| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Updated update-gawk-paths.patch.
- Updated Makefile-ptest.patch
- Removed 0008-replace-struct-ucontext-with-ucontext_t.patch which is already in
the source.
- The LIC_FILES_CHKSUM is changed because the years have been updated,
the contents are the same.
(From OE-Core rev: 111e4a8642160c8441e447da32a4ef52995bbe99)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Removed the following 2 patches which are already in the source:
- 0001-e2fsck-exit-with-exit-status-0-if-no-errors-were-fix.patch
- e2fsprogs-1.43-sysmacros.patch
(From OE-Core rev: ce0efa2e38611428aff6d39d52ce29f8a6571813)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: c73d1ceaa6643b3713e95154ba2a53eb304257a7)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 8c53a8c87c509da68d1f423ecd11f6b11186acd1)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 544d522ff0eb8d57753eb5c237743d2310866fec)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hard depending on the kernel makes it impossible to install kernel
modules without getting the kernel image installed too. This is
inconvenient in e.g. initramdisks, where the kernel is loaded from
outside the initramdisk.
Making the kernel modules rrecommend kernel-image-<version> instead of
rdepending on it, makes it possible to install kernel modules without
the kernel image by setting "kernel-image" in BAD_RECOMMENDATIONS.
(From OE-Core rev: 5dd7ddb66a6846d9bb59dc7833e8318992d0e645)
Signed-off-by: Martin Hundebøll <mnhu@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
dnsproxy: Fix crash on malformed DNS response
If the response query string is malformed, we might access memory
pass the end of "name" variable in parse_response().
[YOCTO #11959]
(From OE-Core rev: fb3e30e45eea2042fdb0b667cbc2c79ae3f5a1a9)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. COPYING.LIB: Rename to COPYING.LGPL3.
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1
2. Rebase patches:
- pkgconfig.patch -> 0001
- use-pkgconfig-instead-of-npth-config.patch -> 0002
- dirmngr-uses-libgpg-error.patch -> 0003
- autogen.sh-fix-find-version-for-beta-checking.patch -> 0004
3. Fix gpg2 not found
...
dnf -vy makecache
|Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature
verification error: gpgme_engine_check_version() error: Invalid crypto
engine.
...
The upstream install gpg by default and no gpg2
...
commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b
Author: Werner Koch <wk@gnupg.org>
Date: Sat Aug 5 14:39:32 2017 +0200
gpg: Install gpg by default under the name gpg.
...
Add --enable-gpg-is-gpg2 to revert it.
(From OE-Core rev: f62d844424670967d2d40cd2afc96f5fc597bf1d)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Don't hardcode the package name, it could be gdk-pixbuf or
lib32-gdk-pixbuf.
(From OE-Core rev: 92a299a550b5b9c68c0285fdeb3d4c9defa0dede)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were being a bit prescriptive in setting LICENSE and
LIC_FILES_CHKSUM. We can't always trust what's in the metadata
accompanying some source which plugins will almost always be pulling
from, however we do want to allow plugins to set the LICENSE and
LIC_FILES_CHKSUM values. Merge what we find in our license file scan
with what the plugin sends back.
Additionally, plugins can now add a "license" item to the handled list
in order to inhibit the normal LICENSE / LIC_FILES_CHKSUM handling if
they have already taken care of it completely.
Thanks to Mark Horn <mark.d.horn@intel.com> for prompting, testing and
fixing this patch.
(From OE-Core rev: 1df60b09f7a60427795ec828c9c7180e4e52f98c)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously if we were able to auto-determine the name from the URL, that
took precedence over any name that might be set in extravalues by a
plugin. Some plugins might be able to get a better idea of the name and
thus we should move defaulting of the name further down after the
plugins have had a chance to set it.
(From OE-Core rev: 3bb979c13463705c4db6c59034661c4cd8100756)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Takes a tar archive created by 'devtool export' and imports (untars) it
into the workspace. Currently the whole tar archive is imported, there
is no way to limit what is imported.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510
[YOCTO #10510]
(From OE-Core rev: 2de8ba89ef10fefcc97246dfeb4b8d1e48ee8232)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
In case the proposed md5sum to be appended to the .devtool_md5 file
is already present, do not append it.
(From OE-Core rev: f958c5cba3b0d24ca696b2b707857009c9a7b5b8)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default, exports the whole workspace (all recipes) including the source code.
User can also limit what is exported with --included/--excluded flags. As
a result of this operation, a tar archive containing only workspace metadata
and its corresponding source code is created, which can be properly imported
with 'devtool import'.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510
[YOCTO #10510]
(From OE-Core rev: f9bc3b5101b554a72298266519dbdd1497f262a6)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When devtool upgrade is run on a recipe with revision specified
that is not on master branch, and branch isn't set by --srcbranch or -B,
then we should get the correct branch and append the branch to the URL.
If the revision was found on multiple branches, we will display error
to inform user to provide a correct branch and exit.
[YOCTO #11484]
(From OE-Core rev: 29ced7387a92aed17b7fe93b1654790a981734c1)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
During recipe creation, it seems that the automation for replacing
${PV} at the SRCURI for tag, (e.g mbed-tls-${PV}) is causing some
issue due to PV assuming it's a git source. A fix is implemented in
this patch to resolve this issue.
(From OE-Core rev: 9d3ec76c1b7dd75d904f5ff47297de0fb65b21c2)
Signed-off-by: Stanley Phoong <stanley.cheong.kwan.phoong@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If a git URL is passed to recipetool create with a tag=, recipetool
should handle it assuming that the tag is valid.
[YOCTO #11393]
(From OE-Core rev: 3afdcbdc9a3e65bc925ec61717784ffec67d529d)
Signed-off-by: Stanley Phoong <stanley.cheong.kwan.phoong@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change is to improve the buildability of the recipe created by
recipetool and devtool.
When recipetool create is run on a git URL and a revision specified
that is not on master, and "branch=" isn't already in the URL, then
we should get the correct branch and append the branch to the URL.
If the revision was found on multiple branches and 'master' is not
in the list, we will display error to inform user to provide a
correct branch and exit.
[YOCTO #11389]
(From OE-Core rev: ecca596b75cfda2f798a0bdde75f4f774e23a95b)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When creating new recipes, we are almost certainly fetching a new
source rather that something that has already been fetched. I have
disable PREMIRRORS and MIRRORS settings in the recipe that created
by devtool while leaving an option for users to enable them manually
if needed. Since devtool already has this options, we need to ensure
that recipetool is able to handle the options passed from devtool.
(From OE-Core rev: 091cee2bdc2378a3425a4ef8558d03e6f9c021ff)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is an interesting bug in the current code where a sync command
is not seen until the current async command completes, by which time
the UI may have shut down.
The reason is that if there are idle commands, we may not end up sleeping
in the select call at all, partiularly under heavy load like parsing.
Fix this by calling select with a zero timeout so that we see active
fds and know to read from them. This fixes various problems toaster was
having with the recent server changes.
[YOCTO #11898]
(Bitbake rev: bbcce58e824b2793abf50efa52db158ae16e23e4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The eSDK installation requires the meta-skeleton layer.
The build system might use the meta-skeleton recipes as layout
to create custom recipes. An example is the recipetool script
that uses the meta-skeleton kernel recipe when creating a custom
kernel recipe.
[YOCTO #11102]
(From OE-Core rev: 5c9ef0734d23909b5694ed43cdbb205c2ba9ca95)
Signed-off-by: Juan M Cruz Alcaraz <juan.m.cruz.alcaraz@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our grub and syslinux bootloaders both define root=/dev/ram0 for live
images by default. Kernel docs show that root=/dev/ram0 is just a
sentinel value for the kernel to mount the initrd as root, which then
mounts and switches to the real root. This is exactly what our scripts
do, so just check for root=/dev/ram0 as well.
See: https://www.kernel.org/doc/html/v4.11/admin-guide/initrd.html#operation
This fixes the issue where the new initramfs-framework scripts would not
boot live images that use grub or syslinux bootloaders.
(From OE-Core rev: a30f8f60017d566d845ee5d3a8cfc338017211b0)
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip
the switch at the start of next development cycle.
Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is
not compatible with 1.1 should use that in its DEPENDS, as the 1.0
recipe will later be renamed back to openssl10. This does not always work:
http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html
but for many recipes it does.
(From OE-Core rev: 5585103c195104e85ed7ac1455bef91b2e88a04d)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The behavior before this change was to check USER_CLASSES and adjust
the install script to return either exit 0 (don't do anything) or
exit 1 (run on first boot). This enabled a user to include the prelink
package without enablign the image-prelink bbclass and get a first boot
prelink.
Checking USER_CLASSES is not desired, as an image should be able to simply
inherit the image-prelink and get the same type of behavior. Modifying
the recipe based on the inclusion of a class is a bad idea as it makes
this style work more difficult. So we move to a more defined strategy
based on exist uses. (That we know of...)
If we ae doing a cross install, we want to avoid prelinking.
Prelinking during a cross install should be handled by the image-prelink
bbclass. If the user desires this to run on the target at first boot
they will need to create a custom boot script.
[YOCTO #11169]
(From OE-Core rev: e31c9d32072b9cf62c0e9e55b4d421849d3d489b)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Replace the deprecated '-usbdevice' option with '-device usb-xx' option.
This would fix runqemu boot error like below.
'-usbdevice' is deprecated, please use '-device usb-...' instead
(From OE-Core rev: 2f1f3480d344f8521e01f456d2dcd6c4e989ec59)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport two patches to fix the following error when booting qemu.
Failed to unlock byte 100
(From OE-Core rev: 91eee8b08cd52f49bb1c8f8c680607b3f3a52d24)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The release version was actually working correctly; it only makes
the warning work properly.
(From OE-Core rev: e7986a5493ccd222b82c2388ea8c3bb7004b48dd)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
CURL_FORMAT_OFF_T does not seem to exist anymore, use
CURL_FORMAT_CURL_OFF_T instead. This works with old and new curl.
(From OE-Core rev: 5548f9c87c6a10cda2baf6f198762380e55f6ae2)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Optional installation of khrplatform.h was implemented upstream by a slightly
different approach -> 0001-mapi-Only-install-khrplatform.h-with-EGL-or-GLES.patch
can be removed.
(From OE-Core rev: 4473c9e846826bfb4f48cec9c6c7b1cad6666bb3)
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
* without this package installed any WebKitGTK+ based browser
will fail to correctly open html files (and other files)
from disk (file:// URIs). It will open them as plain txt files.
(From OE-Core rev: b708cb53b46d9d82a7853bcd0f25ef6bc417bd10)
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 03abde044a6c7cf4a54a9d074189f192b331d650)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Makes diagnosing failures easier.
[YOCTO #11209]
(From OE-Core rev: 1b58b409db081e739b786f51326f65b1818a5890)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
do_configure() will no longer convert references to
/usr/include into /path/to/recipes-sysroot/usr/include
for the file "Porting/Glossary".
[YOCTO #11243]
(From OE-Core rev: cb2dfe5627df2ff235b37622260484841f39af17)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed all instances of -fdebug-prefix-map in LTCFLAGS
declaration because they contain references to host system
and are not needed.
/absolute/path/to/host/dd was replaced with 'dd' in
lt_truncate_bin declaration.
Please take note that the location of regex is important
for DEBUG_PREFIX_MAP. Removal of DEBUG_PREFIX_MAP has to be
done before other regex command modify its option value.
Both are modified because they affect binary reproducibility.
[YOCTO #11656]
(From OE-Core rev: 04db02138e363898e040e33557f1296e8a43c3fd)
Signed-off-by: Ooi Cinly <cinly.ooi@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Disable build for muslx32.X32 isn't supported by valgrind at this
moment.
(From OE-Core rev: a945141062ac3d0736558be428f60af405b53a94)
Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Disable build for muslx32.
(From OE-Core rev: 7f6e47b0d8aec9cb22db50ccb40ebb01677f01ea)
Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Use PACKAGECONFIG to add cryptodev.
(From OE-Core rev: dddf15804f69757278abe175543e74332a978139)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: d8adf829f3fb58a41235f05c04ce700bf5d55ba7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ssh_allow_empty_password()
In images built with pam in DISTRO_FEATURES, we end up with dangling symlinks
if su is not packaged into image
$ ls /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -l
lrwxrwxrwx 1 kraj users 2 Aug 9 07:56 /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/su-l -> su
This causes image do_rootfs to fail
| sed: can't read /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/rootfs/etc/pam.d/s
u-l: No such file or directory
| WARNING: /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi/core-image-minimal/1.0-r0/temp/run.ssh_allow_empty_
password.19238:1 exit 2 from 'sed -i 's/nullok_secure/nullok/' /mnt/a/oe/build/tmp/work/raspberrypi3-bec-linux-gnueabi
/core-image-minimal/1.0-r0/rootfs/etc/pam.d/*'
Therefore we need to filter out dangling symlinks before sed'ing
things out
(From OE-Core rev: b92105e5a085c8cd3c650579644922ed97163e73)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport patch from the following link to fix CVE-2017-9814:
https://bugs.freedesktop.org/show_bug.cgi?id=101547
(From OE-Core rev: 4ff22f4bb10b83ea61218a01e12907a90edcd594)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the patch to fix CVE-2017-8363:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (heap-based buffer
over-read and application crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8363
(From OE-Core rev: 9cc9956c5ed09f9016cb23bd763652e5ab55f3cd)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the patch to fix CVE-2017-8362:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (invalid read and
application crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8362
(From OE-Core rev: 0c8da3f6f85962196f2ad54fffd839239f5c2274)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the patch to fix two CVEs:
CVE-2017-8361:
The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted audio file.
CVE-2017-8365:
The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote
attackers to cause a denial of service (buffer over-read and application
crash) via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8361
https://nvd.nist.gov/vuln/detail/CVE-2017-8365
(From OE-Core rev: d92877ade8fd4dd9b548c6b664bf4357a1f9428a)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-6508: CRLF injection vulnerability in the url_parse function in
url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary
HTTP headers via CRLF sequences in the host subcomponent of a URL.
External References:
https://nvd.nist.gov/vuln/detail/CVE-2017-6508
Patch from:
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4
(From OE-Core rev: 28404157e07a915d1445166df566c8838f2cce57)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport 3 patches to fix CVE-2017-10971:
In the X.Org X server before 2017-06-19, a user authenticated to an X
Session could crash or execute code in the context of the X Server by
exploiting a stack overflow in the endianness conversion of X Events.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-10971
(From OE-Core rev: 20428f660f2c046c63bbf63c4e4af95dac9f2b3d)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
testdata and testdata_link may point to the same file, in particular
when IMAGE_LINK_NAME and IMAGE_NAME are equal.
Check if this is the case before creating a symlink that points to
itself and makes the next build fail.
(From OE-Core rev: b516394f9e7858062aa7b042aa4a1bdef9d3a941)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When IMAGE_NAME and IMAGE_LINK_NAME are equal, do_write_qemuboot_conf will
create a symlink that links to itself.
Check if this is the case before creating the link.
(From OE-Core rev: f46652e77f467861dc68c3a8e54f27d08659222d)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When buildsystem with layer structure is going to be copied, only the last
meta-XXX layer is taken.
For example, during ext_sdk bblayers creating:
layers/oe/meta \
layers/oe/meta-oe \
layers/oe/meta-networking \
layers/oe/meta-webserver \
...
It restructured meta-oe, meta-networking,... contents into meta-oe.
Recipes from meta-oe will be on the same level like meta-networking,
meta-webserver, ... .
It should take the whole meta path instead of the last one.
layers/oe/meta \
layers/oe/meta-oe/meta-oe \
layers/oe/meta-oe/meta-networking \
layers/oe/meta-oe/meta-webserver \
...
Now the directory structure is the same like during build creation.
(From OE-Core rev: 5a59a6997f41e606d088e3e86812de56f72f543b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Besides providing the NATIVELSBSTRING, include distro info when creating
the (json) error report. This information provides better info than the
standard 'universal*' string for uninative builds.
[YOCTO #11824]
(From OE-Core rev: fdfbfc954a3e0ad79dc2bed9828f9f5dc40d506f)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
