summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
...
* ruby: fix reproducibilityAlexander Kanavin2020-12-182-0/+33
| | | | | | | | | | (From OE-Core rev: d2619ca71a777ae4fd0ecb4340848ef98282a9ad) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 07c26e3292dbaf71873f71bec2a631f880b2e76d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* llvm: fix reproducibilityAlexander Kanavin2020-12-181-0/+5
| | | | | | | | | | (From OE-Core rev: 18004b4c1b2d595d081888437f6f9cbcb02bf746) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a467c0a03d077861c37e317dcb2905b6388cb64c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: update to 1.14.12Lee Chee Yang2020-12-092-2/+101
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update minor version to 1.14.12 go1.14.8 includes security fixes to the net/http/cgi and net/http/fcgi packages. go1.14.9 includes fixes to the compiler, linker, runtime, documentation, and the net/http and testing packages. go1.14.10 includes fixes to the compiler, runtime, and the plugin and testing packages. go1.14.11 includes fixes to the runtime, and the net/http and time packages. go1.14.12 includes security fixes to the cmd/go and math/big packages. Release notes: https://golang.org/doc/devel/release.html#go1.14.minor updates include fix for CVE-2020-24553 CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Also backport patch to fix below CGO_LDFLAGS error | Building std for target, linux/amd64. | go build runtime/cgo: invalid flag in go:cgo_ldflag: -Wl,-O1 (From OE-Core rev: e216b2223cbe8c459348262f98b3cfbe79d12023) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: Fix a ptest permissions determinism issueRichard Purdie2020-12-091-0/+2
| | | | | | | | | | | | | When comparing builds built with different host umasks, this file jumped out. The umask from do_compile was influencing ${D} and as cp was used to add the file it wasn't deterministic. Fix the file mode to ensure determinism. (From OE-Core rev: 071806feb195961e59069f778c9ae8f27a739d9a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 37f37f4a52de3711973b372160f23672b61ff6ad) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: add CVE-2007-4559 to whitelistRoss Burton2020-12-091-0/+2
| | | | | | | | | | | | | This issue describes expected behaviour, do not use tarfile with untrusted data. (From OE-Core rev: 267130c66dde462a0a1043ab5dffdb86781389a0) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f4c22e83f2e68ff157da5ea1303acc2931d63f5f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-24352Lee Chee Yang2020-11-242-0/+53
| | | | | | | | (From OE-Core rev: 7610ffec71e20556bde32f00a08c4c5a40cd31ce) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2020-27619Lee Chee Yang2020-11-242-0/+71
| | | | | | | | (From OE-Core rev: 001ee91818642ddac7c1b8e5236baa5c4c542b72) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: whitelist CVE-2020-15523Lee Chee Yang2020-11-241-0/+3
| | | | | | | | | | | | | This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath. Since it is .dll issue (on windows only), hence whitelist it. https://bugs.python.org/issue29778 (From OE-Core rev: c216431d0704bd8be237e860bbdc32be34a82aee) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bison: update to 3.5.4 for CVE-2020-14150Lee Chee Yang2020-11-241-1/+1
| | | | | | | | | | | Release notes: https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html (From OE-Core rev: 6e1647fe60004bd4989a65824f0bf02d37f5aeba) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: add ldconfig rdepends for python3-ctypesMingli Yu2020-11-221-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The ctypes module needs to use "ldconfig -p" to find the library path and it simply has below logic if no ldconfig installed. except OSError: pass Before the patch: >>> from ctypes.util import find_library >>> lib_path = find_library('archive') >>> print(lib_path) None After the patch: >>> from ctypes.util import find_library >>> lib_path = find_library('archive') >>> print(lib_path) libarchive.so.13 (From OE-Core rev: 84e1a32096db9deb98d282a652beec95dbfe80f1) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ddb96902a124a6e1f035f0fd868b0139989bc1bc) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: reproducibility: reuse debug-prefix-map for stabsDenys Zagorui2020-11-202-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | powerpc 32bit Linux Kernel widely uses .stabs pseudo-op to produce debugging information in stabs format. Faced an issue that during Linux Kernel build with Yocto build system for 32bit powerpc platform resulting vmlinux contains absolute path in .stabstr section that cannot be remapped with -fdebug-prefix-map option. Yocto uses scripts/mkmakefile Linux Kernel build approach that allows to store all generated files outside of kernel source tree. With this approach each compilier invocation is performed with an absolute path to a file that will be compiled and this absolute path is recorded in init stab. There is no way to remap this path. Reuse remap_debug_filename api to make -fdebug-prefix-map flag aplicable for init stab. (From OE-Core rev: b90799fd0f38cd013bebadbe5b9c50b4f93e84af) Signed-off-by: Denys Zagorui <dzagorui@cisco.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffstat: add nativesdk to BBCLASSEXTENDNathan Rossi2020-11-201-0/+2
| | | | | | | | | | | | | | The diffstat tool is part of HOSTTOOLS. To support hosts that do not have it installed with buildtools-tarball it must be enabled for nativesdk. (From OE-Core rev: 537847e60b2d0a04a1a15a857201be9f8c2aa9b4) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0ed002422bc46539f1d71ed19ee17358b6691bf0) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* syslinux: add link to upstream discussion in patchRoss Burton2020-11-201-1/+1
| | | | | | | | | | (From OE-Core rev: d3fa8eb74252c1ccaeac761b5ff3d0e9255c5070) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dfc2b114e9d62f0eee04129009a24a8edb2a8dd1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libdnf: Fix license as it contains 'or later' clauseRichard Purdie2020-11-201-1/+1
| | | | | | | | | | | | The license headers are clear that the code is "or later", fix LICENSE to match. (From OE-Core rev: f46aac0fb7c4f1777a19720b05cf0eb83f4dd988) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e565e0b908c71ad5106d1c6c73d269b819787e55) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dosfstools: add mkfs.vfat to ALTERNATIVERicardo Salveti2020-11-201-1/+5
| | | | | | | | | | | | | | The mkfs.vfat tool can also be provided by busybox via the CONFIG_MKFS_VFAT configuration (not enabled by default in OE but can be enabled on systems avoiding components based on GPLv3). (From OE-Core rev: 4afa9f08123df819e53b5d9d586f7a34dcde1ef1) Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1227a29974671fd52014deaca7ac859a037cdeb5) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix CVE-2020-25613Chee Yang Lee2020-11-122-0/+41
| | | | | | | | (From OE-Core rev: 80077479fd687a887cd321fe2e65dfd58edb5832) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: fix some unresponsive homepages and bugtracker linksMaxime Roussin-Bélanger2020-11-122-3/+2
| | | | | | | | | | | | remove some extra whitespaces (From OE-Core rev: 3ac10faff7ef00f68031400e86a6882ce0d5090a) Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 32ce3716761165b9df12306249418645724122cc) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* jquery: Upgrade 3.4.1 -> 3.5.0 to fix CVE-2020-11022 and CVE-2020-11023Joshua Watt2020-11-121-4/+4
| | | | | | | | | | | | | | | | | | | | | Version 3.5.0 is a security release Reference: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ The primary purpose of the jquery recipe is to make the diffoscope output from the autobuilder easier to navigate. Master branch has been using 3.5.X for some time now so this should be a safe upgrade. (From OE-Core rev: 555cfcf53acf5e7ebe64874de33fa696670ce18c) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d0f883c4cbdcf722767b437a69002244be4cf8d9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nasm: update 2.14.02 -> 2.15.03 for CVE fixesAlexander Kanavin2020-11-035-260/+66
| | | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2018-16517: nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16517 CVE-2019-20334: nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20334 CVE-2019-6290: nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6290 CVE-2019-6291: nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6291 CVE-2019-8343: nasm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8343 Remove backported patches, rebase the rest. Switch to using (mostly) standard autotools build. (From OE-Core rev: 5f644082fc3c2bbd89b898d5ca7cd4414cda4a64) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4d13e2713efd5f6cbdc6cf1f86edd0b336ba3ba2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2019-20175Steve Sakoman2020-11-032-0/+95
| | | | | | | | | CVE: CVE-2019-20175 (From OE-Core rev: dc91e39e6a5c117a2fec7afc2bab683ff0ab096a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: mitigate the Straight-line Speculation attackRoss Burton2020-10-304-0/+1466
| | | | | | | | | | | | | | | | | Straight-line Speculation is a SPECTRE-like attack on Armv8-A, further details can be found in the white paper here: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation Backport the GCC patches to mitigate the attack. CVE: CVE-2020-13844 (From OE-Core rev: 406a1636e1111729e3bb0fe804ef28c8a51c22e3) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: change TLBs number to 64 in 34Kf mips cpu modelVictor Kamensky2020-10-272-0/+60
| | | | | | | | | | | | | | | Replace OE private qemu patch with one that got upstreamed and solves the same problem: increase qemumips CI performance by increasing number of TLBs in CPU model and reduce need to run software TLB refill code. (From OE-Core rev: 89e6fc44a378cb3489376d7193672cdf94c504b6) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a99dace7463d310688f4098a51316dc0743651e2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2020-26116Lee Chee Yang2020-10-272-0/+105
| | | | | | | | (From OE-Core rev: 2f607a61a820bfbc369f779c3161a339f088d04f) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtools-cross/shadow-sysroot: Use nopackages inheritRichard Purdie2020-10-151-0/+2
| | | | | | | | | | | | When testing pseudo changes I realised these recipes have packaging tasks but don't generate packages. Drop the packages tasks for cleanliness. (From OE-Core rev: 275d504b2f979901278141a4ba217d02a099f980) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ef9c11797b5d626bdb40b4509d8b2b0d461ff9ea) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: fix ptest test countChee Yang Lee2020-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | patche added in commit c2710903859a5545aa9dd56251f61667ee8d80bd failed ptest perl.t/re/pat. The patch updates incorrect test cases count causes the ptest to fail. 864 test cases before apply the patch while the patch added only 4 test cases so it should be 868 instead of 873. ptest-runner log :- PASS: t/re/overload # Looks like you planned 873 tests but ran 868. FAIL: t/re/pat PASS: t/re/pat_advanced [YOCTO #14071] (From OE-Core rev: 552739383321bd9b4780bd0026d6107ece530522) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com<mailto:chee.yang.lee@intel.com>> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: add/fix invalid Upstream-Status tagsRoss Burton2020-10-062-2/+2
| | | | | | | | | | (From OE-Core rev: 4dbae5c7c28a2cd6ebb601f984a54ca33d19afaf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 630ce8130598e2bca7231ac28a7cc18b5b942544) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu : fix CVE-2020-16092Chee Yang Lee2020-10-062-0/+46
| | | | | | | | (From OE-Core rev: 6007398a0ff468c0b15c4982d7f04e6186d6d700) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jinja2: Import from meta-oe/meta-pythonRichard Purdie2020-10-062-0/+48
| | | | | | | | | | | | | | | | | This is used by some of the results handling code and needed as part of buildtools tarball on various autobuilder worker for testing. ptest is disabled for OE-Core, at least for now since it depends on python3-pytest which in turn has may other dependencies. Acked-by: Tim Orling <ticotimo@gmail.com> (From OE-Core rev: cc0f56a788c33ad3fd2bb5402dee497234fb06bb) Signed-off-by: Tim Orling <ticotimo@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b5156e95e9e80e3e0f7eea181cd12f85e03a111d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-markupsafe: Import from meta-oe/meta-pythonRichard Purdie2020-10-062-0/+31
| | | | | | | | | | | | | | | Needed as a dependency of python3-jinja2. ptest is disabled for OE-Core, at least for now since it depends on python3-pytest which in turn has may other dependencies. Acked-by: Tim Orling <ticotimo@gmail.com> (From OE-Core rev: ec222f6af5f8629453ac8e71a1dd6c44ec9a88c8) Signed-off-by: Tim Orling <ticotimo@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a6f2727fd309b8b46a7ac1b8d99ae1d77a6ee74c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: whitelist CVE-2016-10642Ross Burton2020-09-171-0/+4
| | | | | | | | | | | | | This CVE is specific to the npm package that can install cmake, so isn't relevant to our cmake recipe. (From OE-Core rev: ad11e4a9afea5a4c9dd34a7fa37b82efd61952a4) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8e74ed809ec4c1f61264ecf5be4bc319e5e07766) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autoconf: consolidate DEPENDSRoss Burton2020-09-171-3/+2
| | | | | | | | | | | | | | Depending on nativesdk- varients in a nativesdk build isn't correct, so just collapse the DEPENDS down and let bitbake do the right thing (which is leaving them as -native). (From OE-Core rev: 32902a2763a7557d52bf27f3717b8f9b27275284) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4864167ad4ed4c57e49f2aa5e7c58383bddb052b) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-14364 CVE-2020-14415Lee Chee Yang2020-09-173-0/+132
| | | | | | | | (From OE-Core rev: 1a150f0df36892283686e3e1afb30a7742c8e252) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* json-c: Fix CVE-2020-12762Khem Raj2020-09-102-0/+232
| | | | | | | | (From OE-Core rev: d26c5882ee5dbdb41d5c8903b0e470f2291512a5) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: fix CVE-2020-12723Lee Chee Yang2020-08-272-0/+303
| | | | | | | | | | | | | Minor changes to the test cases count in the .patch file to make it align with current version, so the fixes can be apply. Changes apply to line: https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a#diff-e31ddd69cf47acf02911647c691a0283L28 (From OE-Core rev: 43f1aa650c45a0976230c7c2f79d8efe0e6e159a) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Upgrade to 1.14.7Khem Raj2020-08-211-2/+2
| | | | | | | | | | | | | CVE_CHECK_WHITELIST += "CVE-2020-16845" (From OE-Core rev: 787c7a2b355a06bc5d6d6fa30ccc37111c78ee00) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Li Zhou <li.zhou@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 91580c9d335e0fbee95f94be6f9b34298d3e9a48) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: update 1.14.4 -> 1.14.6Khem Raj2020-08-211-3/+2
| | | | | | | | | | | | | | Includes security Fixes for CVE-2020-14039 and CVE-2020-15586 (cherry picked from commit 97d5c2d1f2dffe2518f46bbe57cb9348eb59c633) (cherry picked from commit 6591d269792fe864d7af4e379035f1cebc4510f5) (cherry picked from commit c9011d04eb624aeabf5d707e88de80137bcc2eb1) (From OE-Core rev: e33d2ddaa6c8945227a5bbf4e96d63606d0fab38) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-9.3.inc: Mark CVE-2019-15847 as fixedKhem Raj2020-08-211-0/+2
| | | | | | | | | | | We do not have explicit patch to mark it and cve checker gets confused, so help it out (From OE-Core rev: 17c654c34d59b1491f41fc328222697f407c23b1) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-15863Lee Chee Yang2020-08-122-0/+64
| | | | | | | | (From OE-Core rev: d6eb50dfe66838e6bea061cbd1a120981777b700) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade 2.7.0 -> 2.7.1zhengruoqin2020-08-121-2/+2
| | | | | | | | | | | | | | | This release includes security fixes: CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix) CVE-2020-10933: Heap exposure vulnerability in the socket library (From OE-Core rev: 51b45ec3fcdc3c338f8a141110abf8aa5d374e5e) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8d9b48bdf25363fb115a6311b031a7e5da8e0d4d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: fix nativesdk's default var locationChen Qi2020-07-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | For now, the nativesdk-rpm's %_var in /usr/lib/rpm/macros is '/var'. This is causing error when running `rpm -qplv A.rpm'. error: cannot open Packages index using db5 - Permission denied (13) error: cannot open Packages database in /var/lib/rpm The rpm in SDK should be using its own database. So we should remove this configure option, letting the SDK's native sysroot prefix to be there in %_var. In fact, '%_usr' in macros has already got the prefix. After this change, we have in the macros file lines like below. """ %_usr /opt/windriver/wrlinux/20.29/sysroots/x86_64-wrlinuxsdk-linux/usr %_usrsrc %{_usr}/src %_var /opt/windriver/wrlinux/20.29/sysroots/x86_64-wrlinuxsdk-linux/var """ (From OE-Core rev: 4e0d1bdc6e896c7dedccf615d6d0da9eb91d9b1d) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 13e17930062cb3f816516ba7dbeb70d6da7174dd) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go-dep: Fix build on riscv64Khem Raj2020-07-222-0/+145575
| | | | | | | | | | | | Bring in only patch from meta-riscv here (From OE-Core rev: ecd7563cc29d5b473a3c71f35c4d9c98ff4d2349) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2e6e7b0be6e5ba5ab8fe9478c1dfdd530d22123f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Disbale CGO for riscv64Khem Raj2020-07-222-1/+2
| | | | | | | | | | | | | | | | | | cgo is still not available in go for riscv64, we will re-evaluate it once we upgrade to 1.15 Fixes | /usr/src/debug/go-runtime/1.14.4-r0/go/src/runtime/cgo/gcc_util.c:23: undefined reference to `_cgo_sys_thread_start' [YOCTO #13966] (From OE-Core rev: 987d29d0b0dfa19ef6564996198f22c2b08f6ff9) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f512b3308ed6ee878c77f72b9235ada83d107dba) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: extend for nativesdkJens Rehsack2020-07-221-1/+1
| | | | | | | | | | | | | | | For SDK environments where people still use subversion, let it easily being added to buildtools-tarball to invite more developers relying on Yocto based SDKs without much requirement to setup anything on the development workplace. (From OE-Core rev: 795781db8a82c9268fcabc93dd54cb6b07cbe9c8) Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 586a15b76f879f49c5224116cbf506b7ccf96cd2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bison: fix Argument list too long errorLee Chee Yang2020-07-221-1/+1
| | | | | | | | | | | | fix Argument list too long error when len(TMPDIR) = 410 (From OE-Core rev: 90c75ff2e696e984d18e33726d1d07647b140ee6) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 73f05ba58dcee57e25712f9aee97535d9a32c982) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2020-14422Lee Chee Yang2020-07-072-0/+78
| | | | | | | | (From OE-Core rev: 0400d217d0891ee553926c10d7caaabc8bebc22e) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-10702/10761/13362/13659/13800Lee Chee Yang2020-07-076-0/+374
| | | | | | | | | | | | | | | fix these CVE: CVE-2020-10702 CVE-2020-10761 CVE-2020-13362 CVE-2020-13659 CVE-2020-13800 (From OE-Core rev: 98c4642c526259fc664723145a1d6026b491032d) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-libarchive-c: add the missing rdependsMingli Yu2020-07-071-1/+5
| | | | | | | | | | | | | | | | | | Add the missing rdepends to fix below error: # python3 [snip] >>> import libarchive [snip] ModuleNotFoundError: No module named 'ctypes' ModuleNotFoundError: No module named 'mmap' (From OE-Core rev: 347e6fafea8bd9c715d87882159fc2d4bbde0cc7) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b3a2615878bc7515a7bdace525dc27be45f158e2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Fix attr errors due to incorrect library resolution issuesRichard Purdie2020-07-022-0/+55
| | | | | | | | | | | | | | | | | | | | | | | | | On a tumbleweed system, "install X Y" was showing the error: pseudo: ENOSYS for 'fsetxattr'. which was being caused by dlsym() for that function returning NULL. This appears to be due to it finding an unresolved symbol in libacl for this symbol in libattr. It hasn't been resolved so its NULL. dlerror() returns nothing since this is a valid symbol entry, its just not the one we want. We can add the glibc version string for the symbol we actually want so we get that version rather than the libattr/libacl one. The calls in libattr are just wrappers around the libc version so our attaching to the libc versions should intercept any accesses via these too. [YOCTO #13952] (From OE-Core rev: 60ae9e6d31dcfc06961fedf7622a204162d3f464) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 82655cb26ad01de9587ef41eaef155c61c361f67) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: fix CVE-2020-10543 & CVE-2020-10878Lee Chee Yang2020-07-024-0/+227
| | | | | | | | (From OE-Core rev: d9c5d9c52eb1f03ff9c907a76dda31042fb26edb) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go-dep: Avoid use of 'go mod' supportOtavio Salvador2020-06-261-0/+4
| | | | | | | | | | | | dep utility must not use 'go mod' support, so we explicitly disable it. (From OE-Core rev: e953be6c159bfed4ac69f30fa2562d217d25c254) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b34000ae3dd6e0a1d7fc332efb35c5da84cf2275) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-12 02:29:28 +0000