summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* Fix seg-fault in the linker when examining a corrupt binary.Manjunath S Matti2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: https://sourceware.org/ MR: 74244 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=531336e3a0b79ed60cfc36ad2d6579b6a71175da ChangeID: 69cc8699fcb0655f3a48778e514552dfaea7229c Description: Fix seg-fault in the linker when examining a corrupt binary. PR ld/20909 * aoutx.h (aout_link_add_symbols): Fix off-by-one error in check for an illegal string offset. CVE: CVE-2017-7300 Affects: < 2.27-r0.9.1 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c1b259c5fef13e1ecff9a68d82cde49c777ffa4d) Signed-off-by: Manjunath S Matti <mmatti@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8397Thiruvadi Rajaraman2018-01-072-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74114 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d55e7590c08c4db483bba2fa35df8fbb6283686e Description: Fix a seg-fault when processing a corrupt binary containing reloc(s) with negative addresses. PR binutils/21434 * reloc.c (bfd_perform_relocation): Check for a negative address in the reloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 6dd9179c4208c8d13f7e9c784d9993606416ab97) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8395Thiruvadi Rajaraman2018-01-072-0/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74153 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 27dce214c561f9ae6f874990432f9d76a7de29d4 Description: Fix seg-fault attempting to compress a debug section in a corrupt binary. PR binutils/21431 * compress.c (bfd_init_section_compress_status): Check the return value from bfd_malloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: addac2e8f6f6132807a590a032a4292079542fbe) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8393Thiruvadi Rajaraman2018-01-072-0/+202
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74179 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 976156cd25454143883090ca42010c38c6d6af0f Description: PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA. This patch fixes an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. I'm also modifying the interface for elf_backend_get_reloc_section, so any backend function just needs to handle name mapping. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 24124406a2a1657b80ba2933bef40ccf798c8097) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7304Thiruvadi Rajaraman2018-01-072-0/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74192 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 9a4c249becded1b479c0b9e9f175aebb80294317 Description: Fix seg-fault in strip when copying a corrupt binary. PR binutils/20931 * elf.c (copy_special_section_fields): Check for an invalid sh_link field before attempting to follow it. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7303Thiruvadi Rajaraman2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74205 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: db5bfb63661d39846c3b03353e1383c621759d48 Description: Fix seg-fault attempting to strip a corrupt binary. PR binutils/20922 * elf.c (find_link): Check for null headers before attempting to match them. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ef1a98976886560396a514458edb80a21f09b808) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7302Thiruvadi Rajaraman2018-01-072-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74218 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 11677f4fb24c7a49efc23ea7d54de1bf85e74b12 Description: Fix seg-fault running strip on a corrupt binary. PR binutils/20921 * aoutx.h (squirt_out_relocs): Check for and report any relocs that could not be recognised. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7301Thiruvadi Rajaraman2018-01-072-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74231 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 1fbae9f71e3ad90f930f8b25d550de964e05c259 Description: Fix seg-fault in linker parsing a corrupt input file. PR ld/20924 (aout_link_add_symbols): Fix off by one error checking for overflow of string offset. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 315608a626f9e21d198d1600ded69114ac1e16d1) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7227Thiruvadi Rajaraman2018-01-072-0/+50
| | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74270 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: e4e88f56ba13671afb5b3194ca4c1c59601e5fd5 Description: Fix seg-fault in linker when passed a bogus input script. PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 650a5b69c4ae7cf91d13993225877d0187bcb65e) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7225Thiruvadi Rajaraman2018-01-072-0/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74296 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8 Description: Fix seg-fault running addr2line on a corrupt binary. PR binutils/20891 * aoutx.h (find_nearest_line): Handle the case where the main file name and the directory name are both empty. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ba01ee6899c8d36e6469f6d02d40866fb0502af9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7224Thiruvadi Rajaraman2018-01-072-0/+49
| | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74309 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 640c2ad711ead368a65079a464c55368851e8744 Description: Fix a seg-fault disassembling a corrupt binary. PR binutils/20892 * aoutx.h (find_nearest_line): Handle the case where the function name is empty. Affects: <= 2.29 (From OE-Core rev: 54992e752e396fc5b3bc5b067cfc4741f1176bb3) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7223Thiruvadi Rajaraman2018-01-072-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74322 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: c7e14cdaab09996e736a6294834d3470ac9ddb6c Description: Fix seg fault attempting to unget an EOF character. PR gas/20898 * app.c (do_scrub_chars): Do not attempt to unget EOF. Affects: <= 2.29 (From OE-Core rev: b35c5c25947daf47b5cbccd8836e22234baa6f0f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12450_12452_12453_12454_12456Thiruvadi Rajaraman2018-01-073-0/+490
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73854, 73827, 73814, 73801, 73775 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5 Description: Fix address violation errors parsing corrupt binary files. PR 21813 binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty string whilst concatenating symbol names. bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address of the relocs to the canonicalize_one_reloc routine. * mach-o.h (struct bfd_mach_o_backend_data): Update the prototype for the _bfd_mach_o_canonicalize_one_reloc field. * mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add res_base parameter. Use to check for corrupt pair relocs. * mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc): Likewise. * mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc): Likewise. * mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc): Likewise. * vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is enough data in the record before attempting to parse it. (_bfd_vms_slurp_eeom): Likewise. (_bfd_vms_slurp_egsd): Check for an invalid section index. (image_set_ptr): Likewise. (alpha_vms_slurp_relocs): Likewise. Affects: <= 2.29 (From OE-Core rev: 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12451Thiruvadi Rajaraman2018-01-072-0/+385
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73840 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 582c686f18c059d665189a6a09df3a8cc4a3b093 Description: Fix address violation when attempting to read a corrupt field in a COFF archive header structure. PR 21786 * coff-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (EQ_VALUE_IN_FIELD): new macro. (_bfd_xcoff_slurp_armap): Use new macros. (_bfd_xcoff_archive_p): Likewise. (_bfd_xcoff_read_ar_hdr): Likewise. (_bfd_xcoff_openr_next_archived_file): Likewise. (_bfd_xcoff_stat_arch_elt): Likewise. Extend previous fix to coff-rs6000.c to coff64-rs6000.c PR 21786 * coff64-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (xcoff64_slurp_armap): Use new macros. Affects: <= 2.29 (From OE-Core rev: 62eeac8e4684c129af6f36aa7c2b91270a5dacde) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12449, CVE-2017_12455, CVE-2017-12457, CVE-2017-12458, ↵Thiruvadi Rajaraman2018-01-073-0/+339
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2017-12459 Source: git://sourceware.org/git/binutils-gdb.git MR: 73867, 73788, 73762, 73749, 73734 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 29a1fd75a879d40560b3891305b7d9577e26ffe5 Description: Fix address violation issues encountered when parsing corrupt binaries. PR 21840 * mach-o.c (bfd_mach_o_read_symtab_strtab): Fail if the symtab size is -1. * nlmcode.h (nlm_swap_auxiliary_headers_in): Replace assertion with error return. * section.c (bfd_make_section_with_flags): Fail if the name or bfd are NULL. * vms-alpha.c (bfd_make_section_with_flags): Correct computation of end pointer. (evax_bfd_print_emh): Check for invalid string lengths. Fix address violations when reading corrupt VMS records. PR binutils/21618 * vms-alpha.c (evax_bfd_print_emh): Check for insufficient record length. (evax_bfd_print_eeom): Likewise. (evax_bfd_print_egsd): Check for an overlarge record length. (evax_bfd_print_etir): Likewise. Affects: <= 2.29 (From OE-Core rev: 62c4dc16dd8fe99cba970c5e7d8dfc063855d4b9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12448Thiruvadi Rajaraman2018-01-072-0/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73880 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f Description: Fix use-after-free error when parsing a corrupt nested archive. PR 21787 * archive.c (bfd_generic_archive_p): If the bfd does not have the correct magic bytes at the start, set the error to wrong format and clear the format selector before returning NULL. Affects: <= 2.29 (From OE-Core rev: 996e7af41b48107bab5eca0ea26f507541382bd5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7226Thiruvadi Rajaraman2018-01-072-0/+43
| | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74283 Type: Security Fix Disposition: Backport from binutils_v2_28 ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909 Description: Use strnlen to avoid running over the end of the string buffer. Affects: <= 2.28 (From OE-Core rev: abc9e4eebafac084bee054954bd93288cd1d0a8c) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security Fix CVE-2017-9041Armin Kuster2018-01-073-0/+137
| | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 72791 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=919383ac718c2a3187ee2a9ad659daa22da26258 ChangeID: 7b4588368a367a4d57efbfdcd9c00fcc0875af7b Description: Affects: <= 2.28 (From OE-Core rev: d445a9abe7af0a1a54e466bdae8978f6ffb5f6bc) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security fix for CVE-2017-9040 and 2017-9042Armin Kuster2018-01-072-0/+84
| | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 72756, 72805 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf ChangeID: af83ec9e8322e0e051bb684bd2fee5fe8a506fbc Description: excluded some changes as the code does not exist in our version. Does not affect fix. Affects: <= Binutils 2017-04-12 (From OE-Core rev: 2dfdc0ceac466a4b80ece01a970cb5cfdc08d7ab) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security Fix CVE-2017-9039Armin Kuster2018-01-073-0/+130
| | | | | | | | | | | | | | | | | | | | Source: binutils-gbd.git MR: 72742 Type: Security Fix Disposition: Backport from git://sourceware.org/binutils-gdb.git ChangeID: 280f36838862ea67fdcd65b162c1a4835cf924dc Description: Affects: <= 2.28 (From OE-Core rev: 9d5c9ad603947136e23325b123bc37c4b939d783) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutis: Security fix CVE-2017-9038Armin Kuster2018-01-072-0/+52
| | | | | | | | | | | | | | | | | | | Source: Binutils.org MR: 72728 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d ChangeID: 7e242783945a87af0a821b924bd16624a0f18fb3 Description: Affects: <= 2.28 (From OE-Core rev: 8df5d5d7809381a6e9b93bb6f772b1fd77046da9) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutis: Security fix CVE-2017-7614Armin Kuster2018-01-072-0/+106
| | | | | | | | | | | | | | | | | | | | | Source: binutils-gbd.git MR: 71732 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456 ChangeID: 44d3f2d902013f6e8faf485bf736106a11603e16 Description: minor change to get changelog to apply Affects: binutils < 2.28 (From OE-Core rev: 72dc7aa95afb64bc9ff070e5c2b372d2db6ac5c6) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: do not hardcode "lib" into site-packages search pathAlexander Kanavin2017-12-091-125/+165
| | | | | | | | | | | | | | This was not working in multilib or x32 setups and amazingly, was not noticed until now. The actual modification is in Lib/site.py, the rest is just devtool moving things around in the patch. (From OE-Core rev: 0713d2a325adf87d97ef5936061ff44274d5a913) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-3.3-multilib.patch: Fixes getpath on multilib configurationsJose Lamego2017-11-211-4/+13
| | | | | | | | | | | | | | | | | | | When using multilib configurations either on arm/arm64 and x86/x86-64 python3 failed to execute due to a failure when looking for its platform independent and dependent libraries. This patch fixes this issue by assigning lib_python to the appropriate macro. [YOCTO #10812] (From OE-Core rev: 8ef5c0511e51b82eaa45865df42ecbb2deeb7350) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tcf-agent: Fix daemon terminationJan Kiszka2017-11-211-11/+1
| | | | | | | | | | | | | | | The upstream init script uses SIGUSR2 to terminate that daemon because SIGTERM is ignored. As the killproc function does not support specifying a signal, switch to start-stop-daemon. Drop the retry loop because SIGUSR2 is lethal for agent. (From OE-Core rev: 1e6235de0a3f6302cee37332f03b1ba403c789d1) Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tcf-agent: kill with USR2 in systemd stopMartin Kelly2017-11-211-0/+2
| | | | | | | | | | | | | | | | | | | tcf-agent ignores SIGTERM, so upstream uses USR2 instead. This issue was noticed by Jan Kiszka and Brian Avery around the same time: https://patchwork.openembedded.org/patch/139546/ https://patchwork.openembedded.org/patch/139560/ However, these patches fixed only the init scripts, not the systemd service file. This patch fixes the systemd file. (From OE-Core rev: f3c9d850af1c8dab9d46ddb136d84710e7f73fa2) Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg: fix conffile errors in 'opkg status' callsRoss Burton2017-11-212-0/+70
| | | | | | | | | | | | | | | If a conffile has been deleted (common when building a debugfs) the status command will throw errors instead of handling that situation. Stop the code being executed in the first place if it wasn't asked for, and handle errors gracefully. [ YOCTO #10761 ] (From OE-Core rev: c32bca840d262ebc5ac93b06d0bce79729a178b1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-14064Rajkumar Veer2017-11-212-0/+80
| | | | | | | | | | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 (From OE-Core rev: 8d53b03e8fa1bc20c0d77d6cd7869bd7f7325987) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-14033Rajkumar Veer2017-11-212-0/+90
| | | | | | | | | | affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 (From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9229Thiruvadi Rajaraman2017-11-212-0/+37
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Secruity fix for CVE-2017-9226Thiruvadi Rajaraman2017-11-212-0/+34
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9228Thiruvadi Rajaraman2017-11-212-0/+27
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9227Thiruvadi Rajaraman2017-11-212-0/+25
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2016-7798Thiruvadi Rajaraman2017-11-212-1/+167
| | | | | | | | | | affectes ruby < 2.3.1 (From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix build of ruby-native with gcc7Joshua Lock2017-11-212-0/+34
| | | | | | | | | | | | | | | Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change fix in Ruby SVN r57410 to apply to ruby 2.2.5: https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410 Fixes [YOCTO #12271] (From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffstat: use HTTP mirror for SRC_URIRoss Burton2017-10-101-1/+1
| | | | | | | | | | | | | | The Invisible Mirror FTP service is currently down, and FTP is horrible, so switch to the HTTP mirror. (From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d) (From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-native: Avoid use of getentropy/getrandomRichard Purdie2017-09-061-1/+3
| | | | | | | | | | | | | getentropy/random() is only available in glibc 2.25+ and uninative may relocate binaries onto systems that don't have this function. For now, force the code to the older codepaths until we can come up with a better solution for this kind of issue. (From OE-Core rev: 92bda0024d85ae78345665cc2f9646c9881ed61b) (From OE-Core rev: 2dc6ee0c520442418fa14cf3fe12b059209e9ab7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-numpy: Fix issues with recent glibc versionsRichard Purdie2017-09-063-0/+49
| | | | | | | | Fix issues building on recent glibc versions (for python*-numpy-native). (From OE-Core rev: 08a46b2477c1ea0e76695b51b59dc1bb46b1b521) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Backport a patch for recent glibc versionsRichard Purdie2017-09-062-0/+283
| | | | | | | | | This fixes compile failures of qemu-native with new versions of glibc. Patch is taken from upstream. (From OE-Core rev: b1b7a46f0febe7ac17ec46ecdf88b4120a7d75c4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* docbook-utils: update SRC_URI from fedora to oslArmin Kuster2017-08-291-1/+1
| | | | | | | | | WARNING: docbook-utils-native-0.6.14-r3 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/docbook-utils-0.6.14.tar.gz, attempting MIRRORS if available (From OE-Core rev: ef47f682034f591c90572c082a753787aa1a8b9c) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sgml-common: update SRC_URI from fedora to OSLArmin Kuster2017-08-291-1/+1
| | | | | | | | | WARNING: sgml-common-native-0.6.3-r1 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/sgml-common-0.6.3.tgz, attempting MIRRORS if available (From OE-Core rev: cdb32a75b935985e5e86184d97b5a05c8f3ff21a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* automake: Backport perl 5.22 fixMarek Vasut2017-08-292-1/+35
| | | | | | | | | | | | | | | | Backport 13f00eb4493c "automake: port to Perl 5.22 and later" from automake upstream to fix build with perl 5.22 . (From OE-Core rev: 7fa044e799db651d45e4732e2527acfc2bc7cd47) (From OE-Core rev: 139d15f4af282eeef0a7f368eef518f400a4471a) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Ross Burton <ross.burton@intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: fix building elfutils-native with GCC7Cody P Schafer2017-08-295-0/+529
| | | | | | | | | | | | | | | | | | | | | | | | | This is heavily based on the oe-core master commit with the same subject, but includes a backport of upstream's fix for the fallthrough warnings rebased to 0.166 (the oe-core patch which targeted 0.168 did not apply), a rebase of the format-truncation patch, and a backport of the upstream format-length patch. Info from OE-Core master patch follows: From OE-Core rev: aaf4c4f3d09ac3897205417eb15e19d54e0c0d05 From: Joshua Lock <joshua.g.lock@intel.com> Backport a fix from upstream for a -Wformat-truncation=2 warning and implement a simple fix for a -Wimplicit-fallthrough warning. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (From OE-Core rev: 3b91be97ae8c36cd6bad86fed992efc9800f4c9e) Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-6.2: backport fix of check for empty string in ubsan.cJoshua Lock2017-08-292-2/+31
| | | | | | | | | | | | | | | | | | | | | | Building gcc-cross-initial with GCC7 on the host fails due to the comparison of a pointer to an integer in ubsan_use_new_style_p, which is forbidden by ISO C++: ubsan.c:1474:23: error: ISO C++ forbids comparison between pointer and integer [-fpermissive] || xloc.file == '\0' || xloc.file[0] == '\xff' Backport the fix from upstream GCC to enable the build with GCC 7 (From OE-Core rev: 7a7fcbab0365b9501c737dbc02715be14dda72a3) (From OE-Core rev: ad685600d52b2e8b6f4cdbf46baa9f14b51565dd) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2017-7210Yuanjie Huang2017-08-292-0/+72
| | | | | | | | | | | | | CVE: CVE-2017-7210 [BZ 21157] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21157 PR binutils/21157: Fix handling of corrupt STABS enum type strings. (From OE-Core rev: 066a7acc4c19a4ef3428d0a7c695a2b08f45bc14) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2017-7209 in readelfYuanjie Huang2017-08-292-0/+64
| | | | | | | | | | | | | | | CVE: CVE-2017-7209 [BZ 21135] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21135 PR binutils/21135: Fix invalid read of section contents whilst processing a corrupt binary. (From OE-Core rev: fd7a91e2a6db1fb806c57c137f72efcffbf1f26b) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2017-6969 in readelfYuanjie Huang2017-08-293-0/+180
| | | | | | | | | | | | | | | | CVE: CVE-2017-6969 [BZ 21156] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21156 PR binutils/21156: Fix illegal memory accesses in readelf when ing a corrupt binary. PR binutils/21156: Fix another memory access error in readelf when parsing a corrupt binary. (From OE-Core rev: 565d4b9432c898e4483f392a91f4b4aaebb4b184) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: Fix wrong error code after optimizationDaniel Schultz2017-08-292-0/+286
| | | | | | | | | | | | | | | | | | | | | fsck.ext will return an error code of 1 if a file systems was checked and successfully repaired. Even when an optimization was performed it will return this error code. This patch will change the error code to 0 if only optimizations had changed the file systems. The reason for this patch is a question I asked at the ext4 ML: http://www.spinics.net/lists/linux-ext4/msg55700.html Backport from git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git Based on commit bf9f3b6d5b10d19218b4ed904c12b22e36ec57dd (From OE-Core rev: 34ccb6b66162400c3a3164cbdcca02fc1b42c92b) Signed-off-by: Daniel Schultz <d.schultz@phytec.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: update homepage and upstream souceRichard Purdie2017-06-052-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In git://sourceware.org/git/elfutils.git: ---------------- commit 1700fd25e6caf26663af2bd994d1d99fab9df59f Author: Mark Wielaard <mark@klomp.org> Date: Sat Dec 24 22:31:41 2016 +0100 http://elfutils.org/ is now hosted at http://sourceware.org/elfutils/ fedorahosted used to be our home, but we are now hosted at sourceware. Change the elfutils project home to http://elfutils.org/ Point hosted services (email, release, git, bug tracker and web pages) to https://sourceware.org/elfutils/ Move design notes from README to NOTES. Add URLs for home, releases, bugs, git and mailinglist to README. Make the --version output of all tools the same by using a common print_version function and update the publicly shown copyright holder to the elfutils developers. Signed-off-by: Mark Wielaard <mark@klomp.org> ------------------ Based on a patch from Hongxu Jia <hongxu.jia@windriver.com> (From OE-Core rev: 4ee8ad29e0eb3584eb8c6e1ba21a5a18d7a59714) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xmlto: replace fedorahosted.org SRC_URI with pagure.io sourceChoong YinThong2017-06-051-2/+2
| | | | | | | | | | | | | | | | fedorahosted.org was retired on March 1st, 2017. This is to update the SRC_URI to point to pagure.io. pagure.io is a replacement for fedorahosted. [YOCTO #11226] (From OE-Core rev: 79ae1e98a7c3fd4c732ea4cd0b3099d4e319a111) (From OE-Core rev: 6785157e7b30ca112ec5c65487a9e7e65b9dd5de) Signed-off-by: Choong YinThong <yin.thong.choong@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>