| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Porting patch from <https://github.com/curl/curl/commit/
5ff2c5ff25750aba1a8f64fbcad8e5b891512584> to solve CVE-2017-1000254.
(From OE-Core rev: 4e22302603c6a1fc56ef77cdc10e1b1f631a274e)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 08f8d5db06647b94f96d655100c358047682dd2f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes the result of the nettle dlopen-test
from FAIL to PASS. The test used to fail because the test could not
find and load libnettle.so.
This patch fixes this by using absolute path instead of relative.
This was the only test out of 88 that used to fail.
(From OE-Core rev: 511db7c256dbb3f8ba95eabd025d427384d4a1cb)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit f12d493418417c8529a97c7a768e4af58ea5c91b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This build time option is needed to use the '--dns-interface' runtime
parameter to instruct 'curl' to use a specific interface for DNS
resolution.
Not enabled by default, as it depends on 'c-ares' package from
meta-openembedded (meta-networking).
(From OE-Core rev: 8f3d34217b5b95f1f159c362c6f5dad3ba4fb290)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 4fe0aa3791db0ee6c85e7a068f69def6e7c0da46)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Feeding the output of /dev/urandom into /dev/random is pretty much insane
and not something we should encourage.
I can't really imagine a scenario where this would be a sensible idea since
/dev/urandom if effectively derived from /dev/random.
This changes the tool to default to /dev/hwrng which makes much more sense,
feeding hardware entropy into the random pool. In the QEMU case, this will
feed entropy from the host into the guests which is also what we want.
Yes, this change will cause rngd not to start if /dev/hwrng isn't present,
but it isn't needed if that isn't so I don't see this as a bad thing.
(https://wiki.archlinux.org/index.php/Rng-tools has a section in red which
agrees with the above, "this is a really bad idea, since you are simple
filling the kernel entropy pool with entropy coming from the kernel itself!")
(From OE-Core rev: d177516d846ec4bed483d7e9d80775bb341c869e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1dc9ac46710814c27cae2d22e79c84a9522993a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dump_callback function in SQLite 3.20.0 allows remote attackers to
cause a denial of service (EXC_BAD_ACCESS and application crash) via a
crafted file.
Backport patch to fix the issue. Some references:
https://sqlite.org/src/info/02f0f4c54f2819b3
http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
(From OE-Core rev: 9b9f566d2042f2b393de88506d2da964bc4d17b0)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is backported from the upstream git repository to fix building
libgcrypt on armv6 platforms such as raspberrypi.
(From OE-Core rev: c47ed9aa7a34ef62b3ffaea6ebd5cc9e7c052899)
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This ensures argp-standalone-staticdev package could be installed
correctly(without depending on the empty argp-standalone package) if
it's being required during SDK population.
(From OE-Core rev: 6d13c09fb57e13aa4aae590cd49cff7279c8685d)
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recipes nspr_4.16.bb and nss_3.31.1.bb ignored BUILD_CC and it's
BUILD_CFLAGS and tried to compile with hardcoded "gcc" instead. As
result build for this recipes will fail if host use different name for
compiler or require any flags.
(From OE-Core rev: 79e3339ab9edacb9e34d3725305d5880a974364a)
Signed-off-by: Nikolay Merinov <n.merinov@inango-systems.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
With default --without-nghttp2 flag set there was no way to get
http2 protocol support using nghttp2 library. Instead moved it to
PACKAGECONFIG options
(From OE-Core rev: bcc8560300c8b1218b1f3709f5a7732e17fbfa46)
Signed-off-by: baali <shantanu@senic.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Backport the fix from https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;
a=commit;h=bf76acbf0da6b0f245e491bec12c0f0a1b5be7c9
(From OE-Core rev: 3b827eff306c484d78d61b259cd5d4eef8df381c)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ptest-runner would segfault with -t option:
root@qemux86-64:~# ptest-runner -d /usr/lib test_pkg -t 5
[ 237.234112] ptest-runner[810]: segfault at 0 ip 000000382e638060 sp
00007fff9130f400 error 4 in libc-2.26.so[382e600000+1a7000]
It is safe to bump SRCREV to latest upstream commit to fix this issue
because there is only one commit since the last update:
commit 8a93832dad621535e90aa8e1fb74ae5ba743fc3e
Author: Anders Wallin <wallinux@gmail.com>
Date: Sun May 28 11:47:00 2017 +0200
timeout option missing the argument option ":" to getopt
ptest-runner -t xx gives segfault
Signed-off-by: Anders Wallin <wallinux@gmail.com>
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
(From OE-Core rev: 503ce98bb89dfa019faff872121c8911e6465b05)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: cfe74cb67f284e58c6d133d456fb6d8e763f3e5c)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: ecf386d113011c430a2e04dfdac981a265a83b7b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Packages which depends on attr headers fail due
to uint32_t not being defined, this needed header
to include sys/types.h
(From OE-Core rev: af7c8f8a9bfc3396dc729f3fc54c38d19f2aa3fc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
GitHub automatically-generated tarballs from tags can and do change over time,
so change libproxy to use the uploaded tarball.
(From OE-Core rev: 1a159da61a8a3d06918f838b1dcec45eed2815a7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: fb70550c1553d3f3907c2752a742acd3db940123)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 927316c17135b87892103c7008f68b3d58631e2f)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Both libfm and libfm-extra provide /usr/include/libfm, so remove it from libfm
to avoid sysroot conflicts.
(From OE-Core rev: 1ca7d8d89e35f55082d1708639e2146794730a0c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bmap-tools is the only recipe in oe-core that still uses
Python 2. Switching it to Python 3 should help to get rid of
building native Python 2 and its dependencies.
[YOCTO #11891]
(From OE-Core rev: 0d6130b30a1219b2bc2c57578f291311f69c676e)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Upgraded to the latest upstream release.
(From OE-Core rev: fa36678698108023242f2afbd4e54d6709f84420)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Also remove the redundant DEPENDS_class-native, as the native class generates
this value automatically.
(From OE-Core rev: 7d2d73bf5e9fba30ae79e535adff256b94248e62)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport upstream commits to fix:
- CVE-2017-1000099
https://curl.haxx.se/docs/adv_20170809C.html
https://curl.haxx.se/CVE-2017-1000099.patch
- CVE-2017-1000100
https://curl.haxx.se/docs/adv_20170809B.html
https://curl.haxx.se/CVE-2017-1000100.patch
- CVE-2017-1000101
https://curl.haxx.se/docs/adv_20170809A.html
https://curl.haxx.se/CVE-2017-1000101.patch
(From OE-Core rev: 2eb590bbeab4dbf2583a78fcbaf3723757116123)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Multi-threaded applications using libcurl crash
on DNS timeouts when built using OE.
The reason is as follows:
By default, libcurl implements DNS timeouts using a
timer (alarm()) and a pair of setjmp()/longjmp().
This approach is unsafe in multi-threaded applications
for various reasons, as e.g. explained in the relevant
man-pages.
To avoid this, libcurl can be compiled with a built-in
threaded resolver, or against the c-ares asynchronous
resolver library.
To keep extra dependencies to a minimum, and to mimic
other distributions (debian at least), and because
c-ares is not available in OE-core, add a PACKAGECONFIG
to be able to enable use of of the built-in threaded
resolver and enable it by default.
(From OE-Core rev: 41f1e44fce976c4140cda62a41349e91e69d04ef)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000413.html
(From OE-Core rev: 404cdecec24bc2ed4e2cacc76cd50db7622171cd)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
This fixes CVE-2017-2885 (stack overflow with HTTP chunked encoding), no other
relevant changes.
(From OE-Core rev: 56d25765641acaadc21391bd7b00187cf0f4ffe0)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is actually the same version as previously; upstream didn't have
a tag for it before and now it does, so we can reduce confusion. The SRCREV
change is due to a few added commits which modify upstream's debian
packaging (not used by us).
(From OE-Core rev: 8359730165908025b0762eaa25569e2fdcd9d086)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A fuzz on libpcre1 through the pcretest utility revealed an invalid read in the
library. For who is interested in a detailed description of the bug, will
follow a feedback from upstream:
This was a genuine bug in the 32-bit library. Thanks for finding it. The crash
was caused by trying to find a Unicode property for a code value greater than
0x10ffff, the Unicode maximum, when running in non-UTF mode (where character
values can be up to 0xffffffff).
(From OE-Core rev: 1b87201784e733f3a9d436f56cb5a6151ba6bdfa)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of
service (heap-based buffer overflow) or possibly have unspecified other impact
via a crafted regular expression.
(From OE-Core rev: dd63a26fedb8a578d34850ede4c27e26b8876e7e)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Add systemd service file for rng-tools.
(From OE-Core rev: d374897100ae756df72677d47c9c70c7fefca192)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678
Patch from:
https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6
(From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix do_configure to be able to regenerate configure files
Use cross libtool as installed by OE, as done in normal autotooled recipes
These changes help in invoking the libtool with proper tags for C
and C++ compiler and linker invocation and not use same tag across all
different invocations
Fixes errors like
libtool: compile: unable to infer tagged configuration
libtool: compile: specify a tag with `--tag'
(From OE-Core rev: afa9f769d62034d4443dfe929422d1d591adf709)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were relying on running ca-certificates from the -native version. This
meant the host and target path layouts had to match which might not be true,
it certainly isn't true for the sdk builds.
There was a dependency on run-parts which wasn't represented (we can get it
from busybox or debianutils).
Since this is an allarch script, call the script directly, making sure debianutils
and openssl are available as postinst rootfs time to resolve the issues.
(From OE-Core rev: d9575e05f2cb8bf293534c036ddc0d0336701256)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
| |
(From OE-Core rev: 46985e66c193ad2aa9b575aeab5c78740bc5a4ed)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
We want to provide python libs by default, and some other
popular Linux distributions like redhat/fedora does the same.
(From OE-Core rev: 41744c418009dccc5f79c1a4a28419807d67837c)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Remove all host build references from the acl-ptest package.
(From OE-Core rev: 6b799e4b315ee5a1eaba9f445b2ba7d37d1e0176)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Remove all host build references from the attr-ptest package.
(From OE-Core rev: 0a181e26d09978bff850bc6b303de6053f7c53df)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
bmap-tools has run-time dependency on "python-mmp" which is missing in
the RDEPENDS. "bmaptool" command in the target will fail without this
patch.
(From OE-Core rev: 1127154b958d0a0e167cefff4bc40dfb86e3378a)
Signed-off-by: Binghua Guan <freebendy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
* Fixes:
ERROR: nativesdk-libcheck-0.10.0-r0 do_package_qa: QA Issue: /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/checkmk contained in package nativesdk-libcheck requires /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/gawk, but no providers found in RDEPENDS_nativesdk-libcheck? [file-rdeps]
(From OE-Core rev: 71c29b53f1a44430306eeda96dc43cf7d002afe5)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8c53a8c87c509da68d1f423ecd11f6b11186acd1)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. COPYING.LIB: Rename to COPYING.LGPL3.
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1
2. Rebase patches:
- pkgconfig.patch -> 0001
- use-pkgconfig-instead-of-npth-config.patch -> 0002
- dirmngr-uses-libgpg-error.patch -> 0003
- autogen.sh-fix-find-version-for-beta-checking.patch -> 0004
3. Fix gpg2 not found
...
dnf -vy makecache
|Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature
verification error: gpgme_engine_check_version() error: Invalid crypto
engine.
...
The upstream install gpg by default and no gpg2
...
commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b
Author: Werner Koch <wk@gnupg.org>
Date: Sat Aug 5 14:39:32 2017 +0200
gpg: Install gpg by default under the name gpg.
...
Add --enable-gpg-is-gpg2 to revert it.
(From OE-Core rev: f62d844424670967d2d40cd2afc96f5fc597bf1d)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While multilib, the local m4/python.m4 incorrectly assigned
am_cv_python_pyexecdir and am_cv_python_pythondir which caused
the following error enabled:
...
ERROR: gpgme-1.9.0-r0 do_package: QA Issue: gpgme: Files/directories
were installed but not shipped in any package:
/usr/lib/python3.5/site-packages/gpg-1.9.0-py3.5.egg-info
...
(From OE-Core rev: f5c7e236582028638a26a5855d5e7ba0b55bb8f0)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rebase patches:
- pkgconfig.patch -> 0001
- python-lang-config.patch -> 0002
- 0001-Correctly-install-python-modules.patch -> 0003
- python-import.patch -> 0004
- 0001-gpgme-config-skip-all-lib-or-usr-lib-directories-in-.patch -> 0005
(From OE-Core rev: b18a7adf8ce194b2dd3ce787228fb87c5ef3efde)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989:
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3,
as used in GDAL and other products, mishandles undersized RTree blobs
in a crafted database, leading to a heap-based buffer over-read or
possibly unspecified other impact.
https://nvd.nist.gov/vuln/detail/CVE-2017-10989
* LIC_FILES_CHKSUM updated for below changes:
-** 2001 September 15
+** 2001-09-15
(From OE-Core rev: 95b802bfe74ac6a3f6dc05edb52c87ef90600f40)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rebase patches:
- add-pkgconfig-support.patch -> 0001
- libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch -> 0002
- fix-ICE-failure-on-mips-with-option-O-and-g.patch -> 0003
- fix-undefined-reference-to-pthread.patch -> 0004
(From OE-Core rev: b90037da8754009ca7cf2ab996b46b3dae1eb204)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Drop backported openssl-1.1.patch
(From OE-Core rev: a67800e01b9b383d2f887a82de3075b2ef234648)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade nss from 3.30.2 to latest stable version 3.31.1.
* remove 0001-Fix-warnings-found-with-gcc7.patch which is not needed now
(From OE-Core rev: 86838f1c06002a62ded12a9a66d1eb82093c85a9)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove references to the host build system from generated/packaged
header file gmp.h. The file ends up in two different packages (libgmp-dev,
libgmp-dbg). Rather then modifying the file twice in two different
destinations after the installation, we modify the file gmp.h only once,
but before the installation.
[YOCTO #11922]
(From OE-Core rev: 693b42115e2f61abc9ca6096445dc494648cacb6)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes
a NULL pointer dereference and crash when reading crafted input that
triggers assignment of a NULL value within an asn1_node structure. It
may lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-10790
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;
h=d8d805e1f2e6799bb2dff4871a8598dc83088a39
(From OE-Core rev: 6176151625c971de031e14c97601ffd75a29772f)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
| |
Upgrade nspr from 4.14 to 4.16
(From OE-Core rev: bfc148a40fd5b9936e63e9af901b5c8aaf7e8e5b)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Upstream lacks a tag for this release, so make it a PR bump.
(From OE-Core rev: 0b0a716b243491f026cb7b15e8f546325d6fa760)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|