summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* libgpg-error: Trim license info extracted from init.c & gpg-error.h.inPeter Kjellerstedt2018-11-071-2/+2
| | | | | | | | License-Update: Only extract relevant parts from init.c & gpg-error.h.in (From OE-Core rev: a5c1ff6deb6393666745889eee8297112848ba28) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr-util: Trim license info extracted from apu_version.hPeter Kjellerstedt2018-11-071-1/+1
| | | | | | | | | | | Two unrelated lines were extracted from apu_version.h for the license information. License-Update: Only extract the relevant part from apu_version.h (From OE-Core rev: 2edb0f24a13f27b2fae94fb447221ad2ddb924a0) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr: Trim license info extracted from apr_lib.hPeter Kjellerstedt2018-11-071-1/+1
| | | | | | | | | | | Two unrelated lines were extracted from apr_lib.h for the license information. License-Update: Only extract the relevant part from apr_lib.h (From OE-Core rev: 90ab83ecc509c2fdc1f6083d771031decdcaad63) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842Changqing Li2018-11-073-0/+113
| | | | | | | (From OE-Core rev: 0f0db9fc8512a0ecd0cdba3304a195cd925a5029) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss: update to 3.39 includes CVE-2018-12384Armin Kuster2018-11-071-2/+2
| | | | | | | | | see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes (From OE-Core rev: 9d5d19cee30ac73b9fbf75308e5729857384983e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: extend CVE_PRODUCTGrygorii Tertychnyi2018-10-291-1/+1
| | | | | | | | | | | | | There are both "curl" and "libcurl" CPEs in NVD. All "curl" CVEs are now missed in the reports. Hence, switch "CVE_PRODUCT" to a space separated list of the items. (From OE-Core rev: 69ff709c2450c42139fd9705e3a74464221ad754) Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpfr: Fix compilation for ARCAlexey Brodkin2018-10-182-1/+47
| | | | | | | | | | | | | | | | | | | MPFR has a couple of things implemented in assembly and in case of ARC those parts were written long ago when ARC GCC port was not yet upstreamed. On upstreaming of GCC some constraints were changed and so we can no longer build MPFR for ARC with up-to-date tools seeing something like that: | In file included from ../../mpfr-4.0.1/src/mpfr-impl.h:112, | from ../../mpfr-4.0.1/src/mul.c:24: | ../../mpfr-4.0.1/src/mul.c: In function 'mpfr_mul': | ../../mpfr-4.0.1/src/mpfr-longlong.h:415:3: error: impossible constraint in 'asm' | __asm__ ("add.f\t%1, %4, %5\n\tadc\t%0, %2, %3" \ | ^~~~~~~ (From OE-Core rev: 887a062ca139014ae6dfd1919e0ff9a5ef4db35e) Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgpg-error: Add ARC supportAlexey Brodkin2018-10-183-2/+340
| | | | | | | (From OE-Core rev: 2d9dbcc638cc39b935b89b6e66ed216ea9b05d62) Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss: fix non-determinism when create a blank certificateKai Kang2018-10-124-8/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | It uses certutil from nss to create a blank certificate. But the checksum of database file key4.db changes every time: $ certutil -N -d sql:. --empty-password $ md5sum * f9dac2cfcb07cc8ca6db442a9a570906 cert9.db b892c5ff7c1977d4728240b0cf628377 key4.db 7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt $ rm * $ certutil -N -d sql:. --empty-password $ md5sum * f9dac2cfcb07cc8ca6db442a9a570906 cert9.db 405d55178e866a115c1aa975fccfa764 key4.db 7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt Provide pre-created databases with a blank certificate to fix non-determinism issue. And these database files are from nss qemux86-64 build. (From OE-Core rev: e64a30f7af87fa960b012ace92c51b88e8abae68) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libproxy: correctly disable the KDE moduleRoss Burton2018-10-111-1/+1
| | | | | | | | | The configuration option is WITH_KDE now, as it supports both KDE4 and KDE5. (From OE-Core rev: 2a5d1db6643482dd06a456e303c6f6bc88059813) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libproxy: disable python2 and python3 supportPascal Bach2018-10-111-1/+2
| | | | | | | | | | The option WITH_PYTHON got replaced by WITH_PYTHON2 and WITH_PYTHON3. (From OE-Core rev: 91fe0fb4c7d48cf8fb02fbde26fe5657d5d9a491) Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* acl: Make it compatible with externalsrcPeter Kjellerstedt2018-10-101-1/+1
| | | | | | | | | | | | | | | Make the subdir fetch path for configure.ac relative. This avoids the following error after having done `devtool modify acl`: ERROR: acl-2.2.52-r0 do_unpack: Unpack failure for URL: 'file://configure.ac;subdir=.../builds/qemux86-64/workspace/sources/acl'. subdir argument isn't a subdirectory of unpack root .../builds/qemux86-64/tmp/work/core2-64-poky-linux/acl/2.2.52-r0 (From OE-Core rev: 8a12bb7349bce29403077e18875563a9b0770838) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Add the LICENSES file to LIC_FILES_CHKSUMPeter Kjellerstedt2018-10-091-1/+2
| | | | | | | | | | | | The LICENSES file contains references to source files with other licenses than GPL/LGPL that stipulate that they shall be mentioned in any documentation accompanying a product including this library. License-Update: Add missing LICENSES file (From OE-Core rev: 67bc0b3babd922c800a03c1370d6d33a75f273c1) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Include the complete license informationPeter Kjellerstedt2018-10-091-1/+1
| | | | | | | | | | | | | For some reason, the copyright part was left out of the license information included in LIC_FILES_CHKSUM, preventing it from being used in, e.g., documentation to satisfy the requirements of the license. License-Update: Include the complete license information (From OE-Core rev: 390becd2dcf4fe791ec3715a74e34a46bd457e7a) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup: upgrade to 2.62.3Ross Burton2018-10-092-36/+3
| | | | | | | | | | | | Freeze-breaking upgrade for a security bug fix involving cookie URLs, and a number of static analysis fixes. Drop CVE-2018-12910.patch as this is merged in 2.62.3. (From OE-Core rev: a8098782fab87498026a09c06716b631c77c5ad6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libusb: ptest: don't skip debug output and fix failures processingMaksym Kokhan via Openembedded-core2018-10-081-9/+23
| | | | | | | | | | | | | Current run-ptest script prints nothing, when stress tests fail. Fix it in new implementation, discarding external dependency on sed. Also leave in place all stress output, just add standard ptest result. Fixes: 3f0106bf2e41 ("libusb: Add ptest") (From OE-Core rev: cd05029c78dea48c20f9acb2c5fee56b19193f22) Signed-off-by: Maksym Kokhan <maksym.kokhan@globallogic.com> Reviewed-by: Andrii Bordunov <andrii.bordunov@globallogic.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcheck: avoid multilib install file conflictKai Kang2018-10-042-1/+21
| | | | | | | | | | | | The first line of output of '$CC --version' is written to check_stdint.h as a comment line. It causes multilib install file conflict. Do not echo compiler version info to check_stdint.h to fix the issue. (From OE-Core rev: f9db6ac8044495f9299fb0e962d3d6838bbce08f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: build context and coroutine for armVernon Mauery2018-09-261-0/+4
| | | | | | | | | | | When cross-compiling for arm architecture, bjam fails to properly detect the abi, which causes a failed conditional to omit the assembly code that supports the platform. (From OE-Core rev: 920f2c479c3cf30d92f79dc9098e5915c05cc5e1) Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: Add ARC supportAlexey Brodkin2018-09-212-0/+28
| | | | | | | | (From OE-Core rev: 7b7b0fb8c27d06919f537a272107fc3f0b9cf9e5) Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nspr: Add ARC supportAntoine Tenart2018-09-212-0/+89
| | | | | | | | | | | [Alexey: Rebased on top of other patches like RiscV, NIOS2 etc] (From OE-Core rev: bc9259fad8f90f0cbabd3db7509c401b071e4ff3) Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* p11-kit: Add PACKAGECONFIG for trust pathsAlex Kiernan2018-09-211-1/+3
| | | | | | | | | | | Add trust-paths PACKAGECONFIG item which enables support for default trust-paths in /etc/ssl/certs/ca-certificates.crt (From OE-Core rev: d63f16f03ad60ab77fd5c78de1bbf1f248c51c6e) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* p11-kit: Upgrade from 0.22.1 -> 0.23.14Alex Kiernan2018-09-212-11/+6
| | | | | | | | | | | p11-kit is no longer doing odd/even for development/stable releases, so drop the custom UPSTREAM_CHECK_GITTAGREGEX. (From OE-Core rev: 1a38f27342c5a40f81e579b2d0feb7b6e9880ac7) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: Inherit from distutils-common-baseAlex Kiernan2018-09-211-3/+3
| | | | | | | | | | | | | Inherit from distutils-common-base and pythonnative/python3native to avoid runtime dependency on Python, whilst still fixing clang builds. Fixes: 8bfb54edc6fa ("gpgme: Inherit distutils3-base") Suggested-by: Khem Raj <raj.khem@gmail.com> (From OE-Core rev: 4e1e914101146149cbfd70ff00cfcd0fdcf1a88c) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: use Meson instead of autotoolsRoss Burton2018-09-212-5/+47
| | | | | | | | | | Upstream is moving to Meson, so backport a patch to use that instead of autotools. (From OE-Core rev: d297f7ebf3f62528d055e1938a9693d6f3a61935) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: rename directory to match recipeRoss Burton2018-09-211-0/+0
| | | | | | | (From OE-Core rev: 979b247c558eeb151fce925ee6600700ef20f869) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: CVE-2018-14618Zhixiong Chi2018-09-202-0/+38
| | | | | | | | | | | | | Backport the CVE patch from the upstream https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch https://curl.haxx.se/docs/CVE-2018-14618.html https://nvd.nist.gov/vuln/detail/CVE-2018-14618 (From OE-Core rev: b76903b4b7bfec71be0a8a14e2cab4e2ec852222) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: patch gnupg-native to allow path relocationRoss Burton2018-09-202-1/+87
| | | | | | | | | | | | | | | GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as gpg-agent. This breaks if gnupg-native is reused from sstate for a different build directory and GPG signing of packages is required. Patch in getenv() checks for gnupg-native when returning the hardcoded paths, and create a wrapper script which overrides GNUPG_BINDIR. There are more paths that can be overridden, but this one is sufficient to make GnuPG work. (From OE-Core rev: dfd69ff889ed78bf137116583d8ae351859ee203) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr-util: fix ptest fail problemChangqing Li2018-09-132-0/+136
| | | | | | | | | | | | | | | | Test suite test_dbm failed after gdbm upgrtade to 13.1, from 13.1, return value of some function are changed. * gdbm_fetch, gdbm_firstkey, and gdbm_nextkey behavior If the requested key was not found, these functions return datum with dptr pointing to NULL and set gdbm_errno to GDBM_ITEM_NOT_FOUND (in prior releases, gdbm_errno was set to GDBM_NO_ERROR), (From OE-Core rev: 0952c190fc6aec333676ce3883e8232fa8595551) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* multilib: fix install file conflictsKai Kang2018-09-132-2/+7
| | | | | | | | | | | | | Fix install files conflicts between multlib packages by inherit multilib_script: | file /usr/bin/cairo-trace conflicts between attempted installs of lib32-libcairo-perf-utils-1.14.12-r0.x86 and libcairo-perf-utils-1.14.12-r0.core2_64 | file /usr/bin/icu-config conflicts between attempted installs of lib32-icu-dev-62.1-r0.x86 and icu-dev-62.1-r0.core2_64 | file /usr/bin/gpgrt-config conflicts between attempted installs of lib32-libgpg-error-dev-1.32-r0.x86 and libgpg-error-dev-1.32-r0.core2_64 (From OE-Core rev: 52f2dd97e9dd20dea0f3cdeb2df490d1a4c646aa) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* serf: Document and add upstream status field for 0003-gen_def.patchKhem Raj2018-09-111-0/+5
| | | | | | | | (From OE-Core rev: 60909e5d4ac94ed77699a569960bb689acb432dd) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* attr: use u-a for setfattrMartin Jansa2018-09-111-1/+5
| | | | | | | | | | | | | setfattr is now provided also by busybox since 1.29.2 upgrade and do_rootfs is failing with: update-alternatives: Error: not linking usr/bin/setfattr to /bin/busybox.nosuid since usr/bin/setfattr exists and is not a link (From OE-Core rev: d633633f3d83467fe1f946c57e2e75e0e774ec7e) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* taglib: Security fix CVE-2018-11439Yi Zhao2018-09-102-0/+52
| | | | | | | | | | | | | | | | | | CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. References: https://nvd.nist.gov/vuln/detail/CVE-2018-11439 Patch from: https://github.com/taglib/taglib/pull/869/commits/272648ccfcccae30e002ccf34a22e075dd477278 (From OE-Core rev: a300c4917b6c22ef039158be7ae92055c35658d4) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libbsd: drop obsolete patchRoss Burton2018-09-102-34/+0
| | | | | | | | | | This was only needed with old pkg-config, but we have 0.29.2 so this can be dropped. (From OE-Core rev: 27605fc88d0dc8021abeccc38bab286f56a92736) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdbm: update to 1.18Alexander Kanavin2018-09-102-15/+11
| | | | | | | (From OE-Core rev: 76ef43b208e3b2bd2616171c7781629e060809cc) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: update to 1.68.0Alexander Kanavin2018-09-104-79/+2
| | | | | | | (From OE-Core rev: fb646ea311c589a51ef76eea7581e63f8a8f6bbd) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iso-codes: update to 4.1Alexander Kanavin2018-09-101-1/+1
| | | | | | | (From OE-Core rev: e54933e41dc7584bb9f30c7992326fbd387088cf) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dos2unix: fix upstream version checkAlexander Kanavin2018-09-101-0/+1
| | | | | | | (From OE-Core rev: dabce3f4f9db7d57348eeb8608323687cff91e82) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* serf: Fix Sconstruct build with python 3.7Khem Raj2018-09-065-1/+113
| | | | | | | | | | These patches will be needed to build serf on hosts with python 3.7+ (From OE-Core rev: ab0be544b392bbd6cb1dc91edd5fe8563d7de393) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: add (from meta-oe)Ross Burton2018-09-051-0/+19
| | | | | | | | | | | | | | | Originally this was fribidi 0.19.7 from meta-oe, with the following changes: - Upgrade to latest release (1.0.5) - Drop GLib and PCRE build-dependencies (removed upstream) - License is *or newer* - Upstream has moved to Github - Remove the historical PROVIDES (patches for meta-oe sent) (From OE-Core rev: d1feb75be77816efdb00149acef4815a8c97d844) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Update git.gnome.org addresses after upstream changesRichard Purdie2018-09-042-2/+2
| | | | | | | | | | | | | | | git.gnome.org is no more. It has ceased to be. It's an ex-git. Please see here: https://about.gitlab.com/2018/05/31/welcome-gnome-to-gitlab/ Note that gitlab does not support git://, only https:// (and ssh). [Commit message from Alexander Kanavin] (From OE-Core rev: 8382cdc0888ca645a44aacaac1155afb8dcde979) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ca-certificates: update to 20180409Alexander Kanavin2018-09-041-2/+2
| | | | | | | | License-Update: URI fix (From OE-Core rev: 87acc51a7892524a22640bf9eba46c11701365d6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: Fix invalid const in atomic builtinsKhem Raj2018-09-042-7/+84
| | | | | | | | | Fixes build with clang (From OE-Core rev: b844cc9a3ac95f51586a57e973c1b3c4188b9cff) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: Inherit distutils3-baseKhem Raj2018-09-041-2/+2
| | | | | | | | | | | | its building a module therefore its important to provide correct cross build environment, distutils3-base automatically inherits python3native this is seen when using clang where it tried to link with gcc since the environment falls back to builtin LDSHARED variable (From OE-Core rev: 8bfb54edc6fafda2301aece91ec6b55905e2a418) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss :improve reproducibilityHongxu Jia2018-08-291-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | - Explicitly requests the newer database `sql:' rather than retrieved from NSS_DEFAULT_DB_TYPE - Removes build path prefix from pkcs11.txt Refers certutil manual: [certutil manual] -d [prefix]directory Specify the database directory containing the certificate and key database files. certutil supports two types of databases: the legacy security databases (cert8.db, key3.db, and secmod.db) and new SQLite databases (cert9.db, key4.db, and pkcs11.txt). NSS recognizes the following prefixes: sql: requests the newer database dbm: requests the legacy database If no prefix is specified the default type is retrieved from NSS_DEFAULT_DB_TYPE. If NSS_DEFAULT_DB_TYPE is not set then dbm: is the default. [certutil manual] (From OE-Core rev: e9b99efe4b5cf7e810156f7bb55736e01be36a45) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcroco: patch for CVE-2017-7960Changqing Li2018-08-292-0/+58
| | | | | | | (From OE-Core rev: 2539d7334cbe9693ebe68d33c7a97872a1645510) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: patch for CVE-2017-7544Changqing Li2018-08-292-1/+42
| | | | | | | (From OE-Core rev: b25f5e8efbe723520fa6e6311767c35e4cb71859) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: drop PACKAGECONFIG options for SSL v3 and TLS v1.3Andre McCurdy2018-08-231-2/+0
| | | | | | | | | | | | | | | By including PACKAGECONFIG options, the recipe takes responsibility for defining the default state of these options. Although the recipe currently aligns with the gnutls defaults (ie both disabled) tracking new gnutls releases will be a maintenance effort. Unless there's a clear reason to do otherwise, it seems safer to leave the choice of which SSL/TLS versions to enable by default up to the gnutls developers. (From OE-Core rev: 4c1d03eb226aa838622852b70a87260ab1ac9d91) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: drop obsolete configure.ac patchAndre McCurdy2018-08-232-30/+0
| | | | | | | | | | | | | >From gnutls 3.5.8 onwards, the code in configure.ac has been passing "basename $i" to sed, rather than "echo $i". Since the full ${srcdir} path is not being processed, there's no risk of unexpected matches. https://gitlab.com/armcc/gnutls/commit/478179316bc815e1ad518ae318f46e94a13b0e1f (From OE-Core rev: bce938174d1207685c67c40e341a36ab1158e6eb) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: merge gnutls.inc into the gnutls recipeAndre McCurdy2018-08-232-63/+61
| | | | | | | (From OE-Core rev: 0119335af368dffa42d9cda673e7aaafbc6f657f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libatomic-ops: upgrade 7.6.4 -> 7.6.6Maxin B. John2018-08-231-3/+3
| | | | | | | | | License-Update: updated address of Free Software Foundation (From OE-Core rev: 9aa8061f2e9f1e66b4ef4d63ae2932bf0c6a2c41) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>