| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0,
5.14.0, and other versions, when running with debugging enabled,
allows context-dependent attackers to cause a denial of service
(assertion failure and application exit) via crafted input that
is not properly handled when using certain regular expressions,
as demonstrated by causing SpamAssassin and OCSInventory to
crash.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777
(From OE-Core rev: 368df9f13ddf124e6aaaec06c02ab698c9e0b6c3)
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Module::Build depends on Module::Metadata (since perl 5.13.9).
Module::Metainfo is only a wrapper for Module::Metadata.
See discussion in http://patches.openembedded.org/patch/66233/
(From OE-Core rev: 3babe5704fbda62920ec17a910d0f3fe9f468229)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches are found, but not used by any recipe, so we should
remove them.
meta/recipes-connectivity/avahi/files/fix_for_automake_1.11.2.patch
meta/recipes-connectivity/dhcp/dhcp/fix-client-path.patch
meta/recipes-connectivity/libnss-mdns/files/alignment-fix.patch
meta/recipes-core/dbus/dbus-1.6.10/test-run-path.patch
meta/recipes-core/gettext/gettext-0.16.1/fixchicken.patch
meta/recipes-core/gettext/gettext-0.16.1/getline.m4.patch
meta/recipes-core/systemd/systemd/use-rootlibdir.patch
meta/recipes-core/util-linux/util-linux/remove-lscpu.patch
meta/recipes-core/util-linux/util-linux/remove_sigsetmark.patch
meta/recipes-core/util-linux/util-linux/uclibc-compile.patch
meta/recipes-devtools/autoconf/autoconf/autoconf-x.patch
meta/recipes-devtools/btrfs-tools/btrfs-tools/btrfs-progs-fix-parallel-build.patch
meta/recipes-devtools/btrfs-tools/btrfs-tools/btrfs-progs-fix-parallel-build2.patch
meta/recipes-devtools/cdrtools/cdrtools-native/no_usr_src.patch
meta/recipes-devtools/elfutils/elfutils-0.155/elfutils-robustify.patch
meta/recipes-devtools/gdb/gdb/libiberty-cross.patch
meta/recipes-devtools/perl/perl-5.14.3/asm-pageh-fix.patch
meta/recipes-devtools/python/python-native/sys_platform_is_now_always_linux2.patch
meta/recipes-devtools/python/python-pygobject/generate-constants.patch
meta/recipes-devtools/qemu/files/3f08ffb4a4741d147634761dc053ed386243a0de.patch
meta/recipes-devtools/qemu/files/enable-i386-linux-user.patch
meta/recipes-devtools/qemu/files/init-info.patch
meta/recipes-devtools/rpm/rpm/rpm_fix_for_automake-1.12.patch
meta/recipes-devtools/tcf-agent/tcf-agent/fix_tcf-agent.init.patch
meta/recipes-extended/iputils/files/arping-break-libsysfs-dependency.patch
meta/recipes-extended/libarchive/libarchive/0003-Patch-from-upstream-rev-2516.patch
meta/recipes-extended/procps/procps-3.2.8/pagesz-not-constant.patch
meta/recipes-gnome/gtk+/gtk+-2.24.22/no-demos.patch
meta/recipes-gnome/libglade/libglade-2.6.4/no-deprecation.patch
meta/recipes-graphics/mesa/mesa/0005-llvmpipe-remove-the-power-of-two-sizeof-struct-cmd_b.patch
meta/recipes-graphics/xorg-lib/libxxf86dga/libxxf86dga-1.1.3_fix_for_x32.patch
meta/recipes-kernel/kmod/kmod/fix-undefined-O_CLOEXEC.patch
meta/recipes-kernel/linux-libc-headers/linux-libc-headers/connector-msg-size-fix.patch
meta/recipes-kernel/linux/linux-yocto/tools-perf-no-scripting.patch
meta/recipes-support/gnutls/gnutls/gnutls-texinfo-euro.patch
meta/recipes-support/nspr/nspr/fix-build-on-aarch64.patch
[YOCTO #5180]
(From OE-Core rev: e5d81f757de4bd1bfd37a96300edd50b77b0d21c)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These patches are backported from upstream since it might be risky to update right now
They address the following CVEs
CVE-2012-6329
CVE-2013-1667
(From OE-Core rev: b6c286c447e50fe499f03b64c6be80ac18504265)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On 05/17/2013 05:31 PM, Björn Stenberg wrote:
> Unless there are clear advantages with patching t/TEST that I have overlooked, I suggest using sed in run-ptest instead.
Ok.. Here is the new commit.
Removed the patch and added a call to sed in run-ptest. See attachment
for the test log.
From: Jesse Zhang <sen.zhang@windriver.com>
Date: Tue, 14 May 2013 02:53:30 -0400
Subject: [PATCH 1/1] perl-tests: convert to ptest
Replace PERL_TEST_DIR with PTEST_PATH, and rename "tests" with "ptest"
in various places. Also add a run-ptest script.
[YOCTO #4292]
(From OE-Core rev: 364cad5d8eecfec74a7be8cf93e75cd63031101f)
Signed-off-by: Jesse Zhang <sen.zhang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a securty issue:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5195
Update perl to 5.14.3 to resolve this problem.
Patches hurd-ccflags.diff, h2ph-multiarch.diff, index-tainting.diff and
hurd-hints.diff have been merged, so remove them from SRC_URI.
Update patches config.sh and Makefile.SH.patch with new PV.
[Yocto 3701]
(From OE-Core rev: b1fd25e05308cabb56afe1d4276470bf7380ea59)
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is a securty issue:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5195
Update perl to 5.14.3 could resolve this problem. And update perl-native
first.
(From OE-Core rev: 360401af6e7729a373d0a6d13995714aff121064)
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|