| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Since we want to be able to stop unpacking to WORKDIR, correct the WORKDIR
references in recipe do_compile/do_install tasks to use UNPACKDIR in the
appropraite places instead.
(From OE-Core rev: d73595df69667fe9d12ecd407b77a0b8dae2109c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Where recipes use S = ${WORKDIR}, ensure they are referencing ${S} correctly
to access files as soon we want to stop doing this in WORKDIR at which point
they would break unless corrected.
(From OE-Core rev: f25dd633fffe6560f191526d1869e657e129bad9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adresses CVE-2024-2961
Remove backported patch included in hash update.
Changes:
31da30f23c iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
423099a032 x86_64: Exclude SSE, AVX and FMA4 variants in libm multiarch
04df8652eb Apply the Makefile sorting fix
edb9a76e30 powerpc: Fix ld.so address determination for PCREL mode (bug 31640)
7b92f46f04 x86-64: Simplify minimum ISA check ifdef conditional with if
9883f4304c x86-64: Don't use SSE resolvers for ISA level 3 or above
9d92452c70 AArch64: Check kernel version for SVE ifuncs
395a89f61e aarch64: fix check for SVE support in assembler
b0e0a07018 aarch64/fpu: Sync libmvec routines from 2.39 and before with AOR
31c7d69af5 i386: Use generic memrchr in libc (bug 31316)
5d070d12b3 x86: Expand the comment on when REP STOSB is used on memset
6484a92698 x86: Do not prefer ERMS for memset on Zen3+
aa4249266e x86: Fix Zen3/Zen4 ERMS selection (BZ 30994)
5a461f2949 Add tst-gnu2-tls2mod1 to test-internal-extras
aded2fc004 elf: Enable TLS descriptor tests on aarch64
a8ba52bde5 arm: Update _dl_tlsdesc_dynamic to preserve caller-saved registers (BZ 31372)
15aebdbada Ignore undefined symbols for -mtls-dialect=gnu2
354cabcb26 x86-64: Allocate state buffer space for RDI, RSI and RBX
853e915fdd x86-64: Update _dl_tlsdesc_dynamic to preserve AMX registers
a364304718 x86: Update _dl_tlsdesc_dynamic to preserve caller-saved registers
7fc8242bf8 x86-64: Save APX registers in ld.so trampoline
983f34a125 LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
aad45c8ac3 powerpc: Placeholder and infrastructure/build support to add Power11 related changes.
ee7f4c54e1 powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
71fcdba577 linux: Use rseq area unconditionally in sched_getcpu (bug 31479)
(From OE-Core rev: 8b0124782510389bdc376fab645a0920b3fb94c8)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The option was introduced in:
https://git.yoctoproject.org/poky/commit/?h=master&id=427472e980cd6254a5e4ef37209b327e15af259b
for the purpose of a standalone udhcpc service.
18 months later the service was removed as it was clashing with the
broader networking service, and the option isn't used
anywhere else:
https://git.yoctoproject.org/poky/commit/?h=master&id=a4b1e348484b74d055b8906413892789d3452f4a
There's a slight chance the option still survives
somewhere private, and is important in that context,
but I'd rather drop the patch so it can be maintained
where it's useful, and maybe even proposed upstream.
(From OE-Core rev: e9dfd3a422d7448ee93ae0dd7e8756a831a578f7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 64c026024b1c86797de338760b9f29d7e949926c)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a bug introducted in ebafe46379 systemd: upgrade to 255.1.
Besides updating systemd, that commit also made other changes. One of them
being when to perform the replacement in order to fix ROOT_HOME.
Previously, that happened on a configure prefunc and on
${S}/sysusers.d/basic.conf.in.
Now it happens in install and on image/usr/lib/sysusers.d/basic.conf.
However, that file is not present if sysusers is not in PACKAGECONFIG,
since that file in that case is not installed hence resulting in:
sed: can't read <redactedpath>/image/usr/lib/sysusers.d/basic.conf: No such file or directory
Previously, in the case of sysusers not being in PACKAGECONFIG, that was a
"silent error" since the replacement was done but the file was not really
used since the file was not installed.
(From OE-Core rev: fac654a5445da2603b3435aca8db33fc8411d51b)
Signed-off-by: Christian Bräuner Sørensen <yocto@bsorensen.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Single executable ttyrun is taken ouf of s390-tools repository
containing ton of other helper tools.
CVEs are not assigned to executables, but to whole components.
Historically there also already exists one CVE for s390-tools.
Most of the CVEs will not be for ttyrun, but this is the way
how to get notified even if most we get will have to be ignored.
(From OE-Core rev: df28547387c2c122aef3e5326b216ec3f4d3caa7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Install the manpages for shadow, and also make the conflicting manpages
alternatives in util-linux.
(From OE-Core rev: 4b5a119ab36b2339b5469e5c7d34635090cc70f0)
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This hash is ahead of the tag, so adapt PV accordingly.
(From OE-Core rev: c94e46019a7d443ccc4763ba16d87e7e97abe977)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-urandom-xauth-changes-to-options.h.patch
dropbear-disable-weak-ciphers.patch
0005-dropbear-enable-pam.patch
0006-dropbear-configuration-file.patch
refreshed for 2024.84
CVE-2023-36328.patch
removed since it's included in 2024.84
(From OE-Core rev: c50a0d013137338ac1dec60f6aed32ff3a185839)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch [1] to fix CVE-2023-50495.
[1] http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=7723dd6799ab10b32047ec73b14df9f107bafe99
(From OE-Core rev: bdf7b7460a4816e3d447264730a2814209667fb0)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Many of the common use cases for buildtools need pip to allow python to be
extended. Add it.
(From OE-Core rev: 946086abf5ac5172258ddb27af9c1c615258f62f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- dbginfo.sh: dash compatible copy sequence
- rust/pv_core: Fix UvDeviceInfo::get() method
- zipl/src: Fix leak of files if run with a broken configuration
- zkey: Fix convert command to accept only keys of type CCA-AESDATA
(From OE-Core rev: 5890c1b9f6892a19ac4fb145ddad683dd16ca7f7)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
-Fix issue with casting in C++ environment.
-Fix issue with ASCII string upper and lower helpers.
(From OE-Core rev: a28405da8dad7e6222d7badaa3eda175e3df32c9)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-posixtm-pacify-clang-18.patch
CVE-2024-0684.patch
removed since they're included in 9.5
0001-local.mk-fix-cross-compiling-problem.patch
remove-usr-local-lib-from-m4.patch
refreshed for 9.5
License-Update: Copyright updatedto 2024.
(From OE-Core rev: ac2b8134bed1abdb485aa2826d07b430dc6b5f00)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- parser: Fix detection of duplicate attributes in XML namespace
- xmlreader: Fix xmlTextReaderConstEncoding
- html: Fix htmlCreatePushParserCtxt with encoding
- xmllint: Return error code if XPath returns empty nodeset
(From OE-Core rev: 0bc673b0de08e02ff01ec9ad3daf0bb41662da40)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: eb3adf58d5111a0d894b581d935528b14f40b146)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
After the dependency on setuptools was dropped from python3-testtools, this
exposed eSDK dependencies in devtool and recipetool on python3-setuptools. Add
this to buildtools to fix build failures after the testtools fixes.
(From OE-Core rev: c4431b4dd27d290024472f315858a63aea2a733c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
GPL-3 is used for keymaps-pine
LGPL2 is used in all C source files under src/libkfont/
which generate binaries included in main kbd package.
This is seen in their SPDX headers.
(From OE-Core rev: 29f6d4be31164bf5cba9ff4706f219b3d91a8f1f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Its license makes it impossible to distribute kbd in any commercial products.
Backport commit which removes it.
[RP/Khem Raj: Switched binary diff to just delete the files in do_configure]
(From OE-Core rev: 457fc8247f083d89432543337207de0b8c44bf6d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Pine keymap was added with GPL-3 license.
https://github.com/legionus/kbd/commit/1589e9e1019756b5287b41dddcd7285271c5990e
Split this GPL-3 keymap and install it via recommendation
so it is easy to remove it by excluding recommendations.
(From OE-Core rev: b81145b61cfc21940fe7204fcaf8b5e84a5a938a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Even the patch says it's inappropriate for upstream,
and it's also inappropriate for some downstream projects, too.
So make it possible to opt-out on it by replacing
the patch by sed and depend on distro feature pni-names.
(From OE-Core rev: 858eb2bac132adbde851f6594eac4f2efc9c2f35)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
For the newer hash equivlance servers we need websockets. Add it
to buildtools tarball.
(From OE-Core rev: 3f2b5f6c3af04c8ec245aca35224c52230645bf0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
If the distro features sysvinit and pni-names are
enabled, RRECOMMENDS ifupdown because busybox ifupdown
will not initialize the renamed interfaces.
(From OE-Core rev: ad739fb930814bced49aafe778dac1da4bfa4b0e)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Busybox ifupdown does not recognize /xxx names, so we
use eth0 instead of /eth0. If we want to find "predictable name"
interfaces starting with en..., we will have to use the
real ifupdown.
(From OE-Core rev: 091b4410c88b0fdefee3490bca6479881c0da293)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: ddd947e4edc133b61f8dcb636068fb7867f49b22)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For all those CVE-2019-xxxxx CVEs, following the links in NVD, we
can see they have all been fixed.
For CVE-2014-4859 and CVE-2014-4860, there's no useful links in NVD,
but according to the following two links, they have also been fixed.
https://security-tracker.debian.org/tracker/CVE-2014-4859
https://security-tracker.debian.org/tracker/CVE-2014-4860
(From OE-Core rev: 62f1e5d1bb8df17aaa14265a7acf60e5b44b53b5)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RP: The upgrade covers these security issues:
CVE-2022-36763
CVE-2022-36764
CVE-2022-36765
CVE-2023-45229
CVE-2023-45230
CVE-2023-45231
CVE-2023-45232
CVE-2023-45233
CVE-2023-45234
CVE-2023-45235
CVE-2023-45236
CVE-2023-45237
(From OE-Core rev: 46763f78344547a3126b536695077c9e7e60c9d6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-8271 has an unusual versioning, svn_16280, which breaks
the version comparison and gives us warning like below:
Failed to compare 202308 < svn_16280 for CVE-2014-8271
The fix has been there since 2014, our current version has included
the fix.
(From OE-Core rev: fdd74b3f3e3a8a07a6107e6ef07198ebe63d2bc8)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qemumips and qemuppc were leaving stale processes behind after
running glibc oe-selftest. During analysis, it was found that
it was due to "tst-scm_rights" and "tst-scm_rights-time64" tests.
Disable them so that there are no stale processes left behind.
[YOCTO #15423]
https://bugzilla.yoctoproject.org/show_bug.cgi?id=15423
(From OE-Core rev: b3f7b19b6d21368bac00a33ea208cc0379ce4543)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This avoids problems if BSD-4-Clause is in INCOMPATIBLE_LICENSE since
util-linux-fcntl-lock is now a dependency of run-postinsts.
(From OE-Core rev: c2c7e1624e8080fb8fa1f14d252f20e85b232eb7)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Set CVE_PRODUCT and CVE_VERSION for ovmf. NVD uses 'edk2' and the
version should be the date only. Here's an example:
https://nvd.nist.gov/vuln/detail/CVE-2023-45232
(From OE-Core rev: 7d11e4d55c9de23edbf5ba21d7ee007bab20c38a)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
DISTRO_FEATURE zeroconf installs avahi. If additionally resolved mdns
implementation is running they will fight each other:
Mar 29 13:31:51 intel-corei7-64 avahi-daemon[752]: *** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
Mar 29 13:31:51 intel-corei7-64 avahi-daemon[752]: *** WARNING: Detected another IPv6 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
(From OE-Core rev: 8509edeafea8e62e1b9ffe76b33999447f739b20)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
These patches are submitted/backported to 8.2 release
and address issues reported by different distros.
(From OE-Core rev: c74048f5ff2e90b06c7a6d5866db4b94a6f1539d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a version of flock that uses the fnctl based lockf locking instead of
flock based locks. This allows us to take the same lock that opkg would
use from a shell script. The two different locking mechanisms operate
independently of each other.
Inserting this C file into the util-linux build seems like the easiest/best
place to insert the code. At this point it hasn't been discussed with upstream.
(From OE-Core rev: d2b784110e2c3df8a0a41e4819cf2de9003f9fa3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
The MIT license was missing from the license list for util-linux. Add
a patch, submitted to upstream which adds the missing license mentions.
(From OE-Core rev: 24078c0542626f74c93203d17ab4b2bb2f9b5630)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The /timeout/rounding test is sensitive to system load, as it expects
timeouts to trigger in windows that on an idle system are realistic but
not when running inside a qemu-system on a loaded system.
[ YOCTO #14464 ]
(From OE-Core rev: 684ac8005aef8ab26e61e6e7535e19c9974972d3)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream maintainer for Error has deprecated it for quite some time [1].
There is no dependency in current coreutils tests for it.
[YOCTO #15461]
[1] https://metacpan.org/pod/Error#WARNING
Using the "Error" module is no longer recommended due to the black-magical
nature of its syntactic sugar, which often tends to break. Its maintainers
have stopped actively writing code that uses it, and discourage people from
doing so.
(From OE-Core rev: 16c8c8de3303805695f58e241245aafa61b3c772)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
despite it being an issue in gcc and still being open
glibc has fixed this problem upstream regardless, therefore
apply the backport instead.
(From OE-Core rev: a6200d18c6a1438e39d44b391f8d0e343f8fdc1a)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some BSPs only provide information to construct a
predictable network interface named based on a mac
address, so we enable that NamePolicy option.
This policy has been adopted for sysvinit as of
commit 4a7b42fcf6981d3120c08091a7ed3d4d7bcd41f0.
(From OE-Core rev: 37bd8e8dddce9d0b5bfbcf9244225c3b853d7077)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Brings
* 1b9c1a0047 Use gcc __builtin_stdc_* builtins in stdbit.h if possible
* e0910f1d32 S390: Do not clobber r7 in clone [BZ #31402]
* d0724994de math: Update mips64 ulps
(From OE-Core rev: b2274aa08fda1734af840aca05c7c7ce464d8775)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
Includes a fix for CVE-2024-28757.
(From OE-Core rev: e3d26fe076499c8a01e02c9951696c3a9ea05fa3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When a CVE is updated to be rejected, matching database entries must be
removed. Otherwise:
* an incremental update is not equivalent the to an initial download.
* rejected CVEs might still appear as Unpatched in cve-check.
(From OE-Core rev: f276a980b8930b98e6c8f0e1a865d77dfcfe5085)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When a CVE is created, it often has no precise version information and
this is stored as "-" (matching any version). After an update, version
information is added. The previous "-" must be removed, otherwise, the
CVE is still "Unpatched" for cve-check.
(From OE-Core rev: 641ae3f36e09af9932dc33043a0a5fbfce62122e)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Add a URL to the doc of the API used in the function.
... and fix a small typo dabase -> database
(From OE-Core rev: e0157b3b81333a24abd31dbb23a6abebca3e7ba7)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CVE_CHECK_DB_FILE is already defined in cve-check.bbclass which is
always inherited in cve-update-nvd2-native (There is a check line 40).
Remove it to avoid confusion. Otherwise, this should not change
anything.
(From OE-Core rev: e5f3f223885c17b7007c310273fc7c80b90a4105)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new variable "CVE_DB_INCR_UPDATE_AGE_THRES", which can be used to
specify the maximum age of the database for doing an incremental update
For older databases, a full re-download is done.
With a value of "0", this forces a full-redownload.
(From OE-Core rev: 74c1765111b6610348eae4b7e41d7045ce58ef86)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
attmepts -> attempts
(From OE-Core rev: dc18aaeda8e810f9082a0ceac08e5e4275bbd0f7)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
da9db878a15 systemd: fix dead link /var/log/README
add -Dcreate-log-dirs=false which means journal dir
will not be generated regardless of VOLATILE_LOG_DIR value
if a distro decided to set VOLATILE_LOG_DIR=no this
code path will be executes and the directory being operated
upon wont exist ending in do_install errors
chown: cannot access '/mnt/b/yoe/master/build/tmp/work/riscv64-yoe-linux/systemd/255.4/image/var/log/journal': No such file or directory
(From OE-Core rev: e017f405bf6ae6c269a8c9c981878fd1ad8666b6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-bus-proxy was removed since v230.
>From the NEWS file:
"""
* systemd-bus-proxyd has been removed, as kdbus is unlikely to still be
merged into the kernel in its current form.
"""
(From OE-Core rev: e99003b244507d8586b1f878765aa4a546a767ef)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
