| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
(From OE-Core rev: 4b32784b8c95047dafbc7048bfe03e9e5ceb3367)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The change to make do_stash_locale an sstate task between do_install and
do_package has some unforeseen problems since the function deletes part of
${D} but may or may not run depending on whether the task is installed from
sstate.
This cleans up the current "pre packaging" function to be more deterministic
and result in the same set of files, whichever code path we end up reaching
that point by. Its not an ideal sitation but it should avoid the race
failures we've seen on some builds.
(From OE-Core rev: 2a60bba00da9c4e2b1a1ce30e509dba82cc6c94a)
(From OE-Core rev: 9660e4d75230a8aed91a2fc4c887e332f52914e2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Putting the locale and script files into the sysroot for use by their
specific recipes used to be a simple way to share the files. With RSS,
we don't want to copy these into many different recipes so put these
files in their own sstate task.
(From OE-Core rev: c283f2532851e2a65e08fe7b3fd71c5d9abb70f2)
(From OE-Core rev: bb95c7f9edfc73ad9c5ef47a5e897b19086030a9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PACKAGES_DYNAMIC contained an identical set of packages twice.
I suspect this was a result of global search/replace when moving
recipes from eglibc to glibc long time ago.
(From OE-Core rev: 9d0f0fa80ffbafc2d4a1df0fa3ac5d84396a8182)
(From OE-Core rev: 8d6f11c6dc0543dff330a0bfd0772bda969016ed)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 74ef87b31e33436e82f4985fa99b570726a5e564)
(From OE-Core rev: 43e3fb2e5329aaea3ae425dd2903dc11645e7663)
Signed-off-by: Gianfranco Costamagna <gianfranco.costamagna@abinsula.com>
Signed-off-by: Lorenzo Chianura <lorenzo.chianura@abinsula.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
localedef has no way to specify which locale archive to use, and the
compile-time default isn't useful as it points to the work directory.
Add support to read an environmental variable for the path, and don't fail to
write a new locale archive.
(From OE-Core rev: bf0f205a3c3714926649bd69db29e4df1c0ea112)
(From OE-Core rev: 38b0e8d9b1944a955e4ed682184dafdce20db4b9)
(From OE-Core rev: 3c67ea2f357b6f97cce2fcbaef4dfd79b435ad6e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As glibc 2.27 can't read older locale-archives, SDKs using glibc 2.27 on hosts
using glibc earlier than 2.27 won't be able to find any locales, so bitbake
won't start and Python can't use UTF-8.
So by default install all locales into the SDK. Special-case Extensible SDKs by
installing no locales as they ship glibc in a buildtools, and that will have the
locales.
Locale installation requires cross-localedef, so add that to DEPENDS.
Also remove the explicit en_US addition in buildtools-tarball as it is now
redundant.
(From OE-Core rev: 96896568d197cd06302713c24c0f7d91bfaea6c1)
(From OE-Core rev: 385dd115d00aabbcd970ef6b62353480d87a5a55)
(From OE-Core rev: 065ddf01b914805298fb1ddf83ae32b5018856b3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nativesdk is built with a specific prefix but this will be different at install
time, however glibc hard-codes the path to locale files. Expand these strings to 4K and move them to a magic segment which we can relocate when the SDK is installed.
(From OE-Core rev: 59e0679378aac27c4fea0b06721e0a184a93c100)
(From OE-Core rev: c1f220f89496de51d3aa6eacd42cd8d3ddaad104)
(From OE-Core rev: 39d0aca4e3e4e1115ee9db64e84625f5827ea50f)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: e1faf9ac7e89d33aba33547ede19a10aaa034207)
Fixup patch
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: d7ded85766852689a0d774c896a11d0609004ab2)
(From OE-Core rev: 152e045f42a66a0f74f6c097213f023c2c740292)
(From OE-Core rev: d5adeb887e9b56e4c047a8c5488fb89831e88727)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NVD uses product glib and vendor gnome for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-6855
(From OE-Core rev: 4d4d07650d600fcb8fb1de8592494c3a9e4189ce)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 69d6342d45316389afb4b062088919689db0a6dd)
Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All recipes which include this .inc map to glibc NVD component.
(From OE-Core rev: 221266dcf1f8825b5e4cf397d67cf535facca7e7)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 613a13725db4e05539974cc7c66584a287d7b4bd)
Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 1718f0a6c1de9c23660a9bebfd4420e3c4ed37e6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With out this patch, one can not login to a mips64 machine like qumumips64 or Octeon mips64 when
systemd is enabled.
remove PACKAGECONFIG option too
affects: systemd < 2.3.1
Reviewed-by: Jeremy Puhlman <jpuhlman@mvista.com>
(From OE-Core rev: ce97fa3c673c7adc7a1fb81e0fd47f103fe281de)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: git://sourceware.org/git/glibc.git
MR: 76647
Type: Security Fix
Disposition: Backport from glibc-2.27
ChangeID: f4494e472d36748c2b3171a91640b26c638f6e0b
Description:
CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]
Affects: glibc < 2.27
(From OE-Core rev: 25bd45375fd90489a3d80955b2f0f7c800e9fc9a)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://sourceware.org
MR: 74337
Type: Security Fix
Disposition: Backport from https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html
ChangeID: c8c51220e40185dd0ac3d657046e70b82cb94bee
Description:
CVE-2017-8804
sunrpc: xdr_bytes/xdr_string need to free buffer on error [BZ #21461]
Affects: glibc < 2.25
(From OE-Core rev: b7099c48641f5db6ec7831a48c9d9c5e9e9de6f9)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patches from the upstream release/2.24/master branch to
fix CVE-2017-1000366. Also add a backported patch that resolves SSE
related build problems introduced by these patches.
(From OE-Core rev: 07e041138f0b037e7ddc75a33c7960668acdb8bb)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2015-5180 from the upstream
release/2.24/master branch.
(From OE-Core rev: e8a6e3894c8aebac4aa6b0ceea021b95e94e6691)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Newer versions of glibc (2.26) moved the struct locale definition from
xlocale.h to bits/types/locale_t.h. For compatibility with build hosts
using this version of glibc, include this header.
See f0be25b6336db7492e47d2e8e72eb8af53b5506d in glibc
(From OE-Core rev: 4e9bb9ab2e5c603f3eb2d52ce272401c8e320cc0)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 93b7f83a4212409a55ddf568a34468d4f6ef2c06)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9843 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9843
(From OE-Core rev: 32db742922b6e4127d65abf42905a07eca6a2255)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9842 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9842
(From OE-Core rev: 715645a1be700e132a31aa9c40da1e66dd427ae8)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9841 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9841
(From OE-Core rev: aa650d4f5eb2b671e76d7c4da3ef080e26eed543)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9840 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9840
(From OE-Core rev: c34064cceeb56806ed8ddf3aff73a3971378066c)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per the patch
(From OE-Core rev: a0cb33b3285de03ae901e474da255efc88811c2d)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Cherry-pick from meta-gplv2:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2/commit/?id=e42ded0ee35d0aab0de8fa090eda9f1c08bcbb4c
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are generated from --help output of the host tools which is clearly
incorrect, particularly given the older nature of this recipe. Simply
disable them entirely.
(From OE-Core rev: a70dc7d38764e1835ed947599b7fcbe3cc71d5b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cherry-pick from meta-gplv2:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2/commit/?id=46349e1a8734fb94a04bf7c234c01fa175333238
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* the libc.so.6 dependency is detected always:
$ grep FILERDEPENDS BUILD-*/pkgdata/qemux86/runtime/localedef
BUILD-bad/pkgdata/qemux86/runtime/localedef:FILERDEPENDSFLIST_localedef: /usr/bin/localedef
BUILD-bad/pkgdata/qemux86/runtime/localedef:FILERDEPENDS_/usr/bin/localedef_localedef: libc.so.6(GLIBC_2.15) libc.so.6(GLIBC_2.3) libc.so.6(GLIBC_2.2) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.0) libc.so.6
BUILD-ok/pkgdata/qemux86/runtime/localedef:FILERDEPENDSFLIST_localedef: /usr/bin/localedef
BUILD-ok/pkgdata/qemux86/runtime/localedef:FILERDEPENDS_/usr/bin/localedef_localedef: libc.so.6(GLIBC_2.15) libc.so.6(GLIBC_2.3) libc.so.6(GLIBC_2.2) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.0) libc.so.6
* but in some builds the glibc dependency isn't built soon enough:
$ diff -uNr BUILD-*/pkgdata/qemux86/runtime/localedef
--- BUILD-bad/pkgdata/qemux86/runtime/localedef 2017-09-02 21:17:50.000000000 +0000
+++ BUILD-ok/pkgdata/qemux86/runtime/localedef 2017-09-11 10:15:49.954381592 +0000
@@ -6,6 +6,7 @@
LICENSE: GPLv2 & LGPLv2.1
DESCRIPTION_localedef: glibc: compile locale definition files
SUMMARY: Locale data from glibc
+RDEPENDS_localedef: glibc (>= 2.26)
SECTION: base
PKG_localedef: localedef
FILES_localedef: /usr/bin/localedef
and the build fails with QA issues:
http://errors.yoctoproject.org/Errors/Details/155529/
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.0), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.15), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.3), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.2), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.1), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6, but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA run found fatal errors. Please consider fixing them.
* reproducible with Yocto 2.2 Morty as well, with slightly different
error message:
ERROR: glibc-locale-2.24-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.4), but no providers found in RDEPENDS_localedef? [file-rdeps]
* cherry-picked from master 2d2b4d7383c93174fe8eeb72440e81345df71295
(From OE-Core rev: 6c6a06bb806ecd496bb1c3ad723f074ccb454076)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
(From OE-Core rev: e56cb926c170f493ee2a9c4c63d0ecbf883d4685)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
The addition of missing.h to user-utils.c was done in v230 with 0b6b45d5.
(From OE-Core rev: b9e5a58f64e45be37b9532b20bf22d91257abbd6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-sysv-generator translate sysv services on rcS runlevel to
services that starts before sysinit.target. This behavour conflict
with default dependency on same tartget.
String that define "DefaultDependency=no" was lost from patch for
sysv generator during porting patches to systemd 229 in commit
64ab17b707dc431aaed880d6d8615971243f46f8.
Current commit returns changes required for services that work on
rcS runlevel.
(From OE-Core rev: 5c0a87c94ab086514039f2f8d0e9b06daa2179a7)
Signed-off-by: Nikolay Merinov <n.merinov@inango-systems.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pthread_mutex functions such as pthread_cond_wait(), pthread_mutex_unlock() return
errors after PTHREAD_PRIO_INHERIT is enabled
Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=18463
Upstream patches:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f0e3925bf3b8df6940c3346db17e42615979d458
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=13cb8f76da9d9420330796f469dbf10643ba5b12
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=23b5cae1af04f2d912910fdaf73cb482265798c1
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ed19993b5b0d05d62cc883571519a67dae481a14
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2e4cf778972573221e9b87fd992844ea9b67b9bf
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=abff18c0c6055ca5d1cd46923fd1205c057139a5
This issue is Morty specific (glibc 2.24).
The issue is no longer present in glibc 2.25 (master branch).
(From OE-Core rev: 6dc1f1c3cc871d00ecd59d5aeeef86b7e6965750)
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
(From OE-Core rev: e80d454711f67a9a3a2a43bb7d9ff911c4664a84)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 56210d562347eafd1433b3fbab64dd023ece421f)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you want to be able to use -fstack-protector then you need the
runtime support - you can either write this yourself or use libssp
supplied with GCC. If you're using GCC then it seems likely that you'd
just be using libssp, so include in the SDK by default; however use
RRECOMMENDS just in case it's been disabled or you aren't using GCC.
(From OE-Core rev: 6c990655e35bb3a14d59555662ec5802c9980028)
(From OE-Core rev: 69b5643ec66e1495c9d805736d8765a06f67416c)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 8daed12b4327e4c362a7af4ddc38e7a9cea2c939)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: ce06f3a0c9859df1f897583659f836234c47d2d7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier
and other products, does not offer a flag directly indicating that
the current document may be read but other files may not be opened,
which makes it easier for remote attackers to conduct XML External
Entity (XXE) attacks via a crafted document.
Reference:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/?id=2304078555896cf1638c628f50326aeef6f0e0d0
(From OE-Core rev: 0dd44c00e3b2fbc3befc3f361624a3a60161d979)
(From OE-Core rev: 53c39f29578a4468e7f64a7403e77c28d951de6a)
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[BZ 20116] -- https://sourceware.org/bugzilla/show_bug.cgi?id=20116
The commit documents the ownership rules around 'struct pthread' and
when a thread can read or write to the descriptor. With those ownership
rules in place it becomes obvious that pd->stopped_start should not be
touched in several of the paths during thread startup, particularly so
for detached threads. In the case of detached threads, between the time
the thread is created by the OS kernel and the creating thread checks
pd->stopped_start, the detached thread might have already exited and the
memory for pd unmapped. As a regression test we add a simple test which
exercises this exact case by quickly creating detached threads with
large enough stacks to ensure the thread stack cache is bypassed and the
stacks are unmapped. Before the fix the testcase segfaults, after the
fix it works correctly and completes without issue.
For a detailed discussion see:
https://www.sourceware.org/ml/libc-alpha/2017-01/msg00505.html
(cherry-picked from commit f8bf15febcaf137bbec5a61101e88cd5a9d56ca8)
(From OE-Core rev: eaa844b6ce75d68f952de67ea5145a54a1968171)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 3842dc98a471530e23305d09669d7f4bdc05a532)
Signed-off-by: Martin Balik <martin.balik@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0354a9b7adad27b012bcd6bb6cab54dfe0297bcd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ntpd: NTP server denial of service flaw
CVE: CVE-2016-6301
(From OE-Core rev: dafbf8a9e9ed068ecbf22cc816f9a6a3a2da7aa9)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 301dc9df16cce1f4649f90af47159bc21be0de59)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IPv6 routes need the device argument for link-local routes, or they
cannot be used at all. E.g. "gateway fe80::def" seems to be used in
some places, but kernel refuses to insert the route unless device
name is explicitly specified in the route addition.
(From OE-Core rev: 4d9fcf9f2fa573218cda3a133e0da34c4185838a)
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 96ed437d57316153453bb5e170a4fd4f3a95883d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These changes are required for compatibility with ConnMan, which by default
uses table ids greater than 255.
(From OE-Core rev: 8ab20681730a3cbd75ed0c7c208a30b437714915)
Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit e9114bdd8a83b88f59526780910c49e3092fdd57)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[Backported from master.]
We don't want to run resize on non serial consoles. There's
been an earlier attempt (6557787), so this builds upon that.
The problem we're seeing is that if there is text buffered in
the virtual console (like from a desperate user trying to
enter login details), resize will get stuck while calling
ioctl(tty, TCSETAW);
Since serial consoles are named (not just numbered), this
change limits resize's reach even further to run only on
/dev/tty[A-z] (thus avoiding /dev/tty[0-9]).
(From OE-Core rev: 00ff70dc6284a510e4fe3acfaae6b59663fd3141)
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-tmpfiles-setup will fail at boot, so we suppress
the default versions of etc.conf and home.conf.
We also make sure that /var/{cache,spool} and /srv are writeable
if they exist.
(From OE-Core rev: a7c6129a7c9c0c7e1b729e16a60b2ca704af3f97)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream accepted the flock fix with some improvements. Backport those
changes.
(From OE-Core rev: 58c01c9ccbec416b297dacd4b917d4073c35c6fb)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 55c835c73cc41b6fc809c941c295d62a612e49e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream have removed the file from zlib.net as a new version has
been released, switch to fetching from the official sourceforge
mirror.
[YOCTO #10879]
(From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8)
(From OE-Core rev: b7599330f1d629384e16a5fbeffc1a65c1555667)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: ae3513b8e752d0dc1757fbfc681f644a3f2855b0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.
(From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601)
(From OE-Core rev: 401d552f9e4ed3341e42864e566dddb2b26019dc)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ranges
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.
(From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023)
(From OE-Core rev: cf810d5cc17cb6b9f53d21a404c89afe372accb7)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
xpath:
- Check for errors after evaluating first operand.
- Add sanity check for empty stack.
- Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes
(From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0)
(From OE-Core rev: 68b0f3a0bf8dfdf49be4aed1745a7f50662c555d)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|