summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315Roy Li2015-07-203-1/+451
| | | | | | | | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315 Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. (From OE-Core rev: f86a178fd7036541a45bf31a46bddf634c133802) (From OE-Core rev: 7c667c6aa0302649c125b0325a2e6f641810cb09) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* test-dependencies.sh: strip only .bb suffixMartin Jansa2015-07-201-2/+2
| | | | | | | | | | | | * we were stripping too much when stripping recipe name from line like this: ERROR: Task 12016 (/some/patch/something.dot.bar.bb, do_fetch) failed with exit code '1' where the recipe name contains dots and doesn't end with _<version>.bb (From OE-Core rev: f4953004ec26c97fb696854f8e31d36b8bbeb8bf) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: update --with-llvm-shared-libs configure optionAndre McCurdy2015-07-201-1/+1
| | | | | | | | | | | | | | As per the Mesa 10.2 release notes, "--with-llvm-shared-libs" has been renamed to "--enable-llvm-shared-libs". http://www.mesa3d.org/relnotes/10.2.html (From OE-Core rev: b534c13bb13c1ab2739daaf32b59d917e93106fd) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: install populate-extfs.shMartin Jansa2015-07-201-0/+2
| | | | | | | | | | | | | | | | * install populate-extfs.sh from contrib, be aware that in order to use it you need to set DEBUGFS shell variable, otherwise it will try to use debugfs from relative path which is almost always incorrect: CONTRIB_DIR=$(dirname $(readlink -f $0)) DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs" (From OE-Core rev: 1a3a7a1ba8c271acd13cb1d740ef83ee02829e33) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: fix CVE-2014-3564Kai Kang2015-07-202-1/+59
| | | | | | | | | | | | | | | | | | Backport patch to fix CVE-2014-3564. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f (From OE-Core rev: 421e21b08a6a32db88aaf46033ca503a99e49b74) (From OE-Core rev: 7643fe96bbce57995580162b5339674cc4a9c81f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-support/gpgme/gpgme_1.4.3.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflowHaris Okanovic2015-07-202-0/+46
| | | | | | | | | | | | | | | | | | | | | | | Backport Arjun Shankar's patch for CVE-2015-1781: A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. https://sourceware.org/bugzilla/show_bug.cgi?id=18287 (From OE-Core rev: c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6) (From OE-Core rev: 96ff830b79c64d8f35c311b66906b492cbeeeb55) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2015-3456Kai Kang2015-07-202-0/+93
| | | | | | | | | | | | | | | | | | | | Backport patch to fix qemuc CVE issue CVE-2015-3456. Refs: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c (From OE-Core rev: 1d9e6ef173bea8181fabc6abf0dbb53990b15fd8) (From OE-Core rev: e4c1374330679f84436796a3f6c50b486465a7ed) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-devtools/qemu/qemu_2.1.0.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security Advisory - CVE-2015-3310Roy Li2015-07-202-0/+30
| | | | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not effected, but I found this buggy codes are same between 2.4.6 and 2.4.7, and 2.4.7 should have this issue. (From OE-Core rev: 5b549c6d73e91fdbd0b618a752d618deb1449ef9) (From OE-Core rev: d2f15f2ec2d9e8ecdb9aa69a413663f3615d7e0c) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qt4: add patch for BMP denial-of-service vulnerabilityJonathan Liu2015-07-202-0/+45
| | | | | | | | | | | | | | | | | | | did not include aarch64 patches. For further details, see: https://bugreports.qt.io/browse/QTBUG-44547 (From OE-Core rev: 840fccf8ec7691f03deeb167487cde941ebea8bf) (From OE-Core rev: c050f01d56c1eaf747ebb471b0b726b9cb3794d8) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-qt/qt4/qt4-4.8.6.inc Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsndfile: Security Advisory - libsndfile - CVE-2014-9496Yue Tao2015-07-203-1/+264
| | | | | | | | | | | Backport two commits from libsndfile upstream to fix a segfault and two potential buffer overflows. (From OE-Core rev: e2fdc340c109bd64b1520443b27bd42a0faef0e0) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: set dirs for do_populate_lic_setsceneRobert Yang2015-07-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Fixed: ERROR: Build of do_populate_lic failed ERROR: Traceback (most recent call last): File "bitbake/lib/bb/build.py", line 497, in exec_task return _exec_task(fn, task, d, quieterr) File "bitbake/lib/bb/build.py", line 437, in _exec_task exec_func(func, localdata) File "bitbake/lib/bb/build.py", line 212, in exec_func exec_func_python(func, d, runfile, cwd=adir) File "/home/nxadm/nx/ala-blade44.1/builds-2015-03-09-163005/qemuppc_world_oe_bp/bitbake/lib/bb/build.py", line 237, in exec_func_python os.chdir(cwd) OSError: [Errno 2] No such file or directory: 'bitbake_build/tmp/work/ppc7400-wrs-linux/taglib/1.9.1-r0/build' When running setscene, the cwd is $B which maybe removed by autotools.bbclass or cmake.bbclass when rebuild. (From OE-Core rev: 29872741d1d118e32cc04469535fed1b892b92e6) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster@smtp.gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: add LIBNUMA_DEFINESRobert Yang2015-07-201-1/+3
| | | | | | | | | | | | | Fixed: WARNING: QA Issue: perf rdepends on numactl, but it isn't a build dependency? [build-deps] The numactl is in meta-oe. (From OE-Core rev: bf7bbcf1f28f83b08b9067b13352af477bf48b37) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Armin Kuster <akuster@smtp.gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: build and install unsquashfs as wellMartin Jansa2015-07-201-1/+2
| | | | | | | | | | * it's useful for debugging corrupt squashfs images from mksquashfs (From OE-Core rev: 2811ea0d0f9cc4e9a1d4eed71bbc2d0c77043a40) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster@smtp.gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add a few missing security fixesArmin Kuster2015-07-204-0/+541
| | | | | | | | | | | | | CVE-2014-3707 CVE-2014-8150 CVE-2015-3153 not affected by: CVE-2014-8151 (From OE-Core rev: cfcda9db45350d03158569c8c01e448cb426de5a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: several security fixesMaxin B. John2015-07-203-0/+153
| | | | | | | | | | | | | | | | Fixes below listed bugs: 1. CVE-2015-3143 2. CVE-2015-3144 3. CVE-2015-3145 Dropped: 4. CVE-2015-3148 SPNEGO was introduced in 7.39 so this version not affected (From OE-Core rev: e525ef63ed2b4f3a250caf0748637b7f16b34d90) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2015dArmin Kuster2015-07-201-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes affecting future time stamps Egypt will not observe DST in 2015 and will consider canceling it permanently. For now, assume no DST indefinitely. (Thanks to Ahmed Nazmy and Tim Parenti.) Changes affecting past time stamps America/Whitehorse switched from UTC-9 to UTC-8 on 1967-05-28, not 1966-07-01. Also, Yukon's time zone history is documented better. (Thanks to Brian Inglis and Dennis Ferguson.) Change affecting past and future time zone abbreviations The abbreviations for Hawaii-Aleutian standard and daylight times have been changed from HAST/HADT to HST/HDT, as per US Government Printing Office style. This affects only America/Adak since 1983, as America/Honolulu was already using the new style. (From OE-Core rev: b9f366ab4e0a9cad69b631f402b9afa02d40f667) (From OE-Core rev: ff1547cccd840068500193d4aec772988a1f2023) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode: update to 2015dArmin Kuster2015-07-201-0/+11
| | | | | | | | | | | | | | | Changes affecting code zic has some minor performance improvements. (From OE-Core rev: 3ab7e247b0662a1791169f16424abec426885f80) (From OE-Core rev: 0c90fd63e8f4cd7179e836c3f20981913d19be75) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* neard: fix the install path in init scriptsCristian Iorga2015-07-201-1/+1
| | | | | | | | | | | | | | | | | The neard make scripts will place the daemon executable in /usr/lib/neard/nfc/neard. Change the path accordingly in init scripts. Fixes [YOCTO #7390]. (From OE-Core rev: bd277f3a46e7fc764cc55c5354d2136fcfddc3c1) (From OE-Core rev: d86fd6190b9ffd5012f229f319520615176c27ee) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.1pTudor Florea2015-07-152-38/+2
| | | | | | | | | | This upgrade fixes CVE-2015-1793 Removed openssl-fix-link.patch. The linking issue has been fixed in openssl. (From OE-Core rev: 208d1d72b0d248b12f800e566cb011aec9a1a084) Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* split_and_strip_files: regroup hardlinks to make build deterministicEd Bartosh2015-05-152-24/+27
| | | | | | | | | | | | | | | | | | | | | | | Reverted 7c0fd561bad0250a00cef63e3d787573112a59cf Created separate group of hardlinks for the files inside the same package. This should prevent stripped files to be populated outside of package directories. This turns out not to be straightforward and has overlap with the other hardlink handling code in this area. The code is condensed into a more concise and documented form. [Original patch from Ed with tweaks from RP] [YOCTO #7586] (From OE-Core master rev: 82d00f7254b7d3bb6a167d675d798134884d1b19) (From OE-Core rev: 96270e79a70960289856cf424c9e4c1894acb18c) Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/package.py: fix files ownership in packagesFabrice Coulon2015-05-151-1/+1
| | | | | | | | | | | | | | | | | | This fix solves the problem with the ownership of files in packages. The do_install task was producing correct and expected output but when the files were being put in, e.g. a rpm package, the ownership could be different than that in the do_install task. [YOCTO #7428] (From OE-Core master rev: 1a50cc5aeafff0d8ee6c4a41dd2770ecd31455f0) (From OE-Core rev: ad1a50a549377a0a74c51e20e53f146011e6c269) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Fabrice Coulon <fabrice.coulon@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* init-install-efi.sh: fix gummiboot entry installationReinette Chatre2015-05-011-3/+3
| | | | | | | | | | | | | | | | | After selecting the "install" gummiboot option of a Live image we are seeing boot failure resulting from the gummiboot entries not being installed correctly. This seems to be a problem in this init-install-efi.sh script where it incorrectly installs the gummiboot entries into the root filesystem, not the boot partition. We fix it by installing the entries in the boot partition. (From OE-Core rev: c9b06c79ed8a082d1b385e9f61721aeeda9bf1af) (From OE-Core rev: 4a44c9287d80dec0973b31d30d3d6250ce4b4df4) Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Acked-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: unbreak tar of uncompressed filesyocto-1.7.2dizzy-12.0.2Saul Wold2015-04-292-0/+24
| | | | | | | | | | | | | | A patch was added to fix compressed tar files, but broke uncompressed tar files, this fix is from the busybox mailing list http://lists.busybox.net/pipermail/busybox/2014-January/080389.html [YOCTO #7645] (From OE-Core rev: 2e67a2d35ffcaa0d35363b05209060aff7026c9a) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fontcache: allow to pass different fontconfig cache dirMartin Jansa2015-04-273-6/+6
| | | | | | | (From OE-Core rev: fc732ee788a254ec388cff8fe5619348014255d3) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* postinst-intercepts/update_font_cache: fix ownership of fontconfig cacheJonathan Liu2015-04-272-1/+2
| | | | | | | | | | | | | | The file ownership of the cache files in /var/cache/fontconfig needs to be set to root:root otherwise it inherits the user and group id of the build user. [YOCTO #7411] (From OE-Core rev: 0ecccc7e75f2833c4f2599ce46b6fb9a0bc06e22) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pulseaudio: use stricter PACKAGES_DYNAMICMartin Jansa2015-04-271-1/+1
| | | | | | | | | | | | | * I don't see any usage for libpulse-* packages * adding '-' resolves the issue when we have separate recipe for pulseaudio-modules-droid which isn't built to satisfy RDEPENDS with the same name, because generic pulseaudio recipe seems to RPROVIDE it through PACKAGES_DYNAMIC (From OE-Core rev: 88dfdf7f87f5ea9f5b6200896fc7e7f5374929df) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: lib/bb/utils: add safeguard against recursively deleting things we ↵Paul Eggleton2015-04-242-0/+71
| | | | | | | | | | | | | | | | shouldn't Add some very basic safeguard against recursively deleting paths such as / and /home in the event of bugs or user mistakes. Addresses [YOCTO #7620]. (Bitbake master rev: 56cddeb9e1e4d249f84ccd6ef65db245636e38ea) (Bitbake rev: fbf1c39641f78d553961974a2bb96256eb9496e7) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch/git: Remove a possible trailing '/' in subpathAnders Darander2015-04-241-1/+1
| | | | | | | | | | | | | | If the subpath parameter to the git fetcher ends with a trailing '/', bb.utils.prunedir() will be called on '/'... Fixes [YOCTO #7620]. (Bitbake master rev: 380a3fb372c8b0a53dd7528562e6e7a222dc76ef) (Bitbake rev: faffa1c4a4d8353b21a0d359076153da0dc31a05) Signed-off-by: Anders Darander <anders@chargestorm.se> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ref-manual: Updates to the TCLIBC variable descriptionScott Rifenbark2015-04-241-4/+0
| | | | | | | | | | | An old note still existed in this entry that stated we don't support glibc. This is not true. I deleted the note. Reported-by: Paul Eggleton <paul.eggleton@intel.com> (From yocto-docs rev: 3a8f5210dfa401bf2d2c9df86dd744c6b39671d7) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: enable building on 4.x kernelMartin Jansa2015-04-202-0/+37
| | | | | | | (From OE-Core rev: 7351c03e3bd674fcad4cb805bba3f34ef20d7003) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dizzy head revisionRichard Purdie2015-04-181-1/+1
| | | | | | (From OE-Core rev: 907ef15bb8bf6bd4fb9edb529240ed9982626401) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Fix patch to adjust for older codeSaul Wold2015-04-181-13/+14
| | | | | | | | | The older version of dpkg uses subproc_wait_check() instead of the newer subproc_reap() (From OE-Core rev: 3e5632a02ee8f07705d5c34a57f36c6932a2e6cb) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dizzy head revisionRichard Purdie2015-04-171-1/+1
| | | | | | (From OE-Core rev: 723e5486e89c6ebe4533ad05ebe5346744c452b1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky: Update to 1.7.2 release versionRichard Purdie2015-04-171-1/+1
| | | | | | (From meta-yocto rev: f1b296085c8e511861de951db594884bc7ab42c8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-target: Don't install target gcc libdir filesRichard Purdie2015-04-171-0/+9
| | | | | | | | | | | | | | | | Installing /usr/lib/gcc/* means we'd have two copies, one from gcc-cross and one from here. These can confuse gcc cross where includes use #include_next and builds track file dependencies (e.g. perl and its makedepends code). For determinism we don't install this to the sysroot, ever and rely on the copy from gcc-cross. [YOCTO #7287] (From OE-Core rev: 15b3324b769dc92e1b0d4b9da9fbfccbc8dde9dd) (From OE-Core rev: e80025efbfc8e8df01950045975d103b6d7f87b4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initscripts: Remove /etc/volatile.cache on upgradeBryan Evenson2015-04-171-0/+5
| | | | | | | | | | | | | | | | | /etc/volatile.cache is a cached copy of a script (which is generated by /etc/init.d/populate-volatile.sh) that generates the volatile filesystem directories. Since volatile.cache is a generated file, it is not necessarily changed if populate-volatile.sh is updated. As a result, the stale script can add/remove the wrong directories on the next system boot. If initscripts is being upgraded, make sure volatile.cache gets deleted. (From OE-Core rev: 3bdc098028732a4b22b1e65e5566b4cbe105fd41) Signed-off-by: Bryan Evenson <bevenson@melinkcorp.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base-files: Check for /run and /var/lock softlinks on upgradeBryan Evenson2015-04-171-0/+24
| | | | | | | | | | | | | | | | | Commit ea647cd9eebdc3e3121b84074519c4bb305adac9 moved the locations of /run and /var/lock to match the FHS 3 draft specifications. However, the install doesn't remove the existing directories. As a result, upgrading a system may result in /run as a softlink to /var/run and /var/run as a softlink to /run, creating a circular link. During pre-install, check for the existence of the old softlinks and remove them so the new directories can be installed. (From OE-Core rev: edeeee8432dc749b02e5e6eca0503229e394ebd3) Signed-off-by: Bryan Evenson <bevenson@melinkcorp.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg-native: Avoid 'file changed' errors from tarRichard Purdie2015-04-172-0/+56
| | | | | | | | | | | | | | Hardlink count duing do_package_write_deb can change causing dpkg-deb failures. We don't care about this error case so avoid it by checking the tar exit code. [YOCTO #7529] (From OE-Core rev: 8ee36a5f2f9367550d28bf271afc53bca6ff3d5f) (From OE-Core rev: bcb124931af57dc2f9d8fe9cbbabd5f8ee58e414) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* files/toolchain-shar-template.sh: fix replace target_sdk_dir twice in ↵Aníbal Limón2015-04-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | environment setup file When specify a target sdk dir that contains default install dir as subdir, target_sdk_dir=/opt/poky/$version/ custom_target_sdk_dir=/opt/poky/$version/some The target_sdk_dir variable in environment-setup file is replaced twice causes to point to wrong PATH. In order to fix filter environment-setup file in second replacement. [YOCTO #7032] (From OE-Core rev: 02ecaa69abe97fe2f01cd609e0e59933c0f9ddbf) (From OE-Core rev: 9f2825cf35d04ec99d29e0e4266410a8843dd80d) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-runtime: Remove libgfortran data from receipeDaniel Dragomir2015-04-171-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | Remove libgfortran packages from PACKAGES list as long as libgfortran has separate receipe since commit 5bde5d9b39ea67f19a1a6aedd0c08c6cfedcbe5f gcc: Allow fortran to build successfully in 4.8 Otherwise, when fortran support will be enabled in the compiler, both lingfortran and gcc-runtime receipes will create the same files and will try to install them. This will cause errors: ERROR: The recipe libgfortran is trying to install files into a shared area when those files already exist. Those files and their manifest location are: ... Please verify which recipe should provide the above files. (From OE-Core rev: 872342fa3d08edede4a0105ac3ddb0f2ae3224b4) (From OE-Core rev: de2aa7a56790581406f219339c9022638cd47494) Signed-off-by: Daniel Dragomir <daniel.dragomir@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fontcache.bbclass: prepend to PACKAGEFUNCS instead of appendingJonathan Liu2015-04-171-1/+1
| | | | | | | | | | | | | | | | | Appending to PACKAGEFUNCS results in the font packages missing the postinst/postrm scripts and the fontconfig cache not being generated in /var/cache/fontconfig when creating images or installing font packages. This is because the package data has already been emitted by emit_pkgdata in PACKAGEFUNCS. Prepend to PACKAGEFUNCS to ensure add_fontcache_postinsts is executed before emit_pkgdata. [YOCTO #7410] (From OE-Core rev: 7c6d8054bb87e56180920d790efc25d42e25ab8c) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libunwind: backport patch to link against libgcc_s intead of libgccJonathan Liu2015-04-172-0/+43
| | | | | | | | (From OE-Core rev: 986b46517ed9cd0821821371faab68e92c2d6dab) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autotools: Avoid find race for S = "${WORKDIR}"Richard Purdie2015-04-171-1/+1
| | | | | | | | | | | | | | | | | | | | | For recipes with PACKAGES_remove = "${PN}", the find which removes .la files can race against deletion of other directories in WORKDIR e.g.: find: '/home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/sstate-build-populate_lic': No such file or directory | WARNING: /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/temp/run.do_configure.6558:1 exit 1 from | find /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7 -name \*.la -delete The simplest fix is to add the find option which ignores these kind of races. [YOCTO #7522] (From OE-Core rev: dd8099ca3092fbd5c685e5ef1b1c5a8185a6893d) (From OE-Core rev: 1334c1f78b0020855a2579cfc1f4ab077151e917) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cpio: fix CVE-2015-1197Robert Yang2015-04-172-1/+156
| | | | | | | | | | | | | | | | | | | | | | | Additional directory traversal vulnerability via symlinks cpio CVE-2015-1197 Initial report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669 Upstream report: https://lists.gnu.org/archive/html/bug-cpio/2015-01/msg00000.html And fix the indent in SRC_URI. [YOCTO #7182] (From OE-Core rev: af18ce070bd1c73f3619d6370928fe7e2e06ff5e) (From OE-Core rev: 68aaca0ff60a9cc770583d3dd89b0c4281b88675) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2015-1196Robert Yang2015-04-172-0/+201
| | | | | | | | | | | | | | | | | | | | A directory traversal flaw was reported in patch: References: http://www.openwall.com/lists/oss-security/2015/01/18/6 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227 https://bugzilla.redhat.com/show_bug.cgi?id=1182154 [YOCTO #7182] (From OE-Core rev: 4c389880dc9c6221344f7aed221fe8356e8c2056) (From OE-Core rev: e2032c5788f7a77aa0e4e8545b550551c23a25fb) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: CVE-2015-0247Sona Sarmadi2015-04-172-0/+59
| | | | | | | | | | | | | | | | | | | Fixes a heap buffer overflow in lib/ext2fs/openfs.c which allows a trivial arbitrary memory write under certain conditions. References http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4 http://www.ocert.org/advisories/ocert-2015-002.html (From OE-Core rev: 572437720b6698a3a10627fcd9654ef10f827836) (From OE-Core rev: 67ac6070b1b11a3459ed8fd7e145eb476e493dc6) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: Add a patch to speedup mkfsRichard Purdie2015-04-172-0/+53
| | | | | | | | | | | | | | | See the patch description, this adds a tweak to an algorithm to improve core-image-sato-sdk mkfs time from over 8 minutes to about 35s. Needs discussion upstream but seems reasonable for our uses of it. (From OE-Core rev: 468fa9a7fac86bb0fcd3cbd18dc1492b57ca25f3) (From OE-Core rev: 5aee64c9577affc35ad1555f2a7eb9d287b9fda4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* util-linux: fix CVE-2014-9114Armin Kuster2015-04-172-0/+177
| | | | | | | | | | | | | | | Backport a patch to fix CVE-2014-9114. The patch has been integrated in util-linux-2.26. [YOCTO #7180] Hand applied do to version differencses. (From OE-Core rev: de0c751f57de118bba808f85fa255bb2d99ed9cb) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2015bArmin Kuster2015-04-172-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes affecting future time stamps Mongolia will start observing DST again this year, from the last Saturday in March at 02:00 to the last Saturday in September at 00:00. (Thanks to Ganbold Tsagaankhuu.) Palestine will start DST on March 28, not March 27. Also, correct the fall 2014 transition from September 26 to October 24. Adjust future predictions accordingly. (Thanks to Steffen Thorsen.) Changes affecting past time stamps The 1982 zone shift in Pacific/Easter has been corrected, fixing a 2015a regression. (Thanks to Stuart Bishop for reporting the problem.) Some more zones have been turned into links, when they differed from existing zones only for older time stamps. As usual, these changes affect UTC offsets in pre-1970 time stamps only. Their old contents have been moved to the 'backzone' file. The affected zones are: America/Antigua, America/Cayman, Pacific/Midway, and Pacific/Saipan. Changes affecting time zone abbreviations Correct the 1992-2010 DST abbreviation in Volgograd from "MSK" to "MSD". (Thanks to Hank W.) (From OE-Core rev: b00539285ffce0b7d954bc0610c986aa53c8255f) (From OE-Core rev: 7f8c1229ec79d256d7249725d8a90312c452e9e7) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode: update to 2015bArmin Kuster2015-04-172-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes affecting code Fix integer overflow bug in reference 'mktime' implementation. (Problem reported by Jörg Richter.) Allow -Dtime_tz=time_t compilations, and allow -Dtime_tz=... libraries to be used in the same executable as standard-library time_t functions. (Problems reported by Bradley White.) Changes affecting commentary Cite the recent Mexican decree changing Quintana Roo's time zone. (Thanks to Carlos Raúl Perasso.) Likewise for the recent Chilean decree. (Thanks to Eduardo Romero Urra.) Update info about Mars time. (From OE-Core rev: fbd98e677dcf6324cf713d888aa85c4264f42ec9) (From OE-Core rev: 098055d44b20010771b420a0ff5640ea7921e455) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>