summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended
Commit message (Collapse)AuthorAgeFilesLines
* cpio: fix crash when appending to archivesRoss Burton2019-01-082-0/+88
| | | | | | | | | | | | | | | The upstream fix for CVE-2016-2037 introduced a read from uninitialized memory bug when appending to an existing archive, which is an operation we perform when building an image. (From OE-Core rev: 046e3e1fca925febf47b3fdd5d4e9ee2e1fad868) (From OE-Core rev: 2ff6ab2e2944c6a53523b4b1611e1d22f6393500) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: 9.25 -> 9.26Hongxu Jia2019-01-089-1296/+3
| | | | | | | | | | | | | | - Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) (From OE-Core rev: c62b64e771eb27089738a153ee61d34cdf6441ab) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mdadm: improve the run-ptestMingli Yu2019-01-081-8/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | * There are 120+ cases under ${libdir}/mdadm/ptest/tests, but the test will break if one test fails as below logic in run-ptest. ./test &>./test.log That's to say, the tests after the failed test have no chance to run with the current logic. To guarantee all the tests can run even one of the tests fails, the option --keep-going should be added. * Refactor the test report to make the report more detailed and more common (From OE-Core rev: 80d17497b719efb2ca9f36b8a730815547e93aa7) (From OE-Core rev: 1b84064b15022a0834d7f443a8d6bde7f4cfeb6d) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ethtool: 4.17 -> 4.19Changhyeok Bae2019-01-082-3/+3
| | | | | | | | | | | (From OE-Core rev: 565bbbf43da14de466fccdfaa259bdb9b50b686e) (From OE-Core rev: 4bcacd05428498158ae2fedc11bf4d6f11824967) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Remove tab indentations in python codeRobert Yang2019-01-081-4/+4
| | | | | | | | | | | | | Use 4 spaces to replace a tab. (From OE-Core rev: cbb6743d46752481782789fa1a0dfade11057114) (From OE-Core rev: 42ebdc7253c3a319d671a7f924603d85a22bbb4e) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* shadow: improve reproducibility by hard-coding shell pathMartin Hundebøll2018-11-241-0/+2
| | | | | | | | | | | | | | | | | The shadow configure script tries really hard to detect the running shell to make sure it doesn't do unsupported calls. On my system the shell is detected as /bin/sh, while a build in an ubuntu docker it resolves to /bin/bash. And since the shell path is baked into the target binaries through config.h, the build becomes inreproducible. Fix reproducibility by hard-coding the shell to be /bin/sh (From OE-Core rev: 5f4fe91cb6c21cd3ecd0b68d1c6b46a9530c7570) Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: actually apply CVE-2018-18384Ross Burton2018-11-091-0/+1
| | | | | | | (From OE-Core rev: d8e1b7afc536f989e7e6efdab0998d54f26ad1f6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18284Hongxu Jia2018-11-072-0/+246
| | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. (From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18073Hongxu Jia2018-11-073-0/+241
| | | | | | | | | | | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. (From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-17961Hongxu Jia2018-11-076-0/+806
| | | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. (From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix for CVE-2018-18384Changqing Li2018-11-071-0/+39
| | | | | | | (From OE-Core rev: 2ddb3b25ed063b47d3fe2b3e9e17b7f9d0e2a7e5) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2018gArmin Kuster2018-11-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code When generating TZif files with leap seconds, zic no longer uses a format that trips up older 32-bit clients, fixing a bug introduced in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround for QTBUG-53071 now also works for TZif files with leap seconds. The translator to rearguard format now rewrites the line "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to "Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S". This caters to zic before 2007 and to Oracle TZUpdater 2.2.0 and earlier. (Reported by Christos Zoulas.) Changes to past time zone abbreviations Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii. This reverts to 2011h, as the abbreviation change in 2011i was likely inadvertent. Changes to documentation tzfile.5 has new sections on interoperability issues. (From OE-Core rev: 32e5dd919a61b1c245fb6a867d0ea4a71d394aca) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode-native: update to 2018gArmin Kuster2018-11-071-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code When generating TZif files with leap seconds, zic no longer uses a format that trips up older 32-bit clients, fixing a bug introduced in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround for QTBUG-53071 now also works for TZif files with leap seconds. The translator to rearguard format now rewrites the line "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to "Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S". This caters to zic before 2007 and to Oracle TZUpdater 2.2.0 and earlier. (Reported by Christos Zoulas.) Changes to past time zone abbreviations Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii. This reverts to 2011h, as the abbreviation change in 2011i was likely inadvertent. Changes to documentation tzfile.5 has new sections on interoperability issues. (From OE-Core rev: a24d0c174411a32a2793c89980ca87c4f9d98bc4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2018fArmin Kuster2018-10-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Briefly: Volgograd moves from +03 to +04 on 2018-10-28. Fiji ends DST 2019-01-13, not 2019-01-20. Most of Chile changes DST dates, effective 2019-04-06. Changes to future timestamps Volgograd moves from +03 to +04 on 2018-10-28 at 02:00. (Thanks to Alexander Fetisov and Stepan Golosunov.) Fiji ends DST 2019-01-13 instead of the 2019-01-20 previously predicted. (Thanks to Raymond Kumar.) Adjust future predictions accordingly. Most of Chile will end DST on the first Saturday in April at 24:00 mainland time, and resume DST on the first Saturday in September at 24:00 mainland time. The changes are effective from 2019-04-06, and do not affect the Magallanes region modeled by America/Punta_Arenas. (Thanks to Juan Correa and Tim Parenti.) Adjust future predictions accordingly. Changes to past timestamps The 2018-05-05 North Korea 30-minute time zone change took place at 23:30 the previous day, not at 00:00 that day. China's 1988 spring-forward transition was on April 17, not April 10. Its DST transitions in 1986/91 were at 02:00, not 00:00. (Thanks to P Chan.) Fix several issues for Macau before 1992. Macau's pre-1904 LMT was off by 10 s. Macau switched to +08 in 1904 not 1912, and temporarily switched to +09/+10 during World War II. Macau observed DST in 1942/79, not 1961/80, and there were several errors for transition times and dates. (Thanks to P Chan.) The 1948-1951 fallback transitions in Japan were at 25:00 on September's second Saturday, not at 24:00. (Thanks to Phake Nick.) zic turns this into 01:00 on the day after September's second Saturday, which is the best that POSIX or C platforms can do. Incorporate 1940-1949 Asia/Shanghai DST transitions from a 2014 paper by Li Yu, replacing more-questionable data from Shanks. Changes to time zone abbreviations Use "PST" and "PDT" for Philippine time. (Thanks to Paul Goyette.) Changes to documentation New restrictions: A Rule name must start with a character that is neither an ASCII digit nor "-" nor "+", and an unquoted name should not use characters in the set "!$%&'()*,/:;<=>?@[\]^`{|}~". The latter restriction makes room for future extensions (a possibility noted by Tom Lane). tzfile.5 now documents what time types apply before the first and after the last transition, if any. Documentation now uses the spelling "timezone" for a TZ setting that determines timestamp history, and "time zone" for a geographic region currently sharing the same standard time. The name "TZif" is now used for the tz binary data format. tz-link.htm now mentions the A0 TimeZone Migration utilities. (Thanks to Aldrin Martoq for the link.) Changes to build procedure New 'make' target 'rearguard_tarballs' to build the rearguard tarball only. This is a convenience on platforms that lack lzip if you want to build the rearguard tarball. (Problem reported by Deborah Goldsmith.) tzdata.zi is now more stable from release to release. (Problem noted by Tom Lane.) It is also a bit shorter. tzdata.zi now can contain comment lines documenting configuration information, such as which data format was selected, which input files were used, and how leap seconds are treated. (Problems noted by Lester Caine and Brian Inglis.) If the Makefile defaults are used these comment lines are absent, for backward compatibility. A redistributor intending to alter its copy of the files should also append "-LABEL" to the 'version' file's first line, where "LABEL" identifies the redistributor's change. (From OE-Core rev: 9d786808fb9471eff46d95dd354f6254e468aa17) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode: update to 2018fArmin Kuster2018-10-291-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code zic now always generates TZif files where time type 0 is used for timestamps before the first transition. This simplifies the reading of TZif files and should not affect behavior of existing TZif readers because the same set of time types is used; only their internal indexes may have changed. This affects only the legacy zones EST5EDT, CST6CDT, MST7MDT, PST8PDT, CET, MET, and EET, which previously used nonzero types for these timestamps. Because of the type 0 change, zic no longer outputs a dummy transition at time -2**59 (before the Big Bang), as clients should no longer need this to handle historical timestamps correctly. This reverts a change introduced in 2013d and shrinks most TZif files by a few bytes. zic now supports negative time-of-day in Rule and Leap lines, e.g., "Rule X min max - Apr lastSun -6:00 1:00 -" means the transition occurs at 18:00 on the Saturday before the last Sunday in April. This behavior was documented in 2018a but the code did not entirely match the documentation. localtime.c no longer requires at least one time type in TZif files that lack transitions or have a POSIX-style TZ string. This future-proofs the code against possible future extensions to the format that would allow TZif files with POSIX-style TZ strings and without transitions or time types. A read-access subscript error in localtime.c has been fixed. It could occur only in TZif files with timecnt == 0, something that does not happen in practice now but could happen in future versions. localtime.c no longer ignores TZif POSIX-style TZ strings that specify only standard time. Instead, these TZ strings now override the default time type for timestamps after the last transition (or for all time stamps if there are no transitions), just as DST strings specifying DST have always done. leapseconds.awk now outputs "#updated" and "#expires" comments, and supports leap seconds at the ends of months other than June and December. (Inspired by suggestions from Chris Woodbury.) (From OE-Core rev: 4670dcdb6e2504469c30ebed828d4702d8c0003c) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* groff: not search fonts on build hostKai Kang2018-10-292-0/+21
| | | | | | | | | | | | groff searches fonts on build host which are provided by ghostscript. The number of font files installed by groff are different according to whether ghostscript fonts are installed on build host. Fix it by not search font dirs on the host. (From OE-Core rev: 01bce5fada48ecc7bd76c3d7fbade3c034518573) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libaio: extend to nativesdkChen Qi2018-10-251-0/+2
| | | | | | | | | | | | | | | lvm2 currently requires libaio. So building nativesdk-lvm2 will result in the following error. ERROR: Required build target 'nativesdk-lvm2' has no buildable providers. Missing or unbuildable dependency chain was: ['nativesdk-lvm2', 'nativesdk-libaio'] Extend libaio to nativesdk to fix this issue. (From OE-Core rev: 5f56ce58360320d7ef9526b3bdcc7e26a647b6de) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-core-lsb/-x11-sato: no udev-extraconf in case of systemdChen Qi2018-10-251-1/+1
| | | | | | | | | | | | | | | | The automount udev rule in udev-extraconf is likely to cause conflicts or failures in case of systemd. We are seeing errors like below for qemu bsps. run-media-hdc.mount loaded failed failed /run/media/hdc So do not install udev-extraconf in case of systemd in these two packagegroups. (From OE-Core rev: ecf1e696a03f11e19247c4f37e17de7084d0056c) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: modify mmap_24-2 testcaseHongzhi.Song2018-10-162-0/+69
| | | | | | | | | | | | | | | | | | | Mips will return EINVAL instead of ENOMEM as expected if the range [addr + len) exceeds TASK_SIZE. Linux kernel code: arch/mips/mm/mmap.c if (flags & MAP_FIXED) { /* Even MAP_FIXED mappings must reside within TASK_SIZE */ if (TASK_SIZE - len < addr) return -EINVAL; Relax the condition and accept both ENOMEM and EINVAL as expected outcome. (From OE-Core rev: ff1d158fb15f7a8bc7bca542baac6f9873a58f68) Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-core-lsb/-full-cmdline: add bzip2Chen Qi2018-10-122-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We are having the following error when using 'tar' from tar recipe to decompress .tar.bz2 files. tar (child): bzip2: Cannot exec: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error is not recoverable: exiting now The tar package is introduced by these two packagegroups into image. >From the README file from tar's source codes: """ ** gzip and bzip2. GNU tar uses the gzip and bzip2 programs to read and write compressed archives. If you don't have these programs already, you need to install them. """ So we'd better cluster gzip and bzip2 with tar. These two packagegroups already get 'gzip', so we also add 'bzip2'. (From OE-Core rev: ca69d793e4b987bd5202e1359ff82c515ad65a5a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: use 'ping -6' if ping6 is not avaliable in netns_helper.shYi Zhao2018-10-122-0/+46
| | | | | | | | | | | The iputils-ping6 was dropped since the 'ping6' command had been merged into ping command. Backport patch from upstream to let both 'ping6' and 'ping -6' work. (From OE-Core rev: 7257f209e317db62f92279fc2ff7d6d1e5eddf75) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix bug1066Andrej Valek2018-10-112-0/+55
| | | | | | | | | Fix out of bounds read on empty string filename for guntar, pax and v7tar (From OE-Core rev: 459506272b8800604886f6bd3bc32ee09d7bb906) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lsof: Make it compatible with externalsrcPeter Kjellerstedt2018-10-101-12/+11
| | | | | | | | | | | | | | | | Make the unpack task do nothing if externalsrc is in use. This avoids the following error after having done `devtool modify lsof`: ERROR: lsof-4.91-r0 do_unpack: Unpack failure for URL: 'file://.../builds/qemux86-64/tmp/work/core2-64-poky-linux/lsof/4.91-r0/lsof_4.91/lsof_4.91_src.tar'. Unpack command PATH="..." tar x --no-same-owner -f .../builds/qemux86-64/tmp/work/core2-64-poky-linux/lsof/4.91-r0/lsof_4.91/lsof_4.91_src.tar failed with return value 2 (From OE-Core rev: 51f9a0e58d7b996c4589566963a5853ed93814f7) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* parted: use update-alternatives for partprobeMax Krummenacher2018-10-091-0/+6
| | | | | | | | | | | | | | | | | | | | | busybox may also provide a partprobe implementation, so use u-a to allow installing them side by side. If one installs both, busybox and parted, one gets the following error: | ERROR: image do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot, | then please place them into pkg_postinst_ontarget_${PN} (). | Deferring to first boot via 'exit 1' is no longer supported. And the coresponding log.do_rootfs extract: | ... | update-alternatives: Error: not linking ...image/rootfs/usr/sbin/partprobe to /bin/busybox.nosuid since ...image/rootfs/usr/sbin/partprobe exists and is not a link | ... (From OE-Core rev: 99b74d1ff23ef91c84dc81ecf6437ad3bc37fb64) Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip2: Include the complete license informationPeter Kjellerstedt2018-10-091-1/+1
| | | | | | | | | | | | | For some reason, the copyright part was left out of the license information included in LIC_FILES_CHKSUM, preventing it from being used in, e.g., documentation to satisfy the requirements of the license. License-Update: Include the complete license information (From OE-Core rev: ec3eb678b15d91a450adf82f38e1c1d6d81fed9b) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: recent glibc calls syscall directlyHongzhi.Song2018-10-092-0/+76
| | | | | | | | | | | | | | | | | The case of sigwaitinfo related to sigwaitinfo API failed. glibc commit 8b0e795aaa44 ("Simplify Linux sig{timed}wait{info} implementations") changed sigwaitinfo to call sigtimedwait, which calls rt_sigtimedwait syscall directly. So, an invalid pointer no longer crashes child process and test reports failure. Fix it by accepting either crash or EFAULT. (From OE-Core rev: bfd32c0d1c335e9c9cf8340f999e15054917577e) Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* man-db: fix multilib install file conflictKai Kang2018-10-042-1/+18
| | | | | | | | | | The first line of config file man_db.conf is the package name. It causes multilib install file conflict. So add a patch to remove the line. (From OE-Core rev: d138b1ec4aef88a3b0c4f1d698ed2a224c93b889) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups: fix multilib install file conflictsKai Kang2018-10-042-1/+23
| | | | | | | | | | | | A comment line of conf file cups-files.conf refers to var @CUPS_SERVERBIN@ is ${libdir} related and then it causes multilib install file conflict. Remove @CUPS_SERVERBIN@ from the comment line to avoid the conflict. (From OE-Core rev: ac4df3f83fccfa7dd75d6a913b7ab75e49a7b986) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* groff: fix multilib install file conflictsKai Kang2018-10-011-1/+3
| | | | | | | | | | | | | | | | | Perl scripts ${bindir}/{gpinyin, groffer, grog} are ${libdir} related and cause multilib install file conflicts: | Error: Transaction check error: | file /usr/bin/gpinyin conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86 | file /usr/bin/groffer conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86 | file /usr/bin/grog conflicts between attempted installs of groff-1.22.3-r0.core2_64 and lib32-groff-1.22.3-r0.x86 Inherit multilib_script.bbclass to fix the errors. (From OE-Core rev: df90cb1f4ee8918b0bc2a281b2d77444a0d037e7) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysklogd: Re-enable alternatives for syslogd.8 man pageMark Hatle2018-10-011-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Other recipes, such as meta-networking inetutils may also provide a man page for syslogd.8. Use the alternatives mechanism to select the man page to display. This is a partial revert of commit: 988aad01b20c18a8850db0ad6dc547525d94116c The syslogd tool itself is provided by both recipes in their respective runtime packages. In the inet case, it is inetutils-syslogd, which has an appropriate RCONFLICTS with the syslogd version. Only one or the other will be installed. This is the conflict resolution the original commit of "988aad01b20c18a8850db0ad6dc547525d94116c" was referring to. HOWEVER, both syslogd and inetutils each only have a singular 'doc' package. (As do most packages it seems.) Since this is the case, if both syslogd and inetutils (not syslogd part) is requested for a configuration -- AND --- doc-pkgs are configured in, you get an error of conflicting files. Now does the documentation match whichever package was installed, maybe not... but this isn't a big deal as it turns out, since most syslogd share a common set of arguments and those are the things a run-time user would query from the man pages. The only alternative is to start spliting up the docs into their relevant subpackages, as we have the runtime items. But this then complicates the doc-pkgs processing and related... (From OE-Core rev: 55ba9dc1f8698e23d6f59937c1494a91057b165d) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: 4.4.18 -> 4.4.23Jeroen Hofstee2018-09-271-0/+16
| | | | | | | | | | | Apply point release patches from upstream which includes a fix for indefinitely spinning process and a zombie by a simple $() statement in a long running script. (From OE-Core rev: eb39670fb2fe9735a1a0434c63b64ec66599f850) Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsolv: make rpm optionalMax Kellermann2018-09-211-2/+5
| | | | | | | | (From OE-Core rev: dfe55fdc34ae32b75934ea42b44d9ab6023e0250) Signed-off-by: Max Kellermann <max.kellermann@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: Update 3.3.2 -> 3.3.3Otavio Salvador2018-09-216-232/+3
| | | | | | | | | | | This upgrades to 3.3.3 release and drop the backported patches when doing the recipe update. (From OE-Core rev: 60d99a4e64fdddbbe5863fa5879c813fa004600b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: add a patch for source code to fix issue about fcntlHongzhi.Song2018-09-212-0/+185
| | | | | | | | | | | | | | | The testcases of fcntl fail on 32-bit arch To cope with glibc commit: 06ab719d30b0 ("Fix Linux fcntl OFD locks for non-LFS architectures (BZ#20251)") Make OFD command use fcntl64() syscall on 32-bit. (From OE-Core rev: 67fca07c9487ccd1a28357da32c9987c00d1ba77) Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: upgrade to 9.25Jagadeesh Krishnanjanappa2018-09-2010-396/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removed below patches, as v9.25 source already has those changes/security fixes: 0001-Bug-699665-memory-corruption-in-aesdecode.patch 0001-pdfwrite-Guard-against-trying-to-output-an-infinite-.patch 0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch 0003-Fix-Bug-699660-shading_param-incomplete-type-checkin.patch 0004-Hide-the-.shfill-operator.patch 0005-Bug-699657-properly-apply-file-permissions-to-.tempf.patch remove-direct-symlink.patch Re-worked ghostscript-9.21-native-fix-disable-system-libtiff.patch and ghostscript-9.21-prevent_recompiling.patch to fix warnings in do_patch task of ghostscript v9.25 recipe. Highlights of ghostscript v9.25 release: --------------------------------------- - This release fixes problems with argument handling, some unintended results of the security fixes to the SAFER file access restrictions (specifically accessing ICC profile files), and some additional security issues over the recent 9.24 release. - Note: The ps2epsi utility does not, and cannot call Ghostscript with the -dSAFER command line option. It should never be called with input from untrusted sources. - Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits. - As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files. - IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF). - The usual round of bug fixes, compatibility changes, and incremental improvements. (From OE-Core rev: 4340928b8878b91b5a2750eb6bc87918740511ca) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: add nativesdk supportAndrej Valek2018-09-201-1/+1
| | | | | | | | (From OE-Core rev: 82886e19ba874a33e618a4854a32987884e2c058) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: fix mmap15 failed on qemumips64Dengke Du2018-09-132-0/+42
| | | | | | | | | | | | | | | | | Actually, this is not a bug, mmap15 only run on 64bit system. On qemumips64, mmap15 return EINVAL, x86-64 and arm64 return ENOMEM. This is because mips system check the addr that passed to the syscall mmap15: https://github.com/torvalds/linux/blob/master/arch/mips/mm/mmap.c#L71 If the addr larger than (TASK_SIZE - page_size), mips think it is invalid. (From OE-Core rev: cbc026227fb9bafe71665a673104272e191bdef9) Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-15908 & CVE-2018-15909 & CVE-2018-15910 & ↵Hongxu Jia2018-09-116-0/+294
| | | | | | | | | | CVE-2018-15911 (From OE-Core rev: b6d32d43fd2b016e932b7dc81fb943eb936b73bb) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lighttpd: update to 1.4.50Alexander Kanavin2018-09-101-2/+2
| | | | | | | (From OE-Core rev: 2b32390d0e79c75138ecc3ec84062f8bdb163abf) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsolv: update to 0.6.35Alexander Kanavin2018-09-101-3/+2
| | | | | | | (From OE-Core rev: a0462977458cc4ec2879c97a98c681fae50f6383) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip2: do not perform upstream verison checkAlexander Kanavin2018-09-101-0/+1
| | | | | | | | | | Otherwise, latest version is reported as 1.0.2 which is less than 1.0.6. Hopefully some kind of official homepage will exist at some point. (From OE-Core rev: 12baebac49ab774935f1f71eaaf22ed696366d10) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: Add missing dep on virtual/cryptAlex Kiernan2018-09-051-1/+1
| | | | | | | | | | | | | Ensure we have virtual/crypt even if building without PAM; fixes: sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy" sudo: unable to load /usr/libexec/sudo/sudoers.so: /usr/libexec/sudo/sudoers.so: undefined symbol: crypt sudo: fatal error, unable to load plugins (From OE-Core rev: f863713ae255bf5b6619c98ecd36aacbda352bbb) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: CVE-2017-14501Jagadeesh Krishnanjanappa2018-09-042-0/+80
| | | | | | | | | | | iso9660: validate directory record length Affects libarchive <= 3.3.2 (From OE-Core rev: dea4280623f945c06e8132c888988373e686318e) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Remove unnecessary check from creat08 and open10He Zhe2018-08-292-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | Issue: LIN1018-1797 At the point of the following failure, the file being checked, setgid, is owned by "nobody" in the "nogroup" and tries to inherit SGID from its parent directory who is in group of "bin". This is forbidden since Linux kernel v4.18-rc4, unless current process is given CAP_FSETID beforehand. See "Fix up non-directory creation in SGID directories" in the kernel. The check in Block3 succeeds since it becomes root again then. creat08 3 TFAIL : creat08.c:368: testdir.B.1026/setgid: Incorrect modes, setgid bit should be set creat08 4 TFAIL : creat08.c:376: Test failed in block2. open10 3 TFAIL : open10.c:352: open10.testdir.B.1045/setgid: Incorrect modes, setgid bit not set open10 4 TFAIL : open10.c:359: Test failed in block2. open10 6 TFAIL : open10.c:443: Test failed because of above failures. Backport a patch from upstream. (From OE-Core rev: 5f3ab95b0ed964e08c65ae3159606f27485dbec7) Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mingetty: fix usrmerge install pathMingli Yu2018-08-241-0/+1
| | | | | | | | | | | | | | | | Update /sbin to $base_sbindir to fix the below warning when usrmerge enabled in DISTRO_FEATURES. WARNING: mingetty-1.08-r3 do_package: mingetty: NOT adding alternative provide /usr/sbin/getty: /usr/sbin/mingetty does not exist WARNING: mingetty-1.08-r3 do_package: QA Issue: mingetty: Files/directories were installed but not shipped in any package: /sbin /usr/sbin (From OE-Core rev: 35b92053c5bc0f4ae4b92ca75456535ff78797a2) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mdadm: fix usrmerge install pathMingli Yu2018-08-241-1/+1
| | | | | | | | | | | | | Update /lib to $nonarch_base_libdir to fix the below error when usrmerge enabled in DISTRO_FEATURES. ERROR: mdadm-4.0-r0 do_package_qa: QA Issue: mdadm package is not obeying usrmerge distro feature. /lib should be relocated to /usr. [usrmerge] (From OE-Core rev: 4b2c86ff0031effd4cfdb477f67bc213d39ae0fd) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Fix ftest06 too small file path stringHe Zhe2018-08-232-0/+35
| | | | | | | | | | | | The name string is too small to contain normal full path names and causes the following failure. "ftest06 2 TFAIL : ftest06.c:223: Can't chdir(): errno=ENOENT(2): No such file or directory" (From OE-Core rev: 24faf8b9bbee82033d5f636f254e59b8d3d31ea5) Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: CVE-2017-14503Jagadeesh Krishnanjanappa2018-08-232-0/+34
| | | | | | | | | | | Reject LHA archive entries with negative size. Affects libarchive = 3.3.2 (From OE-Core rev: d6479f5d2e6de17bac8662f5057d87176524c6fa) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix CVE-2018-1000035Changqing Li2018-08-202-0/+49
| | | | | | | (From OE-Core rev: f75289b9215580030540245cd0b5f945bfb05ffa) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libidn2: Fix libunistring detectionKhem Raj2018-08-201-0/+4
| | | | | | | | | | | | | | | | | | | libunistring is one such library which many autotooled packages mistake to use from build system if its installed on it. This is specifically toxic when build host arch is same as target arch since we only see the problem during runtime but thankfully OE has build time QA which warns about it. QA Issue: libidn2: The compile log indicates that host include and/or library paths were used. Using --with-libunistring-prefix nudges the autoconf system for the component to first look into target sysroot before going on to search on the build host (From OE-Core rev: 9a4ea4ff856e2379888ea5cdcc0e761956e1f53b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>