summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* autotools.bbclass: Enhance sed regexp to avoid extra subshellMatthieu Crapet2014-07-251-1/+1
| | | | | | | | | | head -n1 can be done using sed. (From OE-Core rev: 38d50331acbc1e279449ae6b313ff0116b6c44e8) Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/runtime: Added skipModule import for test modules that use it.Lucian Musat2014-07-258-11/+11
| | | | | | | | | | The modules that use skipModule should import it themselves and not rely on somebody else to import it. (From OE-Core rev: 6a14db407d471e717f41342ac0700e6a383c32c3) Signed-off-by: Lucian Musat <georgex.l.musat@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa: Refactor test skipping decorators to use the unittest result objectLucian Musat2014-07-252-23/+34
| | | | | | | | | | | | In order to make the test skipping decorators independent of the oeTest object we rely on the unittest result object to construct skip, fail and error lists used by these decorators. Created a new object getResults that analyses upper frames and retrieves the unittest result object instance, then return a list of failed, skipped and error tests. Also removed the oetest import from decorators.py because it was no longer required. (From OE-Core rev: 4d2d201158236bd4c72546cf8db88681ff921b11) Signed-off-by: Lucian Musat <georgex.l.musat@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-good: add missing dependency on libcapJackie Huang2014-07-251-1/+1
| | | | | | | | (From OE-Core rev: e1ac22b340a66e3da53182faf0d624db9ccbdee1) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-plugins-good: add missing dependency on libcapJackie Huang2014-07-251-1/+1
| | | | | | | | (From OE-Core rev: ad68fd0e73a549356741bb050c4343ebd4a1e2fb) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pulseaudio: add missing dependency on libcapJackie Huang2014-07-251-1/+1
| | | | | | | | (From OE-Core rev: 4f0a1fc6c324840459919b80a9c096efdd2bf5bd) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* debian.bbclass: inherit packageRoss Burton2014-07-251-0/+3
| | | | | | | | | | | | | | This class defines a package_name_hook implementation but as EXPORT_FUNCTIONS is order-dependent it needs to inherit package.bbclass first to ensure that the "base" definition in there is defined first, otherwise with a suitable inherit order of debian and then a packaging class can result in the stub package_name_hook being incorrectly used. (From OE-Core rev: 3aa52f85e774bf82e8470a8fd849bd6953930720) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base-files: Don't export TZ if /etc/TZ existsRichard Tollerton2014-07-251-1/+1
| | | | | | | | | | | | | While glibc/eglibc looks for the time zone in /etc/localtime, other libc alternatives (e.g. uclibc) may look for it in /etc/TZ. If /etc/TZ exists, don't fall back to setting TZ to "UTC" in /etc/profile. (From OE-Core rev: a69c3ba99be1502c50d3d1eb9ff66f135884ed76) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: use ptest-gnomeRoss Burton2014-07-251-5/+2
| | | | | | | | (From OE-Core rev: fb32cd7abac268747347ee5cff98a4d07dc4b780) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-gnome: add ptest helper for GNOME packagesRoss Burton2014-07-251-0/+8
| | | | | | | | | | | | Many GNOME packages are using their InstalledTests pattern, where the test suite can be trivially installed. To avoid repeating the same logic over and over, add a class to encapsulate this. (From OE-Core rev: 6a66fadbd7d7675c61c342f9c338edbdedf8b92c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* shared-mime-info: upgrade to 1.3Ross Burton2014-07-252-7/+7
| | | | | | | | (From OE-Core rev: 8abd1d0d605cec77faca1f21663feb4ad9e27d1d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xf86-video-evdev: upgrade to 2.9.0Ross Burton2014-07-251-3/+3
| | | | | | | | | | Build-dependency on libevdev added. (From OE-Core rev: 527d84799e4a7fb194002ea4db5deee9a6a3086c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libevdev: add new recipe (needed by xf86-input-evdev)Ross Burton2014-07-251-0/+13
| | | | | | | | (From OE-Core rev: ad8e7f6d379a99649a1431a4bae7ad0bb0a78d9d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxi: upgrade to 1.7.4Ross Burton2014-07-252-20/+2
| | | | | | | | | | Also remove outdated (~1.2.99.5) git recipe that was never used. (From OE-Core rev: de36faa2a6a7c7a379807d69fa07a04a4c878ff8) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Upgrade to 7.37.1Saul Wold2014-07-251-2/+2
| | | | | | | (From OE-Core rev: 2cd9141c8a8b9639c95cb68496f0392ba26595dc) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups: Upgrade to 1.7.4Saul Wold2014-07-254-197/+6
| | | | | | | | | Remove patch that was backported (From OE-Core rev: 984c8d621a2c2315a6c18b0f0b2fc0b380e7ca4d) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils-cross-canadian: Explicitly DEPEND on nativesdk-flex, we require it ↵Richard Purdie2014-07-251-1/+1
| | | | | | | | anyway (From OE-Core rev: 1ed42b9248ba1ba393c812e4c485d25db464e683) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Use PACKAGECONFIG for libusb to avoid floating dependencyRichard Purdie2014-07-251-0/+1
| | | | | | (From OE-Core rev: 24cc1af031244ad7c152b98312012b6344e57d48) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-multilib: Simply/fix MULTILIB_OPTIONS handlingRichard Purdie2014-07-251-18/+9
| | | | | | | | | | | | | | | | | | | | | | MULTILIB_OPTIONS takes the parameters which trigger a given multilib to be selected. It supports *one* option per multilib, '/' separated. Spaces separate options used to generate additional multilib combinations. Adding in all of CFLAGS to this is therefore clearly a really bad idea but how do we fix things? The best option I've come up with so far is a list of whitelist variables to use to trigger the multilibs. Its populated with the standard multilibs we support, anyone setting up an advanced multilib can populate the variable with the correct trigger parameters. This has the advantage of simplifying the code and allowing us to remove the code filtering blocks since there is no longer option duplication. Testing after this change shows a much improved sdk toolchain functionality. (From OE-Core rev: 29202cd1b9d2e5d56e5b9f7a596e44e229c90492) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/classextend: Avoid early expansion of PR valuesRichard Purdie2014-07-251-1/+6
| | | | | | | | | | | | | | Variables like RDEPENDS can contain EXTENDPKGV which in turn uses AUTOPR based values. This gets set during do_package execution so we want to defer expansion until then. The only way we can do this in the RDEPENDS (and friends) mapping code is to subsitute a dummy value, then change it back again. Horrible but I can't see any other way. This resolves multilib build failures with inconsistent PR values. (From OE-Core rev: 5aea553e6eaa3b9647f26944976d2a9da79cba42) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross-canadian: Copy target_ definitions from cross.bbclassRichard Purdie2014-07-251-3/+4
| | | | | | | | | A while back we fixed the cross definitions to work better in multilib configurations, apply the same fixes to cross-candian.bbclass (From OE-Core rev: 4544b7f1d0abd1b1efd74da430f1ddedf3fdbd1d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_base: Extend TOOLCHAIN_TARGET_TASK to include multilib variantsRichard Purdie2014-07-251-1/+4
| | | | | | | | | | Most people expect the toolchain from a multilib build to contain multilib components. This change makes that happen and is easy for users to override should they want something different. (From OE-Core rev: 396371588c7fd2d691ca9c39cd02287e43cb665b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libomxil-0.9.3: Remove versioning for bellagio .so files.Drew Moseley2014-07-252-3/+43
| | | | | | | | | | | The so files installed under ${libdir}/bellagio are not versioned and should be installed without version-based symlinks so that omxregister-bellagio can properly find and register them. (From OE-Core rev: 3846b1ec782ba0cc64d389d03116743208e2383f) Signed-off-by: Drew Moseley <drew_moseley@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "libomxil-0.9.3: Remove versioning for .so files."Drew Moseley2014-07-252-80/+6
| | | | | | | | | | | The previous version of this fix was too aggressive and removed versioning from too many of the .so files in the libomxil package. This reverts commit 0ef3734c2f279bf463ba4d1aef5241cd4882d483. (From OE-Core rev: b76d254db92d9c08e8d5d41becb2e60178cebb33) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* allarch: Generate same package for MIPS and non-MIPS targetsMike Crowe2014-07-251-0/+5
| | | | | | | | | | | | | | | | | | LINKER_HASH_STYLE differs between MIPS and non-MIPS targets. This means that LDFLAGS differs too. LDFLAGS is exported so it influences all task hashes. Unfortunately this means that packages with architecture "all" differ depending on whether they are built for a MIPS or non-MIPS target. This causes a lot of unnecessary churn in the ipk/all directory when switching build targets. The simplest way to fix this is to ensure that LDFLAGS stays the same for architecture "all" packages by clearing it. It shouldn't being used by such packages anyway. (From OE-Core rev: 14f4d016fef9d660da1e7e91aec4a0e807de59ab) Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libice: fix non-deterministic libbsd dependencyRoss Burton2014-07-251-0/+3
| | | | | | | | | | | | | | | | libice 1.0.9 added automatic detection of arc4random(), which is in libbsd on Linux. As this is automatic and leads to failing builds when ssstate is reused, seed the autoconf cache as relevant to implement a PACKAGECONFIG for the functionality. Default to not using arc4random() as the fallback has been in use for many years, but people interested in security may wish to turn this on to increase the security of the X authentication cookies. (From OE-Core rev: 71d5eb34678eafbcb0f8ff4c31d52a276949bb0c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kern-tools: adjust to full history meta-dataBruce Ashfield2014-07-251-1/+1
| | | | | | | | | | | | | In order to generate and support kernel trees with full history, we need to modify the kernel tools e914d570232a kgit-checkpoint: ensure that full meta-data artifacts are maintained 192be836d318 kgit-scc: allow meta-data history to be maintained (From OE-Core rev: f2015ead17c875ae37a9ad496fdafef2b931f771) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.14: libata and generic CPU modalias handlingBruce Ashfield2014-07-253-10/+10
| | | | | | | | | | | | | | | | Updating the 3.14 yocto kernel to incorporate the following fix and feature of interest. 5724bf17acbf x86: align x86 arch with generic CPU modalias handling 6b9a52451a78 cpu: add generic support for CPU feature based module 38367de316bb libata: support the ata host which implements a queue depth less than 32 [YOCTO: #6489] (From OE-Core rev: 1fcb9843d663a5746690c81fe1cd6cf84dac04b9) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel: don't copy .so.dbg files into kernel source installBruce Ashfield2014-07-251-1/+1
| | | | | | | | | | | | | | | In 3.16+ x86-64 kernel builds produce a vdso64.so.dbg file. If this file is copied into the kernel source install multiple QA failures are triggered. Specifically, this file triggers a debug package split that results in files installed but not shipped, and invalid .debug file errors. By ensuring that .so files are not copied, we avoid this incorrect split with no impact on future build phases. (From OE-Core rev: f1f6d153de9dc675b4bf4020799b2365b1b62ec7) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto-dev: bump to v3.16+Bruce Ashfield2014-07-251-1/+1
| | | | | | | (From OE-Core rev: f90af1a78c2b616469ab49e3d426878602ad3e7b) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: x86_64: expand kernel stack to 16KBruce Ashfield2014-07-253-10/+10
| | | | | | | | | | | | | | | | | | | | | | | Updating to backport the following mainline commit: [ x86_64: expand kernel stack to 16K commit 6538b8ea886e472f4431db8ca1d60478f838d14b upstream While I play inhouse patches with much memory pressure on qemu-kvm, 3.14 kernel was randomly crashed. The reason was kernel stack overflow. When I investigated the problem, the callstack was a little bit deeper by involve with reclaim functions but not direct reclaim path. .... ] (From OE-Core rev: b162bcf26a5b97fddd2a64789f97ec705bb354f9) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-modules: re-enable ARM buildsBruce Ashfield2014-07-251-2/+1
| | | | | | | | | With lttng 2.4.2 and gcc 4.9, we can now enable lttng-modules for ARM. (From OE-Core rev: f6587be6cd3dc864143b1c0be0bb8179a61dc835) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-modules: update to 2.5.0Bruce Ashfield2014-07-254-39/+157
| | | | | | | | | | | | | | During the uprev of the yocto kernel to 3.16, lttng-modules failed to build. To grab the latest stable content, we update to 2.5.0, and add two patches to also make it build against 3.16+. We also drop the older 2.3.3 lttng-modules, since it is no longer required to support ARM builds. (From OE-Core rev: 10680c8f06c52b25ed63d315596707701402646d) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.14: vexpress and MVM firmware supportBruce Ashfield2014-07-253-13/+13
| | | | | | | | | | | | Updating the 3.14 SRCREVs to integrate the following changes: meta: iwlwifi: Add MVM firmware support vexpress: Pass LOADADDR to Makefile (From OE-Core rev: da1eca40b5ff608df6f4041a92b2d4c71ee6784e) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* insane: Add build depends checkRichard Purdie2014-07-251-3/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that we can get the task dependency tree from bitbake, we can start to use this to strengthen our QA checks. If a dependency is added on something which isn't in our dependency tree, that is obviously a bad thing for example. This patch therefore checks the RDEPENDS against the list of tasks and ensures we do have a dependency present, if not a QA warning or error can be issued through the usual mechanism. The implementation is complicated by needing to resolve the RDEPENDS to a PN using pkgdata. Its possible that can be an RPROVIDES of another package so we need to check that too if it isn't a direct RDEPENDS. To allow this test to work, we need to extend the do_package_qa dependencies to include all RDEPENDS. In practise the do_package_write_* tasks already do this so there should be no new circular dependencies or any issues like that. For now the issues are warnings as there are issues this finds in OE-Core which need to be resolved and certainly will be in other layers too. This change should simplify and assist some of Martin's dependency scripts, the idea for this came from a discussion with Martin. It has changed in that it doesn't just cover shlibs dependencies but checks all dependencies. (From OE-Core rev: f6cb24cf2255297308ef57399a6be407129d9b8f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ref-manual: Updated note in the "CentOS Packages" section.Scott Rifenbark2014-07-251-5/+11
| | | | | | | | | | We want to encourage installation of the buildtools tarball for getting the most up-to-date packages on this build host. (From yocto-docs rev: 5298737a5ad579ea5097221d2ef5a0f388ebff6c) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake: remove choices for dump-signaturesRobert Yang2014-07-241-1/+1
| | | | | | | | | The SIGNATURE_HANDLER can be defined by the user, so we can't use choices. (Bitbake rev: 0036b36e333a68c6d30a6bf5c21bfd4fd3e8441b) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_ipk.bbclass: Support hierarchical feedPaul Barker2014-07-231-1/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch allows for an optional new layout for ipk feed directories which I've called a 'hierarchical feed' and is based on how Debian pools package files. It is disabled by default and is enabled by setting IPK_HIERARCHICAL_FEED to "1". In the traditional feed layout, package files are placed in <outdir>/<arch>/. This can lead to several thousand files existing in a single directory which is often a problem if developers want to upload a package feed to a shared web hosting provider. For example, in my case, listing files via FTP only shows the first 2000 files, breaking my scripts which attempt to upload only new and changed files via FTP. In the hierarchical feed, package files are written to <outdir>/<arch>/<pkg_prefix>/<pkg_subdir>, where pkg_prefix is the first letter of the package file name for non-lib packages or "lib" plus the 4th letter of the package file name for lib packages (eg, 'l' for less, 'libc' for libc6). pkg_subdir is the root of the package file name, discarding the version and architecture parts and the common suffixes '-dbg', '-dev', '-doc', '-staticdev', '-locale' and '-locale-*' which are listed in meta/conf/bitbake.conf. This change relies on recent patches to opkg-utils which support hierarchical package feeds. Signed-off-by: Paul Barker <paul@paulbarker.me.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: move BB_NUMBER_THREADS and PARALLEL_MAKE to bitbake.confRoxana Ciobanu2014-07-231-0/+6
| | | | | | | | | | | | | Currently, BB_NUMBER_THREADS and PARALLEL_MAKE default to unset and are set in local.conf. Now that we have the automatic probing, the default values can be set in bitbake.conf and an example of explicitly defining how many tasks to run can be moved to local.conf.sample.extended. [YOCTO #6217] Signed-off-by: Roxana Ciobanu <roxana.ciobanu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: move BB_NUMBER_THREADS and PARALLEL_MAKE to bitbake.confRoxana Ciobanu2014-07-232-22/+23
| | | | | | | | | | | | | Currently, BB_NUMBER_THREADS and PARALLEL_MAKE default to unset and are set in local.conf. Now that we have the automatic probing, the default values can be set in bitbake.conf and an example of explicitly defining how many tasks to run can be moved to local.conf.sample.extended. [YOCTO #6217] Signed-off-by: Roxana Ciobanu <roxana.ciobanu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: Add CVE patchesYue Tao2014-07-2318-0/+917
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Security Advisory - ffmpeg - CVE-2013-0866 The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0866 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875 The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860 The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0860 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934 Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946 The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3946 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023 The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7023 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009 The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7009 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855 Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351 Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848 The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0848 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944 The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944 file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \ gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010 Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941 The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bound write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3941 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846 Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0846 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618 The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient frames to estimate rate. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6618 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617 The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617 (From OE-Core rev: 58f08a96764094189b5aaf3cc8b4cc0c95e23409) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* serf: specify LIBDIR to avoid install issueTing Liu2014-07-231-2/+2
| | | | | | | | | | LIBDIR defaults to ${prefix}/lib, use ${libdir} to avoid issue on 64bit platforms. (From OE-Core rev: e5c023abd5265293623ac993a048d7abb9b71a59) Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: remove CFLAGS overrideTing Liu2014-07-231-7/+0
| | | | | | | | | | | | | | | | | | | | | | definition of __SANE_USERSPACE_TYPES__ was added in kernel source by commit e3541ec75219819d3235f80125a1a75d798ff6e1 perf tools, powerpc: Fix compile warnings in tests/attr.c Overriding the CFLAGS makes it impossible for kernel build system to append to it, thus making the build fail in various ways as: | CC /.../perf/1.0-r9/perf-1.0/perf.o | In file included from builtin.h:4:0, | from perf.c:9: | util/util.h:74:24: fatal error: lk/debugfs.h: No such file or directory | #include <lk/debugfs.h> | ^ | compilation terminated. (From OE-Core rev: 7e7063e495d6451b46e06d08d16f92d0597a7d11) Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* net-tools: ifconfig interface:0 del <IP> will remove the aliased IP on IA64Yong Zhang2014-07-232-1/+35
| | | | | | | | (From OE-Core rev: d96b5072d53f134c5038601e30368db6ccfefe78) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* toolchain-script: Really fix CANADIANEXTRAOE issuesRichard Purdie2014-07-231-1/+1
| | | | | | | | | | | There was an error in the previous fix for the powerpc toolchain issue, this should correct it (and simplify the code too). [YOCTO #6490] (From OE-Core rev: 54ddf3fe060715534cd9e23d6e89cf6b06ed3d9f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity: Check for setgid/setuid TMPDIRRichard Purdie2014-07-231-0/+6
| | | | | | | | | | | | Building in a TMPDIR which has setgid or setuid is a bad idea. We could try and reset the permissions but since these can also invade into other directories like the cache or sstate, lets tell the user to fix it instead. [YOCTO #6519] (From OE-Core rev: 8e44fc36018fda9b1f9ca8aebde3e744afc07eaa) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initscripts: fix bashism in bootmisc.shBen Shelton2014-07-231-1/+5
| | | | | | | | | | | | | | | | | | | | In the commit 'initscripts: save /etc/timestamp with seconds accuracy', a bashism was introduced in the bootmisc.sh script in the code to set the current date from the stored value in /etc/timestamp. This causes that operation to fail with the following message when /bin/sh is not bash: /etc/init.d/rc: /etc/rcS.d/S55bootmisc.sh: line 73: syntax error: bad substitution Fixed by using pattern matching removal rather than bash-specific substring expansion. [YOCTO #6566] (From OE-Core rev: c8a451adc71e4ce9ab963f61d7830c2d75aaffca) Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: Add nativesdk in BBCLASSEXTENDRichard Tollerton2014-07-231-1/+1
| | | | | | | | | | Necessary for including it in meta-toolchain. (From OE-Core rev: f4d288881d7b1b2390a0f1234724fdd5d7a84b57) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysvinit: bootlogd: ensure /var/log/boot is created in volatilesRichard Tollerton2014-07-232-1/+7
| | | | | | | | | | | | bootlogd does not write to /var/log/boot if it does not exist, so if using the volatiles facility (presumed to mount /var/log under a tmpfs), ensure that /var/log/boot gets created. (From OE-Core rev: 283d109098358c06ff10daaf612e5a244691d7ac) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysvinit: bootlogd: Don't run savelog if it's not installedRichard Tollerton2014-07-231-2/+2
| | | | | | | | | | | | | | | | bootlogd's default log rotation code on stop requires `savelog`, which is in debianutils, which may not be installed. If it's not installed, don't try to perform the log rotation. That is: in the affected code block, `savelog` is what is responsible for creating "boot.0". When `savelog` doesn't exist, an error message gets printed on bootup to the effect of "mv: can't find boot.0". (From OE-Core rev: 5c22973e1bf76615bcf57984ac7a30cf7d0766df) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>