summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build-appliance-image: Update to dunfell head revisionyocto-3.1.8dunfell-23.0.8Richard Purdie2021-05-241-1/+1
| | | | | | (From OE-Core rev: ecd636154e7cfc1349a7cfd8026a85eafa219535) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: Bump version for 3.1.8 releaseSteve Sakoman2021-05-241-1/+1
| | | | | | | (From meta-yocto rev: 134c1e9902148f907d4f9e78435fa3a827c6df03) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: Add fedora33 as a supported distroSteve Sakoman2021-05-241-0/+1
| | | | | | | (From meta-yocto rev: 199fa05ab723fa6df28fe228cc303409f0e37bf4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: prepare for 3.1.8 releaseSteve Sakoman2021-05-224-6/+7
| | | | | | | (From yocto-docs rev: 09b64a4d246bdcca62dddee152deef7b0dea69d7) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ref-system-requirements.rst: Add Fedora 33 to list of supported distrosSteve Sakoman2021-05-221-0/+2
| | | | | | | (From yocto-docs rev: 07669400a5affa6bc19a5bfdea9ebc05db0b07e3) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Handle manifest 'corruption' issueRichard Purdie2021-05-221-1/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Under certain build patterns, warnings about missing manifests can appear. These are real issues where the manifest was removed and shouldn't have been. Martin Jansa was able to find a reproducer of: MACHINE=qemux86 bitbake zlib-native echo 'PR = "r1"' >> meta/recipes-core/zlib/zlib_1.2.11.bb MACHINE=qemux86-64 bitbake zlib-native MACHINE=qemux86 bitbake zlib-native <the zlib-native manifest is now removed along with the sysroot-components contents> The code maintains a per machine list of stamps but a per PACAGE_ARCH list of stamp/manifest/workdir mappings. The latter is only appended to for speed with the assumption that once stamps are gone, the code wouldn't trigger. The code only ever appends to the mapping list (for speed/efficency under lock) meaning that multiple entries can result where the stamp/workdir differs due to version changes but the manifest remains the same. By switching MACHINE part way through the build, the older stamp is referenced and the manifest is incorrectly removed as it matches an now obsolete entry in the mapping file. There are two possible fixes, one is to rewrite the mapping file every time which means adding regexs, iterating and generally complicating that code. The second option is to only use the last mapping entry in the file for a given manifest and ignore any earlier ones. This patch implments the latter. Also drop the stale entries if we are rewriting it. (From OE-Core rev: 9039dd25e5d419dd1c60e1b27ff5f9d96c5b0fb5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 63da9a4f889c5b0e41bc8ec08abe0acea1546479) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: fix do_fetch failureStefan Ghinea2021-05-221-1/+1
| | | | | | | | | | | | | | | Bintray service has been discontinued causing boost do_fetch to fail: WARNING: boost-1.72.0-r0 do_fetch: Failed to fetch URL https://dl.bintray.com/boostorg/release/1.76.0/source/boost_1_72_0.tar.bz2, attempting MIRRORS if available (From OE-Core rev: ea7c3d5dce5e89ed746480b53789546222c961b5) Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6a76da15ece9d27fca20ace12db4978092e042b7) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "cml1.bbclass: Return sorted list of cfg files"Richard Purdie2021-05-221-1/+1
| | | | | | | | | | | | | | This reverts commit dee41e92f0efac7e453597bed4b4c02f867e3aa9. This patch breaks cases where some config files make changes to earlier ones, ordering is important. The reproducibility issue in busybox was elsewhere. (From OE-Core rev: 37d71a7a290a24ee9f57a76725e27769588de0ca) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ab0a296607b58775e91948ba40956c666dbb1244) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: providers: selected version not available should be a warningRoss Burton2021-05-221-2/+2
| | | | | | | | | | | | | If the selected version if not available, bitbake will happily attempt to build something else. This should be a loud warning not a small note. (Bitbake rev: 078f3164dcb1de7a141bec3a8fd52631d0362631) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 78cd63285713fde59506eb2e71a7b7ee59a594ff) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring"Robert P. J. Day2021-05-201-1/+1
| | | | | | | | | | (From OE-Core rev: cc49591d84d241d90e3dccb3e174ddfd737de311) Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2621dbbc1181808f18ca4ae79408d0d5b557670f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image.bbclass: fix comment "pacackages" -> "packages"Robert P. J. Day2021-05-201-1/+1
| | | | | | | | | | (From OE-Core rev: f0a53e39130d73eba774e97249e0fd472ca5b66d) Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5c5f0d21799c2bff6875ef9fdc22d11035ea3320) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dejagnu: needs expect at runtimeRomain Naour2021-05-201-0/+1
| | | | | | | | | | | | | runtest return an error due to missing expect on the target. Add expect as runtime dependency. (From OE-Core rev: 381a5f3e409504b2a31710d971eef58346339ae4) Signed-off-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d9a3a08edc1efcbe7b02e80be98370792d3c6cc2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/5.4: qemuppc32: reduce serial shutdown issuesBruce Ashfield2021-05-203-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrating the following commit(s) to linux-yocto/5.4: qemuppc32: reduce serial issues seen on shutdown Richard reported: We've been seeing a lot of the qemuppc shutdown issue and I decided to look into it. The really worrying thing looking at the logs locally is the serial ports are showing irq issues and becoming disabled as nobody would handle them. Errors like: [ 9.194886] irq 36: nobody cared (try booting with the "irqpoll" option) [ 9.198712] CPU: 0 PID: 127 Comm: bootlogd Not tainted [ 9.202283] Call Trace: [ 9.205611] [d1005f00] [c00a0da8] __report_bad_irq+0x50/0x138 (unreliable) [ 9.209347] [d1005f30] [c00a0cc0] note_interrupt+0x324/0x378 [ 9.212855] [d1005f70] [c009d138] handle_irq_event+0xe8/0x104 [ 9.216353] [d1005fa0] [c00a1d9c] handle_fasteoi_irq+0xc0/0x29c [ 9.219960] [d1005fc0] [c009b798] generic_handle_irq+0x40/0x5c [ 9.223496] [d1005fd0] [c00075d0] __do_irq+0x58/0x188 [ 9.226948] [d1005ff0] [c0010040] call_do_irq+0x20/0x38 [ 9.230391] [d29eda60] [c0007788] do_IRQ+0x88/0xfc [ 9.233860] [d29eda90] [c0016454] ret_from_except+0x0/0x14 [ 9.237288] --- interrupt: 501 at __setup_irq+0x3c4/0x838 [ 9.237288] LR = __setup_irq+0x790/0x838 [ 9.244155] [d29edb88] [c009f0a4] request_threaded_irq+0x114/0x1c8 [ 9.247672] [d29edbb8] [c07a5a18] pmz_startup+0x17c/0x32c [ 9.251203] [d29edbd8] [c07a1140] uart_port_startup+0x184/0x2f8 [ 9.254651] [d29edc08] [c07a1974] uart_port_activate+0x78/0xf4 [ 9.258141] [d29edc28] [c07839f8] tty_port_open+0xd4/0x170 [ 9.261579] [d29edc58] [c079db74] uart_open+0x2c/0x48 [ 9.265116] [d29edc68] [c077a288] tty_open+0x168/0x640 [ 9.268574] [d29edcd8] [c0280be8] chrdev_open+0x138/0x2a4 [ 9.272123] [d29edd18] [c027421c] do_dentry_open+0x228/0x410 [ 9.275643] [d29edd48] [c028e9f4] path_openat+0xb04/0xf28 [ 9.279184] [d29eddd8] [c02917e4] do_filp_open+0x120/0x164 [ 9.282535] [d29ede98] [c0276238] do_sys_openat2+0xd8/0x19c [ 9.285790] [d29edee8] [c0276574] sys_openat+0x88/0xdc [ 9.289096] [d29edf38] [c00160d8] ret_from_syscall+0x0/0x34 [ 9.292620] --- interrupt: c01 at 0xfec3738 [ 9.292620] LR = 0xfec36e0 [ 9.299035] handlers: [ 9.302312] [<7f7f7da8>] pmz_interrupt [ 9.305541] Disabling IRQ #36 (and the irqpoll option does not help) This is problematic as the shutdown test uses the serial interface to shut down the system. If the serial interface fails to login or run the command, game over for the test. CONFIG_SERIAL_PMACZILOG_CONSOLE complicates that handling, but doesn't provide any output or capabilities that we need. So we disable it here, and reduce the chances of issues during shutdown. (From OE-Core rev: 9ee0f43414a121487fc3310f4d5635b09aa3e117) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 42355cb73049ee7a4af0f539a2a5b7d4ee1abc65) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: include all relevant files in -bcm4356Yann Dirson2021-05-201-2/+2
| | | | | | | | | | | | | This currently catches the .clb_blob and .vamrs,rock960.txt, and other .txt files may come in future upstream releases. (From OE-Core rev: 501cd3063af388dabd3329d2e69ac218ffd62a9e) Signed-off-by: Yann Dirson <yann@blade-group.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e332738a8aae0914c58b40faae8b9d7a82fd6a95) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: upgrade 20210208 -> 20210315Alexander Kanavin2021-05-201-2/+2
| | | | | | | | | | | | License-Update: additional firmware files, version changes (From OE-Core rev: c3d35ca5ca70af56956425cf0879ed3fa2970179) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2f10b9dbb4fb8ccb9a427883370fbbeb6f394551) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* db: update CVE_PRODUCTChen Qi2021-05-201-1/+1
| | | | | | | | | | | | | Update CVE_PRODUCT to also include 'berkeley_db'. For example, CVE-2020-2981 uses 'berkeley_db'. (From OE-Core rev: 753e6510df01fb4d71f46639bef06e1361f87170) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ad799b109716ccd2f44dcf7a6a4cfcbd622ea661) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lsb-release: fix reproducibility failureAnuj Mittal2021-05-202-0/+28
| | | | | | | | | | | | | | | | Make sure help2man output is reproducible. Fixes: | .\"·DO·NOT·MODIFY·THIS·FILE!··It·was·generated·by·help2man·1.022. .\"·DO·NOT·MODIFY·THIS·FILE!··It·was·generated·by·help2man·1.022. | .TH·FSG·"1"·"April·2021"·"FSG·lsb_release·v1.4"·FSG .TH·FSG·"1"·"May·2021"·"FSG·lsb_release·v1.4"·FSG | .SH·NAME 3 .SH·NAME (From OE-Core rev: a5f34c7a95d227610ed9b6047ed53f43f84cbba9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 49371207a7f1fe3d3feb7b8b9aabb62b43ae34d1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/qemurunner: Improve handling of run_serial for shutdown commandsRichard Purdie2021-05-201-1/+6
| | | | | | | | | | | | | | When running a shutdown command, the serial port can close without the command returning. This is seen as the socket being readable but having no data. Change the way this case is handled in the code to avoid tracebacks. (From OE-Core rev: 9c0b242856de519c58be179f82441a35fc635ad9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 396a3ba884820d040c91f7592daf20ac28c49b5d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/qemurunner: Fix binary vs str issueRichard Purdie2021-05-201-2/+2
| | | | | | | | | | | | | | | | | The recent logging changes for qemurunner showed up as errors on the autobuilder where decode couldn't be called on the returned string. Since the code returns binary data, return b'' instead of '' to match to avoid tracebacks. One of these cases was newly added, copied from the other which has been there for a long time, always broken. (From OE-Core rev: 8f24a7b35861b6aec39bc8d589e090ea9816732c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b8995b27db265b0a0b2d2ca595915f70f9f96e07) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/qemurunner: Improve logging thread exit handling for qemu shutdown testRichard Purdie2021-05-202-6/+15
| | | | | | | | | | | | | | | | | | Rather than totally disabling the logging, inform it we're about to exit so we can log messages over the exit cleanly too. This aids debugging. It also avoids a race where the logging handler could still error whilst shutting down. Also remove a race window by notificing the handler of the shutdown first, before triggering it. This removes a race window I watched in local testing. (From OE-Core rev: 57249316b6c66c5e17804e1b04f2d5cf0db92683) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0e19f31a1005f94105e1cef252abfffcef2aafad) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: Exclude CVE-2021-26720 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | Issue only affects Debian and SUSE. (From OE-Core rev: 760cc905fda18ee73ff3698a117f8841d3823b65) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 72522fa1a5f3b9b2855043fe6b421886d641385f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* librsvg: Exclude CVE-2018-1000041 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | Issue only affects windows. (From OE-Core rev: 9b214d503f3237fa7cd96c20686e610b09994823) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a90d3b056992346003d96765fc8639f5235cca55) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* coreutils: Exclude CVE-2016-2781 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | | | | http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842 "Given runcon is not really a sandbox command, the advice is to use `runcon ... setsid ...` to avoid this particular issue. (From OE-Core rev: 1c18220fc8559f6423f9afd95a402753c2143e6b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2d273b5aed4a5bd509ec9c68a6f451c17ec17d0c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Exclude CVE-2015-7313 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | | Some fix upstream addresses the issue, it isn't clear which change this was. Our current version doesn't have issues with the test image though so we can exclude. (From OE-Core rev: 256f6be93eed82c7db8a76b1038e105331c0009f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3874da694ae1d9de06dd003bd80705205e2b033b) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | These CVEs are fixed with kernel changes and don't affect the bluez recipe. (From OE-Core rev: d7779a9d58b088ce078956af4fdc0325d8c03c35) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 658902477840ea34d414083c4c79616bf5e999a2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: Exclude CVE-2013-6629 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | | The CVE is in the jpeg sources included with ghostscript. We use our own external jpeg library so this doesn't affect us. (From OE-Core rev: 829296767ecfbd443d738367b7146a91506e25f2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8556d6a6722f21af5e6f97589bec3cbd31da206c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cpio: Exclude CVE-2010-4226 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | Issue applies to use of cpio in SUSE/OBS, doesn't apply to us. (From OE-Core rev: 0f759992b7713e9664a4276a068a65f5e638fe33) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 915b38c54a7932744a9f56713d1c6bd00a789331) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: Exclude CVE-2008-0888 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | | The patch mentioned as the fix for the CVE is applied to the 6.0 source code. Zip versioning makes CPE entry changes hard. (From OE-Core rev: 4ff9d2c57d9cade1faa3916f171e5ad96ee32487) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8917e5ae2bb44d017fc0155f16632c5decadb0bd) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Exclude CVE-2008-3844 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | CVE only applies to some distributed RHEL binaries so irrelavent to us. (From OE-Core rev: 44d477b1cadc3e48c0a902123736fdf3bf2b412c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5d8b3ddf91050f6745a99a8abb1c3b03c35247af) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Exclude CVE-2007-2768 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | We don't build/use the OPIE PAM module, exclude the CVE from this recipe. (From OE-Core rev: d55474025a4518c674d9781c4c3b1ce5d6389466) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3670be602f2ace24dc49e196407efec577164050) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* logrotate: Exclude CVE-2011-1548,1549,1550 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | | These CVEs apply to the way logrotate was installed on Gentoo, Debian and SUSE, exclude from cve-check as they don't apply to OE. (From OE-Core rev: 99cb9534902717e637f1460c1d1c10d290bbebf2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 23643016f3b8794db772e333ff0b8f598571b628) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* jquery: Exclude CVE-2007-2379 from cve-checkRichard Purdie2021-05-201-0/+5
| | | | | | | | | | | | | The CVE is non-specific and depends on the users of jquery, doesn't make sense to have this flagged against jquery as there is nothing we can do about it. (From OE-Core rev: d18ba3735ff3438ebd60b680e6bae5227c85bccb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2018-18438 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | | The issues were investigated and found not to be an issue therefore exclude from checks. (From OE-Core rev: 05f39301ab19a968916163b2d8f65beda7c09852) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ee6ee9bd489c126b99d15c1011560df2f840a6e9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2007-0998 from cve-checkRichard Purdie2021-05-201-0/+4
| | | | | | | | | | | The CVE applies to the built-in VNC server but we don't enable this by default. (From OE-Core rev: f0e0787265d9d8bd01629f2b56a0eb57d950c037) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Exclude CVE-2017-5957 from cve-checkRichard Purdie2021-05-201-0/+3
| | | | | | | | | | | The CVE applies to virglrender before 0.6.0 which we don't have. (From OE-Core rev: 559ed3e62e542b7a4456a9a4eef8742ce8521dfb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b5355375d028577de0b98e05992de6a088cb972) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* builder: whitelist CVE-2008-4178 (a different builder)Ross Burton2021-05-201-0/+2
| | | | | | | | | | (From OE-Core rev: 095535506951172e6f1812506a14fc3400f8b96e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 107987b342a834badfad286474b03543b4764d23) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)Ross Burton2021-05-201-0/+3
| | | | | | | | | | (From OE-Core rev: a6beac63da5294d02605100e6a47768c517280d9) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit be04484f99a5b29cc9066e350b526fc4420ad6d4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cairo: backport patch for CVE-2020-35492Ross Burton2021-05-202-0/+61
| | | | | | | | | (From OE-Core rev: 907e0edecbef830e1b057c58f5d398b57529f085) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0c4e6f99332ae253855708845a41fdfeb72d4c30) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: Document and whitelist CVE-2019-1010022-25Richard Purdie2021-05-201-0/+13
| | | | | | | | | | | | | | These CVEs are disputed by upstream and there is no plan to fix/address them. No other distros are carrying patches for them. There is a patch for 1010025 however it isn't merged upstream and probably carries more risk of other bugs than not having it. (From OE-Core rev: 2afbfc1eb6bc7613da4a7f06ac267ea561b5470e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b238db678083cc15313b98d2e33f83cccab03fc6) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jinja2: 2.11.2 -> 2.11.3Lee Chee Yang2021-05-201-1/+1
| | | | | | | | | | | | | updates include fix for CVE-2020-28493 changelog: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3 (From OE-Core rev: 9485d568b2b9e2143e1f46859a5c1de644c69b94) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: fix CVE-2020-35523 CVE-2020-35524Lee Chee Yang2021-05-204-0/+136
| | | | | | | | (From OE-Core rev: 84239e11227bc0b0e2e6d3b2faa7a9ee63025dd1) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3392Lee Chee Yang2021-05-202-0/+93
| | | | | | | | (From OE-Core rev: fe872d2edc160f48e57d3bdc82e5fc72f6dcbb72) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix CVE-2020-17525Lee Chee Yang2021-05-202-0/+118
| | | | | | | | (From OE-Core rev: 3975fe2156d30cc64005e56666f4e88716d5ba27) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky-tiny.conf: set PREFERRED_VERSION_linux-yocto-tiny to 5.4%Steve Sakoman2021-05-151-1/+1
| | | | | | | | | We no longer have a recipe for 5.0% in dunfell (and never did). (From meta-yocto rev: d8bdb69e6bd7b52cf047cd6be406bf632a600a58) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* reproducible.py: add quilt-ptest and valgrind-ptestSteve Sakoman2021-05-131-0/+2
| | | | | | | | | Both don't seem to be reproducible with fedora 33 (From OE-Core rev: 55dc503f4ab33e2aa51a3a6e4003131e0b9355ff) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ovmf: update edk2-stable202005 -> edk2-stable202008Alexander Kanavin2021-05-135-25/+41
| | | | | | | | | | (From OE-Core rev: 6075d688dc7b0c20b5eadb4db2c78d50466be7e7) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 61cc9acb54be09a12aac7c79f4b14e7e525d5596) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ovmf: update to 202005Alexander Kanavin2021-05-131-2/+2
| | | | | | | | | | (From OE-Core rev: 6427c9ce73a6575e262e7c7e89f78e756f80a35b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f8bf6b5f9aedcc4490008000250e69f74529db75) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ovmf: update to 202002Alexander Kanavin2021-05-132-12/+12
| | | | | | | | | | (From OE-Core rev: 028ac5a2b8c1b66de46ce46cb789e4d3093cd1d9) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c4301758f5a1560965ca5fb69eb1492adf351ed0) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/package_manager: Use shutil.copy instead of bb.utils.copyfile for interceptsSteve Sakoman2021-05-131-1/+1
| | | | | | | | | | | | If the scripts/postinst-intercepts is owned by root/root then the copyfile() calls will fail due to chown issues. We don't care about ownership of these files so use shutil.copy() instead which won't perform any chown. (From OE-Core rev: e9c8f43296552b43376d87fb291458731fb7f718) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libevent: Increase ptest timing tolerance 50 ms -> 100 msYi Fan Yu2021-05-132-0/+34
| | | | | | | | | | | | | | | | Adjusting the tolerance to a more reasonable time given the load on the AB and given the high amount(100) of events some of the tests like `common_timeout` generates. [YOCTO #14163] (From OE-Core rev: 3c59989b7a09f412704f90480c3726a0cb7df746) Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 38b36d2b90d570149e63816e68f457aea28a5092) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>