| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Removed 4 backported patched included in this release.
Updated patches by devtool.
License-Update: copyright years refreshed
(From OE-Core rev: e9962f7033f717591a168e694311523c82c67608)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-45918
(From OE-Core rev: 6573995adf4cfd48b036f8463b39f3864fcfd85b)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch [1] to fix CVE-2023-50495.
[1] http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=7723dd6799ab10b32047ec73b14df9f107bafe99
(From OE-Core rev: bdf7b7460a4816e3d447264730a2814209667fb0)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Serial tty is hung after reset command -
$echo "test " >> /dev/ttyS0
test
$stty -a < /dev/ttyS0
speed 115200 baud; rows 34; columns 153; line = 0;
intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>;
start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;
werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0;
-parenb -parodd -cmspar cs8 hupcl -cstopb cread clocal -crtscts
-ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon ixoff -iuclc -ixany -imaxbel iutf8
opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon -iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc
$reset
$echo "test " >> /dev/ttyS0
^C
$stty -a < /dev/ttyS0
^C
Updating reset_tty_settings API with latest code which fixes tty hung issue
(From OE-Core rev: 2419afd8024f903efff862f3f7f7772aedea7613)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2023-29491.
(From OE-Core rev: f1c95ae70f7aac574daf5b935a02bbba0d6f8a16)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: b0d653b443c68b8d254e52790da76496e8f16a7b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
These tests do not include needed headers which results in warnings and
as errors when using -Werror or latest clang e.g.
(From OE-Core rev: 92f191c304b5d53c14be23f7a5d57b0f9f101767)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: db7666551ee1f0e0cf63a36ea24babe986e36713)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default ncurses includes the values of LDFLAGS in its output
pkgconfig .pc files. This causes issues because OE includes options that
are specific to either the build host, or build configuration. These
options are not expected to be embedded in the pkgconfig output that is
installed.
Specifically this change resolves issues with uninative, where uninative
includes '-Wl,--dynamic-linker=' in LDFLAGS in order to force the
building and execution of native binaries against the dynamic linker
provided by uninative. This path is specific to TMPDIR at the time of
build, such that the installed files (and the associated sstate) have
this path. This prevents the sstate from being portable across build
directories/hosts.
(From OE-Core rev: ef960d14bd9cecb9a3b50994636fbd455f06104a)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of having a config.cache that overrides the system site files,
simply set the values in CACHED_CONFIGUREVARS. We can also drop the
mkstemp check as the configure.ac assumes it works, leaving just
nanosleep.
(From OE-Core rev: c30c90e3adfa91407c37838c971e251f8482e2b8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 325fe5f68bc698f78f5c1a14407c0bbb4cba45f7)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport changes to tinfo/comp_hash.c, tinfo/parse_entry.c,
and progs/dump_entry.c from upstream to fix CVEs.
(From OE-Core rev: 69c31032f1ec0e300c3247efa71aa9b4ebdaf23d)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Rebase 0001, 0002
2. Fix [already-stripped] QA Issue
Since the following commit add, it strip executables which
are installed by default.
...
commit 087eaf92c621098927f3f98e3652411de48f8b6b
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 21 08:01:41 2018 +0100
Import upstream patch 20180120
20180120
+ build-fix in picsmap.c for stdint.h existence.
+ add --disable-stripping option to configure scripts.
...
(From OE-Core rev: 09bc55eeb41a6e06438b35e5456c66198d549b92)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
- Drop backported CVE fix
(From OE-Core rev: 382e861b8c89c65b3538c706361767eff78d4a5a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-13728, CVE-2017-13731
There is an illegal address access in the function dump_uses() in progs/dump_entry.c
in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_safe_strcat function in
strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
There is an illegal address access in the function _nc_read_entry_source()
in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_save_str function in
alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in
ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an illegal address access in the function postprocess_termcap()
in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13734
https://nvd.nist.gov/vuln/detail/CVE-2017-13732
https://nvd.nist.gov/vuln/detail/CVE-2017-13731
https://nvd.nist.gov/vuln/detail/CVE-2017-13730
https://nvd.nist.gov/vuln/detail/CVE-2017-13729
https://nvd.nist.gov/vuln/detail/CVE-2017-13728
Upstream patch:
https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=129aac80802d997b86ab0663836b7fdafb8e3926
(From OE-Core rev: 52d0f351062da730055ffc6b953ff4e68ddb437f)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rebase patches:
- tic-hang.patch -> 0001
- configure-reproducible.patch -> 0002
Drop fix-cflags-mangle.patch, which accepted by upstream
...
commit 1b74f120ab7be89011408a6ad0f1c748a314bae8
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 26 09:01:34 2017 +0100
Import upstream patch 20170225
20170225
+ fixes for CF_CC_ENV_FLAGS (report by Ross Burton).
...
(From OE-Core rev: a4ad0703e1209fee6cd89bf74088931785c4d8c7)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Build static libraries without the binutils "ar" -U option.
This option deliberately breaks deterministic mode.
The option seems to be a relic from 2015, intended as a workaround
for some unspecified build problems.
[YOCTO#11247]
(From OE-Core rev: 46c757d0ca7ff294a7e55c130698fd256b69b62e)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add a patch to fix the CC/CFLAGS mangling that broke builds. [RB]
(From OE-Core rev: e5d1cbbc1a04b0b190f3706e7ab7421c87d46c78)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As "install.libs" also installs header files, it is
redundant to also call "install.includes".
In fact, doing so can lead to a race, as both targets could
try to install the header files at the same time if running
parallel make. Obviously, with only calling "install.libs",
there is no race with "install.includes".
If there is no race, then the patch fix-include-files-race.patch
is no longer needed.
(From OE-Core rev: 8df2060a323acf2a2cc2bc4076623463039c46a6)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both targets install.libs and install.includes install the same
files, resulting in a race condition when running parallel make.
This race is addressed in a patch file, making sure only one
of the targets (install.includes) installes the include files.
This will work properly (i.e.ncurses will install as intended
by the recipe) as long as we always install both targets.
(From OE-Core rev: a3df0aa78af1c2fecf847e87cc480fd2ed9afe89)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
Also, put the revision into PV, so that a meaningful upstream version
check can be performed.
(From OE-Core rev: 78064460a7087de5065f035633ea37a7f5b5cff6)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
