| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The base-files recipe installs /mnt/mtab (it is a softlink of /proc/mounts),
so if an image includes the latter, there is no new to created it again inside
the install-efi.sh script, otherwise an error may occur as indicated on the
bug's site.
[YOCTO #7971]
(From OE-Core rev: 1679c3d7bfa1cff4e126e2ed3dff50bdd7c2eeab)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it was found that out-of-range time values passed to the strftime function may
cause it to crash, leading to a denial of service, or potentially disclosure
information.
(From OE-Core rev: b9bc001ee834e4f8f756a2eaf2671aac3324b0ee)
(From OE-Core rev: c50e30cb078ca0ad6f76241f0b0a5557cc17e3c0)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A stack overflow vulnerability was found in nan* functions that could cause
applications which process long strings with the nan function to crash or,
potentially, execute arbitrary code.
(From OE-Core rev: fd3da8178c8c06b549dbc19ecec40e98ab934d49)
(From OE-Core rev: 1916b4c34ee9d752c12b8311cb9fd41e09b82900)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A stack overflow vulnerability in the catopen function was found, causing
applications which pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)
(From OE-Core rev: 01e9f306e0af4ea2d9fe611c1592b0f19d83f487)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.
(From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252)
(From OE-Core rev: bb6ce1334bfb3711428b4b82bca4c0d5339ee2f8)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2015-7547: getaddrinfo() stack-based buffer overflow
(From OE-Core rev: b30a7375f09158575d63367600190a5e3a00b9fc)
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472
https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html
http://openwall.com/lists/oss-security/2015/02/04/1
Reference to upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;
h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
(From OE-Core rev: 5aa90eef9b503ba0ffb138e146add6f430dea917)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Hand applied.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream bug (contains reproducer):
https://bugzilla.gnome.org/show_bug.cgi?id=756263
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/?id=
ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
(From OE-Core rev: 84c6a67baaafee565ac4fad229bd8d07a21da09c)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes DoS when parsing specially crafted XML document
if XZ support is enabled.
References:
https://bugzilla.gnome.org/show_bug.cgi?id=757466
Upstream correction:
https://git.gnome.org/browse/libxml2/commit/?id=
f0709e3ca8f8947f2d91ed34e92e38a4c23eae63
(From OE-Core rev: e40cae30575a227bb0274869f720dffd816d629a)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes heap-based buffer overflow in xmlParseConditionalSections().
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/
?id=9b8512337d14c8ddf662fcb98b0135f225a1c489
Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=756456
(From OE-Core rev: a2980f004519a4baeb4c88ad924e15195fe75e32)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Patch added to the repo wasn't actually considered due to a
erronously way of specifying the sources.
(From OE-Core rev: 2cdc3dd4cc4426aa081b6cb99b67f1143cc64f81)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 7bb182bdd130266100fc541fd09b82d09c51cd80)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This older code needs specific compiler options to allow it to work
with gcc 5. These options are used in the 2.21 recipe in master/fido
so this simply backports them.
(From OE-Core rev: 447dba2a6a077c83083556ab79ab265d4b8a048f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC"s preprocessor starts to add newlines which are not
handled properly by ncurses build system startin from
version 5.0.
See also: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7870
(From OE-Core rev: 3a5435b371c84ec28b6936b8c8fa6541a592d061)
(From OE-Core rev: 8492e143af25bf64d07fc117e7f1607aadf89f09)
Signed-off-by: Martin Stolpe <martin.stolpe@gmail.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for CVE-2015-1819 Enforce the reader to run in constant memory
(From OE-Core rev: 9e67d8ae592a37d7c92d6566466b09c83e9ec6a7)
(From OE-Core rev: de6e4114d5285ea0d2a53d19c93ce96430cc9e30)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta/recipes-core/libxml/libxml2.inc
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix CVE-2015-0245 by preventing non-root and non-systemd processes
from fooling the dbus daemon into thinking systemd service activation
failed.
(From OE-Core rev: a8aa06b2405dec31a306fdf47bd1fdf740fde7bd)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport Arjun Shankar's patch for CVE-2015-1781:
A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
other related functions computed the size of a buffer when passed a
misaligned buffer as input. An attacker able to make an application call
any of these functions with a misaligned buffer could use this flaw to
crash the application or, potentially, execute arbitrary code with the
permissions of the user running the application.
https://sourceware.org/bugzilla/show_bug.cgi?id=18287
(From OE-Core rev: c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6)
(From OE-Core rev: 96ff830b79c64d8f35c311b66906b492cbeeeb55)
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Reviewed-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After selecting the "install" gummiboot option of a Live image we are
seeing boot failure resulting from the gummiboot entries not being
installed correctly. This seems to be a problem in this init-install-efi.sh
script where it incorrectly installs the gummiboot entries into the root
filesystem, not the boot partition. We fix it by installing the entries in
the boot partition.
(From OE-Core rev: c9b06c79ed8a082d1b385e9f61721aeeda9bf1af)
(From OE-Core rev: 4a44c9287d80dec0973b31d30d3d6250ce4b4df4)
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Acked-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A patch was added to fix compressed tar files, but broke uncompressed
tar files, this fix is from the busybox mailing list
http://lists.busybox.net/pipermail/busybox/2014-January/080389.html
[YOCTO #7645]
(From OE-Core rev: 2e67a2d35ffcaa0d35363b05209060aff7026c9a)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 907ef15bb8bf6bd4fb9edb529240ed9982626401)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 723e5486e89c6ebe4533ad05ebe5346744c452b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/etc/volatile.cache is a cached copy of a script (which is
generated by /etc/init.d/populate-volatile.sh) that generates
the volatile filesystem directories. Since volatile.cache is
a generated file, it is not necessarily changed if
populate-volatile.sh is updated. As a result, the stale script
can add/remove the wrong directories on the next system boot.
If initscripts is being upgraded, make sure volatile.cache gets
deleted.
(From OE-Core rev: 3bdc098028732a4b22b1e65e5566b4cbe105fd41)
Signed-off-by: Bryan Evenson <bevenson@melinkcorp.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit ea647cd9eebdc3e3121b84074519c4bb305adac9 moved the locations
of /run and /var/lock to match the FHS 3 draft specifications.
However, the install doesn't remove the existing directories.
As a result, upgrading a system may result in /run as a softlink
to /var/run and /var/run as a softlink to /run, creating a circular
link.
During pre-install, check for the existence of the old softlinks and
remove them so the new directories can be installed.
(From OE-Core rev: edeeee8432dc749b02e5e6eca0503229e394ebd3)
Signed-off-by: Bryan Evenson <bevenson@melinkcorp.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch to fix CVE-2014-9114.
The patch has been integrated in util-linux-2.26.
[YOCTO #7180]
Hand applied do to version differencses.
(From OE-Core rev: de0c751f57de118bba808f85fa255bb2d99ed9cb)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The ownership needs to be explicitly set otherwise it inherits the user
and group id of the build user.
(From OE-Core rev: b81ad1d960fc0555f6255a887f6a3b524893703e)
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Only unpack udev's testdata right before executing the tests and cleanup
afterwards.
udev's testsuite can be used by ptest. However currently the testdata against
which its functionality is tested is installed in the sysroot at udev install
time.
If the sysroot is used with qemu the testdata makes qemu entering an infinite
loop.
http://lists.openembedded.org/pipermail/openembedded-core/2014-September/097098.html
This has already been fixed for the systemd udev flavour.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=5664
(From OE-Core rev: 60c0b80048e1f8aae1a4aaa3619c84496a111ae2)
Signed-off-by: Max Krummenacher <max.oss.09@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The ptest which checks for correct udev rules fails.
Missing files and paths for the build host caused this.
(From OE-Core rev: 32fa3ff2849a74deeb13ac53cc65e212b9cffd92)
Signed-off-by: Max Krummenacher <max.oss.09@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport from busybox 1_22_stable branch:
http://git.busybox.net/busybox/commit/?h=1_22_stable&id=28dd64a0e1a9cffcde7799f2849b66c0e16bb9cc
(From OE-Core rev: cd20b3c009a9c1743f5cb054710214231e5dfcfc)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport from busybox 1_22_stable branch:
http://git.busybox.net/busybox/commit/?h=1_22_stable&id=5698ff93233b47218a677fd7facd8cc90211d1a4
(From OE-Core rev: 680fc6e7c571f70cffa9799c21604e0719504591)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix systemd-timesyncd assertion
when networkd is disabled then we now do not
create /run/systemd/netif/links but timesyncd needs it. So lets
manually create this file when networkd is disabled so timesyncd
can still function
When enabling systemd-timesyncd we need systemd-timesync user
Backport patches to enable timesyncd when resolved and networkd
are disabled
replace the resolv.conf symlinink patch with a proper backport
Change-Id: I53f1a53eec4e4a4dbdfb7e8cd155d544ee5d81ec
(From OE-Core rev: 2a675bc63b22724f12e6ed6ff58d0f1d1e0d3b29)
(From OE-Core rev: c53b22e593fe13edacddf2ecd4d5df67abd74905)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
modprobe,rmmod: reject module names with slashes
(From OE-Core rev: 815a7b6fbf3b0cf95f5464bca687d97366d7ed6a)
(From OE-Core rev: 698ef44edcff82457e29baef1dd364d1fecf892b)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on commit 745dfbc869fd593d1b92e2bc9c01d589ab21ade3
"buildtools-tarball: package all of Python", we do the same here
for packagegroup-self-hosted.
The switch to the fetcher where it added BeautifulSoup revealed
a shortcoming in the python packaged for the self hosting (missing
htmlentitydefs). Here we fix it in the same way as what was done
for buildtools-tarball and include python-modules vs. all the
individual little chunks.
(From OE-Core rev: 4afbc5f7b2b8a6587110b16cda90e72c3e73a506)
(From OE-Core rev: 55073276dabf0a996209296e0096ff1a93a3e1e5)
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getnetbyname function in glibc 2.21 in earlier will enter an infinite loop
if the DNS backend is activated in the system Name Service Switch
configuration, and the DNS resolver receives a positive answer while processing
the network name.
(From OE-Core rev: f03bf84c179f69ef4800ed92a4a9d9401d0e5966)
(From OE-Core rev: 7e3f4ddd001f9c50a49d8ba5ab548af311e6b51f)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are some cases we want the manipulation cross-canadian performance
on TARGET_OS, there are also cases like meta-environment where we do not
want this manipulation.
We did try and use immediate expansion to avoid this problem and it
works in the non multilib case. If we have a multilib that used an
extension, like for example:
require conf/multilib.conf
MULTILIBS = "multilib:lib32 multilib:lib64"
DEFAULTTUNE = "mips32r2"
DEFAULTTUNE_virtclass-multilib-lib32 = "mips64-n32"
DEFAULTTUNE_virtclass-multilib-lib64 = "mips64"
then the n32 extension case will be misconfigured.
It turns out saving an unexpanded variable is hard. The best I could
come up with was:
SAVEDTOS := "${@d.getVar('TARGET_OS', False).replace("{", "*")}"
and then
localdata.setVar("TARGET_OS", d.getVar("SAVEDOS", False).replace('*','{'))
which is rather evil, I'd challenge someone to come up with a nicer way
of making it work though!
Rather than the above madness, we modify cross-canadian to make the
problamtic code conditional.
This fixes the original issue (where a linux-gnuspe target was seeing
'linux') of
http://cgit.openembedded.org/openembedded-core/commit/?id=0038634ee6e2b6035c023a2702547f20f67c103a
but also fixes the multilib one.
(From OE-Core rev: 85ff3d6491c54aa712ed238c561742cda4f4ba07)
(From OE-Core rev: 78a2eeea4e2ef867437c315337b9188e1f3fa759)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-ptest also needs a Python interpretter. Also remove the redundant
comment.
systemd-kernel-install is a bash script that can't be trivially ported to POSIX
sh.
(From OE-Core rev: 9f6b34493d332f9eff54c3eb2da9483a344e6d3c)
(From OE-Core rev: 66900dc504d8e8af5439a01f94c7853e418fd0e3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The CVE fix introduced problems with entity issues, we observed this
when building the Yocto Docs in particular. Backport the fix from
upstream so we can build our docs correctly.
[YOCTO #7134]
(From OE-Core rev: af501bd51f9a86edd34e0405bc32dabe21312229)
(From OE-Core rev: 9aa93835d19159ffd7cb212680044fc7f914a68f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was discovered that the patch for CVE-2014-0191 for libxml2 is
incomplete. It is still possible to have libxml2 incorrectly perform
entity substituton even when the application using libxml2 explicitly
disables the feature. This can allow a remote denial-of-service attack on
systems with libxml2 prior to 2.9.2.
References:
http://www.openwall.com/lists/oss-security/2014/10/17/7
https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
(From OE-Core rev: 643597a5c432b2e02033d0cefa3ba4da980d078f)
(From OE-Core rev: de7bc57398aaeb84fc9370d025b87f7711986ada)
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fiedler Roman discovered that coreutils' parse_datetime() function
has some flaws that may be exploitable if the date(1), touch(1),
or potentially other programs, accept untrusted input for certain
parameters. While researching this issue, he discovered that it
was independently discovered by Bertrand Jacquin and reported at
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16872
$ touch '--date=TZ="123"345" @1'
*** Error in `touch': free(): invalid pointer: 0x00007fffd33e55e0 ***
Aborted
$ date '--date=TZ="123"345" @1'
date[394]: segfault at 7fff24000000 ip 00007f6dd5b73404 sp 00007fff27cce8f8
error 4 in libc-2.20.so[7f6dd5af7000+199000]
Segmentation fault
(From OE-Core rev: 54debe63cbd38dba56895541c434f895e158f70b)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This addresses 2 issues discovered trying to build a minimal libc with
libm option. By default nscd was always being built and without inet
enabled there were missing symbols.
[YOCTO #7108]
(From OE-Core rev: 89649881bcd0e76d6ee7c85c30e75bb01e1c004f)
(From OE-Core rev: 965943176c580b7943bb4d94efd58b8818c04919)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 64efe68c731d202059880b2fb61a282b9ad1c3e6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
git-perltools provides some usefull git tools like:
git-submodule, git-request-pull, git-send-email, git-am, etc.
We should have it added in self-hosted image.
(From OE-Core rev: 4b0cbdc9c94b336f3102d4cce1886842b28ce6d5)
(From OE-Core rev: a4296a49ada629bc21ab29e2c6860583e0b4be07)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This aligns the params of getty with the ones used in Debian. From the
getty(8) manpage:
,----[ getty(8) manpage ]
| -L, --local-line
|
| Force the line to be a local line with no need for carrier
| detect. This can be useful when you have a locally attached
| terminal where the serial line does not set the carrier detect
| signal.
`----
Reported-by: Craig McQueen <craig.mcqueen@beamcommunications.com>
(From OE-Core rev: a899c362be71cb7b94bd318c57702446b017005c)
(From OE-Core rev: 9936afa01866e1024770b9ad4c378b5ce93e8298)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Tested-by: Craig McQueen <craig.mcqueen@beamcommunications.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the split out of git-perltools, some git tools (such as "git am",
"git send-email" and "git-submodule") have no longer been part of the
buildtools. We need these, so add them back in.
However, adding git-perltools to buildtools triggers perl itself being
brought into buildtools as well, and we don't want that; but we also
don't want to have to hack the git recipe or indeed anything else that
starts depending on perl. Thus, add a dummy package which gets installed
in its place, in a separate package architecture that is only enabled
for buildtools to ensure it doesn't start appearing in place of
nativesdk-perl anywhere else.
Fixes [YOCTO #7033].
(From OE-Core rev: 5b051d65e797624cca3a81fc6f5c924925f3493e)
(From OE-Core rev: 1f7651763e48d5d3d661987997dc6edae17a8718)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mdev.conf references the find-touchscreen.sh script, but this file
was not being installed. Add the script to the busybox-mdev package.
(From OE-Core rev: 44f6df0dfac54845ef5c3ab1af5663d1b6c1d64b)
(From OE-Core rev: 1734b65056f379b358e70efcdba94e2abb98ce37)
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: c0650feb6ce7151a22632bab7270002314a1b6be)
(From OE-Core rev: 97a90102f5834c317c0d0f4b645fdfa410c27e04)
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 41eb5a1ae2a92034bed93c735e712d18ea3d9d1d)
(From OE-Core rev: 007144bdfb2dfb10e4b1794799f8b5aa6976266c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This binary is provided by shadow-native nowadays. Fixes:
ERROR: The recipe coreutils-native is trying to install files \
into a shared area when those files already exist. \
Those files and their manifest location are: \
.../tmp/sysroots/x86_64-linux/usr/bin/groups \
Matched in manifest-x86_64-shadow-native.populate_sysroot
To reproduce the errors:
$ bitbake shadow-native && bitbake coreutils-native
(From OE-Core rev: 113225b93c55d55a330fcca7d9f996ec039fb953)
(From OE-Core rev: 40de12333e05247ff52a5837fd55d61b38af3bf0)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
switch_root is provided by both busybox in /sbin/switch_root and util-linux provides one
in /usr/sbin/switch_root, so move util-linux's to sbin and setup ALTERNATIVE_LINK.
(From OE-Core rev: cac818f0ecd0553b59b967a94766534643fecdf4)
(From OE-Core rev: 812e525ce46c7e4e87ab2e6509376235dd3523df)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since the gcc has resolved this, so we revert the workaround patch.
This reverts commit f026b7a211a44acdb7fadb50b1a84aa3e369450a.
(From OE-Core rev: cfabce81df042121e0b98af92050333b7a284eaa)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
option-groups.h only explicitely #defines options that are enabled.
EGLIBC options are typically pre-processed under the assumption that if
an option is not explicitely defined then it evaluates as 0.
This assumption is correct, but it generates a compiler warning
message each time an undefined symbol is being evaluated.
In order to remove the warnings, each EGLIBC option is now defined
as 1 if the option is enabled or as 0 otherwise.
The consequence is we cannot use #ifdef OPTION_XXX when evaluating
the option, we must always use #if OPTION_XXX.
[YOCTO #7001]
(From OE-Core rev: 7f1bdc331304a61a4836a5752bca210450b6c5b5)
(From OE-Core rev: bce598f21ee9f21228766d4bb19fef21695981da)
Signed-off-by: Juro Bystricky <jurobystricky@hotmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
