summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* python: fix CVE-2018-14647 in python-native tooRoss Burton2019-05-221-0/+1
| | | | | | | | | (From OE-Core rev: 65042ebf07afad2922dcdfceb6e8931c05255649) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-native: fix one do_populate_sysroot warningChangqing Li2019-05-222-0/+40
| | | | | | | | | | | | | | | | | | | | Fix below warning: WARNING: Skipping RPATH /usr/lib64 as is a standard search path for work/x86_64-linux/python-native/2.7.15-r1.1/recipe-sysroot-native/ usr/lib/python2.7/lib-dynload/_bsddb.so setup.py will check db.h under include_dirs, for native build, /usr/lib64 will be insert to postion 0 of include_dirs, so it's priority is higher then our sysroot, cause db.h sysroot is ignored, and rpath set to /usr/lib64. and this cause warning when do_populate_sysroot. use append to fix it. (From OE-Core rev: 12df5392afb8446507bb73f4d33ee42e06a17b82) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: time.tzset missingArmin Kuster2019-05-222-1/+2
| | | | | | | | | | | | | | | | | | import time time.tzset() Traceback (most recent call last): File "<stdin>", line 1, in <module> AttributeError: module 'time' has no attribute 'tzset' enable tzset in both python versions (From OE-Core rev: e7721ee7e7942570ebab793f5870d7a021154a92) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fix up for Thud context ie python3_3.5.6] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icecc-env: don't raise error when icecc not installedAdam Trhon2019-02-251-1/+1
| | | | | | | | | | | | | | | | When icecc is not installed, the `which icecc` command in icecc-env.sh returns nonzero. This happens when environment is being sourced. When the terminal has `set -e`, the whole script fails and terminal is closed. Fix this by ignoring errors from the which command. (From OE-Core rev: 84c63858be47d33e49140181d73c253886d5aec5) Signed-off-by: Adam Trhon <adam.trhon@tbs-biometrics.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: fix file system generation with large filesRoss Burton2019-02-252-0/+51
| | | | | | | | | | | | When copying files into the file system the file offset was being truncated to a signed 32-bit value, so any files that are larger than 2^31 bytes were the right size, but no content after that point. (From OE-Core rev: a77360db529d0ac3cb91161001546754d0371aa2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: remove True option to getVar calls (again)André Draszik2019-02-063-5/+5
| | | | | | | | | | | | | | | | | | | | A couple have still been missed in the past despite multiple attempts at doing so (or simply have re-appeared?). Search & replace made using the following command: sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \ -i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \ | cut -d':' -f1 \ | sort -u) (From OE-Core rev: 9f551d588693328e4d99d33be94f26684eafcaba) (From OE-Core rev: 2da88ecbbf118bb7440f48184d4b39c273ab57e9) Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: bfd doesn't handle ELF compressed data alignmentKhem Raj2019-02-063-0/+534
| | | | | | | | | | | | | | | Backport patches for ld/gold from master [YOCTO# 13136] (From OE-Core rev: e0ed2313f22c2ca30477942fc57877b8b194428a) (From OE-Core rev: f8298017f78f58bbe25d832dc838f1ba6becee8d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Upgrade to latest on 2.31 release branchKhem Raj2019-02-0613-582/+33
| | | | | | | | | | | | | | | | * Append minor version to PV so recipe checker is happy * Drop upstreamed patches * Remove changelog from CVE patches, they dont apply and are in patch log anyway (From OE-Core rev: 550085bc092d773c8c481e238d0d3210466166dc) (From OE-Core rev: 27b9008618fa981d12424eecbff9bbf113b735f7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix build with clangKhem Raj2019-02-062-0/+33
| | | | | | | | | | | (From OE-Core rev: 208dadb8f1864aca88c69766f3bfb37a2ef4953c) (From OE-Core rev: 86a4ecad734087cff7d5c1d6109f6256b8e2b75b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* i2c-tools: upgrade 4.0 -> 4.1Anuj Mittal2019-02-065-239/+2
| | | | | | | | | | | | | | | | * For changes, see: https://git.kernel.org/pub/scm/utils/i2c-tools/i2c-tools.git/log/?qt=range&q=v4.0...v4.1 * Remove upstreamed patches (From OE-Core rev: 085530e8fff016d7cadcae4a769a82cddf9e6695) (From OE-Core rev: 93c76fe812613cfe6bc7296e770c070112e3f244) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* createrepo-c: Fix setup of logging (log domains)Zheng Ruoqin2019-01-082-0/+74
| | | | | | | | | | | | | | | New debug messages were added into GLib library. These messages come from the "GLib" log domain and were not hidden in the standard and quiet mode of the application. This fix hides log messages regardless on source log domain. Backport from 80810f04f2de6bae6e394f52ad9cdd2189862f74. (From OE-Core rev: a41927366c3c3070dfb95ec7f595e9f73105a517) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go 1.9/1.11: fix textrel qa warning for non mips archHongxu Jia2019-01-086-6/+104
| | | | | | | | | | | | | | | | | | While building go itself, the go build system does not support to set `-buildmode=pie' from environment. Add GOBUILDMODE to support it which make PIE executables the default build mode, as PIE executables are required as of Yocto But mips doesn't support -buildmode=pie, so skip the QA checking for mips and its variants (From OE-Core rev: 7a8c5d29f70574043d695bc60da16c823d12a83e) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: drop redundant patchRoss Burton2019-01-083-40/+0
| | | | | | | | | | | | | | | | This patch altered the clean target's behaviour to skip the ipkg-install directory. However this directory isn't created by opkg, opkg-utils, or the package_ipk class; and we don't invoke the clean target as we perform out-of-tree builds. (From OE-Core rev: 9f8bd475701e5d797d3ffc1ba97647101ba0b9b0) (From OE-Core rev: e147baad7ab722b8319225561eb23cd4442629e1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: don't cripple target distutilsRoss Burton2019-01-081-1/+0
| | | | | | | | | | | | | | | We stop distutils for *native* Python from rewriting hashbangs when installing (so installed scripts don't have a hashbang that refers to sysroot paths), but this isn't needed nor desirable for the *target* Python. (From OE-Core rev: 52e128619803907c804d42815ea979b1848529c4) (From OE-Core rev: 17a2731bd2795974197b1dca3de53094cec58126) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: Remove long ago upstreamed patchAlexey Brodkin2019-01-082-30/+0
| | | | | | | | | | | | | | | This fix was upstreamed a long ago, see [1]. [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=37ce4055fe907b9edd25498dcda7a133dbd19784 (From OE-Core rev: 873507c0cbbf1f7ef22d1cb9dcb0e2b167460490) (From OE-Core rev: 7a4cc4c690272579491ba8340b63da7efa3ca665) Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: Skip vgpreload_memcheck shared object from strippingKhem Raj2019-01-081-0/+13
| | | | | | | | | | | | | | | | | | | | This is a special library for memcheck tool, where it needs to have the symbols intact for the stack traces to work on target, current option is to install valgrind-dbg ( 151 MB uncompressed ) is quite big for some systems which may not have space to install it all. Leaving it unstripped adds about 200KB to image which is much better, this alone gets memcheck working, as an aside we might need same solution for other tools e.g. helgrind etc. when needed, they also have leading libraries installed (From OE-Core rev: 23da8f50b1e0a74777035c9f7b65b81456908f9f) (From OE-Core rev: 49e38e029a21c02ca44d6db1bc91190f7c6e11ca) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade 2.5.1 -> 2.5.3Ross Burton2019-01-081-2/+2
| | | | | | | | | | | (From OE-Core rev: 17a8576375fadbfa44e9272a942bf12887b5e1a2) (From OE-Core rev: ef91e281bb1e24a26f3179fd9f511714a0d4c746) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: Adds instructions to the manifest fileAlejandro Enedino Hernandez Samaniego2019-01-084-6/+117
| | | | | | | | | | | | | | | | | | | | | | | | | While there is a bit of documentation regarding building a new manifest file for python, it seems that users usually only read the manifest file. The manifest file is in JSON format which doesn't allow comments, hence why instructions were initially put elsewhere. This patch hacks the call to open the JSON manifest file by using a marker to trick it into reading only part of the file as the manifest itself, and keep the other part as comments, which contain instructions for the user to run the create_manifest task after an upgrade or when adding a new package. (From OE-Core rev: 5641a24a70b54544012c04c6a082514d9a5aa49a) (From OE-Core rev: 3050a4c634da74eba53380bf23de515ed651bc03) Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: Correct use of the _append operatorPeter Kjellerstedt2019-01-081-3/+4
| | | | | | | | | | | | | | | | | | The value to SRC_URI_append_class-native was not prefixed with a space. This was not noticed as the SRC_URI before applying the _append contains trailing spaces. However, if one, e.g., has a .bbappend and adds to the SRC_URI using SRC_URI += "file://foo.patch", then there no longer is any trailing space and the _append concatenates the two URIs together, leading to a build failue. (From OE-Core rev: c07ee11e99dfe28405a7225903a541b33aeb1de6) (From OE-Core rev: 53594c9fd01f7bd02e24aa82a5bd3a14d3dd465e) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: Disable rpath stripping at install timeRichard Purdie2019-01-083-8/+32
| | | | | | | | | | | | | | | | | | | As discussed in https://github.com/mesonbuild/meson/issues/2567 there needs to be a way to allow our rpath options passed to the linker to be preserved, else we run into weird build failures. (e.g. libmodulemd-native used by libdnf can't find libyaml) Disable this for now until upstream come up with a better way of handling this. (From OE-Core rev: b4e36281631e0b59d1058f5cf391eb8b15e605cf) (From OE-Core rev: 98a76c3171f9080d6246aac0188ef05c40852adc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: do not manipulate the environment when looking for python via pkg-configAlexander Kanavin2019-01-082-0/+44
| | | | | | | | | | | | | meson does it in a way that breaks oe builds (they export a bunch of PKG_CONFIG_ variables) (From OE-Core rev: f071c5eb0a46b8ac5424c5baeb471a8080d4a078) (From OE-Core rev: d5f1211b0820d5039ecec932fda92cbe1ba9132e) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: 0.174 -> 0.175Hongxu Jia2019-01-0820-780/+403
| | | | | | | | | | | | | | | | | | | | | | | | | - Drop backport CVE patches 0001-libdwfl-Sanity-check-partial-core-file-data-reads.patch 0001-size-Handle-recursive-ELF-ar-files.patch 0001-arlib-Check-that-sh_entsize-isn-t-zero.patch - Drop patches that upstream has fixed 0005-fix-a-stack-usage-warning.patch [9a74c19 backends: ppc use define instead of const for size of dwarf_regs array.] - Update debian patches to 0.175 - Rebase local patch to 0.175 0008-build-Provide-alternatives-for-glibc-assumptions-hel.patch (From OE-Core rev: 8748de4df5a4ece303f07f8bbb248920a199478a) (From OE-Core rev: 81ae67e603087166ec5583cc9686a60f769be799) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Remove tab indentations in python codeRobert Yang2019-01-081-1/+1
| | | | | | | | | | | | | Use 4 spaces to replace a tab. (From OE-Core rev: cbb6743d46752481782789fa1a0dfade11057114) (From OE-Core rev: 42ebdc7253c3a319d671a7f924603d85a22bbb4e) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg-utils: Fix update-alternatives link relocationNiko Mauno2019-01-082-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recently Debian-style support for link relocation was added to 'update-alternatives' script, but it fails under circumstances where host rootfs root directory differs from target rootfs root directory and two alternative packages provide a symbolic link with source located in different directories. An example of the case is busybox provided /bin/rev (symlinking to /bin/busybox.nosuid) and util-linux provided /usr/bin/rev (symlinking to /usr/bin/rev.util-linux) in which case following failure occurs during image recipe's do_rootfs() task: ERROR: core-image-minimal-1.0-r0 do_rootfs: Postinstall scriptlets of ['util-linux'] have failed. If the intention is to defer them to first boot, then please place them into pkg_postinst_ontarget_${PN} (). Deferring to first boot via 'exit 1' is no longer supported. Details of the failure are in .../tmp/work/qemux86-poky-linux/core-image-minimal/1.0-r0/temp/log.do_rootfs. ERROR: core-image-minimal-1.0-r0 do_rootfs: Function failed: do_rootfs Looking in log.do_rootfs file, following relevant lines can be observed: update-alternatives: renaming rev link from /bin/rev to /usr/bin/rev mv: cannot stat '/bin/rev': No such file or directory Mitigate issue by applying patch which adds target root filesystem root directory path prefix to failing 'mv' calls relevant variable references (From OE-Core rev: f0912e23629758fe4303284e7db8f4089bb7b4cb) (From OE-Core rev: 58f062843008c42d28f14c42fb5f991aef73728e) Signed-off-by: Niko Mauno <niko.mauno@iki.fi> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: drop mips n32 supportRandy MacLeod2018-11-091-0/+1
| | | | | | | | | | | | | | | | | valgrind for qemumips64 multilib builds fails to configure for libn32 with the error: configure:6190: checking for 32 bit build support ... fatal error: bits/long-double-32.h: No such file or directory It seems that the toolchain is producing: tmp-glibc/sysroots-components/mips64-n32/libn32-glibc/usr/include/bits/long-double-n32.h Until the toolchain problem is resolved, skip valgrind for libn32. (From OE-Core rev: 17d5574f05384edeb5c80ada2724fff4a1c3c94b) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix four CVE issuesZhixiong Chi2018-11-095-0/+506
| | | | | | | | | Backport the CVE patches from the binutils upstream. (From OE-Core rev: 84bb9c0514ecbd7c31935c22062b18b4aaefbef1) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apt: update SRC_URIChangqing Li2018-11-071-1/+1
| | | | | | | | | | update SRC_URI since previous link is not valid now (From OE-Core rev: 0b5972c8189dade0e77df175651b8d8707647bb1) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Change from TARGET_ARCH to TUNE_PKGARCHRichard Purdie2018-11-073-4/+4
| | | | | | | | | | | | | | | | | Right now go-cross is changing signatures when you change TUNE for a given architecture. In particular this breaks layer tests like: yocto-check-layer ../meta-yocto-bsp/ --machines qemuarm beaglebone-yocto This changes the PN addtion to something containing the tune rather than the arch which avoids these kinds of errors. If go-cross can be tune independent that would be nice but currently that isn't the case. [YOCTO #12586] (From OE-Core rev: e3c7e1703499e6a5332d9ab8a941671ec8235c4f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go-dep: disable PTEST_ENABLED for mips and mips64Chen Qi2018-11-071-0/+5
| | | | | | | | | | | | | The current go-dep does not compile ptest successfully on mips and mips64. So as a workaround, disable PTEST_ENABLED explicitly to avoid error like below. | vet config not found (From OE-Core rev: 786322ec408e2ef5cd6fb809456e0453e5f5e162) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: add python3-venv to the python3-modules RDEPENDSRoss Burton2018-11-071-0/+1
| | | | | | | (From OE-Core rev: ed5e7541677f6a046f85389cd0c879be3db422cd) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Fix python3-pyvenv run-time dependencyHugues Kamba2018-11-072-2/+18
| | | | | | | | | | | | | | | | | | | | | | | Pyvenv is just a small script that uses venv to create virtual environments. https://www.python.org/dev/peps/pep-0405/#creating-virtual-environments This patch adds the python3-venv module as a self-contained package which python3-pyvenv must depend on at run-time. The patch also provides the package python3-pyvenv from the pyhton3-venv package.This is good for future-proofing since python3-pyvenv has been deprecated and only python3-venv is now available in Python 3.6. https://docs.python.org/3/library/venv.html. Without this patch python3-pyvenv is broken because it is missing the venv module at run-time. This patch specifies the newly created python3-venv as a run-time dependency of python3-pyvenv. (From OE-Core rev: effa141bfce55aab25142ee578c95383c755ad73) Signed-off-by: Hugues Kamba <hugues.kamba@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: fix CVE-2018-18520 & CVE-2018-18521 & CVE-2018-18310Hongxu Jia2018-11-074-0/+139
| | | | | | | | | | These CVE fixes come from upstream master branch and no new version released, so backport rather than upgrade. (From OE-Core rev: bd8d2c25f595e30a3fdcad8a2409913bb8af7c5c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: 0.173 -> 0.174Hongxu Jia2018-11-075-1015/+22
| | | | | | | | | | | | | | - Drop backport fixes CVE-2018-16062.patch 0001-libdw-Check-end-of-attributes-list-consistently.patch 0002-libelf-Return-error-if-elf_compress_gnu-is-used-on-S.patch - Rebase 0008-build-Provide-alternatives-for-glibc-assumptions-hel.patch (From OE-Core rev: 777c1f8b6e20643964c304400e2d746dc2926524) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nasm: fix CVE-2018-1000667Hongxu Jia2018-11-072-0/+38
| | | | | | | | | | Since the latest nasm is 2.14rc16 (not formal release), so backport a patch to 2.13 to fix CVE-2018-1000667. (From OE-Core rev: 024b395425c95a08c881d922c310be78ffad483a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix for CVE-2018-10839Changqing Li2018-11-071-0/+52
| | | | | | | (From OE-Core rev: 5c2b164e1022c46f6bf541894429773c3dde7af2) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: upgrade 2.18.0 -> 2.18.1Changqing Li2018-10-292-11/+11
| | | | | | | | | Includes a fix for CVE-2018-17456. (From OE-Core rev: 95a74460f30223e6db9bff068b3ba84c74e1ba63) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: add missing CVE tag to patchesRoss Burton2018-10-292-6/+2
| | | | | | | (From OE-Core rev: 67f9e9045ab91a9df15876ad73e44ff98f11bf59) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glide: Minor update to 0.13.2Khem Raj2018-10-251-1/+1
| | | | | | | | | | Fixed ptest issue vet config not found (From OE-Core rev: 735430db632bcb1a1a5e7fe85b56408396881894) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: Make local functions static to avoid assembler errorRandy MacLeod2018-10-252-0/+183
| | | | | | | | | | | | | | | | | | | | | | Avoid mips32 x-compiler warnings such as: | ../../../valgrind-3.14.0/helgrind/tests/annotate_hbefore.c:360:6: warning: no previous prototype for 'do_signal' [-Wmissing-prototypes] | void do_signal ( UWord* w ) | ^~~~~~~~~ by making functions and global variables that are file scope be static and more importantly also avoid an assembler error: /tmp/cce22iiw.s: Assembler messages: /tmp/cce22iiw.s:446: Error: symbol `exit_0' is already defined /tmp/cce22iiw.s:448: Error: symbol `exit' is already defined /tmp/cce22iiw.s:915: Error: symbol `exit_0' is already defined /tmp/cce22iiw.s:917: Error: symbol `exit' is already defined (From OE-Core rev: 5fface331c46b809c10b4f3d65904534d6933896) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: update from 3.13.0 to 3.14.0Randy MacLeod2018-10-209-264/+77
| | | | | | | | | | | The removed patches are all upstream. Adjusted two patches due to rebase. Guard against __GLIBC_PREREQ for musl libc (From OE-Core rev: 37841ec56d7756ec9ee00e2a2005681b220f6f5d) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Upgrade to 1.11.1Khem Raj2018-10-2017-246/+163
| | | | | | | | | | | Drop 1.10 recipes in favor of 1.11 we have had reports of 1.10 not being quite functional wth OE (From OE-Core rev: 1cf3aee0ba0fb0c2e8b82f403384a1928a9b03f4) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: backport patch to fix CVE-2018-14647Chen Qi2018-10-202-0/+99
| | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-14647 (From OE-Core rev: 68e51756f67499081c3c53cff6c5c1efdf4b60f0) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: backport patch to fix CVE-2018-1000802Chen Qi2018-10-202-0/+70
| | | | | | | | | | | Backport a patch to fix the following CVE. CVE: CVE-2018-1000802 (From OE-Core rev: c0343f1035af98cb451eea0de94c16fe89ffdf48) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* file: alternatify fileDan McGregor2018-10-181-1/+4
| | | | | | | | | file is also provided by toybox. (From OE-Core rev: e9a34c0753bb772f26d3ddd7fed3fc234635b172) Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: handle virtual memory usage when limit is setPeter Bergin2018-10-182-0/+66
| | | | | | | | | | | | | Fix the situation where the task do_package_write_rpm ends up in "liblzma: memory allocation failed". This happens if the host environment has set a limit on virtual_memory for the user with 'ulimit -v' for packages with a lot of binary packages, e.g. glibc-locale. (From OE-Core rev: a937cff2746073d1dea37d85e7305d8d6705ff28) Signed-off-by: Peter Bergin <peter@berginkonsult.se> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcc/gcc-runtime: Disable thumb mode on armv6Richard Purdie2018-10-183-0/+8
| | | | | | | | | | | Without this the build fails for armv6t targets due to invalid assembler instructions in thumb mode. [YOCTO #12929] (From OE-Core rev: 801141be68e5c754f2cd1d80d13982f037fc03e5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: skip tests that are not usefulAnuj Mittal2018-10-164-88/+128
| | | | | | | | | | | | | | | | | Some tests, like the one that compares the hashes for a list of files against those stored in a .dat file, don't make sense for downstream distros packaging perl. Backport a patch from upstream that allows skipping of these tests at runtime. Also remove the local patch trying to keep hashes up-to-date for one of those tests. Fixes [YOCTO #12787] (From OE-Core rev: 557f4618b75b8739a647e46054ab587ae2bbdc25) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix three CVE issuesZhixiong Chi2018-10-163-0/+211
| | | | | | | | | | | | | | | | | | Backport the CVE patches from the upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git; h=30838132997e6a3cfe3ec11c58b32b22f6f6b102 h=cf93e9c2cf8f8b2566f8fc86e961592b51b5980d [BZ 23686] https://sourceware.org/bugzilla/show_bug.cgi?id=23686 [BZ 23685] https://sourceware.org/bugzilla/show_bug.cgi?id=23685 The one is for CVE-2018-17358 and CVE-2018-17359, and the another is for CVE-2018-17360. (From OE-Core rev: 2683d8287d6878868d3aa15ce6e6a80ce28d8737) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2018-17958/17962/17963Changqing Li2018-10-164-0/+176
| | | | | | | (From OE-Core rev: 1bbaf8d198b121a2a6f033350d1de3baa0a1163c) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: remove the PN package entirelyRoss Burton2018-10-162-4/+3
| | | | | | | | | | Nothing should be in this package, so remove it entirely to be sure nothing does end up in there. (From OE-Core rev: b4ea23adf58d664f3cc5abe6d04b507fc000426e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>