summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* python3-numpy: fix CVE-2021-41496Mingli Yu2022-04-032-0/+65
| | | | | | | | | | | | Backport patch [1] to fix CVE-2021-41496. [1] https://github.com/numpy/numpy/commit/271010f1037150e95017f803f4214b8861e528f2 (From OE-Core rev: 9a69897f464432e0b6ef9b8ad5d8110d78a1162a) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: update to 1.16.15Chee Yang Lee2022-04-038-4/+4
| | | | | | | | | | | go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. See the Go 1.16.15 milestone on our issue tracker for detai ls. (From OE-Core rev: 3462c7680137a9ef5f683161d39caf19f87a932a) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnu-config: update SRC_URIMinjae Kim2022-04-031-1/+1
| | | | | | | | | | | The git repo for gnu-config was changed, so update the SRC_URI accordingly with the new link. (From OE-Core rev: ad18c905273fee91b9b41bbdf32b9e6dbc9cdfd8) Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unfs3: correct configure optionChangqing Li2022-03-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | On some new distro like ubuntu21.04, unfs3-native compile failed with error: undefined reference to `xdr_uint32', since new distro has new glibc. >From glibc 2.27 rpc support is dropped, so unfs3 need to link to libtirpc. Here is defination of ac_link: ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' Depended library should be added into LIBS, not LDFLAGS, otherwise, gcc may not load the lib since it is before conftest.$ac_ext during configure. Finally, it results in compile failed. (From OE-Core rev: d0b1807edc10835beff9a55a105ac191b6ac2fe7) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 27867862c1fee6c0e649286500fa1ab015d57faf) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby : update to 3.0.3Lee Chee Yang2022-03-104-423/+1
| | | | | | | | | | | | | | | | | | | | Do not tweak a file that is no longer installed. Ruby 3.0.3 includes security fixes. CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods CVE-2021-41816: Buffer Overrun in CGI.escape_html CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse Ruby 3.0.2 release includes security fixes. CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP CVE-2021-31799: A command injection vulnerability in RDoc (From OE-Core rev: edb6df08cb47a39918d28c709675d995c9e10031) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: upgrade 1.16.13 -> 1.16.14Sakib Sajal2022-03-108-4/+4
| | | | | | | | | | go 1.16.14 release includes fix for CVE-2022-23806. (From OE-Core rev: 7b5723ae41b7fcdc73a24f04ec0cda4fba8f8622) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ccache: upgrade 4.2 -> 4.2.1wangmy2022-03-021-2/+2
| | | | | | | | | | | | License-Update: add license information of src/third_party/win32/winerror_to_errno.h (From OE-Core rev: f153f42c910c06dd8e812fa9c803964c60e6cfcc) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 12f0aa9533edc7ac5a65b1c165797b049349b19e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: backport to fix one regressionChangqing Li2022-03-022-1/+68
| | | | | | | | | | | | | | | Backport a patch in 1.46.3 which fix one regression: This is what the changelog says: Fix e2fsck so that the if the s_interval is zero, and the last mount or write time is in the future, it will fix invalid last mount/write timestamps in the superblock. (This was a regression introduced in v1.45.5.) (From OE-Core rev: 9fe70a643a2d8723001421a18b5736e70a1eaa34) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20196Sakib Sajal2022-02-103-0/+123
| | | | | | | | (From OE-Core rev: 3014cb660e7128f65ee2aec004ede39e80cd891d) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3930Sakib Sajal2022-02-102-0/+54
| | | | | | | | (From OE-Core rev: f0504578174f77ba231c72801fb5a295869a40d1) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3748Sakib Sajal2022-02-102-0/+128
| | | | | | | | (From OE-Core rev: 6fe3b1002a273808fe4caf6f2e1ecd54729b954d) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3713Sakib Sajal2022-02-102-0/+69
| | | | | | | | (From OE-Core rev: 7879ba4406eb9633079275c57abeee9e738b1c99) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: upgrade to gcc-10.3 versionPgowda2022-01-3121-1707/+19
| | | | | | | | | | | | gcc-10.2 in Hardknott branch has been upgraded to gcc-10.3 version that includes many bug fixes. Regression tested on X86-64, Arm and Aarch64 without issues. (From OE-Core rev: 87fbe11fbe04a6f2d3e798d282935b26fbc43e77) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: upgrade binutils-2.36 to latest versionPgowda2022-01-315-548/+3
| | | | | | | | | | | | binutils-2.36 in Hardknott branch has been upgraded to latest version that includes many bug fixes. Regression tested on X86-64, Arm and Aarch64 without any new issues. (From OE-Core rev: ea7fed669193a20587adfe7b0bcb5b1f7594cc0a) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: upgrade 1.16.10 -> 1.16.13Sakib Sajal2022-01-258-4/+4
| | | | | | | | | | Release 1.16.13 includes fixes for CVE-2021-44716 and CVE-2021-44717. (From OE-Core rev: c5bf7094c707f536389f9bf0f477440bd4aff12b) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pyelftools: fix the override syntaxAnuj Mittal2022-01-141-1/+1
| | | | | | | | | | An earlier patch cherry-picked from master used : for override. Change it to use _ for hardknott. (From OE-Core rev: 7e569186820163d731cbb14f8c25ce6a2cc45dc9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: add support for Neoverse N2 CPUPgowda2022-01-142-0/+89
| | | | | | | | | | | | | This patch backports the AArch32 support for Arm's Neoverse N2 CPU. Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=d7e8411f6a333d4054894ad3b23f23415a525230] (From OE-Core rev: 2f5f021dc576b2fcf38c8203992ee86d25f53f30) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Fix CVE-2021-42574pgowda2022-01-146-0/+7618
| | | | | | | | | | | | | | Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=004bb936d6d5f177af26ad4905595e843d5665a5] Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=bd5e882cf6e0def3dd1bc106075d59a303fe0d1e] Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=51c500269bf53749b107807d84271385fad35628] Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3] Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=bef32d4a28595e933f24fef378cf052a30b674a7] (From OE-Core rev: d0f4614e2c6e9090a0c45052c36d0c7f3215de10) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: add aarch64 support for Arm's Neoverse N2 CPUpgowda2022-01-142-0/+61
| | | | | | | | | | | The patch backports the AArch64 support for Arm's Neoverse N2 CPU Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=9428e9267435a62f672e2ba42df46432c021a9cf] (From OE-Core rev: ae9b3b5a57682d9de93f3171cdb448a8f5cbc536) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix CVE-2021-45078Sundeep KOKKONDA2022-01-072-0/+256
| | | | | | | | | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=161e87d12167b1e36193385485c1f6ce92f74f02] (From OE-Core rev: be665a2279795c522cb3e3e700ea747efd885f95) Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pyelftools: Depend on debugger, pprintChaitanya Vadrevu2022-01-071-0/+2
| | | | | | | | | | | | | python3-pyelftools uses python3-debugger, python3-pprint. So add dependencies on these packages. (From OE-Core rev: 66211faf4724b2c88eb4595e41fe98f5da96c3ee) Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 22e84cdd05870f1a19c6389b66c4dfd5e9b418f7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2021-42574pgowda2022-01-072-0/+2007
| | | | | | | | | | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5] (From OE-Core rev: 944a60cd74ea90dcced7684492a808fbfd6710af) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patchelf: fix PT_PHDR program header corruptionChen Qi2021-12-152-0/+48
| | | | | | | | | | Backport patch and tweak it to fix PT_PHDR program header corruption. (From OE-Core rev: a980aa5696a98c5b97f9a117df4c82ea525f6e4f) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Add CVE-2021-37322 to the list of CVEs to ignoreRichard Purdie2021-12-151-0/+3
| | | | | | | | | | | The CVE applies to binutils 2.26 and not to gcc so ignore there. (From OE-Core rev: 86e9e812f4ec61a4430658b7c06852a32ca8abb1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fea2726663a3db03170c49fceaffc632c509aeea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.9.7 -> 3.9.9Anuj Mittal2021-12-152-12/+10
| | | | | | | (From OE-Core rev: 75510b97d965c72c77f5b4b6ad9fe55bf26b4cdb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: update to 3.9.7Oleksandr Kravchuk2021-12-051-1/+1
| | | | | | | | | | (From OE-Core rev: a61a9cf73baf4020a6dce90acb0edb08364aaded) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 9612bb0639c13571e661f208aa7b28789953d9ec) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.9.5 -> 3.9.6zhengruoqin2021-12-052-36/+1
| | | | | | | | | | | | | | 0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch removed since it is included in 3.9.6 (From OE-Core rev: 3b721c28543df9e4d899ea1efdf445319c88ae92) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1a12d978f2046fc5d3abc96db3753e378f29ecae) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: upgrade 1.16.8 -> 1.16.10Pavel Zhukov2021-12-058-5/+5
| | | | | | | | | | | | | | | | | | | The release includes fixes for CVE-2021-41771 and CVE-2021-41772 (From OE-Core rev: 0df36f324a2dc17f18066efc5c130231158b5d24) Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> This release also contains a fix for CVE-2021-38297 and the changes are minor, so backport the uprev rather than manually backporting individual commits. CVE: CVE-2021-38297 Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: fix CVE-2021-41072Kai Kang2021-11-245-0/+894
| | | | | | | | | | | | | | | | Backport patches to fix CVE-2021-41072. And update context for verison 4.4 at same time. CVE: CVE-2021-41072 Ref: * https://nvd.nist.gov/vuln/detail/CVE-2021-41072 (From OE-Core rev: e95ccf6f7fe5a42fffcfa5e43087ff964622e26c) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: fix CVE-2021-3521Changqing Li2021-11-244-0/+454
| | | | | | | | (From OE-Core rev: 68c20b12fca2c20439b18c5fd9757c2c1f1746a1) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Fix CVE-2021-35465Pgowda2021-11-245-0/+589
| | | | | | | | | | | | | | | source : https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102035 Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70] Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a] Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f] Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7] (From OE-Core rev: 2dae3da5dbb0c8293927f0676fff08437f75d0d2) Signed-off-by: Pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mklibs-native: drop deprecated cpp17 exceptionsAndrej Valek2021-11-242-0/+432
| | | | | | | | | | | | | gcc11 has -std=gnu++17 as default. Remove deprecated C++17 exceptions based on http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html. (From OE-Core rev: 5f310b5ba647196ad42c3c54b9459db0e22d5b41) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit ef8b7946b4793db653ef7dd716e1d3f919a84725) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* llvm: bump HASHEQUIV_HASH_VERSIONAnuj Mittal2021-11-211-0/+4
| | | | | | | | | | | | | | llvm embeds the repository location in a header file. We just changed the SRC_URI to fetch using https instead of git. This has started giving errors in reproducibility testing when one of the RPMs to be compared is fetched from sstate. Bump HASHEQUIV_HASH_VERSION and PR so its rebuilt. (From OE-Core rev: 2fd327ae5b3da8841ebed00bfc60b7bb8d6a64c5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: add explicit branch and protocol to SRC_URIAnuj Mittal2021-11-2121-21/+21
| | | | | | | | | | | | Add branch name explicitly to SRC_URI where it's not defined and switch to using https protocol for Github projects. The change was made using convert-srcuri script in scripts/contrib. (From OE-Core rev: ab781d4e3fa7425d96ea770ddfd0f01f62018c5b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add fcntl64 wrapperRichard Purdie2021-11-211-1/+1
| | | | | | | | | | | | Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find command in the libtool removal code when built with LFS compile flags on Gentoo. (From OE-Core rev: 64b68a7e2ebc1a7775f5fda64d7024879181aa7f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add in ability to flush database with shutdown requestRichard Purdie2021-11-211-1/+1
| | | | | | | | | | | | | Pulls in: pseudo_db: Flush DB if there is a shutdown request fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix) (From OE-Core rev: 7b9123cac297275245c2fef78c286c17ca3690cf) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bootchart2: Don't compile python modulesRichard Purdie2021-11-031-1/+5
| | | | | | | | | | | | | "make install" may attempt to compile the python modules but it uses the host python and host paths which means the binaries are not reproducbile. Make things consistent. If anyone needs compiling, it will beed to be fixed to be cross compile compatible. (From OE-Core rev: b06105ec1a33bb37d42a10222e07b7f8eb69baff) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1189f95e05c80286e009e1ab46a603ee5b7ca239) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* strace: show test suite log on failureRoss Burton2021-11-031-0/+9
| | | | | | | | | | | | | If the tests fail, dump the log so we can see the failures. (From OE-Core rev: f59a20574046a2027746010311129342442857f0) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3154a65039831b1e041217707fdd6ca042f588fb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix CVE-2021-3530Pgowda2021-11-033-0/+168
| | | | | | | | | | | Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=25162c795b1a2becf936bb3581d86a307ea491eb] Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=999566402e3] (From OE-Core rev: b9c13f5bc6be0fa63640caeef4947c4c2ca1d290) Signed-off-by: Pgowda <pgowda.cve@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Deterministically set vendor macro entryRichard Purdie2021-10-291-1/+2
| | | | | | | | | | | | | | | | On an aarch64 build host, vendor is found to be "unknown", on x86 systems it is "pc". This filters through to the PLATFORM tag in target rpms. We saw reproducibility test failures where the PLATFORM tags in noarch rpms were changing depending upon which host built them. Forcing the vendor value to a consistent one makes things deterministic. (From OE-Core rev: ef37fca2f434eba22918e5eab4f2d5e2d499fc14) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f6434075b2bdfc23c683d22281b674b1e6abde77) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: upgrade 1.16.7 -> 1.16.8Sakib Sajal2021-10-298-4/+4
| | | | | | | | | | (From OE-Core rev: 5b6c68759f28fd684be316b3a5e33f41e4107f7b) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 97a2f406635f51bad1ab070f018a6466209f257b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix the reproducibility issueThomas Perrot2021-10-295-0/+162
| | | | | | | | | | | | | | | | | | Apply some changes on the Ruby makefiles in order to fix the reproducibility: - use a fixed timestamp, - sort linked objects, - doesn't use the current date, - and use UTC date. [YOCTO #14268] (From OE-Core rev: eea2f854fdd0f036dae2671ae52ba4695a83df68) Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 59b07ab51ff932a4632a31675445ba4192bae36b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Update with fcntl and glibc 2.34 fixesRichard Purdie2021-10-291-1/+1
| | | | | | | | | | | | | | | | | | | Pull in the following changes: * ports/linux/guts: Add closefrom support for glibc 2.34 * pseudo_client: Make msg static in pseudo_op_client * ports/linux/guts: Add close_range wrapper for glibc 2.34 * pseudo_client: Do not pass null argument to pseudo_diag() * test-openat: Consider device as well as inode number * test: Add missing test-statx test case * fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (From OE-Core rev: 190ed5d766b6a3922c3f841eb5fd04cf603cf76f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 71b549924a7fa7973a8e03e11f3db45fdc29889d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-pseudo: Fix to work with glibc 2.34 systemsHongxu Jia2021-10-292-15/+26
| | | | | | | | | | | | | | | | | | | | | | | Since commit [df313aa810 pseudo: Fix to work with glibc 2.34 systems] applied, it fixed native only. And nativesdk has the similar issue Tweak library search order, make prebuilt lib ahead of recipe lib, after apply the fix: ... $ readelf -a lib/pseudo/lib64/libpseudo.so | grep 'Shared library' 0x0000000000000001 (NEEDED) Shared library: [libdl.so.2] 0x0000000000000001 (NEEDED) Shared library:[libpthread.so.0] 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] ... (From OE-Core rev: 1cbf45e39e6a9d043691fb236946c6717dd666b7) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d6d116b5db78645958ea30be3d0572e0f6d7bd92) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Fix to work with glibc 2.34 systemsRichard Purdie2021-10-293-0/+73
| | | | | | | | | | | | The merge of libdl into libc in glibc 2.34 causes problems for pseudo. Add a fix that works around this issue. (From OE-Core rev: c9203671d638edb6a063d7522b29b8a8e776c2f3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dd3e46a043c81cd4d81731a0f691868d3c059742) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* m4: Do not use SIGSTKSZKhem Raj2021-10-292-0/+85
| | | | | | | | | | | | | | | Fixes ../../m4-1.4.18/lib/c-stack.c:55:26: error: missing binary operator before token "(" 55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384 | ^~~~~~~~ (From OE-Core rev: 4d350d458fa4ec75bf6f40da9c3a7c43403f3dbd) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44ca8edd622782733d507e20a3d5ee9e44eb8be4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Add a fix for a make install raceRichard Purdie2021-10-292-0/+24
| | | | | | | | | | | | Add a fix for reproducibility issues where pyc files for python-config.py may not always be generated. (From OE-Core rev: 94aedf7d2b43ecdf0da1cf6b848f6e95ee253abf) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d1c3a87c48b598b6e5624d0affe8bd89320631bf) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Ensure compression parallelism isn't coded into rpmsRichard Purdie2021-10-292-0/+29
| | | | | | | | | | | | | | We don't want the compression thread numbers to be encoded into the rpm since this results in the rpm not being deterministic. Add a patch from Alex Kanavin which addresses this issue (was queued for rpm 4.17 but we need to fix this with 4.16 too). (From OE-Core rev: 16d6f01eced9e6de5068056aea07a08ec9dfb659) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1ba0bf50c72f2506dfa507559c49a70e16cd5124) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3682Sakib Sajal2021-10-072-0/+42
| | | | | | | | | | (From OE-Core rev: 14783d10fb43d10a91d5e61ad9811ad469a0fb46) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Exclude CVE-2021-29923 from report listRichard Purdie2021-09-171-0/+5
| | | | | | | | | | | | | | Upstream don't believe it is a signifiant real world issue and will only fix in 1.17 onwards. Therefore exclude it from our reports. https://github.com/golang/go/issues/30999#issuecomment-910470358 (From OE-Core rev: 573337b8432677fa3a7643e74045ae7d7b331b3f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-27 03:05:59 +0000