855a0dd2c0dbe4f0721df67055)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 27385658aa552b287c4f8f4585f9c783db834123)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
zgrep applied to a crafted file name with two or more newlines
can no longer overwrite an arbitrary, attacker-selected file.
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c]
CVE: CVE-2022-1271
(From OE-Core rev: b7f0696bc60409af215549d26621526c1a93a002)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License change is a date in the license file only.
This includes a fix for CVE-2022-0943.
(From OE-Core rev: 1c68d33f4742df9bcec7d1032dab61d676f86371)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 69bc2f37d6ca7fa4823237b45dd698b8debca0a9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Merge in the changes from master allowing conf.py to use information from
poky.yaml. This allows the head version mapped to X.999 on the website to
have the version information displayed clearly and correctly.
(From yocto-docs rev: df813c6d6c1477519f13699987215c8d9bc0a7bf)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The python gc can trigger whilst we're holding the event stream lock
and when cleaning up objects, they can trigger warnings. This translates
into a new event which would then need the lock and we can deadlock.
Disable gc whilst we hold that lock to avoid this unfortunate and
problematic situation.
(Bitbake rev: 0784db7dd0fef6f0621ad8d74372f44e87fef950)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 96a6303949cefd469bcf5ed250ff512271354357)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: aa762b7ca2417b80dd114a4ab263d69074912f82)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b280aecd79e95811f8baec6c4479c5752c54d9e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 7d429e8385ca01728d797abe8ab9575140734476)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 261778c1e3665b34c0d4e49bda63b520d5335587)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 64ba0d40a4c77a23778c51511f2d167e2056eea3)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The missing gitsm:// mappings looks like an oversight, add them.
(From OE-Core rev: f748360a854a5c80c8008ba6ac90546865651f10)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6600b9fca7888fb41647cd000b9efb7f0762dfde)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Fixes
The rules for acceptance of records into the cache have been tightened
to prevent the possibility of poisoning if forwarders send records
outside the configured bailiwick. (CVE-2021-25220)
License-Update: copyright years
(From OE-Core rev: 58aea0c02bb101dbb378afb578b70b8730cce6fd)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix heap overflow when appending prepare writes
The code shall check if the prepare writes would append more the
allowed maximum attribute length.
Upstream-Status: Backport [https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0]
CVE: CVE-2022-0204
(From OE-Core rev: 058dec11cc6580212c6d4560d0f0e5b704d501dc)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patch taken from
https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
from the following issue
https://github.com/golang/go/issues/48797
Original repo
https://go.googlesource.com/go/+/77f2750f4398990eed972186706f160631d7dae4
(From OE-Core rev: e9e3c3969544d18f0da90a10156c40da84d5b549)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is specific to SUSE Linux.
(From OE-Core rev: 10e12faf6172f399da7b3d73a33bd908aa8f32b3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 594baef3b08d40fbbf1899f4cadeb9931c035c1a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No error was being reported when the hash string was set to empty.
For example: SRC_URI[md5sum] = ""
On a related note (not a bug):
Because whitespace in the string will result in a checksum mismatch, the error
message was updated to make it a little clearer why the error was thrown.
For example: SRC_URI[md5sum] = " " or
SRC_URI[md5sum] = " 209f8326f5137d8817a6276d9577a2f1"
Now creates a message like this:
File: '/home/scott/yocto-cache/downloads/rsync-3.2.3.tar.gz' has md5
checksum '209f8326f5137d8817a6276d9577a2f1' when ' 209f8326f5137d8817a6276d9577a2f1' was expected
[YOCTO #14232]
(Bitbake rev: d8c2175f6a7b5fdf111d6a073b2c3dbd3c0b061d)
Signed-off-by: Scott Weaver <weaverjs@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a13510d0028e234ea2f4744b0d0c38558395c70f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes: CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011
Stable branch update:
97c5b7777 (HEAD -> server-1.20-branch, tag: xorg-server-1.20.14, origin/server-1.20-branch) xserver 1.20.14
35b4681c7 render: Fix out of bounds access in SProcRenderCompositeGlyphs()
67425fcab Xext: Fix out of bounds access in SProcScreenSaverSuspend()
6bb8aeb30 xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
acc50e609 record: Fix out of bounds access in SwapCreateRegister()
5ff3310b6 modesetting: Allow Present flips with mismatched stride on atomic drivers.
574fe59ef Fix RandR leasing for more than 1 simultaneously active lease.
(From OE-Core rev: aa2bb4f62dd7e5c6fdf220264c3d62fbf2cc7d16)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stable branch update:
86a72cb19 (tag: xorg-server-1.20.13) xserver 1.20.13
f85e4edba modesetting: unflip not possible when glamor is not set
b03d7184b present: fallback get_crtc to return crtc belonging to screen with present extension
(From OE-Core rev: 3e9ecd77449a5bd70a55d47db7a2dfb85d44d9c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stable branch update:
b88ad0b34 (tag: xorg-server-1.20.12) xserver 1.20.12
8dea50223 Build xz tarballs instead of bzip2
b7adbac7d hw/dmx/config: Link directly with libdmxconfig.a
e49738f0c xfree86: Fix NULL pointer dereference crash
9a59631a4 glx: Fix use after free in MakeCurrent
1fc0ca6e6 xfree86: Fix out of array bound access to xf86Entities
a4210fe07 xfree86: Change displays array to pointers array to fix invalid pointer issues after table reallocation
22449f630 glamor: Avoid using GL_QUADS on V3D
d16f64031 modesetting: Fix possible_crtcs
f1e76731a modesetting: Update props for dynamically added outputs
7bf477711 xquartz: Ensure the mouse pointer is shown when switching to a native macOS alert or window
3ef6e7b76 xquartz: Fix appFlags build failure with macOS 10.15+ SDKs
2a83c840c glx: Set ContextTag for all contexts
394b6cc1c glx: don't create implicit GLXWindow if one already exists
0086535e7 modesetting: Remove few common functions from ms namespace
321964443 modesetting: remove unnecessary ms_covering_xf86_crtc dup of ms_covering_randr_crtc
52eb801d0 modesetting: Find crtc on slave outputs as fallback instead of returning primary crtc
c7a2da7b9 present: fix msc offset calculation in screen mode
31544e68e present: Use crtc's screen present operation for syncing
464cbee1c modesetting: Initialize present extension despite glamor is disabled
4e11bd390 modesetting: Disable reverse prime offload mode for displays running on evdi,udl
627252933 dix: Guard against non-existing PtrFeedbackPtr
d41b43345 xwayland: Add PtrFeedback to the touch device
23a53f0d5 glx: fixup symbol name for get_extensions function
(From OE-Core rev: e8416c75630a27527faedeab218a8ba71a1eb5ea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-3472
Stable branch update:
6b767cdf6 (tag: xorg-server-1.20.11) xserver 1.20.11
a1a1aa2c1 Fix XChangeFeedbackControl() request underflow
8890c44a7 xquartz: Remove a check for NSAppKitVersionNumber >= NSAppKitVersionNumber10_7
3c3680c36 xquartz: Don't include strndup.c any more since we no longer support 10.8 and older
e1fdc856a xquartz: Add a launch trampoline to better integrate with modern versions of macOS
8f8e9c53e xquartz: Don't process AppKit events if we haven't finished initializing
aa6f84021 xquartz: Allocate each fbconfig separately
7aa51bb57 xquartz: Fix a compiler warning about const incompatible pointer assignment
d751c46bd xquartz: Fix build with sparkle enabled
03c2e12a8 xquartz: Silence a compiler warning about missing internal methods on NSApplication
fcbd57367 xquartz: Rewrite Window menu handling to not depend on X11App.windowsMenu.numberOfItems being correct in -awakeFromNib
b27c6602b xquartz: Convert X11Controller ivars into @properties
625c7e4de xquartz: Convert X11Application ivars into @properties
3017fec60 xquartz: Fold quartzCommon.h into quartz.h
bdaff44f9 xquartz: Fold away some unnecessary hops to X11Controller through X11Application
7d22031a6 xquartz: Fold away array_with_strings_and_numbers and simplify with more modern Objective-C
937b63ff4 xqaurtz: Remove message_kit_thread() and use dispatch instead
e531d3a4c xquartz: Use objc_autoreleasePoolPush / objc_autoreleasePoolPop directly in QuartzBlockHandler
08cf6c90f xquartz: Minor code modernization -- @autoreleasepool adoption
26e0c59a9 xquartz: Remove some dead code for compatibility with older nibs
2853f3896 xquartz: Remove a workaround for AppKit versions older than Lion
1edc9b980 xquartz: Apply spell check fixes from master for easier cherry-picking of changes in xquartz
67f25cc18 xquartz: Fix applications menu table background color for dark mode
4028c2ad1 xquartz: Apply Xcode 12.4 automatic updates to nibs
ff1c8e2f7 xquartz: Update the about box copyright to 2021
a16df6028 xquartz: Ensure we call into TIS on the main thread
2087b7782 xquartz: Ensure that NSRunAlertPanel() is run on the main thread
2fe5bf4ba xquartz: Remove support for older versions of libXplugin
bc1a2a0d8 xquartz: Remove unused include of AvailabilityMacros.h from various sources
393da8b43 xquartz: Remove support for building for i386
43aaa1093 xquartz: Remove support for Mountain Lion and earlier versions of macOS
fb492686d xquartz: Remove support for Lion and earlier versions of macOS
34784415a xquartz: Remove support for SnowLeopard and earlier versions of macOS
d3f81ecaf xquartz: Remove check for libdispatch now that we don't support pre-SnowLeopard
739c5bd32 xquartz: Remove support for Leopard and earlier versions of macOS
2d7eb8249 xquartz: Remove support for Tiger and earlier versions of macOS
080f9eb76 os: Remove support for Tiger and earlier versions of macOS
be9d2fd87 xquartz: Remove support for Panther and earlier versions of macOS
d39eb5840 Fix typo "XQaurtz" in Xquartz.man
1f2b73176 XQuartz: recognize F16-F20 and Menu keys
ecc4ebf53 xquartz: Add stub ddxInputThread()
f5df31c76 meson.build: KMS support also depends on dri2
b09f5f42d xwayland: Replace LogMessage with LogMessageVerb
c17872d50 xkb: Fix heap overflow caused by optimized away min.
(From OE-Core rev: 928759347e18e56c991959d1a33aeb87ba6de4ee)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove CVE patches contained in this release.
Stable branch update:
bc111a2e6 (tag: xorg-server-1.20.10) xserver 1.20.10
06d1a032e Check SetMap request length carefully.
7ccb3b0ea Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows
440ed5948 present/wnmd: Translate update region to screen space
54f9af1c6 modesetting: keep going if a modeset fails on EnterVT
bd0f53725 modesetting: check the kms state on EnterVT
5c400cae1 configure: Build hashtable for Xres and glvnd
253569a3d xwayland: Create an xwl_window for toplevel only
0811a9ff7 xwayland: non-rootless requires the wl_shell protocol
b3ae038c3 glamor: Update pixmap's devKind when making it exportable
d6c389cb8 os: Fix instruction pointer written in xorg_backtrace
c3e4c1a0f present/wnmd: Execute copies at target_msc-1 already
96ef31e0f present/wnmd: Move up present_wnmd_queue_vblank
669e40390 present: Add present_vblank::exec_msc field
dae234efd present: Move flip target_msc adjustment out of present_vblank_create
1930ed233 xwayland: Remove pending stream reference when freeing
1ac389dda xwayland: use drmGetNodeTypeFromFd for checking if a node is a render one
d108c2c82 xwayland: Do not discard frame callbacks on allow commits
174cb91d8 present/wnmd: Remove dead check from present_wnmd_check_flip
51ee6e5ce xwayland: Check window pixmap in xwl_present_check_flip2
f4006d795 present/wnmd: Can't use page flipping for windows clipped by children
1e84fda20 xfree86: Take second reference for SavedCursor in xf86CursorSetCursor
8c3c8bda2 glamor: Fix glamor_poly_fill_rect_gl xRectangle::width/height handling
b28c88288 include: Increase the number of max. input devices to 256.
af4c84ce8 Revert "linux: Make platform device probe less fragile"
39cb95e95 Revert "linux: Fix platform device PCI detection for complex bus topologies"
4b6fce597 Revert "linux: Fix platform device probe for DT-based PCI"
(From OE-Core rev: ac86083917380ca8398307f0e59b7bb73c727b4f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove CVE patches contained in this release.
Stable branch update:
afb77415e (tag: xorg-server-1.20.9) xserver 1.20.9
705d72139 Fix XRecordRegisterClients() Integer underflow
5b384e767 Fix XkbSelectEvents() integer underflow
eff3f6cdd Fix XIChangeHierarchy() integer underflow
1d3a1092c Correct bounds checking in XkbSetNames()
249a12c54 linux: Fix platform device probe for DT-based PCI
5c96eb5f4 linux: Fix platform device PCI detection for complex bus topologies
74b7427c4 linux: Make platform device probe less fragile
4979ac8f0 fix for ZDI-11426
2720b8715 xfree86: add drm modes on non-GTF panels
7da8e7bab present: Check valid region in window mode flips
4a65b6617 xwayland: Handle NULL xwl_seat in xwl_seat_can_emulate_pointer_warp
10cabe0b9 xwayland: Propagate damage x1/y1 coordinates in xwl_present_flip
3b51978b9 doc: Update URLs in Xserver-DTrace.xml
6cbd6a09b xwayland: Use a fixed DPI value for core protocol
d4e8c4622 xwayland: only use linux-dmabuf if format/modifier was advertised
c726ceacc hw/xfree86: Avoid cursor use after free
0679d4660 Update URL's in man pages
3059a2e62 xwayland: Disable the MIT-SCREEN-SAVER extension when rootless
23c55ec32 xwayland: Hold a pixmap reference in struct xwl_present_event
1179938c1 randr: Check rrPrivKey in RRHasScanoutPixmap()
4912f693e modesetting: Fix front_bo leak at drmmode_xf86crtc_resize on XRandR rotation
ccbcf083d xwayland: Store xwl_tablet_pad in its own private key
cc3613559 xwayland: Initialise values in xwlVidModeGetGamma()
533cc6ca0 xwayland: Fix crashes when there is no pointer
3aa31823d xwayland: Clear private on device removal
22c0808ac xwayland: Free all remaining events in xwl_present_cleanup
37779d7f4 xwayland: Always use xwl_present_free_event for freeing Present events
ba52e5eb0 present/wnmd: Free flip_queue entries in present_wnmd_clear_window_flip
b3310ed50 present/wnmd: Keep pixmap pointer in present_wnmd_clear_window_flip
fc297c87d xwayland: import DMA-BUFs with GBM_BO_USE_RENDERING only
0430d13c1 xwayland: Fix infinite loop at startup
b8b10e293 modesetting: Disable pageflipping when using a swcursor
271934db9 dix: do not send focus event when grab actually does not change
(From OE-Core rev: 9fba10e19c8de5df1361e222bf255c0d9dad949f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in the util-linux chfn and chsh utilities when compiled
with Readline support. The Readline library uses an "INPUTRC" environment
variable to get a path to the library config file. When the library cannot
parse the specified file, it prints an error message containing data from
the file. This flaw allows an unprivileged user to read root-owned files,
potentially leading to privilege escalation. This flaw affects util-linux
versions prior to 2.37.4.
Backport patch from upstream:
https://github.com/util-linux/util-linux/commit/faa5a3a83ad0cb5e2c303edbfd8cd823c9d94c17
Patch required slight modifications to apply cleanly to util-linux 2.35.1
(From OE-Core rev: dffbf6301612ca91f6a1c306b9dde754b44912bb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've been seeing occasional test failures on the autobuilder where
we don't see the expected events. It turns out this is due to
run_command being helpful and eating them if the server is fast and
the client slow. Adding a sleep into the run_command code makes the
failure consistent.
Use a new "handle_events" argument to allow us to handle all the
events which is what this test requires.
[YOCTO #14585]
(From OE-Core rev: da5cba5ec56cc437ede46d8aa71219a2a34cbe9e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2292983c717b8cadcf0c443bb7b649a84ea5ad57)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The git repo for virglrenderer was changed, so update the
SRC_URI accordingly with the new link.
(From OE-Core rev: 619d9ba2bb1f869869937f7d7942cc77580fdc08)
Signed-off-by:Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The git repo for gnu-config was changed, so update the
SRC_URI accordingly with the new link.
(From OE-Core rev: 4ee75d865b34f615bc649004e9dd0460eaf42dbf)
Signed-off-by:Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The fix for the CVE in 2.9.13 caused a regression which
was addressed after 2.9.13. We import that patch here.
(From OE-Core rev: 906ffe5bf83c0e587299aaedb9382ce04c3c7acf)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream advisory:
https://ghostscript.com/blog/CVE-2021-3781.html
Other than the CVE fix other two commits are backported
to fit the patch.
(From OE-Core rev: ce856e5e07589d49d5ff84b515c48735cc78cd01)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE patches (and the stack limits check patch) should have been
added to SRC_URI_BASE so that they are applied for both target
and -native packages.
(From OE-Core rev: da9b7b8973913c80c989aee1f5b34c98362725a8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream commit:
https://salsa.debian.org/apt-team/apt/-/blob/dceb1e49e4b8e4dadaf056be34088b415939cda6/apt-pkg/contrib/arfile.cc
CVE: CVE-2020-3810
(From OE-Core rev: 2c58d4691b07230616272f2727e0ad0a345064be)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html
CVE: CVE-2020-13791
(From OE-Core rev: 6d4e6302fa21b1c663b94b05088ecf9b9d544c0a)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CVE is specific to Microsoft Windows, so we can ignore it.
(From OE-Core rev: d966a07d1f04aa76a4970d4af141f817197be0d2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2bd3c5a93988140d9927340b3af68785ae03db65)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing patch for CVE-2021-3200 also fixes CVE-2021-44568 through
CVE-2021-44671 and CVE-2021-44573 through CVE-2021-44677, so update
CVE tags in patch to reflect this.
Reference:
https://github.com/openSUSE/libsolv/issues/426
(From OE-Core rev: 3096134d25fc4cf9bd18839838a62a6c89344e31)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The reasons for this are lost in the mists of time. These are already
in OE-Core as MIRRORS and we should be falling back to the project as
a backup, not a default. Update accordingly.
(From meta-yocto rev: 99435619a3d5f6afb5b5bb4169fc7b4ef31556dd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1b71a3b9418fd928fb72bd23898cffe70c43d9d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are some commands where we want to see the events returned so allow
the caller to request this. This also allows us to fix an infamous bug in
the tinfoil testsuite in OE-Core.
(Bitbake rev: 41bf1fa85a540232dcf92fe473c3b3c4cd7259dd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0e8421c41d97d5d50a553d70c8f775d521f1a199)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Its hard to tell from the server logs whether commands complete or not
(or how long they take). Add extra info to allow more debugging of
server timeouts.
(Bitbake rev: d388f6d159b9d7e1ed3f199f2d1aca0c473cda6d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 56285ada585ec1481449522282b335bcb5a2671e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We still see occasional test failures for unknown reasons. Add some debugging to
show whether the matching files event was received even if the command complete wasn't.
Also ensure any commandfailed/commandexit event is shown.
This will hopefully aid debugging the next time the issue occurs.
(From OE-Core rev: 71015408c60ddf2e9af00cc8574815971e1b689d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f7a788bb51ef09ee23c94176285437ea760fab7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the ping test fails due to a timeout we only get limited debug
information. Tweak the code to improve that in case it sheds any light
on intermittent failures.
(From OE-Core rev: df98e96c7a1601798caf7f4882b09406a4fdacd6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d81704057950e1970ef7f673fa771834fd2b3f1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
nativesdk is a cross compiled target and therefore should use the target
config, not the native one. Copy the target entries accordingly.
(From OE-Core rev: e997487c0068bfe4017fc98c4fa5b51f660a1b4e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b1b5fec350b390fa7f2d26966df1411b032faf87)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 9e3758114cbc74d820c5904b81b011e5c4a1715b)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ed02ee8f20094f598448d58875cb7be8a24a019f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: b60558f44d0145c0d68a78b3eabe483cb016700f)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 93a335993ce592a8ee34fc9a490e327f2775e03f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update:
year updated to 2022
Version of some driver files updated
Added files for some drivers
(From OE-Core rev: ca8fa031e79b6893b4b2a9f906134e6ef4fe2b0e)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit be1b1d204c89035c54a626db46c5054e553b82c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security and bug fixes (including upgrades for security and bug fixes to
bundled components).
For changes see:
https://docs.python.org/release/3.8.13/whatsnew/changelog.html#python-3-8-13-final
CVE: CVE-2022-26488
License-Update: Add 2022 to copyright years
* Update bpo-36852 patch to apply after change in 3.8.13
(From OE-Core rev: bcad36b6d34b3176dc313ed6af99897cc442bf2b)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778:
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
This also fixes an evp_extra_test ptest failure introduced by openssl-1.1.1m:
"""
not ok 19 - test_signatures_with_engine
ERROR: (ptr) 'e = ENGINE_by_id(engine_id) != NULL' failed @ ../openssl-1.1.1m/test/evp_extra_test.c:1890
0x0
not ok 20 - test_cipher_with_engine
<snip>
"""
The ptest change is already present in Yocto master since oe-core
commit 5cd40648b0ba ("openssl: upgrade to 3.0.1").
(From OE-Core rev: 4d33b7ce0c50af81a01014a7d7d37c93a041a28d)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
adapter incorrectly restores Discoverable state after powered down
Upstream-Status: Backport [https://github.com/bluez/bluez/commit/b497b5942a8beb8f89ca1c359c54ad67ec843055]
CVE: CVE-2021-3658
(From OE-Core rev: 12669ab256a3ffbcb4bcbaba1bc9c690920d32b1)
Signed-off-by:Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport commits from the following MR:
https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6
Two other commits have been backported in order to be able
to correctly apply the patches.
CVE: CVE-2020-13253
(From OE-Core rev: b258b0deccde2d8fd2c4372dd0f376c7b95945f5)
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|