| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass
the -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document.
Reference:
https://www.openwall.com/lists/oss-security/2019/01/23/5
Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a3c4fc169e7c6c1e83874a6bf63a6fb42b
(From OE-Core rev: af397d31e467d6af00ef835537221bc211d94ca6)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 7e95eca23f06bfeb7b780958a46ec01feb58f20b)
(From OE-Core rev: 4a7945cfe3280a039a57d6b8f47742d6bad6ae21)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2018i:
Briefly:
São Tomé and Príncipe switches from +01 to +00 on 2019-01-01.
Changes to future timestamps
Due to a change in government, São Tomé and Príncipe switches back
from +01 to +00 on 2019-01-01 at 02:00. (Thanks to Vadim
Nasardinov and Michael Deckers.)
2018h:
Briefly:
Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21.
New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move.
Metlakatla, Alaska observes PST this winter only.
Guess Morocco will continue to adjust clocks around Ramadan.
Add predictions for Iran from 2038 through 2090.
Changes to future timestamps
Guess that Morocco will continue to fall back just before and
spring forward just after Ramadan, the practice since 2012.
(Thanks to Maamar Abdelkader.) This means Morocco will observe
negative DST during Ramadan in main and vanguard formats, and in
rearguard format it stays in the +00 timezone and observes
ordinary DST in all months other than Ramadan. As before, extend
this guesswork to the year 2037. As a consequence, Morocco is
scheduled to observe three DST transitions in some Gregorian years
(e.g., 2033) due to the mismatch between the Gregorian and Islamic
calendars.
The table of exact transitions for Iranian DST has been extended.
It formerly cut off before the year 2038 in a nod to 32-bit time_t.
It now cuts off before 2091 as there is doubt about how the Persian
calendar will treat 2091. This change predicts DST transitions in
2038-9, 2042-3, and 2046-7 to occur one day later than previously
predicted. As before, post-cutoff transitions are approximated.
Changes to past and future timestamps
Qyzylorda (aka Kyzylorda) oblast in Kazakhstan moved from +06 to
+05 on 2018-12-21. This is a zone split as Qostanay (aka
Kostanay) did not switch, so create a zone Asia/Qostanay.
Metlakatla moved from Alaska to Pacific standard time on 2018-11-04.
It did not change clocks that day and remains on -08 this winter.
(Thanks to Ryan Stanley.) It will revert to the usual Alaska
rules next spring, so this change affects only timestamps
from 2018-11-04 through 2019-03-10.
Change to past timestamps
Kwajalein's 1993-08-20 transition from -12 to +12 was at 24:00,
not 00:00. I transcribed the time incorrectly from Shanks.
(Thanks to Phake Nick.)
Nauru's 1979 transition was on 02-10 at 02:00, not 05-01 at 00:00.
(Thanks to Phake Nick.)
Guam observed DST irregularly from 1959 through 1977.
(Thanks to Phake Nick.)
Hong Kong observed DST in 1941 starting 06-15 (not 04-01), then on
10-01 changed standard time to +08:30 (not +08). Its transition
back to +08 after WWII was on 1945-09-15, not the previous day.
Its 1904-10-30 change took effect at 01:00 +08 (not 00:00 LMT).
(Thanks to Phake Nick, Steve Allen, and Joseph Myers.) Also,
its 1952 fallback was on 11-02 (not 10-25).
This release contains many changes to timestamps before 1946 due
to Japanese possession or occupation of Pacific/Chuuk,
Pacific/Guam, Pacific/Kosrae, Pacific/Kwajalein, Pacific/Majuro,
Pacific/Nauru, Pacific/Palau, and Pacific/Pohnpei.
(Thanks to Phake Nick.)
Assume that the Spanish East Indies was like the Philippines and
observed American time until the end of 1844. This affects
Pacific/Chuuk, Pacific/Kosrae, Pacific/Palau, and Pacific/Pohnpei.
Changes to past tm_isdst flags
For the recent Morocco change, the tm_isdst flag should be 1 from
2018-10-27 00:00 to 2018-10-28 03:00. (Thanks to Michael Deckers.)
Give a URL to the official decree. (Thanks to Matt Johnson.)
(From OE-Core rev: 100d0d0f24cabedd1a89b69ac8ffb05d85663761)
(From OE-Core rev: a44c7ba8b98c40cf0ba838d5ddef136fd0ba6fc4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream fix for CVE-2016-2037 introduced a read from uninitialized memory
bug when appending to an existing archive, which is an operation we perform when
building an image.
(From OE-Core rev: 046e3e1fca925febf47b3fdd5d4e9ee2e1fad868)
(From OE-Core rev: 2ff6ab2e2944c6a53523b4b1611e1d22f6393500)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Drop backported CVE fixes
000[1-8]*.patch
(From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953)
(From OE-Core rev: c62b64e771eb27089738a153ee61d34cdf6441ab)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* There are 120+ cases under ${libdir}/mdadm/ptest/tests,
but the test will break if one test fails as
below logic in run-ptest.
./test &>./test.log
That's to say, the tests after the failed test
have no chance to run with the current logic.
To guarantee all the tests can run even one
of the tests fails, the option --keep-going
should be added.
* Refactor the test report to make the report
more detailed and more common
(From OE-Core rev: 80d17497b719efb2ca9f36b8a730815547e93aa7)
(From OE-Core rev: 1b84064b15022a0834d7f443a8d6bde7f4cfeb6d)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 565bbbf43da14de466fccdfaa259bdb9b50b686e)
(From OE-Core rev: 4bcacd05428498158ae2fedc11bf4d6f11824967)
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use 4 spaces to replace a tab.
(From OE-Core rev: cbb6743d46752481782789fa1a0dfade11057114)
(From OE-Core rev: 42ebdc7253c3a319d671a7f924603d85a22bbb4e)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The shadow configure script tries really hard to detect the running
shell to make sure it doesn't do unsupported calls.
On my system the shell is detected as /bin/sh, while a build in an
ubuntu docker it resolves to /bin/bash. And since the shell path is
baked into the target binaries through config.h, the build becomes
inreproducible.
Fix reproducibility by hard-coding the shell to be /bin/sh
(From OE-Core rev: 5f4fe91cb6c21cd3ecd0b68d1c6b46a9530c7570)
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: d8e1b7afc536f989e7e6efdab0998d54f26ad1f6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving the 1Policy
operator.
(From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.
(From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.
(From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 2ddb3b25ed063b47d3fe2b3e9e17b7f9d0e2a7e5)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes to code
When generating TZif files with leap seconds, zic no longer uses a
format that trips up older 32-bit clients, fixing a bug introduced
in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround
for QTBUG-53071 now also works for TZif files with leap seconds.
The translator to rearguard format now rewrites the line
"Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
"Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S".
This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
and earlier. (Reported by Christos Zoulas.)
Changes to past time zone abbreviations
Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
This reverts to 2011h, as the abbreviation change in 2011i was
likely inadvertent.
Changes to documentation
tzfile.5 has new sections on interoperability issues.
(From OE-Core rev: 32e5dd919a61b1c245fb6a867d0ea4a71d394aca)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes to code
When generating TZif files with leap seconds, zic no longer uses a
format that trips up older 32-bit clients, fixing a bug introduced
in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround
for QTBUG-53071 now also works for TZif files with leap seconds.
The translator to rearguard format now rewrites the line
"Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
"Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S".
This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
and earlier. (Reported by Christos Zoulas.)
Changes to past time zone abbreviations
Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
This reverts to 2011h, as the abbreviation change in 2011i was
likely inadvertent.
Changes to documentation
tzfile.5 has new sections on interoperability issues.
(From OE-Core rev: a24d0c174411a32a2793c89980ca87c4f9d98bc4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Briefly:
Volgograd moves from +03 to +04 on 2018-10-28.
Fiji ends DST 2019-01-13, not 2019-01-20.
Most of Chile changes DST dates, effective 2019-04-06.
Changes to future timestamps
Volgograd moves from +03 to +04 on 2018-10-28 at 02:00.
(Thanks to Alexander Fetisov and Stepan Golosunov.)
Fiji ends DST 2019-01-13 instead of the 2019-01-20 previously
predicted. (Thanks to Raymond Kumar.) Adjust future predictions
accordingly.
Most of Chile will end DST on the first Saturday in April at 24:00 mainland
time, and resume DST on the first Saturday in September at 24:00 mainland
time. The changes are effective from 2019-04-06, and do not affect the
Magallanes region modeled by America/Punta_Arenas. (Thanks to Juan Correa
and Tim Parenti.) Adjust future predictions accordingly.
Changes to past timestamps
The 2018-05-05 North Korea 30-minute time zone change took place
at 23:30 the previous day, not at 00:00 that day.
China's 1988 spring-forward transition was on April 17, not
April 10. Its DST transitions in 1986/91 were at 02:00, not 00:00.
(Thanks to P Chan.)
Fix several issues for Macau before 1992. Macau's pre-1904 LMT
was off by 10 s. Macau switched to +08 in 1904 not 1912, and
temporarily switched to +09/+10 during World War II. Macau
observed DST in 1942/79, not 1961/80, and there were several
errors for transition times and dates. (Thanks to P Chan.)
The 1948-1951 fallback transitions in Japan were at 25:00 on
September's second Saturday, not at 24:00. (Thanks to Phake Nick.)
zic turns this into 01:00 on the day after September's second
Saturday, which is the best that POSIX or C platforms can do.
Incorporate 1940-1949 Asia/Shanghai DST transitions from a 2014
paper by Li Yu, replacing more-questionable data from Shanks.
Changes to time zone abbreviations
Use "PST" and "PDT" for Philippine time. (Thanks to Paul Goyette.)
Changes to documentation
New restrictions: A Rule name must start with a character that
is neither an ASCII digit nor "-" nor "+", and an unquoted name
should not use characters in the set "!$%&'()*,/:;<=>?@[\]^`{|}~".
The latter restriction makes room for future extensions (a
possibility noted by Tom Lane).
tzfile.5 now documents what time types apply before the first and
after the last transition, if any.
Documentation now uses the spelling "timezone" for a TZ setting
that determines timestamp history, and "time zone" for a
geographic region currently sharing the same standard time.
The name "TZif" is now used for the tz binary data format.
tz-link.htm now mentions the A0 TimeZone Migration utilities.
(Thanks to Aldrin Martoq for the link.)
Changes to build procedure
New 'make' target 'rearguard_tarballs' to build the rearguard
tarball only. This is a convenience on platforms that lack lzip
if you want to build the rearguard tarball. (Problem reported by
Deborah Goldsmith.)
tzdata.zi is now more stable from release to release. (Problem
noted by Tom Lane.) It is also a bit shorter.
tzdata.zi now can contain comment lines documenting configuration
information, such as which data format was selected, which input
files were used, and how leap seconds are treated. (Problems
noted by Lester Caine and Brian Inglis.) If the Makefile defaults
are used these comment lines are absent, for backward
compatibility. A redistributor intending to alter its copy of the
files should also append "-LABEL" to the 'version' file's first
line, where "LABEL" identifies the redistributor's change.
(From OE-Core rev: 9d786808fb9471eff46d95dd354f6254e468aa17)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes to code
zic now always generates TZif files where time type 0 is used for
timestamps before the first transition. This simplifies the
reading of TZif files and should not affect behavior of existing
TZif readers because the same set of time types is used; only
their internal indexes may have changed. This affects only the
legacy zones EST5EDT, CST6CDT, MST7MDT, PST8PDT, CET, MET, and
EET, which previously used nonzero types for these timestamps.
Because of the type 0 change, zic no longer outputs a dummy
transition at time -2**59 (before the Big Bang), as clients should
no longer need this to handle historical timestamps correctly.
This reverts a change introduced in 2013d and shrinks most TZif
files by a few bytes.
zic now supports negative time-of-day in Rule and Leap lines, e.g.,
"Rule X min max - Apr lastSun -6:00 1:00 -" means the transition
occurs at 18:00 on the Saturday before the last Sunday in April.
This behavior was documented in 2018a but the code did not
entirely match the documentation.
localtime.c no longer requires at least one time type in TZif
files that lack transitions or have a POSIX-style TZ string. This
future-proofs the code against possible future extensions to the
format that would allow TZif files with POSIX-style TZ strings and
without transitions or time types.
A read-access subscript error in localtime.c has been fixed.
It could occur only in TZif files with timecnt == 0, something that
does not happen in practice now but could happen in future versions.
localtime.c no longer ignores TZif POSIX-style TZ strings that
specify only standard time. Instead, these TZ strings now
override the default time type for timestamps after the last
transition (or for all time stamps if there are no transitions),
just as DST strings specifying DST have always done.
leapseconds.awk now outputs "#updated" and "#expires" comments,
and supports leap seconds at the ends of months other than June
and December. (Inspired by suggestions from Chris Woodbury.)
(From OE-Core rev: 4670dcdb6e2504469c30ebed828d4702d8c0003c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
groff searches fonts on build host which are provided by ghostscript.
The number of font files installed by groff are different according to
whether ghostscript fonts are installed on build host. Fix it by not
search font dirs on the host.
(From OE-Core rev: 01bce5fada48ecc7bd76c3d7fbade3c034518573)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
lvm2 currently requires libaio. So building nativesdk-lvm2 will
result in the following error.
ERROR: Required build target 'nativesdk-lvm2' has no buildable providers.
Missing or unbuildable dependency chain was: ['nativesdk-lvm2', 'nativesdk-libaio']
Extend libaio to nativesdk to fix this issue.
(From OE-Core rev: 5f56ce58360320d7ef9526b3bdcc7e26a647b6de)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The automount udev rule in udev-extraconf is likely to cause conflicts
or failures in case of systemd. We are seeing errors like below for
qemu bsps.
run-media-hdc.mount loaded failed failed /run/media/hdc
So do not install udev-extraconf in case of systemd in these two
packagegroups.
(From OE-Core rev: ecf1e696a03f11e19247c4f37e17de7084d0056c)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mips will return EINVAL instead of ENOMEM as expected
if the range [addr + len) exceeds TASK_SIZE.
Linux kernel code: arch/mips/mm/mmap.c
if (flags & MAP_FIXED) {
/* Even MAP_FIXED mappings must reside within TASK_SIZE */
if (TASK_SIZE - len < addr)
return -EINVAL;
Relax the condition and accept both ENOMEM and EINVAL
as expected outcome.
(From OE-Core rev: ff1d158fb15f7a8bc7bca542baac6f9873a58f68)
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are having the following error when using 'tar' from tar
recipe to decompress .tar.bz2 files.
tar (child): bzip2: Cannot exec: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
The tar package is introduced by these two packagegroups into image.
>From the README file from tar's source codes:
"""
** gzip and bzip2.
GNU tar uses the gzip and bzip2 programs to read and write compressed
archives. If you don't have these programs already, you need to
install them.
"""
So we'd better cluster gzip and bzip2 with tar. These two packagegroups
already get 'gzip', so we also add 'bzip2'.
(From OE-Core rev: ca69d793e4b987bd5202e1359ff82c515ad65a5a)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The iputils-ping6 was dropped since the 'ping6' command had been merged
into ping command. Backport patch from upstream to let both 'ping6' and
'ping -6' work.
(From OE-Core rev: 7257f209e317db62f92279fc2ff7d6d1e5eddf75)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Fix out of bounds read on empty string filename for guntar, pax and v7tar
(From OE-Core rev: 459506272b8800604886f6bd3bc32ee09d7bb906)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make the unpack task do nothing if externalsrc is in use. This avoids
the following error after having done `devtool modify lsof`:
ERROR: lsof-4.91-r0 do_unpack: Unpack failure for URL:
'file://.../builds/qemux86-64/tmp/work/core2-64-poky-linux/lsof/4.91-r0/lsof_4.91/lsof_4.91_src.tar'.
Unpack command PATH="..." tar x --no-same-owner -f
.../builds/qemux86-64/tmp/work/core2-64-poky-linux/lsof/4.91-r0/lsof_4.91/lsof_4.91_src.tar
failed with return value 2
(From OE-Core rev: 51f9a0e58d7b996c4589566963a5853ed93814f7)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
busybox may also provide a partprobe implementation, so use u-a to allow
installing them side by side.
If one installs both, busybox and parted, one gets the following error:
| ERROR: image do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
| then please place them into pkg_postinst_ontarget_${PN} ().
| Deferring to first boot via 'exit 1' is no longer supported.
And the coresponding log.do_rootfs extract:
| ...
| update-alternatives: Error: not linking ...image/rootfs/usr/sbin/partprobe to /bin/busybox.nosuid since ...image/rootfs/usr/sbin/partprobe exists and is not a link
| ...
(From OE-Core rev: 99b74d1ff23ef91c84dc81ecf6437ad3bc37fb64)
Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason, the copyright part was left out of the license
information included in LIC_FILES_CHKSUM, preventing it from being
used in, e.g., documentation to satisfy the requirements of the
license.
License-Update: Include the complete license information
(From OE-Core rev: ec3eb678b15d91a450adf82f38e1c1d6d81fed9b)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The case of sigwaitinfo related to sigwaitinfo API failed.
glibc commit
8b0e795aaa44 ("Simplify Linux sig{timed}wait{info} implementations")
changed sigwaitinfo to call sigtimedwait, which calls rt_sigtimedwait
syscall directly.
So, an invalid pointer no longer crashes child process and test
reports failure. Fix it by accepting either crash or EFAULT.
(From OE-Core rev: bfd32c0d1c335e9c9cf8340f999e15054917577e)
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
The first line of config file man_db.conf is the package name. It causes
multilib install file conflict. So add a patch to remove the line.
(From OE-Core rev: d138b1ec4aef88a3b0c4f1d698ed2a224c93b889)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
A comment line of conf file cups-files.conf refers to var @CUPS_SERVERBIN@
is ${libdir} related and then it causes multilib install file conflict.
Remove @CUPS_SERVERBIN@ from the comment line to avoid the conflict.
(From OE-Core rev: ac4df3f83fccfa7dd75d6a913b7ab75e49a7b986)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Perl scripts ${bindir}/{gpinyin, groffer, grog} are ${libdir} related
and cause multilib install file conflicts:
| Error: Transaction check error:
| file /usr/bin/gpinyin conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86
| file /usr/bin/groffer conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86
| file /usr/bin/grog conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86
Inherit multilib_script.bbclass to fix the errors.
(From OE-Core rev: df90cb1f4ee8918b0bc2a281b2d77444a0d037e7)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Other recipes, such as meta-networking inetutils may also provide a man page
for syslogd.8. Use the alternatives mechanism to select the man page to
display.
This is a partial revert of commit: 988aad01b20c18a8850db0ad6dc547525d94116c
The syslogd tool itself is provided by both recipes in their respective runtime
packages. In the inet case, it is inetutils-syslogd, which has an appropriate
RCONFLICTS with the syslogd version. Only one or the other will be installed.
This is the conflict resolution the original commit of
"988aad01b20c18a8850db0ad6dc547525d94116c" was referring to.
HOWEVER, both syslogd and inetutils each only have a singular 'doc' package.
(As do most packages it seems.) Since this is the case, if both syslogd and
inetutils (not syslogd part) is requested for a configuration -- AND ---
doc-pkgs are configured in, you get an error of conflicting files.
Now does the documentation match whichever package was installed, maybe not...
but this isn't a big deal as it turns out, since most syslogd share a common set
of arguments and those are the things a run-time user would query from the man
pages.
The only alternative is to start spliting up the docs into their relevant
subpackages, as we have the runtime items. But this then complicates the
doc-pkgs processing and related...
(From OE-Core rev: 55ba9dc1f8698e23d6f59937c1494a91057b165d)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Apply point release patches from upstream which includes a fix for
indefinitely spinning process and a zombie by a simple $() statement
in a long running script.
(From OE-Core rev: eb39670fb2fe9735a1a0434c63b64ec66599f850)
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: dfe55fdc34ae32b75934ea42b44d9ab6023e0250)
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This upgrades to 3.3.3 release and drop the backported patches when
doing the recipe update.
(From OE-Core rev: 60d99a4e64fdddbbe5863fa5879c813fa004600b)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The testcases of fcntl fail on 32-bit arch
To cope with glibc commit:
06ab719d30b0 ("Fix Linux fcntl OFD locks for non-LFS architectures
(BZ#20251)")
Make OFD command use fcntl64() syscall on 32-bit.
(From OE-Core rev: 67fca07c9487ccd1a28357da32c9987c00d1ba77)
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed below patches, as v9.25 source already has those
changes/security fixes:
0001-Bug-699665-memory-corruption-in-aesdecode.patch
0001-pdfwrite-Guard-against-trying-to-output-an-infinite-.patch
0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch
0003-Fix-Bug-699660-shading_param-incomplete-type-checkin.patch
0004-Hide-the-.shfill-operator.patch
0005-Bug-699657-properly-apply-file-permissions-to-.tempf.patch
remove-direct-symlink.patch
Re-worked ghostscript-9.21-native-fix-disable-system-libtiff.patch
and ghostscript-9.21-prevent_recompiling.patch
to fix warnings in do_patch task of ghostscript v9.25 recipe.
Highlights of ghostscript v9.25 release:
---------------------------------------
- This release fixes problems with argument handling, some unintended results
of the security fixes to the SAFER file access restrictions
(specifically accessing ICC profile files), and some additional security
issues over the recent 9.24 release.
- Note: The ps2epsi utility does not, and cannot call Ghostscript with
the -dSAFER command line option. It should never be called with input
from untrusted sources.
- Security issues have been the primary focus of this release, including
solving several (well publicised) real and potential exploits.
- As well as Ghostscript itself, jbig2dec has had a significant amount of work
improving its robustness in the face of out specification files.
- IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread
safe, and cannot be made thread safe without breaking the ABI.
Our fork will be thread safe, and include performance enhancements
(these changes have all be been offered and rejected upstream). We will
maintain compatibility between Ghostscript and LCMS2 for a time, but not in
perpetuity. Our fork will be available as its own package separately from
Ghostscript (and MuPDF).
- The usual round of bug fixes, compatibility changes, and incremental
improvements.
(From OE-Core rev: 4340928b8878b91b5a2750eb6bc87918740511ca)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 82886e19ba874a33e618a4854a32987884e2c058)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Actually, this is not a bug, mmap15 only run on 64bit system.
On qemumips64, mmap15 return EINVAL, x86-64 and arm64 return
ENOMEM. This is because mips system check the addr that passed
to the syscall mmap15:
https://github.com/torvalds/linux/blob/master/arch/mips/mm/mmap.c#L71
If the addr larger than (TASK_SIZE - page_size), mips think it is invalid.
(From OE-Core rev: cbc026227fb9bafe71665a673104272e191bdef9)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
CVE-2018-15911
(From OE-Core rev: b6d32d43fd2b016e932b7dc81fb943eb936b73bb)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 2b32390d0e79c75138ecc3ec84062f8bdb163abf)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: a0462977458cc4ec2879c97a98c681fae50f6383)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, latest version is reported as 1.0.2 which is less than 1.0.6.
Hopefully some kind of official homepage will exist at some point.
(From OE-Core rev: 12baebac49ab774935f1f71eaaf22ed696366d10)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure we have virtual/crypt even if building without PAM; fixes:
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: unable to load /usr/libexec/sudo/sudoers.so: /usr/libexec/sudo/sudoers.so: undefined symbol: crypt
sudo: fatal error, unable to load plugins
(From OE-Core rev: f863713ae255bf5b6619c98ecd36aacbda352bbb)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
iso9660: validate directory record length
Affects libarchive <= 3.3.2
(From OE-Core rev: dea4280623f945c06e8132c888988373e686318e)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue: LIN1018-1797
At the point of the following failure, the file being checked, setgid,
is owned by "nobody" in the "nogroup" and tries to inherit SGID from
its parent directory who is in group of "bin". This is forbidden since
Linux kernel v4.18-rc4, unless current process is given CAP_FSETID
beforehand. See "Fix up non-directory creation in SGID directories" in
the kernel. The check in Block3 succeeds since it becomes root again
then.
creat08 3 TFAIL : creat08.c:368: testdir.B.1026/setgid: Incorrect modes, setgid bit should be set
creat08 4 TFAIL : creat08.c:376: Test failed in block2.
open10 3 TFAIL : open10.c:352: open10.testdir.B.1045/setgid: Incorrect modes, setgid bit not set
open10 4 TFAIL : open10.c:359: Test failed in block2.
open10 6 TFAIL : open10.c:443: Test failed because of above failures.
Backport a patch from upstream.
(From OE-Core rev: 5f3ab95b0ed964e08c65ae3159606f27485dbec7)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update /sbin to $base_sbindir to fix the
below warning when usrmerge enabled in
DISTRO_FEATURES.
WARNING: mingetty-1.08-r3 do_package: mingetty: NOT adding alternative provide /usr/sbin/getty: /usr/sbin/mingetty does not exist
WARNING: mingetty-1.08-r3 do_package: QA Issue: mingetty: Files/directories were installed but not shipped in any package:
/sbin
/usr/sbin
(From OE-Core rev: 35b92053c5bc0f4ae4b92ca75456535ff78797a2)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update /lib to $nonarch_base_libdir to fix
the below error when usrmerge enabled in
DISTRO_FEATURES.
ERROR: mdadm-4.0-r0 do_package_qa: QA Issue: mdadm package is not obeying usrmerge distro feature. /lib should be relocated to /usr. [usrmerge]
(From OE-Core rev: 4b2c86ff0031effd4cfdb477f67bc213d39ae0fd)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The name string is too small to contain normal full path names and causes
the following failure.
"ftest06 2 TFAIL : ftest06.c:223: Can't chdir(): errno=ENOENT(2): No such file or directory"
(From OE-Core rev: 24faf8b9bbee82033d5f636f254e59b8d3d31ea5)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|