summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended
Commit message (Collapse)AuthorAgeFilesLines
* timezone:upgrade 2019b -> 2019cZang Ruochen2020-02-211-5/+5
| | | | | | | | | | | | | | | | -tzdata : upgrade from 2019b to 2019c. -tzcode-native : upgrade from 2019b to 2019c. -tzdata.bb and tzcode-native.bb require timezone.inc. (From OE-Core rev: 0d58f5a01c7d49765d66a7e2d73eef0adb868eac) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit c5a382429d18642d35d40a4df6a58b971c724603) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* timezone: update to 2019bArmin Kuster2020-02-211-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Briefly: Brazil no longer observes DST. 'zic -b slim' outputs smaller TZif files; please try it out. Palestine's 2019 spring-forward transition was on 03-29, not 03-30. Changes to future timestamps Brazil has canceled DST and will stay on standard time indefinitely. (Thanks to Steffen Thorsen, Marcus Diniz, and Daniel Soares de Oliveira.) Predictions for Morocco now go through 2087 instead of 2037, to work around a problem on newlib when using TZif files output by zic 2019a or earlier. (Problem reported by David Gauchard.) Changes to past and future timestamps Palestine's 2019 spring transition was 03-29 at 00:00, not 03-30 at 01:00. (Thanks to Sharef Mustafa and Even Scharning.) Guess future transitions to be March's last Friday at 00:00. Changes to past timestamps Hong Kong's 1941-06-15 spring-forward transition was at 03:00, not 03:30. Its 1945 transition from JST to HKT was on 11-18 at 02:00, not 09-15 at 00:00. In 1946 its spring-forward transition was on 04-21 at 00:00, not the previous day at 03:30. From 1946 through 1952 its fall-back transitions occurred at 04:30, not at 03:30. In 1947 its fall-back transition was on 11-30, not 12-30. (Thanks to P Chan.) Changes to past time zone abbreviations Italy's 1866 transition to Rome Mean Time was on December 12, not September 22. This affects only the time zone abbreviation for Europe/Rome between those dates. (Thanks to Stephen Trainor and Luigi Rosa.) Changes affecting metadata only Add info about the Crimea situation in zone1970.tab and zone.tab. (Problem reported by Serhii Demediuk.) Changes to code zic's new -b option supports a way to control data bloat and to test for year-2038 bugs in software that reads TZif files. 'zic -b fat' and 'zic -b slim' generate larger and smaller output; for example, changing from fat to slim shrinks the Europe/London file from 3648 to 1599 bytes, saving about 56%. Fat and slim files represent the same set of timestamps and use the same TZif format as documented in tzfile(5) and in Internet RFC 8536. Fat format attempts to work around bugs or incompatibilities in older software, notably software that mishandles 64-bit TZif data or uses obsolete TZ strings like "EET-2EEST" that lack DST rules. Slim format is more efficient and does not work around 64-bit bugs or obsolete TZ strings. Currently zic defaults to fat format unless you compile with -DZIC_BLOAT_DEFAULT=\"slim\"; this out-of-the-box default is intended to change in future releases as the buggy software often mishandles timestamps anyway. zic no longer treats a set of rules ending in 2037 specially. Previously, zic assumed that such a ruleset meant that future timestamps could not be predicted, and therefore omitted a POSIX-like TZ string in the TZif output. The old behavior is no longer needed for current tzdata, and caused problems with newlib when used with older tzdata (reported by David Gauchard). zic no longer generates some artifact transitions. For example, Europe/London no longer has a no-op transition in January 1996. Changes to build procedure tzdata.zi now assumes zic 2017c or later. This shrinks tzdata.zi by a percent or so. Changes to documentation and commentary The Makefile now documents the POSIXRULES macro as being obsolete, and similarly, zic's -p POSIXRULES option is now documented as being obsolete. Although the POSIXRULES feature still exists and works as before, in practice it is rarely used for its intended purpose, and it does not work either in the default reference implementation (for timestamps after 2037) or in common implementations such as GNU/Linux (for contemporary timestamps). Since POSIXRULES was designed primarily as a temporary transition facility for System V platforms that died off decades ago, it is being decommissioned rather than institutionalized. New info on Bonin Islands and Marcus (thanks to Wakaba and Phake Nick). (From OE-Core rev: 1d1dcea1d2de02cb49950235586adbe4593f0eb7) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bbbb985808e5c301cdb7fdb1ff677706e99b4785) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cpio: fix CVE-2019-14866Anuj Mittal2020-02-212-0/+317
| | | | | | | | | (From OE-Core rev: ea0553398a2882a7a6e3c276dd3d81129a417a25) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> (cherry picked from commit 3a9872c664cdc5c5a6ac712142ce1d28d6fcd6d1) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iputils: Whitelist CVE-2000-1213 CVE-2000-1214Adrian Bunk2020-01-281-0/+4
| | | | | | | | | (From OE-Core rev: 7c51ca8538f228d98a4b3411a15fde83516c0419) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysstat: fix CVE-2019-19725Anuj Mittal2020-01-282-1/+31
| | | | | | | | | (From OE-Core rev: 7f8f018ea5ef6ecb80c5b5250df90a8b690e6f47) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lighttpd: Backport the CVE-2019-11072 fixAdrian Bunk2020-01-282-0/+55
| | | | | | | (From OE-Core rev: abc2d1fad91f1378be3946e35d8f8f450823599e) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix CVE-2019-19221Anuj Mittal2020-01-282-0/+102
| | | | | | | | | | | | | Also see: https://github.com/libarchive/libarchive/issues/1276 (From OE-Core rev: b4628dd1ef9d50e8778cadae09e6d31886bd47d2) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* stress: update SRC_URIArmin Kuster2020-01-161-1/+1
| | | | | | | | | | Fixes: WARNING: stress-1.0.4-r0 do_fetch: Failed to fetch URL http://people.seas.harvard.edu/~apw/stress/stress-1.0.4.tar.gz, attempting MIRRORS if available (From OE-Core rev: 279c4da2e5f46dccfeff0c898c2205940be9e174) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: Fix fetching sourcesFerry Toth2020-01-161-1/+1
| | | | | | | | | | | | | | It looks like https://www.sudo.ws/download.html changed certificate and directory structure. This breaks fetching sources. (From OE-Core rev: adb6af60dcf098bfce64168e6443c26d124661c4) Signed-off-by: Ferry Toth <ftoth@exalondelft.nl> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit f02e9f46ce54fed3c7ddfad7d1003a2fb7ba3a67) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: correct SRC_URIAlexander Kanavin2020-01-161-1/+1
| | | | | | | | | | | | The old URI returns 404, and has an invalid TLS certificate. (From OE-Core rev: abb42b83e1a96cdc7dac73e223a87cf078979c49) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 73ff6aba0a53ffc3ee0a5859a3ad4c8021be4de0) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* procps: whitelist CVE-2018-1121Ross Burton2020-01-161-0/+3
| | | | | | | | | | | | | | This CVE is about race conditions in 'ps' which make it unsuitable for security audits. As these race conditions are unavoidable ps shouldn't be used for security auditing, so this isn't a valid CVE. (From OE-Core rev: afc529aa689daed18af29ecc64f3dae1fcbdc282) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: set CVE_PRODUCTRoss Burton2020-01-161-0/+2
| | | | | | | | | | (From OE-Core rev: c214c6c7c0f011c933da8b271630fd6833d84685) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ed: set CVE vendor to avoid false positivesRoss Burton2020-01-161-0/+2
| | | | | | | | | | (From OE-Core rev: 154e286042c289cbd225ba82aaf1247714aee857) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: Correct the packaging of /etc/localtime and /etc/timezonePeter Kjellerstedt2019-11-181-2/+3
| | | | | | | | | | | | | | | | | | | During restructuring of the packaging in 2af4d6eb (tzdata: Install everything by default), these two files remained in the tzdata package, which is supposed to be empty. Move them to tzdata-core where they belong. Also simplify the definition of CONFFILES_tzdata-core. As its value only takes effect for files that actually exist, there is no need to complicate its definition by checking if a file is created before adding it to the list of configuration files. (From OE-Core rev: 50e64732585e0d3abe0a8e589d2122a7dc06c826) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: fix CVE-2019-14287Changqing Li2019-10-303-0/+292
| | | | | | | | | | | | | | | | | | In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. (From OE-Core rev: 650dd9486d6e5410665d5376be30732c7625396d) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4e11cd561f2bdaa6807cf02ee7c9870881826308) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit b1e0149c41e3c344a0496e64ab3b0c9dd4685ea4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: Fix CVE-2019-13232Dan Tran2019-10-084-0/+513
| | | | | | | | (From OE-Core rev: 8bc35e7b23ca0f10f4a2f3c4f7137d3dedc051fb) Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* psmisc: Fix dependency for USE_NLS=noJason Wessel2019-09-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | When using USE_NLS="no" in the local.conf psmisc will fail to compile as follows: | autoreconf: Entering directory `.' | autoreconf: running: autopoint --force | autoreconf: failed to run autopoint: No such file or directory | autoreconf: autopoint is needed because this package uses Gettext | ERROR: autoreconf execution failed. This is because the gettext.bbclass returns gettext-minimal-native for the host dependency which does not include autopoint. The autopoint utility is required to build psmisc, so it needs to list gettext-native as a dependency. (From OE-Core rev: 423115b70a4a2cdef4b3882ad4491446b84a1f1e) Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2019-3839Naveen Saini2019-09-302-0/+441
| | | | | | | | (From OE-Core rev: 4f608782e43accb23aa144339ed9169b1718c4f0) Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip2: fix CVE-2019-12900Anuj Mittal2019-07-293-0/+117
| | | | | | | | | | | Also include a patch to fix regression caused by it. See: https://gitlab.com/federicomenaquintero/bzip2/issues/24 (From OE-Core rev: 91798737ec0aadcb5313c4c140393933420b066d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wget: fix CVE-2019-5953Anuj Mittal2019-07-292-0/+35
| | | | | | | (From OE-Core rev: db17c2467af57a802f29a423ce1e9f0508bff5fe) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* texinfo-dummy-native: Rewrite template.py to use argparsePeter Kjellerstedt2019-06-301-37/+18
| | | | | | | | | | | | | | | | | | The original version of template.py parses the arguments manually. This fails when looking for the -E option if, e.g., an -I option is specified without any space before its argument, and that argument contains the letter 'E'. A minor difference to the original version is that it parsed the arguments in the order they were specified on the command line whereas this version will always handle -E before -o. (From OE-Core rev: c4949e0109cc823101f56fc192474d3ceaa7d916) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* texinfo-dummy-native: A little clean up of template.pyPeter Kjellerstedt2019-06-301-33/+30
| | | | | | | | | | | | This is mainly whitespace clean up, plus using the with statement when writing files. (From OE-Core rev: b2c4a3571c9311ee7fca165817ccad6d77ecac7c) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffutils/run-ptest: support to run at arbitrary pathHongxu Jia2019-06-301-1/+2
| | | | | | | | | | | | | | | | | | | 1. Run run-ptest at arbitrary path 2. Fix large-subopt.in1 not found ... |diff: /lib32-diffutils/3.7-r0/build/../diffutils-3.7/tests/large-subopt.in1: No such file or directory |diff: /lib32-diffutils/3.7-r0/build/../diffutils-3.7/tests/large-subopt.in2: No such file or directory ... (From OE-Core rev: ba4e54609e80abe12939bc01871d78d1914fdbaf) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bc: use u-a for bc as wellMartin Jansa2019-06-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * bc can be provided by busybox as well (e.g. if you have your own defconfig and forget to explicitly disable it: ... * * Miscellaneous Utilities * adjtimex (4.7 kb) (ADJTIMEX) [N/y/?] n bbconfig (9.7 kb) (BBCONFIG) [N/y/?] n bc (45 kb) (BC) [Y/n/?] (NEW) dc (36 kb) (DC) [Y/n/?] y Use bc code base for dc (larger, more features) (FEATURE_DC_BIG) [Y] (NEW) y Interactive mode (+4kb) (FEATURE_BC_INTERACTIVE) [Y/n/?] (NEW) Enable bc/dc long options (FEATURE_BC_LONG_OPTIONS) [Y/n] (NEW) beep (2.4 kb) (BEEP) [N/y/?] n chat (6.3 kb) (CHAT) [N/y/?] n conspy (10 kb) (CONSPY) [N/y/?] n ... ), causing conflict in u-a: update-alternatives: Error: not linking /usr/bin/bc to /bin/busybox.nosuid since /usr/bin/bc exists and is not a link and then whole do_rootfs or do_populate_sdk to fail because busybox postinst is failing: do_populate_sdk: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot, then please place them into pkg_postinst_ontarget_${PN} (). Deferring to first boot via 'exit 1' is no longer supported. (From OE-Core rev: 99df89a2ee7fb4c896224b68ffbe0aad03c39601) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl/modules: Add various missing ptest perl module dependenciesRichard Purdie2019-06-073-0/+5
| | | | | | | | | | | Whilst not complete, this resolves some module dependency failures being seen by various lib*-perl ptests and in quilt. (From OE-Core rev: 3f5f91a2a1f3ebb8151834ce4223dcd33f363803) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bash: Fix bash-ptest dependenciesRichard Purdie2019-06-071-2/+2
| | | | | | | | | | | | Bash's ptest needs glibc-utils (for locale), some extra locales for various tests it uses options busybox doesn't support for some tools, hence coreutils and also runs perl for some tests. (From OE-Core rev: ea2fdbd84da199c89081a824ecb0b97cf5a56bdf) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packagesRichard Purdie2019-06-073-1/+5
| | | | | | | | | | | | | This solves ptest runtime errors where make was missing causing the ptests to fail. (From OE-Core rev: 47bcd4dec32e87b7353b079f63931d11cd0568e6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for warrior context] [Dropped ptest fixes for pkg w/o ptests in warrior] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Tar: Security fix CVE-2019-0023Armin Kuster2019-06-072-0/+39
| | | | | | | | | | | | | | | | | | | Source: tar.git MR: 97928 Type: Security Fix Disposition: Backport from http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120 ChangeID: 7aee4c0daf8ce813242fe7b872583560a32bc4e3 Description: Affects tar < 1.32 fixes CVE-2019-9923 (From OE-Core rev: fa40d49bfb0dedea7f3dad454c408e249f4c05f7) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "acpica: use update-alternatives for acpidump"Martin Jansa2019-06-071-1/+1
| | | | | | | | | | | | | | | | | This reverts commit c3a325b5c2d9315629d014e5ebba552fe045171c. This seems to be causing: WARNING: acpica-20180508-r0 do_package: acpica: alternative target (/usr/bin/acpidump or /usr/bin/acpidump.acpica) does not exist, skipping... WARNING: acpica-20180508-r0 do_package: acpica: NOT adding alternative provide /usr/bin/acpidump: /usr/bin/acpidump.acpica does not exist WARNING: acpica-20180508-r0 do_package: acpica: alt_link == alt_target: /usr/bin/acpidump == /usr/bin/acpidump because the 20180508 version in warrior unlike the 20190405 in master doesn't install acpidump binary. (From OE-Core rev: ba36b0c5c1db632dd849f3f28f83c272530f67b6) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* shadow: Backport last change reproducibilityAlex Kiernan2019-06-073-0/+162
| | | | | | | | | | | | | | | | The third field in the /etc/shadow file (sp_lstchg) contains the date of the last password change expressed as the number of days since Jan 1, 1970. Backport the upstream changes to honour SOURCE_DATE_EPOCH for build reproducibility. (From OE-Core rev: 807a2f76e86d34fa69b0b2b369287985cc9eff78) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* acpica: use update-alternatives for acpidumpHongxu Jia2019-05-201-1/+1
| | | | | | | | | | | | | | | | | acpidump is both provided by acpica and pmtools, so use update-alternatives to fix conflicts: ... |Error: Transaction check error: | file /usr/bin/acpidump conflicts between attempted installs of pmtools-20130209+git0+3ebe0e54c5-r0.i586 and acpica-20190405-r0.i586 ... (From OE-Core rev: c3a325b5c2d9315629d014e5ebba552fe045171c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: set CVE_PRODUCTChen Qi2019-05-201-0/+3
| | | | | | | | | (From OE-Core rev: 23822fb39341ba064d2e01389409958f6b4dd15c) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cpio/tar/native.bbclass: move rmt to sbindir and add a prefix to avoid ↵Hongxu Jia2019-05-202-6/+6
| | | | | | | | | | | | | | | | | | | | native clashing The rmt in cpio-native and tar-native is clashing, since tar-native has set var-NATIVE_PACKAGE_PATH_SUFFIX, we move rmt to sbindir, and add suffix NATIVE_PACKAGE_PATH_SUFFIX to sbindir could avoid the clashing. And in Ubuntu, rmt is in sbindir $ which rmt /usr/sbin/rmt (From OE-Core rev: 9f47cea3c58a53db8599f1be4ff4401406c00928) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Fix setrlimit03 call succeeded unexpectedlyHe Zhe2019-05-122-0/+71
| | | | | | | | | | | | Backport a patch from upstream to fix the following error. "setrlimit03.c:54: FAIL: call succeeded unexpectedly" (From OE-Core rev: 908173cfbec631139283f3b35be03865eb7d73b1) Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "mdadm: fix gcc8 maybe-uninitialized/format-overflow warning"Khem Raj2019-04-102-61/+0
| | | | | | | | | | | | | | This patch tried to address a gcc problem when -Og is used, but it did cause regressions on normal compiles when using clang e.g. the real problem is to fix the compiler until then disable the warning in DEBUG_FLAGS This reverts commit 630281663893cdcfa9c4323b717b415d87d5510f. (From OE-Core rev: 949961cdf7d4639da538045dc83c2a354e16ea80) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: Fix 3 CVEsOvidiu Panait2019-04-0914-0/+2688
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. References: https://nvd.nist.gov/vuln/detail/CVE-2019-6116 https://www.openwall.com/lists/oss-security/2019/01/23/5 https://nvd.nist.gov/vuln/detail/CVE-2019-3835 https://nvd.nist.gov/vuln/detail/CVE-2019-3838 Upstream patches: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f1309 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=779664d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e8acf6d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e (From OE-Core rev: 12e140dfdac8456772223c816e37bd869419bb18) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* asciidoc: use correct XML catalog pathRoss Burton2019-04-051-1/+1
| | | | | | | | | | Now that docbook-xml and docbook-xsl are writing catalog files, tell xmllint/xsltproc where the catalog is. (From OE-Core rev: e60ec1dc23df918a7ec2e4572233ee12e73f4aff) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* asciidoc: specify XML catalogue to useRoss Burton2019-04-032-2/+60
| | | | | | | | | | | | | | | | libxml-native by default uses a XML catalogue at /etc/xml/catalog, instead of the one in the sysroot. Until this is fixed (#13260) override the XML catalogue manually in the recipe to point explicitly at the docbook-xml and docbook-xsl catalogues. This fixes either complete build failures (where the host doesn't have docbook-xml installed) or slow builds (where the host doesn't have docbook-xsl installed). (From OE-Core rev: efb6168e41797ad6ed00ede6f3d9141b90eff4b5) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: Install everything by defaultPaul Barker2019-04-031-6/+10
| | | | | | | | | | | | | | tzdata is converted to an empty meta package which pulls in all subpackages. The subpackages are defined in a TZ_PACKAGES variable so that we don't have to repeat ourselves. The timezones and conffiles which were in the tzdata package are moved to a new 'tzdata-core' package. (From OE-Core rev: 2af4d6eb2526d60b26bc5128068541ff3350fb58) Signed-off-by: Paul Barker <paul@betafive.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsolv: use GNUInstallDirsRoss Burton2019-04-022-1/+190
| | | | | | | | | | Backport a patch from upstream to use GNUInstallDirs instead of hand-coded path logic, so we have proper control over where files end up. (From OE-Core rev: 7c7d8ce6fe54e239374a6a04c007b4aa0712ba33) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-core-base-utils: remove lzipRoss Burton2019-04-011-1/+0
| | | | | | | | | | | lzip is pretty niche: people are typically either sticking with that they know (gzip, bzip) or using xz. Data point: only one recipe in oe-core is shipped as a .lz file. (From OE-Core rev: 80b0ac3bdbaee50d0023b7c869dd204485903dfe) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix up CVE IDs in patchesChen Qi2019-03-292-2/+2
| | | | | | | (From OE-Core rev: cf7473fae0f339286221f8e2b54d5c38ea41e6e2) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* asciidoc: use Python 3 portRoss Burton2019-03-291-9/+12
| | | | | | | | | | | | | | | | | | There's a sort-of-official port of asciidoc to Python 3. Whilst the official replacement is asciidoctor which is rewritten in Ruby, this is a fairly trivial swap and removes Python 2 from core-image-sato builds entirely. Moving forward we should evaluate asciidoctor, but that can wait. Change the RDEPENDS so that python3 is only a dependency for target and nativesdk builds, for native this can use the host python3. Remove redundant DESTDIR export that isn't needed. (From OE-Core rev: 266a13139ea45e28deb167f077917f04c3bdb7e6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysklogd: switch SRC_URI to the new, maintained locationAlexander Kanavin2019-03-292-3/+3
| | | | | | | | | | | | | | | | | | | | The previous SRC_URI seems to be gone, and sysklogd hasn't received any updates there for a long time. The new location says: Origin & References This is the continuation of the original sysklogd by Martin Schulze. Now maintained by Joachim Nilsson. Please file bug reports, or send pull requests for bug fixes and proposed extensions at GitHub. and generally seems credible: http://troglobit.com/ (From OE-Core rev: 22a4a6fe24c26dd5ae4a82a742c9bdf41c6bf2b7) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* blktool: remove a duplicate patchAlexander Kanavin2019-03-292-24/+0
| | | | | | | | | | | blktool-gnulib-makedev.patch is actually doing the same thing as 0004-fix-ftbfs-glibc-2.28.patch, so we end up including the same file twice. (From OE-Core rev: 8de82c63fe49917c80d1b634819ae2001625a645) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* blktool: update to 4-7.1Alexander Kanavin2019-03-292-0/+20
| | | | | | | | | This update adds a patch from Debian to match the latest version there. (From OE-Core rev: 11fdad15c2c8f4b4be696008bac0841a271aa161) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* timezone: update to 2019aArmin Kuster2019-03-291-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 2019a release of the tz code and data is available. It reflects the following changes, which were either circulated on the tz mailing list or are relatively minor technical or administrative changes: Briefly: Palestine "springs forward" on 2019-03-30 instead of 2019-03-23. Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00. Changes to past and future timestamps Palestine will not start DST until 2019-03-30, instead of 2019-03-23 as previously predicted. Adjust our prediction by guessing that spring transitions will be between 24 and 30 March, which matches recent practice since 2016. (Thanks to Even Scharning and Tim Parenti.) Metlakatla ended its observance of Pacific standard time, rejoining Alaska Time, on 2019-01-20 at 02:00. (Thanks to Ryan Stanley and Tim Parenti.) Changes to past timestamps Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25). (Thanks to Alois Treindl and Isaac Starkman.) Changes to time zone abbreviations Etc/UCT is now a backward-compatibility link to Etc/UTC, instead of being a separate zone that generates the abbreviation "UCT", which nowadays is typically a typo. (Problem reported by Isiah Meadows.) Changes to code zic now has an -r option to limit the time range of output data. For example, 'zic -r @1000000000' limits the output data to timestamps starting 1000000000 seconds after the Epoch. This helps shrink output size and can be useful for applications not needing the full timestamp history, such as TZDIST truncation; see Internet RFC 8536 section 5.1. (Inspired by a feature request from Christopher Wong, helped along by bug reports from Wong and from Tim Parenti.) Changes to documentation Mention Internet RFC 8536 (February 2019), which documents TZif. tz-link.html now cites tzdata-meta <https://tzdata-meta.timtimeonline.com/>. (From OE-Core rev: f51df4809be08fa7e137467a386637ebe7b57175) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* less: upgrade 549 (terribly broken) -> 550Andreas Müller2019-03-291-2/+2
| | | | | | | | | | | | | | | | | | | | Test case: * open xfce4-terminal * run 'echo | less' * press arrow up/down few times * exit less with 'q' => From now on all mouse(wheel) buttons create strange inputs on terminal Release note says [1]: "Sometimes the terminal was left in mouse-reporting mode after exiting less." http://www.greenwoodsoftware.com/less/index.html (From OE-Core rev: 4cefbf492d98ec14b8bb323c92d987b795addaf2) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wget: Convert EXTRA_OECONF to PACKAGECONFIG, extend PACKAGECONFIGAlex Kiernan2019-03-261-5/+12
| | | | | | | | | | | | | Convert existing EXTRA_OECONF and DEPENDS to PACKAGECONFIG, fill out remaining PACKAGECONFIG options. When building without libpsl we pass in --without-libpsl, which we didn't previously, but all this actually ends up doing is silencing a warning from the configure script, the code still uses an internal implemention when using this option. (From OE-Core rev: 6472261c7dba1ecc67d639d13b7cf04258f13c7c) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mdadm: add -Wno-error to DEBUG_OPTIMIZATIONChangqing Li2019-03-251-0/+2
| | | | | | | | | | | | | | | | | | | | | | | when compile with DEBUG_OPTIMIZATION(-Og), compile failed with below error, fix by add -Wno-error: [snip] | Incremental.c: In function 'Incremental_container': | Incremental.c:1593:3: error: 'mdfd' may be used uninitialized in this function [-Werror=maybe-uninitialized] | close(mdfd); | ^~~~~~~~~~~ [snip] super-intel.c: In function 'apply_takeover_update': | super-intel.c:9615:15: error: '%d' directive writing between 1 and 11 bytes into a region of size 7 [-Werror=format-overflow=] | " MISSING_%d", du->index); | ^~ ... (From OE-Core rev: 1e0dbc9e320b200b948abaae418f640f9f65fe06) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>