| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes fixes for:
CVE-2022-2816
CVE-2022-2817
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2862
CVE-2022-2874
CVE-2022-2889
(From OE-Core rev: 3ec2d27d09444213ec1c9b91c6f8c4363f297294)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop crosscompile.patch which was merged as part of:
509695c1c (tag: v9.0.0065) patch 9.0.0065: \
cross-compiling doesn't work because of timer_create check
Also drop: racefix.patch which may have been fixed upstream
and is being tracked by:
https://github.com/vim/vim/pull/10776
where upstream is asking if the different approach resolves the
race condition. Let's see what's out there!
(From OE-Core rev: 6996472cd33d2d4b91821f2dfe24a27a697e4afe)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.
(From OE-Core rev: d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After the below commit introduced, the shebang size of native scripts
is also checked, so rework the patch to fix the gap.
377fe11bc0 insane.bbclass: Make do_qa_staging check shebangs
Fixes:
ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/mve.awk maximum shebang size exceeded, the maximum size is 128. [shebang-size]
ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/efm_perl.pl maximum shebang size exceeded, the maximum size is 128. [shebang-size]
(From OE-Core rev: 79232458b9cdc741a2049d83839af73f58a5554c)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following CVEs:
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287
(From OE-Core rev: 03c044a81a76b7505b9d5bf0d936dde75b51905e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
The license checksum changed due to a major version change in the referenced file.
(From OE-Core rev: 89f34d8aa4f4572d048dbb732ca4c83d443157fb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Includes fixes for CVE-2022-1927, CVE-2022-1942.
(From OE-Core rev: 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The xxd tool can be quite handy by itself, and doesn't have anything
to do with vim per se. Make it possible to include the rather tiny xxd
in a rootfs without pulling in the several MB vim binary and
associated data.
For backwards compatibility, add an RDEPENDS from the main package to
the new vim-xxd package.
(From OE-Core rev: 06ed2aa93fc25a681e3a00ee120d9395b04845da)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735
CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796
(From OE-Core rev: fafce97bd440150ac5c586b53b887ee70a5b66bd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
Includes fixes for CVE-2022-1381, CVE-2022-1420.
(From OE-Core rev: 77d745bd49c979de987c75fd7a3af116e99db82b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
License change is a date in the license file only.
This includes a fix for CVE-2022-0943.
(From OE-Core rev: 69bc2f37d6ca7fa4823237b45dd698b8debca0a9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
Includes CVE-2022-0696, CVE-2022-0714, CVE-2022-0729.
(From OE-Core rev: 0d29988958e48534a0076307bb2393a3c1309e03)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
License file had some grammar fixes.
Includes CVE-2022-0554.
(From OE-Core rev: a8d0a4026359c2c8a445dba9456f8a05470293c1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
license identifiers
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
License text underwent changes on how to submit Uganda donations, switch from http
to https urls and an update date change but the license itself is unchanged.
Also, add an entry for the top level license file. This is also the vim license
so LICENSE is unchanged but we should monitor it too.
(From OE-Core rev: d195005e415b0b2d7c8b0b65c0aef888d4d6fc8e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to the latest patch release to fix the following CVEs:
- CVE-2022-0261
- CVE-2022-0318
- CVE-2022-0319
(From OE-Core rev: 96442e681c3acd82b09e3becd78e902709945f1f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the version to 4.2.4118, which incorporates the following CVE
fixes:
- CVE-2021-4187
- CVE-2022-0128
- CVE-2022-0156
- CVE-2022-0158
Also remove the explicit whitelisting of CVE-2021-3968 as this is now
handled with an accurate CPE specifying the fixed version.
(From OE-Core rev: 764519ad0da6b881918667ca272fcc273b56168a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
As upstream tags point releases with every commit and
the version check still reports 8.2, it should not be considered
broken (e.g. current version newer than latest version)
until 8.3 is released.
(From OE-Core rev: 11d8ee09b1bdec4824203dc0169093b2ae9d101a)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a fairly constant flow of CVEs being fixed in Vim, which are
getting increasing non-trivial to backport.
Instead of trying to backport (and potentially introduce more bugs), or
just ignoring them entirely, upgrade vim to the latest patch in the hope
that vim 8.3 will be released before we release Kirkstone.
(From OE-Core rev: 78a4796de27d710f97c336d288d797557a58694e)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Don't set an empty default value and them immediately assign to it.
(From OE-Core rev: d7565241437487618a57d8f3f21da6fed69f6b8a)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Backport a fix for -3972, and whitelist -3968: it isn't valid as it
fixes a bug which was introduced after 8.2.
(From OE-Core rev: bec5caadfb53638748d8c41ce7230c2bf7808d27)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: c613ca14c35a5d1782c79a25b83875cbfa2b952b)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 2001631e7a6edb7adc40ee4357466cc54472db71)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 222be29051a3543ac63a0eb07019e90d44429b16)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Backport patches from upstream to fix these CVEs.
(From OE-Core rev: b493eb4f9a6bb75a2f01a53b6c70762845bf79f9)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Github has announced there will be no more git:// fetching from their servers:
https://github.blog/2021-09-01-improving-git-protocol-security-github/#no-more-unauthenticated-git
and they're about to start having brownout periods to encourage people
to update. This runs the conversion script over OE-Core to update our
urls to use https instead of git.
(From OE-Core rev: b37b61e9a1e448a34957db9ae39285d21352552e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
This update was made with the script added to contrib in this patch which
aims to help others convert other layers.
(From OE-Core rev: b51c405faf6f8c0365f7533bfaf470d79152a463)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
vim is vulnerable to Heap-based Buffer Overflow
reference:
https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f
(From OE-Core rev: 494929c4cec21712884e13172c37efad7c908411)
(From OE-Core rev: d7fac573f1e1c9cd93181bce60df5666f5b5b03f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 54d3d023ce55ba4a7160ed25a283f0918e7d8e2e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vim uses libcanberra to implement sound, currently its ok for target
since we have captured dependencies in recipe sysroot but things go a
bit out of control when building vim-native, where configure starts to
poke at host system and if it find libcanberra then silently enables it
lets make it consistent
(From OE-Core rev: 7bf11ce14336eff07a4e7216fb485f98757088ed)
(From OE-Core rev: 70de1dbb660461bdf0613494f53ec4c78738ae2a)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
- Some distributions with UTF-8 locale have problem when National Language
Support is enabled. Add there an option to disable it.
(From OE-Core rev: da630d6d81a396c3e1635fbd7b8103df47ed2732)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
The tricky of using BPN in a common inc file is rather hard to understand.
Simplfy this by moving it to the base vim recipe and use the standard
variable form.
(From OE-Core rev: cffa5930d86a464aceb4764eec510a2b8f5c44a1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Fixes: [YOCTO #13471]
(From OE-Core rev: 6db24928d62aeb093a0e6da6619713eaca57a96f)
Signed-off-by: Ida Delphine <idadelm@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The LINGUAS file can be written by two different Makefile targets
and if they race, the desktop file contents isn't deterministic.
Fix the makfile to avoid this.
(From OE-Core rev: 416bc7b697764075fbf73683cd8bddf36d839244)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Add a couple of configure options to avoid determism issues in the vim build.
This can happen due to the addition of glib-2.0 to the native sysroot through
later task additions to the sysroot through indirect dependencies.
(From OE-Core rev: 914f86054f5ea0a115767c1b3d9cdb4c4ef9545b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable nativesdk build support in order to be able to include vim in
nativesdk targets (e.g. buildtools-tarball/sdk). It is useful to be able
to provide an editor in a relocatable form for when hosts do not provide
an editor. Additionally the vim recipe provides the xxd tool.
(From OE-Core rev: 72399c0c2eca21d2c27c3ba668d456375453b809)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These workarounds are removed because a previous patch
solve the host path reference for gawk and perl, and it skips
the do_package_qa issue by setting the INSANE_SKIP. But it
introduces regression for do_rootfs. The dependencies are
calculated and will require packages like python, perl, gawk
and csh. The error is like below.
Error:
Problem: conflicting requests
- nothing provides /bin/csh needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/nawk needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/python needed by vim-tools-8.2-r0.corei7_64
So we keep the previous patch which solve the host path reference
problem and restore the long-used 'chmod -x' workaround here.
(From OE-Core rev: bf3e799e32b4de300887b844b0b7bce3d60ca379)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
vim will abort in many places with this setting. Replace
it with the benign _FORTIFY_SOURCE=1.
(From OE-Core rev: 18129cbaeddb3278efe9963718556e3765f06c1e)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When cross-compiling, do not change scripts to use host
versions of perl and gawk.
Also, use INSANE_SKIP to suppress QA complaints if perl
or gawk are not on the target.
(From OE-Core rev: 8972fe5581b9fe8ef14d539001758bb13bca6737)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Resolves:
WARNING: vim-8.2-r0 do_package_qa: QA Issue: package contains desktop
file with key 'MimeType' but does not inhert mime-xdg: vim path
'/work/core2-32-poky-linux/vim/8.2-r0/packages-split/vim/usr/share/applications/vim.desktop'
(From OE-Core rev: 9464b19205c9f88998db7820274c9c0364c79bd9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
vim-tiny: update from 8.1.1518 to 8.2
The date in the license was updated to 2020 and
a trailing space was removed from one line.
(From OE-Core rev: 07d23c2d255f74cf9fbb0e917dfd1fe3bd6a65d2)
Signed-off-by: Oleg Polyakov <Oleg.Polyakov@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Only new x.y versions will be reported, as upstream creates a new
x.y.z tag for every commit.
(From OE-Core rev: 99558e667e4e04934943476472bd9919b5d07855)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: cdd6f417c5d1535bd922703e18185b9d376e3b6f)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 79582352f256673999ad3ae1c24a4602c5bcaf26)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we have a common inc file for both vim and vim-tiny move a few
bits of logic out of vim.inc and in to vim_$VER.bb so that vim adds
things rather than vim-tiny removes them.
Suggested-by: Martin Jansa <martin.jansa@gmail.com>
(From OE-Core rev: a9f62ea2c380375c749a28405708bfdb7754f51f)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously vim-tiny would include the vim recipe wholesale;
this meant that they had to be upgraded in a single transaction
which devtool cannot cope with. This thwarted the latest AUH
run in particular.
(From OE-Core rev: 55cc8c6dbef8de240f63e7274a2beaf421124b58)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This brings us to the current version of vim. As part of this we need
to work-around a locale issue that upstream has exposed. We do not
support fully / correctly the certain locales. Attempting to use these
with msgfmt in order to update the ".desktop" files exposes this problem
and leads to the compile failing.
(From OE-Core rev: ffa4b0abcab2ed4e4f642b4b3140aa6095938422)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vim recipe has all of the code inside the "src" subdirectory but
other things we rely on, such as the license file in a subdirectory
relative to the src. However, as there is a top-level "configure"
script that moves us down to the src directory, we can rework the recipe
to be overall more simple and regularly laid out if we use that.
(From OE-Core rev: 2eb66c1ff55a3fe9785967f45f1cb6a27df44f93)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The most current release of vim is now 8.1.1017. The only problem
currently is that the disable_acl_header patch is still not upstream.
Cc: Wenzong Fan <wenzong.fan@windriver.com>
Cc: Changqing Li <changqing.li@windriver.com>
(From OE-Core rev: 791b278c513abb6587d4efcf2e4e974a0bf280ae)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|