summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* wpa-supplicant: Security fix CVE-2020-12695Armin Kuster2020-08-044-1/+267
| | | | | | | | | | | | | | | | | | | Source: http://w1.fi/security/ Disposition: Backport from http://w1.fi/security/2020-1/ Affects <= 2.9 wpa-supplicant (From OE-Core rev: 720d29cbfce34375402c6a4c17e440ffbb2659bf) (From OE-Core rev: a341c128a5166c505ee1ec207abb87e5fa64d62e) Signed-off-by: Armin Kuster <akuster@mvista.com> (cherry picked from commit e9c696397ae1b4344b8329a13076f265980ee74d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.11.19akuster2020-08-043-238/+2
| | | | | | | | | | | | | | | | | | | | | | | Bug fix only updates. suitable for Stable branch updates where applicable. Drop CVE patches included in update LIC_FILES_CHKSUM update copyright year to 2020 Full changes found at : https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/CHANGES (From OE-Core rev: c672d2b6c98607f1fda917f4a3189a53712e8fc2) (From OE-Core rev: 74aacd292387f9a2c36381080ade5537af1d3d9e) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit a6ba66cf5e754cdcd41f01d233fbef7b94a10225) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update 9.11.5-P4 -> 9.11.13Alexander Kanavin2020-08-0413-2801/+20
| | | | | | | | | | | | | | | | | | | Drop backports. Drop 0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch and 0001-lib-dns-gen.c-fix-too-long-error.patch as problem is fixed upstream. (From OE-Core rev: 6965ec5c491e71d5951dfb58fc060bd0b717e33d) (From OE-Core rev: 3f723af6059fbfed6dac0c281f212b9a02c3e026) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: remove service templates from SYSTEMD_SERVICEKai Kang2020-08-041-3/+3
| | | | | | | | | | | | | | | | | | Remove service templates wpa_supplicant-nl80211@.service and wpa_supplicant-wired@.service from SYSTEMD_SERVICE that they should NOT be started/stopped by calling 'systemctl' in postinst and prerm scripts. (From OE-Core rev: 7910a0d6f332253608767a9576a0d521dd87efd7) (From OE-Core rev: c6c26311e846a688f2981b541be0966c73cd69d8) Signed-off-by: Kai Kang <kai.kang@windriver.com> (cherry picked from commit fe9b8e50461ab00ab3ad8b065ebd32f0eea2a255) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix CVE-2019-3689wenlin.kang@windriver.com2020-07-082-0/+103
| | | | | | | | | | Fix CVE-2019-3689 (From OE-Core rev: 15186556c7e6ccdb3a308c90563f61b0bbd57407) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: Don't advertise example services by defaultPaul Barker2020-06-021-0/+5
| | | | | | | | | | | | | | | | The example service files are placed into /etc/avahi/services when we run `make install` for avahi. This results in ssh and sftp-ssh services being announced by default even if no ssh server is installed in an image. These example files should be moved away to another location such as /usr/share/doc/avahi (taking inspiration from Arch Linux). (From OE-Core rev: 3d8fdfc57d7fd846c8668daf730cf820ea5ecb13) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2020-8616/7Lee Chee Yang2020-06-023-0/+237
| | | | | | | | | | fix CVE-2020-8616 and CVE-2020-8617 (From OE-Core rev: b280b3fe22a1fda62707bfa40ca78439ad201736) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1f -> 1.1.1gJan Luebbe2020-05-071-1/+1
| | | | | | | | | | This also fixes CVE-2020-1967. (From OE-Core rev: 26b13f59385c1ed871aee7653c3ee7241affca38) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1fAlexander Kanavin2020-04-291-1/+1
| | | | | | | | | | | | | | This also un-breaks python3 ptest which got broken with 1.1.1e update. (From OE-Core rev: bd3e0d724004a346921a25defa6d812d48d6108a) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4ddf5b9d8cd769b7026663f93c8bc69b55d8cbf) [AK: bugfix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1d -> 1.1.1eAdrian Bunk2020-04-292-761/+1
| | | | | | | | | | | | | Backported patch removed. (From OE-Core rev: 683818289ced6cd3c70860b5c97de2e89169096b) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 710bc0f8544f54750c8fb7b8affa243932927a24) [AK: bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: recommend cryptodev-module for corresponding PACKAGECONFIGDenys Dmytriyenko2020-04-291-1/+1
| | | | | | | | | | (From OE-Core rev: 285957cba45a15c90ceb062a55c957e81486a031) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 57fcf9b517fe95e871122946cb99fe7fa9fd2e26) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Use alternatives to avoid manpage conflictOvidiu Panait2020-04-291-1/+5
| | | | | | | | | | | | | | | | | | Fix the following manpage conflicts: * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man1/tftp.1 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man8/tftpd.8 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package netkit-telnet-doc wants to install file /usr/share/man/man8/telnetd.8 But that file is already provided by package * inetutils-doc (From OE-Core rev: 1c2a1f29aa720d376bc7f88edfcb1ccecc35f6c2) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fc14bfd60ad86094f65ebefbd10dbddc112d2698) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Disable statx if using glibc emulationJulius Hemanth Pitti2020-03-302-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | nfs-utils 2.4.1, moves from "stat" to "statx with AT_STATX_DONT_SYNC" in parts of the code. statx is supported in Linux kernel v4.11 and above. For all older kernels glibc emulates statx, and it doesn't support AT_STATX_DONT_SYNC and will return EINVAL. When server uses nfs-utils 2.4.1 on kernel v4.10 and older, mount.nfs4 would fail with error "reason given by server: No such file or directory". Since Linux v4.4 and v4.9 are LTS, its more likely that people would use above combination. This issue has been fixed in nfs-utils 2.4.3 and above. Backporting fix to 2.4.1. (From OE-Core rev: 8cbd6f6f7f10c57b27a1388883a6dc5715610600) Signed-off-by: Julius Hemanth Pitti <jpitti@cisco.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: fix CVE-2020-0556Anuj Mittal2020-03-193-0/+180
| | | | | | | | | | | | | | | | | | | | It was discovered that BlueZ's HID and HOGP profiles implementations don't specifically require bonding between the device and the host. This creates an opportunity for an malicious device to connect to a target host to either impersonate an existing HID device without security or to cause an SDP or GATT service discovery to take place which would allow HID reports to be injected to the input subsystem from a non-bonded source. (From OE-Core rev: d598f8eee0741148416e8660e10c716654205cb5) (From OE-Core rev: c940e4b858d6be28b198770768117ecc098fa0d3) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bed169a07b04a7dc003958fa309e6ff761f85a72) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Fix REQUIRE(ctx->running) assertion triggered on SIGTERM/SIGINTOvidiu Panait2020-03-164-0/+228
| | | | | | | | | | | | | | | | | | | | | | Closed a small window of time between the installation of graceful shutdown signal handlers and application context startup, during which the receipt of shutdown signal would cause a REQUIRE() assertion to occur. Note this issue is only visible when compiling with ENABLE_GENTLE_SHUTDOWN defined. Reference: https://gitlab.isc.org/isc-projects/dhcp/issues/53 Upstream patches: https://gitlab.isc.org/isc-projects/dhcp/commit/ce117de7a1ed3c4911b4009c1cc23fba85370a26 https://gitlab.isc.org/isc-projects/dhcp/commit/dbd36dfa82956b53683462afadfabb1b33fa3dd1 https://gitlab.isc.org/isc-projects/dhcp/commit/95944cab6035d20be270eec01254c7bb867ec705 (From OE-Core rev: 7235c62727e48415c4e81f852607311ec31b6e41) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security fix CVE-2020-8597Yi Zhao2020-03-072-0/+48
| | | | | | | | | | | | | | | | | | | | | CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. References: https://nvd.nist.gov/vuln/detail/CVE-2020-8597 Patch from: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 (From OE-Core rev: b01505e018ff46f1af34f98219d55f4ca700cd5a) (From OE-Core rev: f0c7e7d03d1e9f7426031acdde3f7452118edd8c) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: backport patch to fix "cert not yet valid" testAnuj Mittal2020-03-072-0/+47
| | | | | | | | | | Fixes [YOCTO #13796] (From OE-Core rev: 1cacb300369fb062ad45b0460ed93bfc800d7323) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix reproducibility issueRichard Purdie2020-02-112-0/+33
| | | | | | | | | | | | | | | | | There was a build architecture leaking into the target ptest which could vary depending upon host. Remove it as its cosmetic. [YOCTO #13770] (From OE-Core rev: 37db519eedb7eb5cd4f14d05f30f5d580aa7458d) (From OE-Core rev: c31c676319812e6fc036741db2ab8e16eccff723) (From OE-Core rev: 94113433887dab43d54f3a76b1e0aa1bacb0d086) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Whitelist CVE-2019-0190Adrian Bunk2019-12-311-0/+4
| | | | | | | | | | | | | This is only a problem with older Apache versions. (From OE-Core rev: 492d43296b15514ec72dfb15f37c6d2ab1fbbae3) (From OE-Core rev: 9c693dbc0107241613f6ff694046592057c9b377) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2019-1551Anuj Mittal2019-12-312-0/+759
| | | | | | | | | (From OE-Core rev: 7a8165e0d833bc64c824fa2aee2ddad21d866675) (From OE-Core rev: 2187dfb20b12b6de72c5515eca6877319734f752) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Whitelist CVE-2019-6470Adrian Bunk2019-12-061-0/+4
| | | | | | | | | (From OE-Core rev: 016bb19213832409dd5b914d54f8af08037e9c07) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2019-6471 and CVE-2018-5743Kai Kang2019-11-259-0/+2723
| | | | | | | | | | | | | | | | Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind. CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the other 6 patches are for CVE-2018-5743. And backport one more patch to fix compile error on arm caused by these 6 commits. (From OE-Core rev: 3c39d4158677b97253df63f23b74c3a9dd5539f6) (From OE-Core rev: 07a8d013383b622eabfcefec9378c857b5265c05) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2019-16275Ross Burton2019-11-192-0/+83
| | | | | | | | | | | (From OE-Core rev: d7b5a2ebdb6e74a21059ac2496b5dbea4597eb87) (From OE-Core rev: 1c1c70ee26078357c4fe3647581f4adec1a8a97d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: mark connman-wait-online as SYSTEMD_PACKAGEAndré Draszik2019-10-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The connman-wait-online package currently isn't marked as systemd-enabled package. This means it is impossible to auto-enable the service during image creation or package installation, as no preset files and no pkg_postinst() snippet is being created. This change should have been done as part of the upgrade to v1.31 Note: connman-wait-online is needed when connman is in use in more complex network/interface setups for systemd's network-online.target to report success. systemd-networkd's systemd-networkd-wait-online.service alone doesn't work in such scenarios and simply times out, as it know nothing about the expected network/ interface configuration, meaning the target doesn't boot successfully (systemctl list-units --failed), and long delays are seen, caused by waiting for the systemd-networkd-wait-online.service timeout. (From OE-Core rev: 5607d38af39294bf97a878b414a0212278b66b2c) Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1a8d18eeee6dc188d8becc778bfa933031490781) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: make OPENSSL_ENGINES match install pathGeorge McCollister2019-10-291-1/+1
| | | | | | | | | | | | Set OPENSSL_ENGINES to the path where engines are actually installed. (From OE-Core rev: 4aa5d551af3d0eb800c1640c98cbd591224726f8) Signed-off-by: George McCollister <george.mccollister@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 59565fec0b3f3e24eb01c03b671913599cd3134d) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix CVE-2019-16905Hongxu Jia2019-10-292-0/+41
| | | | | | | | | | | | | Backport a patch from upstream to fix CVE-2019-16905 https://github.com/openssh/openssh-portable/commit/a546b17bbaeb12beac4c9aeed56f74a42b18a93a (From OE-Core rev: e8f39536d2616ea0bb8bab459da29af63e3ee336) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8bd4b87071c073a0e4d265bc00df34684a355eff) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap:upgrade 1.9.0 -> 1.9.1Zang Ruochen2019-10-092-32/+2
| | | | | | | | | | -libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch Removed since this is included in 1.9.1. (From OE-Core rev: d42f381c4f5f9ec248e5b464a2aab39fdc9a7644) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: add needed character encoding for ptestsRoss Burton2019-10-091-0/+2
| | | | | | | | | | | | | | | | The test-gobject-header test suite needs UTF-16 encoding: test_decode_header_name_ascii: assertion failed (err == NULL): Unicode conversion failed: Conversion from character set ?UTF-16BE? to ?UTF-8? is not supported (g-obex-error-quark, 256) Add gconv-utf-16 to the bluez5-ptest RDEPENDS. (From OE-Core rev: c75707bbd24552e72ae2e564c0d6f72823b63b8c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: update patch to fix do_patch error when PATCHTOOL = "patch".Lei Maohui2019-10-021-463/+263
| | | | | | | | (From OE-Core rev: 37eabe25d1e6dffee8e96675c42c25c64dd3bc70) Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable os option for with-rand-seed as wellKhem Raj2019-09-181-3/+3
| | | | | | | | | | | | | | | | | | | | | with openSSL 1.1.1d we start seeing errors like Error Generating Key 139979727451584:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:../openssl-1.1.1d/crypto/rand/drbg_lib.c:342: when using openssl from openssl-native on build hosts, this is due to limiting the random seed to devrandom, to support older hosts, since the option allows to have a comma separated list of methods to try, we can try the default first and if that fails then fallback to devrandom, this will ensure that it keeps working with build systems which dont support getrandom() (From OE-Core rev: 8b4edb8552b238680d8dcef565e830a8e28a223c) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Adrian Bunk <bunk@stusta.de> Cc: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1c -> 1.1.1dAdrian Bunk2019-09-163-82/+2
| | | | | | | | | Backported patches removed. (From OE-Core rev: 24174c6dafefec4ff3bd79b3c871b17cbfa3e840) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix nfs mount error on 32bit nfs serverYi Zhao2019-09-162-0/+157
| | | | | | | | | | | | | | | | | | | | | | | There is a client side error "Stale file handle" when mounting from a nfs server running on 32bit arch. Steps to reproduce: 1. $ MACHINE=qemux86 bitbake core-image-sato 2. $ runqemu qemux86 kvm nographic qemuparams="-m 1024" 3. $ echo "/nfs_root *(insecure,rw,async,no_root_squash,no_subtree_check)" \ >> /etc/exports $ /etc/init.d/nfsserver restart root@qemux86:~# mount -t nfs 127.0.0.1:/nfs_root /mnt mount: mounting 127.0.0.1:/nfs_root on /mnt failed: Stale file handle Backport a patch to fix this issue. (From OE-Core rev: 727e6ce1f904abf1a1059fde759c3aaea37de199) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: upgrade to 5.3Changhyeok Bae2019-09-161-3/+2
| | | | | | | | | | Separated build dir doesn't work because Makefile points out source dir. (From OE-Core rev: fef943ab63d30bd1d6f9be00b0976000a55cca0e) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: launch avahi-daemon after connmanKai Kang2019-09-011-1/+6
| | | | | | | | | | | When connman installed to image, /etc/resolv.conf is link to /etc/resolv-conf.connman. So launch avahi-daemon after connman too just same as after systemd-resolved.service. (From OE-Core rev: b4673b5befa339b2ffc3c274b105ab96d730ea2d) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi-ui: support usrmergeChangqing Li2019-09-011-1/+7
| | | | | | | (From OE-Core rev: 6e1fc83e7d7285211ae24e38b8fa7fbe7112d126) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix build with python3 PACKAGECONFIG enabledChen Qi2019-08-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | If the PACKAGECONFIG item, python3, is enabled, we get the following QA issue when multilib is enabled. ERROR: bind-9.11.5-P4-r0 do_package: QA Issue: bind: Files/directories were installed but not shipped in any package: /usr/lib /usr/lib/python3.7 /usr/lib/python3.7/site-packages /usr/lib/python3.7/site-packages/isc-2.0-py3.7.egg-info /usr/lib/python3.7/site-packages/isc /usr/lib/python3.7/site-packages/isc/policy.py [snip] The thing is, when --with-python is specified with a path instead of 'yes', the --with-python-install-dir is in fact ignored. Fix this issue by specifying the correct arguments. (From OE-Core rev: 2c36b3e5c7caae07ffe0cfb816d37fad52d69fc9) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix build against libc-headers 5.2+Bruce Ashfield2019-08-302-0/+69
| | | | | | | | | | | | | | | | | | | Backporting the following upstream commit to fix the build against kernel 5.2+ headers: [ Subject: [PATCH] tools: Fix build after y2038 changes in glibc The 32-bit SIOCGSTAMP has been deprecated. Use the deprecated name to fix the build. ] Upstream-Status: backport commit f36f71f60b1e68c0f12e615b9b128d089ec3dd19 (From OE-Core rev: b4731a1202cfa45c7e1f635552398b89a37f2eeb) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: 2.3.3 -> 2.4.1Robert Yang2019-08-308-268/+41
| | | | | | | | | | | | | | | | | | | | | - Remove 0001-Do-not-pass-null-pointer-to-freeaddrinfo.patch, the new api can check the pointer before free it. - Rmove 0001-makefile.am-update-the-path-of-libnfs.a.patch, it is already in the source. - Rmove nfs-utils-musl-limits.patch, it is already fixed. - Rebased the following patches: 0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch 0001-configure.ac-Do-not-fatalize-Wmissing-prototypes.patch bugfix-adjust-statd-service-name.patch nfs-utils-musl-res_querydomain.patch (From OE-Core rev: 5601523e16ebd35d7de8d22ec5590618ea9f7ffb) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: decrease RLIMIT_NOFILE to 4k for systemdHongxu Jia2019-08-223-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On systemd, it set RLIMIT_NOFILE to 512k, since do_testimage for core-image-sato-sdk has memory limitation (256Mib) which caused rpc.statd failed with out of memory. [ 531.306146] Out of memory: Kill process 193 (rpc.statd) score 200 or sacrifice child The rpc.statd and rpc.mountd allocates memory according to RLIMIT_NOFILE, so decrease it to 4k to keep sync with sysvinit After applying the patch, the memory cost is the same with sysvinit: root@qemux86-64:~# systemctl status nfs-statd * nfs-statd.service - NFS status monitor for NFSv2/3 locking. Loaded: loaded (/lib/systemd/system/nfs-statd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2019-08-20 03:16:18 UTC; 3min 26s ago Main PID: 343 (rpc.statd) Tasks: 1 (limit: 271) Memory: 1.0M root@qemux86-64:~# systemctl status nfs-mountd * nfs-mountd.service - NFS Mount Daemon Loaded: loaded (/etc/systemd/system/nfs-mountd.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2019-08-20 03:19:01 UTC; 1min 21s ago Main PID: 451 (rpc.mountd) Tasks: 1 (limit: 271) Memory: 736.0K Suggested-by: Chen Qi <qi.chen@windriver.com> (From OE-Core rev: 6d61cd2bdc9e326eaa59082b5dd7423e522b96d3) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Update LICENSE field with missing valuesWes Lindauer2019-08-211-1/+1
| | | | | | | | | | The LICENSE file states that some code is licensed under BSD, some under ISC, and some under MIT. The LICENSE field should reflect all of these. (From OE-Core rev: 91096392cf46cae369849723cea14a9da1f3053b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: Fix license field to BSD-2-ClauseWes Lindauer2019-08-211-1/+1
| | | | | | | | | | Using just "BSD" license implies BSD-3-Clause and this recipe appears to be closer to a BSD-2-Clause. (From OE-Core rev: b90d9f0c2084cce8d245fe683b45fb344c6f1cb8) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ofono: update to 1.30Oleksandr Kravchuk2019-08-216-154/+9
| | | | | | | | | Removed upstreamed patches. (From OE-Core rev: 79a14772ef2ab6c73bb438377cd259c484020818) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: update to 2.9Oleksandr Kravchuk2019-08-121-2/+2
| | | | | | | (From OE-Core rev: 84f6fd6464b987c556c630e83e8888ee484dadc6) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: correct the python3 runtime dependencyAlexander Kanavin2019-08-081-1/+1
| | | | | | | (From OE-Core rev: 62aeba48401cba34b9cc6dc5ee14685a1a29c5d3) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ofono: correct the python3 runtime dependencyAlexander Kanavin2019-08-081-1/+1
| | | | | | | (From OE-Core rev: 7f8583cc95f11cf10fb2325a1c4e23b041551581) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Fix abort on invalid filesRicardo Ribalda Delgado2019-08-082-0/+26
| | | | | | | | | | | | | | | | | | | | When the code is compiled with "-fstack-protector-strong -D_FORTIFY_SOURCE=2", everytime ftpfd is asked for a non existent file, it crashes with the following error: *** buffer overflow detected ***: Aborted This seems to be a bug/feature of gcc. A bug has been open on their bugzilla, and also inetutils have been posted with the proposed patch. Without this patch, pxelinux fails to boot because it keeps asking the server for the pxelinux.cfg/00-01-02-03-04 and never jumps to /default. (From OE-Core rev: 0c3a1251a8aec86f3e877130f926a928e5ca2030) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Change ftp:// URIs to http(s)://Adrian Bunk2019-08-031-1/+1
| | | | | | | (From OE-Core rev: a11edd68b256fffb088cde5b7298a5749161f600) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Remove RECIPE_NO_UPDATE_REASON and follow the ESV releasesAdrian Bunk2019-07-311-2/+2
| | | | | | | (From OE-Core rev: c03eb46c292990c6639f8fa80c9bde263b8dfb8c) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: drop pointless configure-cross.patchRasmus Villemoes2019-07-262-40/+0
| | | | | | | | | | | | | | | | | | | The configure script has already found IPT_LIB_DIR via pkgconfig, so the configure-cross.patch really just introduces dead and broken fallback code. Broken, because the SYSROOT variable does not actually get set to a sensible value - the argument $1 passed to the configure script when invoked from the Makefile is KERNEL_INCLUDE, which we set to ${STAGING_INCDIR} in EXTRA_OEMAKE. Obviously that directory does not have /lib or /usr subdirectories, so we're not really helping the fallback logic in check_ipt_lib_dir() - in fact, we're more or less guaranteeing that we won't find those .so files. (From OE-Core rev: 628de87240e9bc73ad63a32e5f67b58781d87dd0) Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix valgrind errors on v1.1.1cBonnans, Laurent2019-07-222-0/+36
| | | | | | | | | | Running valgrind against code using Openssl v1.1.1c reports a large number of uninitialized memory errors. This fix from upstream solves this problem. (From OE-Core rev: 8081d645353ed934a0158329f2f36ea49d663e19) Signed-off-by: Laurent Bonnans <laurent.bonnans@here.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-11 15:21:38 +0000