| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update was made with the convert-scruri.py script in scripts/contrib
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
(From OE-Core rev: 827a805349f9732b2a5fa9184dc7922af36de327)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We're seeing pthread being linked sometimes and not others leading to
non-reproducible target binaries. The reason is mixing the native python
config with the target one. We should use the target one.
(From OE-Core rev: e570efa43d5655afa041bd4ab52fec2de2216e4d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1bc5378db760963e2ad46542f2907dd6a592eb66)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Sort the list of files to ensure the pkgdata output is deterministic.
(From OE-Core rev: c6a5c4a72de7590b4ac8f5e1bd4c1e83567ef468)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3a55194f90e11da5671b24391a4aaf2b86a8e1e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
raw.h has been dropped in linux-libc-headers-5.14 leading to:
configure: error: raw selected, but required raw.h header file not available
WARNING: exit code 1 from a shell command.
(From OE-Core rev: 7c2de7211d8c8790851a87d949d29c6e0e140dc2)
Signed-off-by: MarkusVolk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f577c10913104860121f682b9b3754870c4db23)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are observing systemd-network service crash during link down
while freeing link->ifname pointer
Backtrace:
(gdb) bt
0 __GI_abort () at abort.c:107
1 0x0000007f861d32b4 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7f8628d500 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
2 0x0000007f861da51c in malloc_printerr (str=str@entry=0x7f86289070 "free(): invalid next size (fast)") at malloc.c:5347
3 0x0000007f861dbd58 in _int_free (av=0x7f862c9a28 <main_arena>, p=0x558aa28eb0, have_lock=0) at malloc.c:4249
4 0x0000005569249cf0 in link_free (link=0x558aa1c0d0) at ../git/src/network/networkd-link.c:715
5 link_unref (p=0x558aa1c0d0) at ../git/src/network/networkd-link.c:734
6 0x000000556920f34c in manager_rtnl_process_link (rtnl=<optimized out>, message=0x558aa2a430, userdata=0x558a9fc630)
While checking upstream code change with regards to link->ifname
memory allocation and free, we found below PR which also fixes
random systemd-networkd crash:
https://github.com/systemd/systemd/pull/19631
https://github.com/systemd/systemd/issues/19629
(From OE-Core rev: adca61c61d84f022fdedd2d616e7c2df00661af8)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 0e61fb4f00b1024a96c18f33825110a426a4f984)
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 83169c33f7585da25560784f79eaad2c6f029f3c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: c7d2281eb6cda9c1637c20b3540b142073bca235)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 49ca1f62cc17c951b7737a4ee3c236f732bc8ebe)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://git.openembedded.org/openembedded-core
MR: 108825
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-core/dbus?id=bfaef91e77cd54e4f642e966903aac3f3291c325
ChangeID: bfaef91e77cd54e4f642e966903aac3f3291c325
Description:
Bugz only update
Includes fix for CVE-2020-35512
ab88811768 (HEAD, tag: dbus-1.12.20) v1.12.20
5757fd5480 Update NEWS
f3b2574f0c userdb: Reference-count DBusUserInfo, DBusGroupInfo <- cve fix
37b36d49a6 userdb: Make lookups return a const pointer
732284d530 Solaris and derivatives do not adjust cmsg_len on MSG_CTRUNC
1f8c42c7cd Start 1.12.20 development
(From OE-Core rev: bfaef91e77cd54e4f642e966903aac3f3291c325)
(From OE-Core rev: 4cebabf1007762872510c5065a2a718a89687734)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bfaef91e77cd54e4f642e966903aac3f3291c325)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dbus and dbus-test share the same source code and base configuration options,
so factor out the common parts into dbus.inc.
This way we can eliminate the need to keep the two recipes in sync. When they
are not properly in sync (e.g. when dbus recipe has extra patches/config
options that are not duplicated in dbus-test) ptest testsuite will actually
test a slightly different codebase. This is due to the fact that dbus-test does
not run the testsuite against the system libdbus library, but instead it
generates a local libdbus.so that needs to configured/compiled as close as
possible to the system one.
(From OE-Core rev: 1cde2935526d2eec7d6b17a6c622647b0c132439)
(From OE-Core rev: 6c90e4dd59eb06058d14deeb9aa87717fd88ab09)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44ae5d8d6f26fda4ab1a3fef9fc49d74e4ac89f0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
X specific configs are already handled through PACKAGECONFIG:
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)}"
...
PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x
--disable-x11-autolaunch, virtual/libx11 libsm"
Remove duplicated EXTRA_OECONF_X args.
(From OE-Core rev: 7dc107b05a29f8a3e8903d73f84ef8069f68af6f)
(From OE-Core rev: d747c666ed563488af0b894d4e3236335aa2a8bf)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 036e3436e51a44de3fc9b4b8e5b1ff149e3aaa9d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 839695e0c1b0c0fcfbb924c2b174c4a638067a32)
(From OE-Core rev: 296746f58dd1b4839c953a7b1eb4aed22e407c29)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5cbf053481642a820b9f4c6bed9ac79246719087)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8d33a2a4e4b6ff8f831523e5b1b16ead6b29cc79)
(From OE-Core rev: 7337d7e4faf20a513c065c44d7d9d472334452b2)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a62471f0641551717a260c67690d3a7d280ac028)
[Bug fix only update, drop cve patch now included
a0926ef86f (tag: dbus-1.12.18) Prepare 1.12.18
8bc1381819 fdpass test: Assert that we don't leak file descriptors
272d484283 sysdeps-unix: On MSG_CTRUNC, close the fds we did receive <- cve fix
31297172f1 Update NEWS
041d579139 dbus-daemon test: Don't test fd limits if in an unprivileged container
55b3f71376 Update NEWS
ced04aabc7 doxygen: fix example for dbus_message_append_args
3e40637b10 Update NEWS
3e0ea34966 cmake: Add X11 include path for tools
d0992805d7 doc: replace dbus-send's --address with --peer and --bus
dd32f6b617 Update NEWS
d251fe7850 Merge branch 'cherry-pick-b034b83b' into 'dbus-1.12'
2c6b0ad7f6 bus: Don't explicitly clear BusConnections.monitors
df0c675b93 Merge branch 'cherry-pick-bf71a58e' into 'dbus-1.12'
beb79b94fb doc: Fix environment variable name in dbus-daemon(1)
eab5d4a420 Start 1.12.18 development]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: glibc.org
MR: 112635
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
ChangeID: 53b105da48e604f6763bb04b7114f41bfb620d2f
Description:
(From OE-Core rev: f65b5b7c88092cdba0239939fead20992eb2ff48)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: glibc.org
MR: 111508
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/glibc.git
ChangeID: 815edc154adc45d08d00995862409f13014f885f
Description:
This version of glibc does not have __pthread_attr_setaffinity_np so an adapted patch was taken from 2.28 (https://sourceware.org/bugzilla/attachment.cgi?id=13497) and https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb
(From OE-Core rev: d468eb9c0fa5f8fbd15abda6d0f04e3d25c50c26)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OVMF target binaries are (currently) x86-specific, but the native
tools to build them are not.
Make the COMPATIBLE_HOST assignment target-specific, so that the native
tools can be built on an arm64 build server.
(From OE-Core rev: 94f5c2d51ec8033e00b52ef2d4e0e4c334c14163)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58ebb47688fc98fdaeb78b4033bd31100218d5d6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sys-utils/ipcutils: be careful when call calloc() for uint64 nmembs
Fix: #1395
(From OE-Core rev: f1b1627cac303f5f9c07fc0e8f959c0675b8f3a7)
Signed-off-by: Karel Zak <kzak@redhat.com>
CVE: CVE-2021-37600
Upstream-Status: Backport [1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c]
Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9822232b4abd811bb9c8562f98c0aefc748340a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This CVE is fixed in the upstream glibc-2.31 branch, and dunfell already
includes an update to this version in commit e1e89ff7d75c3d22 ("glibc:
update to lastest 2.31 release HEAD")
(From OE-Core rev: c1d49cee0a3a7391708b19647889f48036d7e4e8)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added fix for below CVEs from below Link
http://archive.ubuntu.com/ubuntu/pool/main/s/systemd/systemd_237-3ubuntu10.50.debian.tar.xz
1. CVE-2020-13529
Upstream-Status: Backport [https://github.com/systemd/systemd/commit/38e980a6a5a3442c2f48b1f827284388096d8ca5]
Hunk #1 refreshed to resolve patch-fuzz
2. CVE-2021-33910
Upstream-Status: Backport [https://github.com/systemd/systemd/pull/20256/commits/441e0115646d54f080e5c3bb0ba477c892861ab9]
(From OE-Core rev: dcdd3c14beee89dc49261aeb4d7783cbb3fbeb89)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When dhclient is used with ifupdown and in the /etc/network/interfaces
file is something like e.g. "iface eth0 inet6 dhcp" the system does not
boot but hangs at the after dhcp configuration of IPv4 at the stage
where IPv6 should be configured.
The reason seems to be, that ifupdown calls the dhclient in a blocking
way which leads to a permanent block of the boot when no DHCPv6 server
is available.
A similar bug in Redhat:
https://bugzilla.redhat.com/show_bug.cgi?id=585047
[YOCTO #14117]
(From OE-Core rev: 6d8bf12bffa146cb51153a79a4b96b05298c4fbf)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: c9271a5882965d783a88d4f97d03d9bb2bc93c7c)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 71f1f6bc9402ee0fad82aaf0757fffb73da4b706)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 5406ce83e07c3f89b9f2bb26f083861467b7bc59)
(From OE-Core rev: 5a02a56d3e0c88626418391b8d4253f7cee4c38c)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A flaw was found in libxml2. Exponential entity expansion attack
is possible bypassing all existing protection mechanisms and leading
to denial of service.
https://nvd.nist.gov/vuln/detail/CVE-2021-3541
CVE: 2021-3541
(From OE-Core rev: 1699293a7011797895c284d6ad664c66badba426)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Make mktemp applet compatible with --tmpdir option in ca-certificate
update script.
(From OE-Core rev: 9b83aefa9c4a21d9dc1eea4a6b00af379466a288)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3d969e482d29da29828d1510f106f161d2b3d3c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This pulls in non-bash shell fix for enable/disable command, upstream
commit 8636cf4 ("update-rc.d: Fix enable/disable command"). This way
update-rc.d works with e.g. dash shell again.
(From OE-Core rev: 2a692b74f49952636098427ca523bc1590b9d81c)
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Changqing Li <changqing.li@windriver.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f697332a3a753898183d7c5d2965dd75db9b0a24)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2021-28831.
(From OE-Core rev: e579dbd9a6b2472ca90f411c0b594da9e38c9aca)
(From OE-Core rev: 42098fd740fe3de68a221fcc9c44ead545757461)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes the following fixes:
4f0a61f753 wordexp: handle overflow in positional parameter number (bug 28011)
8e88c0d888 Fix SXID_ERASE behavior in setuid programs (BZ #27471)
74a4425fae Enhance setuid-tunables test
bb5bb87959 tst-env-setuid: Use support_capture_subprogram_self_sgid
700264179c support: Add capability to fork an sgid child
7fa6d30eea support: Typo and formatting fixes
0de2b69c31 support: Pass environ to child process
0c92f409a7 S390: Also check vector support in memmove ifunc-selector [BZ #27511]
(From OE-Core rev: eb03d3f72472539b10de49a32bdd3c68c34b658e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.
Upstream-Status: Backport [from fedora:
https://bugzilla.redhat.com/show_bug.cgi?id=1954243]
(From OE-Core rev: ef2a81a473e7c36a36facb209ca907a7439d36f2)
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
expat < 4.0 is vulnerable to billion laughs attacks (see
[https://github.com/libexpat/libexpat/issues/34]). This patch backports
the commits b1d039607d3d8a042bf0466bfcc1c0f104e353c8
and 60959f2b491876199879d97c8ed956eabb0c2e73 from upstream.
Additionally, the SRC_URI had to be adjusted due to renaming of the
source archive
(From OE-Core rev: b0b843797321360693172c57f2400b9c56ca51cf)
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: f177c0ec321f005dd9ce63aec2d700fd53c993ff)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
VIRTUAL-RUNTIME_base-utils-syslog"
This reverts commit e990a9ec5d6eaf2c328d61c4de73ea6c270cfa15.
Patch not in master, erroneously applied
(From OE-Core rev: 090452c5284181f18c32dc33887f4dda20c48004)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 70df5169758c8264b48ee3884b66c41a82b28fe9)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd4d76f43c6ead9f32dece1faa9c9c5da895d9cd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've noticed that:
MACHINE=qemuarm oe-selftest -r glibc.GlibcSelfTest.test_glibc
ends up with one process growing to about the size of system memory
and triggering the OOM killer. This has been taking out other builds
running on the system on the autobuilders and is one cause of our
intermittent failures.
This was tracked down to:
WORKDIR=XXX/tmp/work/armv7vet2hf-neon-poky-linux-gnueabi/glibc-testsuite/2.33-r0
BUILDDIR=$WORKDIR/build-arm-poky-linux-gnueabi QEMU_SYSROOT=$WORKDIR/recipe-sysroot
QEMU_OPTIONS="$WORKDIR/recipe-sysroot-native/usr/bin/qemu-arm -r 3.2.0" \
$WORKDIR/check-test-wrapper user env GCONV_PATH=$BUILDDIR/iconvdata LOCPATH=$BUILDDIR/localedata LC_ALL=C $BUILDDIR/elf/ld-linux-armhf.so.3 \
--library-path $BUILDDIR:$BUILDDIR/math:$BUILDDIR/elf:$BUILDDIR/dlfcn:$BUILDDIR/nss:$BUILDDIR/nis:$BUILDDIR/rt:$BUILDDIR/resolv:$BUILDDIR/mathvec:$BUILDDIR/support:$BUILDDIR/nptl \
$BUILDDIR/nptl/tst-pthread-timedlock-lockloop
although other glibc tests appear to use 16GB of memory before failing
anyway. By capping the VM size to 8GB, we see the same number of failures
but no OOM situations. There may be some issue in qemu or the test which
could be improved to avoid this entirely but this provides a necessary
and useful safeguard to other builds and doensn't appear to make the
situation worse.
On a loaded system OOM may not occur as the test timeout may be triggered
first. An experiment with a 5GB limit showed an additional 7 failures.
(From OE-Core rev: 4926a16d4fc075ea486536427e99dd6dcaace583)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 58d4f669bd46805669daf87626350fe9359feca5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before, running ptests on core-image-minimal would result in
an error due to missing /bin/bash:
[ -d test ] || ln -s ../libxml2-2.9.10/test .
make: /bin/bash: No such file or directory
make: *** [Makefile:2105: runtests] Error 127
Changing the Makefile to use /bin/sh results in some of the
tests failing, so I have added the missing dependancy on bash.
(From OE-Core rev: bc1d05429da1101d910b4ccf3de5407ddfbedc92)
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2e81298c446aec8d7fcf61fd5023ac30350f205)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reformatted runtest.patch to allow it to be applied using git am.
This makes it easier to apply the series of patches to the original git repo.
There are no changes to the code of the patch other than the reformat.
Previously, the patch claimed to be a backport, but I have not found an
upstream commit so I've changed the Upstream-Status to pending.
(From OE-Core rev: 5f01e69b6e7b7f734882a30146cca89dbdb99705)
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0361d625e1573e846a2f03ed90a8b897bc405160)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
syslog.cfg is added to the list of sources for busybox
independent of the VIRTUAL-RUNTIME_base-utils-syslog variable. So even
if VIRTUAL-RUNTIME_base-utils-syslog being set e.g. to empty, syslogd will
be enabled. So only include syslog.cfg in SRC_URI if
VIRTUAL-RUNTIME_base-utils-syslog is set to busybox-syslog.
(From OE-Core rev: e990a9ec5d6eaf2c328d61c4de73ea6c270cfa15)
Signed-off-by: Volker Vogelhuber <v.vogelhuber@digitalendoscopy.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upstream database uses both "expat" and "libexpat" to report CVEs
(From OE-Core rev: f89b497800fb3a3ecd77b7a868a02800b6c86d92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 706bdcaec5fd7c59d7877bbefa5ed4ce5b4f3da1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: ecd636154e7cfc1349a7cfd8026a85eafa219535)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=v8.27-101-gf5d7c0842
"Given runcon is not really a sandbox command, the advice is to use
`runcon ... setsid ...` to avoid this particular issue.
(From OE-Core rev: 1c18220fc8559f6423f9afd95a402753c2143e6b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2d273b5aed4a5bd509ec9c68a6f451c17ec17d0c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These CVEs are disputed by upstream and there is no plan to fix/address them. No
other distros are carrying patches for them. There is a patch for 1010025
however it isn't merged upstream and probably carries more risk of other bugs
than not having it.
(From OE-Core rev: 2afbfc1eb6bc7613da4a7f06ac267ea561b5470e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b238db678083cc15313b98d2e33f83cccab03fc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 6075d688dc7b0c20b5eadb4db2c78d50466be7e7)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 61cc9acb54be09a12aac7c79f4b14e7e525d5596)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 6427c9ce73a6575e262e7c7e89f78e756f80a35b)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f8bf6b5f9aedcc4490008000250e69f74529db75)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 028ac5a2b8c1b66de46ce46cb789e4d3093cd1d9)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c4301758f5a1560965ca5fb69eb1492adf351ed0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recently an entry in the NVD DB appeared that looks like that
{'vulnerable': True, 'cpe_name': []}.
As besides all the vulnerable flag no data is present we would get
a KeyError exception on acccess.
Use get method on dictionary and return if no meta data is present
Also quit if the length of the array after splitting is less than 6
(From OE-Core rev: 45148918628ba797755f3cbb52f065ec6dbbcfd2)
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00ce2796d97de2bc376b038d0ea7969088791d34)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: a3de6239e98efafe3668396e69133ffee3d9b27f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
some record from NVD can merge or split suffix from version, for
example:
CVE-2017-15906
"cpe23Uri" : "cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*"
"cpe23Uri" : "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*"
in such case include the suffix into version when update local CVE db.
(From OE-Core rev: b8d3e1754faea3ba0b6e07d5a830fbab12b5f53d)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 13cc68197f81bb7c76fa1abecc5dd720b8bdb8d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the install script copy only few hard coded item while
setting up target ESP, kernel artifacts, all .efi in EFI/BOOT,
grub & boot cfg and loader.conf.
While ESP can be much complex, eg: contain multiple initrd.
Add a ESP folder to carry any other files to setup onto ESP.
(From OE-Core rev: 3be53035c567c06a09a36d68c41393482bd4789b)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6eaca9cf20c42501fba27dea3a6446bad948e859)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The relevant commit log:
$ git log --format="%h %s" df31c7ca927242d5d4eee97f93a01e23ff47e332..f84949f1c4bbf20e6a1d9a5859cf012cde060ede
f84949f1c4 powerpc64: Workaround sigtramp vdso return call
5e43566f0f nscd: Fix double free in netgroupcache [BZ #27462]
d0c84d22b6 gconv: Fix assertion failure in ISO-2022-JP-3 module (bug 27256)
af316e4627 x86: Check IFUNC definition in unrelocated executable [BZ #20019]
36eb01dd85 x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]
8b7be87aa2 x86-64: Avoid rep movsb with short distance [BZ #27130]
c4f5e32aae Fix buffer overrun in EUC-KR conversion module (bz #24973)
0858f46440 Add NEWS entry for CVE-2020-29562 (BZ #26923)
1e40391de2 iconv: Fix incorrect UCS4 inner loop bounds (BZ#26923)
568c86274a tests-mcheck: New variable to run tests with MALLOC_CHECK_=3
(From OE-Core rev: 83be9ed671de2433ea6dc4017a9bb471aa322ea7)
Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In cases where we configure the IP address and more on the kernel
command line with ip= we should not ask for DHCP with systemd-networkd
later on. We have such a setup with our runqemu script.
With this match in place we can also deploy this unit on qemu systems.
(From OE-Core rev: c88bb3db92d0650a560d7cbc1f0f42ae8faf15e1)
Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c4981e740c0e630200dbc77c9e3dfd3e43b790b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernel-devsrc is a dependency of the image so we no longer need the symlink
creation code or the module-base inherit/dependency as it is included in
that recipe. The KERNEL_VERSION usage was broken anyway as the module
usage would have needed a:
do_image[depends] += "build-appliance-image:do_configure"
which wasn't present so it was indeterminate if KERNEL_VERSION was set
correctly.
(From OE-Core rev: b5bcbe1835ad95a65c2c01212a35f9388ac0dffc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a46b43bb67b2f87ec370480e50a2e2d111555b75)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
