| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use SHA256 as default digest for OpenSSL instead of MD5.
CVE: CVE-2004-2761
The MD5 Message-Digest Algorithm is not collision resistant,
which makes it easier for context-dependent attackers to
conduct spoofing attacks, as demonstrated by attacks on the
use of MD5 in the signature algorithm of an X.509 certificate.
Upstream-Status: Backport
Backport from OpenSSL 2.0 to OpenSSL 1.0.2
Commit f8547f62c212837dbf44fb7e2755e5774a59a57b
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(From OE-Core rev: f924428cf0c22a0b62769f8f31f11f173f25014f)
(From OE-Core rev: 0066e5c5559009f250b6e5953d5830db2c8769e1)
Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We strip the TOOLCHAIN_OPTIONS and HOST_CC_ARCH from CC/CXX in cmake.bbclass
whereas CFLAFS and CXXFLAGS assume that TOOLCHAIN_OPTIONS are
part of CC/CXX variables, this causes compile failures when cmake
is running compiler tests during configure on some architectures
especially armhf, because hf ABI information -mfloat-abi is part
of TOOLCHAIN_OPTIONS, so what happens is that testcase gets compiled
without hard-float, howver, during linking the float ABI option
is passed via LDFLAGS, now linker rejects this and fails like
/mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: error: cmTC_27947 uses VFP register arguments, CMakeFiles/cmTC_27947.dir/src.cxx.o does not
mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: failed to merge target specific data of file CMakeFiles/cmTC_27947.dir/src.cxx.o
collect2: error: ld returned 1 exit status
This means that CMake now fails the configure time test too
which is not right, e.g. it might disable features which actually do exist
and should be enabled e.g. in case above it is resulting as below
Performing C++ SOURCE FILE Test HAS_BUILTIN_SYNC_SUB_AND_FETCH failed with the following output:
Its actually a bug in CMake see
https://gitlab.kitware.com/cmake/cmake/issues/16421
CMake is ignoring CMAKE_CXX_FLAGS when using CHECK_CXX_SOURCE_COMPILES
function.
Until it is fixed upstream, we add HOST_CC_ARCH and TOOLCHAIN_OPTIONS
to CFLAGS and CXXFLAGS, so that we can ensure that compiler invocation
remains consistent.
(From OE-Core rev: 826f3cdb474b5728b22f08d2342fc90235ca9e7d)
(From OE-Core rev: 7e5fd5914e15397a56425130c2322ace67da2ee4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool
allows remote attackers to cause a denial of service (out-of-bounds read) via vectors
involving the ma variable.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3658
http://bugzilla.maptools.org/show_bug.cgi?id=2546
Patch from:
https://github.com/vadz/libtiff/commit/45c68450bef8ad876f310b495165c513cad8b67d
(From OE-Core rev: c060e91d2838f976774d074ef07c9e7cf709f70a)
(From OE-Core rev: cc266584158c8dfc8583d21534665b6152a4f7ee)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Makefile in directory tests has been renamed, then update script
run-ptest to follow the change.
(From OE-Core rev: 364565f3f3baccc9757ce0dcb393464b38055b4f)
(From OE-Core rev: aece2afafbd304adee30978537b9404a9344dd4e)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2016-7909 of qemu.
Ref:
https://security-tracker.debian.org/tracker/CVE-2016-7909
(From OE-Core rev: 126783ca25a5ae9daf87ac563239fbff4696a682)
(From OE-Core rev: 469267010b43a1c114e22009c9ac68f36c22f896)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This script claims to be a /bin/sh script, but it uses
a bashism:
from checkbashisms:
possible bashism in meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh line 151 (should be 'b = a'):
if [ "x/" == "x$( echo ${FILE} | cut -c1 -)" ]
This causes build issues on systems that don't have
/bin/sh symlinked to bash:
Updating certificates in ${WORKDIR}/rootfs/etc/ssl/certs...
<builddir>/tmp/sysroots/x86_64-linux/usr/bin/c_rehash: 151: [: x/: unexpected operator
...
Fix this by using POSIX shell syntax for the comparison.
(From OE-Core rev: 0526524c74d4c9019fb014a2984119987f6ce9d3)
(From OE-Core rev: 2ece9c0e955ee99543968ddfd14da909e23ae611)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The latest Ubuntu uses yet more aggressive hardening options, which causes the
unconventional build order used by systemtap to fail.
[ YOCTO #10521 ]
(From OE-Core rev: 5ca6ac8739ea4a273df7b8e5c5f7d481619923d8)
(From OE-Core rev: 3397af5877a41a6a59aeb90f8610c759cad38795)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Passing --disable-nls should be enough to disable the requirement for a full
gettext to be present, but the upstream configure explicitly checks for msgfmt
even if it isn't going to be used. To avoid having to depend on gettext-native,
patch this check out.
(From OE-Core rev: 2f8d2a74f73490c1ae35131d3eb3592f7ee0a1e4)
(From OE-Core rev: 7d689876574ba47e5ad07d67ad40fd865b0c27f5)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Root device name in systemd-bootdisk.wks is 'sda'. This can cause
images, produced using this wks to refuse booting if real device
name is not 'sda'. For example, when booting MinnowBoard MAX from
MicroSD card the boot process stucks with this message on the boot
console output: Waiting for root device /dev/sda2...
This happens because real device name of MicroSD card on this device
is mmcblk1.
Used --use-uuid option for root partition. This should make
wic to put partiion UUID instead of device name into kernel command
line.
[YOCTO #10485]
(From OE-Core rev: 5b73d5f484cc844affe91ec19d881d42e187f30c)
(From OE-Core rev: 71a365d57359dd8d9bfce66985975b1533e983d7)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
a.out.h support is not across all architectures only
x86/x86_64 support is in linux/a.out.h, this patch
abstracts the minimum needed constructs into itself
(From OE-Core rev: 757224640bbf4ebf17aea22fa1419c9c3bcd89ce)
(From OE-Core rev: 7985b295384f98fd6ea88f3aff197ccf0369977b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The swpb in macro MUTEX_SET will cause "undefined instruction" error
on the new arm arches which don't support this assembly instruction
any more. If use ldrex/strex to replace swpb, the old arm arches don't
support them. So to avoid this issue, just disable the ARM assembler
mutex code, and use the default pthreads mutex.
(From OE-Core rev: aafbc548ebc66dc0d703526f9a98f784e9c9605b)
(From OE-Core rev: d6a0ef7e9dfbda3d55ba18f2bcc69f04d502495d)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contrary to the CVE report, the vulnerable trace functions
don't exist in readline v5.2 (which we keep for GPLv2+
purposes), they were added in readline v6.0 only - let's
whitelist that CVE in order to avoid false positives.
See also the discussion in
https://patchwork.openembedded.org/patch/81765/
(From OE-Core rev: b881a288eec598002685f68da80a24e0478fa496)
(From OE-Core rev: b4498a6b734661fdfe3ff4e0a9850e796b72005c)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Reviewed-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed:
$ runqemu qemuarm64 (without -nographics)
There is no output in qemu console without this fix.
(From OE-Core rev: 40a64e64b2ff41661ff254d0836c5f60120c6795)
(From OE-Core rev: f07c139e91d2173dac4289727d1401a19d6ed821)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The included patch, backported from Weston master (and OE-Core
master since Weston 1.11.1, b6864b1), allows it to run without
any input device at launch. An ini option is introduced for
this purpose, so there is no behavioral change.
Related change in weston.ini:
[core]
require-input=true
Default is true; setting it false allows Weston to run
without a keyboard or mouse, which is handy for automated
environments.
(From OE-Core rev: 8fa5e442d16b1d04066b51b9fd56be41ae67d2d5)
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Android-tools depends on it and to build the native versions of fastboot, adb, mkbootimg and others libbsd needs to support native builds.
(From OE-Core rev: 5d6761dacd370fdb6f29269a22cfbca86f301024)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit b02cef58ee35dd277fff48538ce2803df1cbc4d5)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Briefly: Cyprus split into two time zones on 2016-10-30, and Tonga
reintroduces DST on 2016-11-06.
Changes to future time stamps
Pacific/Tongatapu begins DST on 2016-11-06 at 02:00, ending on
2017-01-15 at 03:00. Assume future observances in Tonga will be
from the first Sunday in November through the third Sunday in
January, like Fiji. (Thanks to Pulu ʻAnau.) Switch to numeric
time zone abbreviations for this zone.
Changes to past and future time stamps
Northern Cyprus is now +03 year round, causing a split in Cyprus
time zones starting 2016-10-30 at 04:00. This creates a zone
Asia/Famagusta. (Thanks to Even Scharning and Matt Johnson.)
Antarctica/Casey switched from +08 to +11 on 2016-10-22.
(Thanks to Steffen Thorsen.)
Changes to past time stamps
Several corrections were made for pre-1975 time stamps in Italy.
These affect Europe/Malta, Europe/Rome, Europe/San_Marino, and
Europe/Vatican.
First, the 1893-11-01 00:00 transition in Italy used the new UT
offset (+01), not the old (+00:49:56). (Thanks to Michael
Deckers.)
Second, rules for daylight saving in Italy were changed to agree
with Italy's National Institute of Metrological Research (INRiM)
except for 1944, as follows (thanks to Pierpaolo Bernardi, Brian
Inglis, and Michael Deckers):
The 1916-06-03 transition was at 24:00, not 00:00.
The 1916-10-01, 1919-10-05, and 1920-09-19 transitions were at
00:00, not 01:00.
The 1917-09-30 and 1918-10-06 transitions were at 24:00, not
01:00.
The 1944-09-17 transition was at 03:00, not 01:00. This
particular change is taken from Italian law as INRiM's table,
(which says 02:00) appears to have a typo here. Also, keep the
1944-04-03 transition for Europe/Rome, as Rome was controlled by
Germany then.
The 1967-1970 and 1972-1974 fallback transitions were at 01:00,
not 00:00.
(From OE-Core rev: daf95f7fd9f7ab65685d7b764d8e50df8d00d308)
(From OE-Core rev: 550901db388eda2476da24b71117223be999688b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes to code
The code should now be buildable on AmigaOS merely by setting the
appropriate Makefile variables. (From a patch by Carsten Larsen.)
(From OE-Core rev: d2b8c4ee535684f5d874082a7f76efbda1907ea5)
(From OE-Core rev: 757f2cb2f2acaf41d3f81c5b9bb0afd8e05001db)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2016-8858 of openssh.
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=1384860
(From OE-Core rev: 134a05616839d002970b2e7124ea38348d10209b)
(From OE-Core rev: 07e289d7212d6343370bfc883631a19f37bc85f1)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ELF parser was assuming that the segment tables are in the first 4kb of the
binary. Whilst this generally appears to be the case, there have been instances
where the segment table is elsewhere (offset 2MB, in this sample I have). Solve
this problem by mmap()ing the file instead.
Also clean up the code a little whilst chasing the problem.
(From OE-Core rev: b88c6bd61e7c3388b3902de1adb5e48a88f2e235)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This version of epiphany still needs libwnck3.
This reverts commit fb5c4f181176710a4cfb3c875b5edb4e5aa5df73.
(From OE-Core rev: eec53627ac5c3aa811a0bd97f06a4827ef0189d3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The epiphany in morty still needs libwnck3, so bring it back.
This reverts commit 129281e8557ec8d29ecf863675884713a3050f4b.
(From OE-Core rev: d09108805dab4595101706f6e75a0a622d3b0cda)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The fact that the OpenEmbedded build system can now build
multiple image types caused the KERNEL_IMAGE_BASE_NAME variable
to have the KERNEL_IMAGETYPE portion removed. This could cause
existing recipes that use the KERNEL_IMAGE_BASE_NAME variable
directly issues. I added a section indicating that the user
should address those recipes to avoid problems.
(From yocto-docs rev: 2b4a36b45846e296c15d62ee8fabdd9ff29b2b0f)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #10717]
Now that multiple images can be built, the KERNEL_IMAGE_BASE_NAME
no longer requires "${KERNEL_IMAGETYPE}" as part of its default
value. I have removed this portion of the default definition
described in the glossary.
(From yocto-docs rev: 54abeb3fbbac8b6d319183f88803fbe71b27fcbe)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #10351]
I added a note to the "Post Installation Scripts" section of the
"Writing a New Recipe" section to call out the fact that the
RPM package manager will not install packages on the target when
any RPM post-install script returns a non-zero exit code when
the script is run on the target.
(From yocto-docs rev: a2b36b4a352522e3c576a45ee239af51eda518c1)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #10692]
I updated the STAGING_DIR variable description to have a reference
to the SYSROOT_DIRS variable as well as the "Sharing Files
Between Recipes" section of the dev-manual.
I also updated the "Sharing Files Between Recipes" section so
that the role of SYSROOT_DIRS is explained and actually used
in an example to add another directory.
(From yocto-docs rev: 23114b4bc708398bae8c4559793dd36bc53c96a2)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #8584]
Made some edits to tighten this down and make it more efficient.
(From yocto-docs rev: f25c0cf08877b62a6e2523b5d4caa83c008ef004)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As of Django 1.8.16, Django is rejecting any HTTP_HOST header that is
not on the ALLOWED_HOST list. We often need to reference the
toaster server via a fqdn, if we start it via webport=0.0.0.0:8000 for
instance, and are hitting the server from a laptop. This change does
reduce the protection from a DNS rebinding attack, however, if you are
running the toaster server outside a protected network, you should be
using the production instance.
[YOCTO #10578]
(Bitbake rev: 59a3f391ac5ac194f30d11a39676356464269d55)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Michael Wood <michael.g.wood@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #8584]
This fix essentially had to document how to add the API
documentation to the standard SDK. The fix required adding a
new appendix to the SDK manual on how to customize that
standard SDK. I could not put just one topic in a new appendix
so I also added a sub-section on how to add indidual packages
to the standard SDK.
Other changes here were the introduction of a new file for the new
appendix, updated the mega-manual.xml file so that it would include
the new chapter when the MM was built. Finally, I added some
cross-referencing to the new appendix from the TOOLCHAIN_HOST_TASK
and TOOLCHAIN_TARGET_TASK variables. And a cross reference from the
distro features section on the api-documentation bullet.
(From yocto-docs rev: d2b5224df82959e0ce52d12f579a572b86f9fc70)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #8584]
Updated the "Distro Features" section to include the
"api-documentation" feature.
(From yocto-docs rev: ad02528f13390c2c0dc5717c1f9088212def37be)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The string appeared in the text as "$(INC_PR).0". So, fixed
it to be proper with the curly braces.
(From yocto-docs rev: 113296272e60da09c88660d09a5e8ba06f0fda7a)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
The way I had this string was incorrect. I changed it to "openSUSE".
(From yocto-docs rev: 1b44f58f7cf9c68186dd271b4779b3a368757b1d)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #10445]
Pointed out that the EXTENDPKGV variable is hard to locate in the
BB manual. Firstly, we don't document that variable in the
BB manual.... maybe we should. For the ref-manual, however, it is
barely referenced in a side example from the dev-manual. So, I
updated the RDEPENDS variable to have a "Tip" box in the area where
it is shown how to use the package version as part of the RDEPENDs
variable.
(From yocto-docs rev: f42525ba8a4d20722d15c9fa250c494a90ff478b)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed [YOCTO #10588]
This section was confusing due to the fact that it used an actual
set of IP addresses and image name where they should be clearly
called out as examples. Fixed it.
(From yocto-docs rev: 006a25fad282b03aacd59eb8dc1a44cad2c19fc4)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From yocto-docs rev: 8643b19b096039f321b85dbaf1f68c7d3c26f791)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes [YOCTO #10451]
Added a missing closing parentheses to a sentence.
(From yocto-docs rev: 8fc10d592eb426c5b173be2280b72fa7ccf3510c)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The "runqemu Ported to Python" section was using past tense
for a note about previous usage patterns being supported. I
changed this to present tense.
(From yocto-docs rev: 15aa9d5a0164fa9553cf252a651d6aa5fb1c23f0)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From yocto-docs rev: 072ac7943ddcefd90ec36ee74a8571adf2cefb1b)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Print full traceback instead of just the exception message in the
child() function inside fork_off_task(). This makes debugging a lot
easier as the function catches a generic "Exception" and the exception
message alone might not give much information.
[YOCTO #10393]
(Bitbake rev: 61cc397a5b7136afb37052a2860c6c39a176ddab)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a bug where a totally wrong value of a variable would be exported if
an exception happened during d.getVar(). Also, print a warning if an
exception happends instead of silently ignoring it. It would probably be
best just to raise the exception, instead, but use the warning for now
in order to avoid breaking existing builds.
[YOCTO #10393]
(Bitbake rev: 59c606cfc6e0a4f367344d4e3def6017fb560d75)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We recalculate the taskhash to ensure the version we have matches
what we think it should be. When we write out a sigdata file, use
the calculated value so that we don't overwrite any existing file.
This leaves any original taskhash sigdata file intact to allow a
debugging comparison.
(Bitbake rev: dac68af6f4add9c99cb7adcf23b2ae89b96ca075)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reparsing result
Bitbake can parse metadata in the cooker and in the worker during builds. If
the metadata isn't deterministic, it can change between these two parses and
this confuses things a lot. It turns out to be hard to debug these issues
currently.
This patch ensures the basehashes from the original parsing are passed into
the workers and that these are checked when reparsing for consistency. The user
is shown an error message if inconsistencies are found.
There is debug code in siggen.py (see the "Slow but can be useful for debugging
mismatched basehashes" commented code), we don't enable this by default due to
performance issues. If you run into this message, enable this code and you will
find "sigbasedata" files in tmp/stamps which should correspond to the hashes
shown in this error message. bitbake-diffsigs on the files should show which
variables are changing.
(Bitbake rev: 46207262ee6cdd2e49c4765481a6a24702ca4843)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
We don't remove sigdata files, we also shouldn't remove sigbasedata files
as this hinders debugging.
(Bitbake rev: 06e7c00f2e1ddda6a2632ec2354a3c8f5c34562d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
We don't remove sigdata files, we also shouldn't remove sigbasedata files
as this hinders debugging.
(From OE-Core rev: 988349f90c8dc5498b1f08f71e99b13e928a0fd0)
(From OE-Core rev: c8d96b10ee3bc2eae0fd269d2564286fd0bc82ed)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
We don't remove sigdata files, we also shouldn't remove sigbasedata files
as this hinders debugging.
(From OE-Core rev: 1ebd85f8dfe45b92c0137547c05e013e340f9cec)
(From OE-Core rev: 3764a5ce8a1f26b46c389c256c10596ed8d31cc7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
41d8236 Set GDB version number to 7.11.1.
136613e Fix PR gdb/19828: gdb -p <process from a container>: internal error
a0de87e Make gdb/linux-nat.c consider a waitstatus pending on the infrun side
cf2cd51 Add mi-threads-interrupt.exp test (PR 20039)
f0a8d0d Fix double prompt output after run control MI commands with mi-async on (PR 20045)
b5f0db4 Fix -exec-run not running asynchronously with mi-async on (PR gdb/18077)
7f8e34d Use target_terminal_ours_for_output in MI
(From OE-Core rev: 371345c0dc49bf781c27aea1e9f6a4c947fa30e6)
(From OE-Core rev: 23a7c411b39eece9c80e1fde84894c75ca8dcbe0)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When run the following command on x86:
svnadmin create /var/test_repo
It cause segmentation fault error like the following:
[16499.751837] svnadmin[21117]: segfault at 83 ip 00000000f74bf7f6 sp 00000000ffdd9b34 error 4 in libc-2.24.so[f7441000+1af000]
Segmentation fault (core dumped)
This is because in source code ./subversion/libsvn_fs_fs/low_level.c,
function svn_fs_fs__unparse_footer, when:
target arch: x86
apr_off_t: 4 bytes
if the "APR_OFF_T_FMT" is "lld", it still use type "apr_off_t" to pass
data to apr, but in apr source code file apr_snprintf.c the function
apr_vformatter meet "lld", it would use the:
i_quad = va_arg(ap, apr_int64_t);
It uses the apr_int64_t to deal data, it read 8 bytes, so the follow-up
data may be error.
(From OE-Core rev: 7ea7e3db7801b58495b89a95ec2751d618d3a29f)
(From OE-Core rev: 81b9ac05bdb3dc89c6fd17acbfff7cc4f4685108)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you are using a repository which contains a .templateconf file that
sets TEMPLATECONF to point into a layer it contains, but you aren't
using that layer in your bblayers.conf, the eSDK would produce an error
during the preparation step of the installation. An example would be
using the poky repository but setting DISTRO to your own custom distro
and removing meta-poky from your bblayers.conf. The eSDK doesn't
support creating new build directories, so we don't care about the
templates and can thus force a known good value to prevent this from
happening.
Fixes [YOCTO #10568].
(From OE-Core rev: 5ee32191a18013061dfa72e64713a94c5d321496)
(From OE-Core rev: 7fbc086f47ef6e36c819836deaa1b2fb3f0ec97a)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This directory shouldn't contain local.conf and bblayers.conf - just
templates for them; except it doesn't have to contain those, it just has
to exist to pass this test. Change the error message accordingly, and
mention TEMPLATECONF so that the user has at least some context.
(From OE-Core rev: 61adaaa4348c670769f8750223977dbefe369ffb)
(From OE-Core rev: 3136666fee621d94ec4c48e706f0dad3b6b6f08c)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure the recipe version matches what we're
actually shipping, so that tools like cve-check
can do the right thing.
Rather than fetching version 3.2.48 and applying all
patches up to and including version 3.2.57, we just
fetch the latter in the first place.
(From OE-Core rev: 614ac87f2832c5359f371439559be88d6106cd6b)
(From OE-Core rev: db3f5330d7a38bb07aca0d65aa94ca36beb721d6)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patches to fix CVE-2016-7423 and CVE-2016-7908 of qemu.
(From OE-Core rev: 1f4c303fd64a4bc05882de01676f241f0df6da78)
(From OE-Core rev: 34b9be55c31deb4eab5056cf1698c8052aca2596)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
