summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* pseudo: Add fcntl64 wrapperRichard Purdie2021-11-151-1/+1
| | | | | | | | | | | | Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find command in the libtool removal code when built with LFS compile flags on Gentoo. (From OE-Core rev: c87d2dd8ec10d8164b0bff4307ea66f41b3360d4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add in ability to flush database with shutdown requestRichard Purdie2021-11-151-1/+1
| | | | | | | | | | | | | Pulls in: pseudo_db: Flush DB if there is a shutdown request fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix) (From OE-Core rev: 649333a0d1bd5be4d5fb8a494e06686e08d291be) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-magic: add missing DEPENDSSteve Sakoman2021-11-151-0/+2
| | | | | | | | | | | | | | Since file-native is ASSUME_PROVIDED magic.mgc is not being staged. As a result diffoscope-native is failing with: magic.MagicException: b'could not find any valid magic files! Fix this by adding dependency on file-replacement-native (From OE-Core rev: dcd8294f826f6e061cdd01c6c3594789ed46732e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-magic: add the missing rdependsMingli Yu2021-11-151-1/+4
| | | | | | | | | | | | | | | | | | Add the missing rdepends to fix below error: # python3 [snip] >>> import magic [snip] ModuleNotFoundError: No module named 'ctypes' ModuleNotFoundError: No module named 'tempfile' (From OE-Core rev: ba5562d34653fa6b5819dbc8ca80a42167c38c96) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 115791844124bdddfbaec9d75bb887ef35c41f20) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Add explict branch to git SRC_URIs, handle github url changesSteve Sakoman2021-11-1123-23/+23
| | | | | | | | | | | | | | | | | | | | This update was made with the convert-scruri.py script in scripts/contrib This script handles two emerging issues: 1. There is uncertainty about the default branch name in git going forward. To try and cover the different possible outcomes, add branch names to all git:// and gitsm:// SRC_URI entries. 2. Github are dropping support for git:// protocol fetching, so remap github urls as needed. For more details see: https://github.blog/2021-09-01-improving-git-protocol-security-github/ (From OE-Core rev: 827a805349f9732b2a5fa9184dc7922af36de327) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Fix determinism issueRichard Purdie2021-11-032-1/+37
| | | | | | | | | (From OE-Core rev: 3b517d9e05d95c4a2ceb50f4bc07205f1b8f1e14) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9ae740939f8315c64fe7571f912404127a29dc89) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Deterministically set vendor macro entryRichard Purdie2021-10-291-1/+2
| | | | | | | | | | | | | | | | On an aarch64 build host, vendor is found to be "unknown", on x86 systems it is "pc". This filters through to the PLATFORM tag in target rpms. We saw reproducibility test failures where the PLATFORM tags in noarch rpms were changing depending upon which host built them. Forcing the vendor value to a consistent one makes things deterministic. (From OE-Core rev: b7dfe230b9b40145f43fa0bd42be82ae41a3ef3e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f6434075b2bdfc23c683d22281b674b1e6abde77) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Add a fix for a make install raceRichard Purdie2021-10-232-0/+24
| | | | | | | | | | | | Add a fix for reproducibility issues where pyc files for python-config.py may not always be generated. (From OE-Core rev: 917f800368c6d452670d3ccf74057afae98013b0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d1c3a87c48b598b6e5624d0affe8bd89320631bf) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtool: Allow libtool-cross to reproduceRichard Purdie2021-10-232-1/+2
| | | | | | | | | | | | The hostname removal from the script is useful to make libtool-cross reproduce. Apply the patch everywhere as it doesn't cause any issues. (From OE-Core rev: f1cc4b8d7503331f04d3f217ae67d0fd4cc483c5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3c61c6f20187154d677085fc9ccdcd762d4cdf3a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtool: Fix lto option passing for reproducible buildsRichard Purdie2021-10-232-0/+23
| | | | | | | | | | | | If lto is enabled, we need the prefix-map variables to be passed to the linker. Add these to the list of options libtool passes through. (From OE-Core rev: 3dcc84e37ce7e94e746304ee2a4437251af0ae41) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2c26d2c00b47df856fb2d9c35486b135094d46ac) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-pseudo: Fix to work with glibc 2.34 systemsHongxu Jia2021-10-232-15/+26
| | | | | | | | | | | | | | | | | | | | | | | Since commit [df313aa810 pseudo: Fix to work with glibc 2.34 systems] applied, it fixed native only. And nativesdk has the similar issue Tweak library search order, make prebuilt lib ahead of recipe lib, after apply the fix: ... $ readelf -a lib/pseudo/lib64/libpseudo.so | grep 'Shared library' 0x0000000000000001 (NEEDED) Shared library: [libdl.so.2] 0x0000000000000001 (NEEDED) Shared library:[libpthread.so.0] 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] ... (From OE-Core rev: b7d269c84838f646b2915e7ff66d81db0bc16b9e) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d6d116b5db78645958ea30be3d0572e0f6d7bd92) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Update with fcntl and glibc 2.34 fixesRichard Purdie2021-10-231-1/+1
| | | | | | | | | | | | | | | | | | | Pull in the following changes: * ports/linux/guts: Add closefrom support for glibc 2.34 * pseudo_client: Make msg static in pseudo_op_client * ports/linux/guts: Add close_range wrapper for glibc 2.34 * pseudo_client: Do not pass null argument to pseudo_diag() * test-openat: Consider device as well as inode number * test: Add missing test-statx test case * fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (From OE-Core rev: 63afcafef78f3d3b95c0d0c9746f9d627b6291c3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 71b549924a7fa7973a8e03e11f3db45fdc29889d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Fix to work with glibc 2.34 systemsRichard Purdie2021-10-233-0/+73
| | | | | | | | | | | | The merge of libdl into libc in glibc 2.34 causes problems for pseudo. Add a fix that works around this issue. (From OE-Core rev: 449bb53b3ebfc838ba674c1c3a39407620103c8d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dd3e46a043c81cd4d81731a0f691868d3c059742) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* m4: Do not use SIGSTKSZKhem Raj2021-10-232-0/+85
| | | | | | | | | | | | | | | Fixes ../../m4-1.4.18/lib/c-stack.c:55:26: error: missing binary operator before token "(" 55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384 | ^~~~~~~~ (From OE-Core rev: 6417148072640000b119a59aeb70e904ffa5e5d7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44ca8edd622782733d507e20a3d5ee9e44eb8be4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: fix missing dependencies for selftestsSteve Sakoman2021-10-232-0/+46
| | | | | | | | | | | Building GCC with multiple make jobs appears to trigger a race condition. The build fails with: /bin/bash: TOPDIR/tmp/work/x86_64-linux/gcc-cross-i686/9.3.0-r0/gcc-9.3.0/build.x86_64-linux.i686-poky-linux/./gcc/xgcc: No such file or directory (From OE-Core rev: 5690d18bb6a9a61a81ccd0bc28d1ace4181d1921) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix a missing break in case statementChristian Eggers2021-10-231-13/+13
| | | | | | | | | | | | This was missed during patch forward porting its only effective when printing options (From OE-Core rev: a4983b98782122e097c3597248f69db3e858c0d2) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: upgrade 1.45.6 -> 1.45.7Wang Mingyu2021-10-231-1/+1
| | | | | | | | | | | | | 0001-fix-up-check-for-hardlinks-always-false-if-inode-0xF.patch removed since it is included in 1.45.7 (From OE-Core rev: d4ec2802306b901d00bc88ea1452c21c00d0914f) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f51835e022731d1c0e8e18209e48f1a718048977) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: update to 1.45.6Alexander Kanavin2021-10-237-230/+3
| | | | | | | | | | | | | Drop backports, and also 0001-misc-create_inode.c-set-dir-s-mode-correctly.patch as upstream code has been refactored. (From OE-Core rev: 53947537ed5ab5f9fd213a6fb4295740b5a2ca6b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit da9fec8592db913d13af3a936ab518e93496be3e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mtd-utils: upgrade 2.1.2 -> 2.1.3Stefano Babic2021-10-071-4/+2
| | | | | | | | | | | | | | | | Drop also --enable-install-tests from configuration options because this was removed in 2.1.3. (cherry picked from commit c95c852b84f02f5e2ad5c575ab683bba0471f221) (From OE-Core rev: 809b3a22a56d794c3ae5f82d4a4a6a5c889ed42e) Signed-off-by: Stefano Babic <sbabic@denx.de> CC: David Oberhollenzer <david.oberhollenzer@sigma-star.at> CC: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mtd-utils: upgrade 2.1.1 -> 2.1.2Richard Purdie2021-10-072-66/+3
| | | | | | | | | | | Drop backported patch. (cherry picked from commit e38fd1ac331d824b2db94a7ae46026b111257e83) (From OE-Core rev: 721a0e475d4ce5054a74e2a7408d49470264bd29) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Handle proper return value to avoid major issuesRanjitsinh Rathod2021-09-301-11/+14
| | | | | | | | | | | | | | | | | 0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch changed to avoid critical issues Handled return values of getrlimit() and lzma_cputhreads() functions to avoid unexpected behaviours like devide by zero and potential read of uninitialized variable 'virtual_memory' Upstream-Status: Pending [merge of multithreading patches to upstream] (From OE-Core rev: ad080aadbc409c99511d602e0531952b96c06bbf) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5aae9c2cb464350bc443a0f60fd6602942e61f46) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: fix CVE-2021-40153Kai Kang2021-09-302-0/+254
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/poky.git MR: 113126 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=hardknott&id=cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 ChangeID: cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 Description: Backport patch to fix CVE-2021-40153, and remove version update in unsquashfs.c for compatible. CVE: CVE-2021-40153 Ref: * https://security-tracker.debian.org/tracker/CVE-2021-40153 (From OE-Core rev: 09de4ef3f33540069a37e9fe6e13081984b77511) (From OE-Core rev: 48303d1c93cfcadf80830d07597805cc41d5f7e9) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3682Sakib Sajal2021-09-302-0/+42
| | | | | | | | | | | | | | | | | | | | Source: https://git.yoctoproject.org/git/poky MR: 112369 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?id=48960ce56265e9ec7ec352c0d0fcde6ed44569be ChangeID: 799afc7adf3f2c915751744b618e38cccb01d854 Description: (From OE-Core rev: e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036) (From OE-Core rev: f515c00c995b90a6d583f0e6162aa8fba8005a67) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 48960ce56265e9ec7ec352c0d0fcde6ed44569be) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-28916Armin Kuster2021-09-302-0/+49
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 107262 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a ChangeID: 3024b894ab045c1a74ab2276359d5e599ec9e822 Description: Affects qemu < 5.0.0 (From OE-Core rev: 55aa94e9185ecd93612c64cdd982a89d633284e2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-27617Armin Kuster2021-09-302-0/+50
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 106462 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 ChangeID: b9dc1b656c07d6a0aecaf7680ed33801bd5f6352 Description: Affects qemu < 5.2.0 (From OE-Core rev: be31eb87299b883306c1823ad632d6ada237dc05) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-12829Armin Kuster2021-09-306-0/+721
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 105490 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4 ChangeID: 6e222b766fc67c76cdc311d02cc47801992d0e66 Description: Affect qemu < 5.0.0 (From OE-Core rev: 7cd5c38b6d078c22519ad6b6e89caa9c1aa5ecd4) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Several Security fixesArmin Kuster2021-09-144-0/+330
| | | | | | | | | | | | | | | | | | | | | | Source: golang.org MR: 111958, 112390, 112393 Type: Security Fix Disposition: Backport from https://github.com/golang/go.git ChangeID: 662d021814f025b3d768a04864498486f94819a7 Description: Affects < 1.16.5 Fixes: CVE-2021-33196 CVE-2021-33197 CVE-2021-34558 (From OE-Core rev: 1eaac89b0384cc39ea489a3b7ea58eab6b23240b) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Exclude CVE-2021-29923 from report listRichard Purdie2021-09-141-0/+6
| | | | | | | | | | | | | | Upstream don't believe it is a signifiant real world issue and will only fix in 1.17 onwards. Therefore exclude it from our reports. https://github.com/golang/go/issues/30999#issuecomment-910470358 (From OE-Core rev: 9dfc6abbb83f8792fbfa1acb9c0fe4ab23872d8f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* flex: Add CVE-2019-6293 to exclusions for checksRichard Purdie2021-09-141-0/+5
| | | | | | | | | | | | | | | CVE is effectively disputed - yes there is stack exhaustion but no bug and it is building the parser, not running it, effectively similar to a compiler ICE. Upstream no plans to address and there is no security issue. https://github.com/westes/flex/issues/414 (From OE-Core rev: b939b005b06be58a276d565f755ee2d8f3e5dfc1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mklibs-native: drop deprecated cpp17 exceptionsAndrej Valek2021-09-012-0/+432
| | | | | | | | | | | gcc11 has -std=gnu++17 as default. Remove deprecated C++17 exceptions based on http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html. (From OE-Core rev: ef8b7946b4793db653ef7dd716e1d3f919a84725) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tcf-agent: fetching over git:// no longer worksAlexander Kanavin2021-09-011-1/+1
| | | | | | | | | | (From OE-Core rev: 419503134b76abeb57727259f846a2394dc73ea5) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44a6cd03721b51cbb4e05870375fa347527b0db5) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security fix for CVE-2020-16593Armin Kuster2021-09-012-0/+205
| | | | | | | | | | | | | | | | | Source: https://sourceware.org/git/binutils-gdb.git MR: 112801 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729 ChangeID: 470b309f4859eecdcc837add2bf756484ad94ee5 Description: Fixed up for 2.34 context (From OE-Core rev: bcaa13d8888416b01f0f590d9dab2bd736d1e8a8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Security fix for CVE-2021-3549Armin Kuster2021-09-012-0/+188
| | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/binutils-gdb.git MR: 111523 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7 ChangeID: 2d3161f601852eb8f9a9ca982c6b0cd44e036bc6 Description: Affects <= 2.36 Fixup Changelog to apply to dunfel context. (From OE-Core rev: 3cb2e144f8b74f9d78d93ba15e2d66e432462860) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Add fix for CVE-2021-20266Ranjitsinh Rathod2021-09-012-0/+110
| | | | | | | | | | | | | | | Adding fix for CVE-2021-20266 Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/pull/1587/commits/9646711891df851dfbf7ef54cc171574a0914b15] Note: Hunk#2 and Hunk#3 refreshed to apply patch and match value of dl_max variable to make it with current version All Hunks are refreshed to solve patch-fuzz (From OE-Core rev: 6c16aad7167eb98bc9995486f967431c39f9df15) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3608Sakib Sajal2021-09-012-0/+41
| | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112749 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=f5e77d70e2eb35751f5bad5572b6eb8a3ab14422 ChangeID: 4496341da3af9126c9c67170e1a2cce929c29828 Description: (From OE-Core rev: 5e05ee8ff363eac84edec568039b86bcd716c6ce) (From OE-Core rev: f8d34ef74dafcf14e07f9322254465d03490bd60) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f5e77d70e2eb35751f5bad5572b6eb8a3ab14422) [Refreshed patch] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3607Sakib Sajal2021-09-012-0/+44
| | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112749 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=460485d774480cd89cadf3b068f5197f44d86f25 ChangeID: 4e40dee2e6ce0b5b4de971f2c2b336929e7f22c3 Description: (From OE-Core rev: 764bca67650da9df439527796879dda767c8c008) (From OE-Core rev: cc541da4d67a9afa86a6ac37d5470d4dc77ea922) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 460485d774480cd89cadf3b068f5197f44d86f25) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3582Sakib Sajal2021-09-012-0/+48
| | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 112743 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=e11384737ed489ea02800d545432b9ded82bf1bb ChangeID: a2ff7112354349e8cf8960f30499f61e545d7f8e Description: (From OE-Core rev: fb2634922db91e5b877dd10021dafec7b5c6e565) (From OE-Core rev: 942d936524d3948d74c7240038ce81d859f68cab) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e11384737ed489ea02800d545432b9ded82bf1bb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3527Lee Chee Yang2021-09-013-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/cgit/poky.git MR: 111827 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=45e06a2e02cb01540d3970bd8ab5771014a031f9 ChangeID: 33bb20f503888abc346ae1a6f590f57ebdd0f1f9 Description: (cherry picked from commit 6774efd1e3d0bd5c8c34f84dcf4f698d7eafb36a) (From OE-Core rev: fcbcd27a1c97668af9634143376f75ab32fffd68) (From OE-Core rev: 1c7e9099b5f417a7e7664ce3572b2098e2ebbbf7) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 45e06a2e02cb01540d3970bd8ab5771014a031f9) [Fixup for Dunfell context] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fixes CVE-2021-3545/6Armin Kuster2021-09-013-0/+90
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 111845, 111839 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/9f22893a & 121841b2 ChangeID: 111b168e0fe4d2a722158c6bfdaceb06a8789e69 Description: Fixes: CVE-2021-3545 and CVE-2021-3546 (From OE-Core rev: e066967a306292cd0ce5ef2cd5aa0ee80fde1041) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2021-3544Armin Kuster2021-09-016-0/+205
| | | | | | | | | | | | | | | | | | | | | | | Source: qemu.org MR: 111833 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac..63736af5 ChangeID: 7f301e939cf9d1fdb826ac47d1fc96430086a68e Description: https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac https://gitlab.com/qemu-project/qemu/-/commit/b9f79858 https://gitlab.com/qemu-project/qemu/-/commit/b7afebcf Tweeked the above patches as vhost-user-gpu.c does not exist. https://gitlab.com/qemu-project/qemu/-/commit/f6091d86 https://gitlab.com/qemu-project/qemu/-/commit/63736af5 (From OE-Core rev: eca0abf120709fab20da1a2c190d04191733f5ed) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20257Sakib Sajal2021-09-012-0/+56
| | | | | | | | | | | | | | | | | | | | | | | Source: https://git.yoctoproject.org/git/poky MR: 110290 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=5c1a29e6deec8f92ac43363bd72439aec7e27721 ChangeID: 7f301e939cf9d1fdb826ac47d1fc96430086a68e Description: (From OE-Core rev: 5b66ff7972951db973d12f3dae6ccecf3bc29e56) (From OE-Core rev: 1317053b23e1a4c1e5c7331a97f248e042415bea) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 547ac986a74cfcae39b691ebb92aadc8436443ea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5c1a29e6deec8f92ac43363bd72439aec7e27721) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3416Sakib Sajal2021-09-0110-0/+521
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: poky.org MR: 109686 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=381aebe82f1f6fcc26b47966bc8520dbb1476961 ChangeID: 50b1589249cc3c595d224e3a8347da2b54339ef8 Description: Drop CVE-2021-3416_4.patch as hw/net/msf2-emac.c does not exist in 4.2.0 (From OE-Core rev: 7a3ce8a79a6c682e1b38f757eb68534e0ce5589d) (From OE-Core rev: 44bb99fdd1a7eee78078f7d48b9b8aad729f84ec) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e2b5bc11d1b26b73b62e1a63cb75572793282dcb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 381aebe82f1f6fcc26b47966bc8520dbb1476961) [Drop CVE-2021-3416_4.patch, affected file does not exist in 4.2.0] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-20181Sakib Sajal2021-09-012-0/+82
| | | | | | | | | | | | | | | | | | | | | | | Source: Poky.org MR: 111631 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=53390d2261d2d35cdd637cf12a0fb4dc63f0f88c ChangeID: 0c660a9ef3637d847c0880283df05d8696221308 Description: (From OE-Core rev: a993a379bb490efbbf507f5dccda5ab358e8afea) (From OE-Core rev: 743fc49c98361baaa9ca9414bfe21220b63dbdca) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c2f79065ef0684f2c0bdb92f1b03e690ab730b8c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 53390d2261d2d35cdd637cf12a0fb4dc63f0f88c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2021-20221Armin Kuster2021-09-012-0/+68
| | | | | | | | | | | | | | | Source: Qemu.org MR: 111643 Type: Security Fix Disposition: Backport from https://gitlab.com/qemu-project/qemu/-/commit/edfe2eb4360cde4ed5d95bda7777edcb3510f76a ChangeID: b3ca1aa4b772a5f27f327250c5b0b988375c86a9 Description: (From OE-Core rev: 4adf675e3d4ccdcee055a3c4b539f4ddc15b033d) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-29443Armin Kuster2021-09-012-0/+46
| | | | | | | | | | | | | | | Source: Qemu.org MR: 109315 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=813212288970c39b1800f63e83ac6e96588095c6 ChangeID: c0296e285169cc937cc9758c9d84ac690297ee54 Description: (From OE-Core rev: 1765005f73303d9857f9fde93efb1cc8534964f1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Qemu: Security fix for CVE-2020-25625/2021-3409/2020-17380Armin Kuster2021-09-012-0/+43
| | | | | | | | | | | | | | | | | | | | | Source: Qemu.org MR: 105781, 109964, 108621 Type: Security Fix Disposition: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html ChangeID: 0acf082885e7ab3ac2fb41d6e503449869dd46a8 Description: This address: CVE-2020-25625 and its two fixes address an incomplete fix for CVE-2020-25625 CVE-2021-3409 CVE-2020-17380 (From OE-Core rev: 721a14f13005dc0b5bddaac131c444b97be700a8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-25624Armin Kuster2021-09-013-0/+190
| | | | | | | | | | | | | | | Source: qemu.org MR: 106958 Type: Security Fix Disposition: Backport from qemu.org ChangeID: 9d0c21c4ff5dc12ba623685cd7ae4d4bc294f519 Description: (From OE-Core rev: 853f4a4755d053cc4defa65cda5e317e3e28bc3f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2020-25085Armin Kuster2021-09-012-20/+67
| | | | | | | | | | | | | | | Source: qemu.org MR: 105773 Type: Security Fix Disposition: Backport from https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html ChangeID: 77c8a9e75b94da3c03c64c95d9e6ab9d45037572 Description: (From OE-Core rev: 6b4c58a31ec11e557d40c31f2532985dd53e61eb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Remove unused python3 recipePurushottam Choudhary2021-08-261-363/+0
| | | | | | | | | | | | Currently in dunfell branch python3 version is 3.8.11. so, python3_3.8.10.bb is not needed. Hence, removed. (From OE-Core rev: 2b44de6e7b3e02b78e2b09294ac37799ad4cfadb) Signed-off-by: Purushottam Choudhary <purushottamchoudhary29@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: ensure small images have 256-byte inodesRoss Burton2021-08-182-0/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e2fsprogs calls filesystems larger than 3MB but smaller than 512MB "small", which has some implications: - blocksize 1024 instead of 4096 - inode_ratio 4096 instead of 16384 - inode_size 128 instead of 256 The outcome of the inode size dropping to 128 bytes is that they cannot store 64-bit timestamps, so are not Y2038-safe. A previous attempt to solve this problem[1] changed some of the canned wic files to pass -T default to mkfs.ext4, but this only covered wic images and not traditional images. Also, actually small filesystems, for example a core-image-minimal, will happily be tens of megabytes and with the "default" options will result in an image which runs out of blocks before it runs out of space: mkfs.ext4: Could not allocate block in ext2 filesystem while populating file system Considering that many OpenEmbedded images are in fact "small", being 2038-safe is worth the marginal increase is disk usage. This patch alters the small configuration in native builds so that it also has 256-byte inodes. Target is unchanged so that standard behaviour is maintained outside of the build. This is actually the same underlying patch that Mathieu Dubois-Briand sent in April, but the wic change in [1] was accepted instead. I believe that is the wrong approach and this approach covers more cases. [ YOCTO #14478 ] [1] openembedded-core eecbe62 [2] https://lists.openembedded.org/g/openembedded-core/message/150298 (From OE-Core rev: 98fbb9452aa762e61032a0836e5d732f206e3836) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9ab0ae83a24ee99e69f8ac54256b253a122aef8a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-07-01 10:32:45 +0000