summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* attr: Disable parallel make installRichard Purdie2020-09-161-0/+3
| | | | | | | | | | | | do_install fails on newer versions of make with interesting and hard to debug errors. Disablle parallle make install as a workaround. Later verisons of attr in newer releases don't have the issue. (From OE-Core rev: 6043b9a2ea879f8960897b11eb947801508a94da) (From OE-Core rev: f06861bbe402fff3f370687585e43c0270609d00) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.16 -> 2.2.17Anuj Mittal2020-04-091-3/+2
| | | | | | | | | | | | | | | | Also fixes CVE-2019-13050. Announcement: https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html (From OE-Core rev: c6e46323f0d62daf8bd424e642581fdcba920ef7) (From OE-Core rev: ae33f509d753821111bb6b30343b02b37d996339) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.15 -> 2.2.16Zang Ruochen2020-04-091-2/+2
| | | | | | | | | | | | (From OE-Core rev: 825be9d66ae9f503f1dd2dce0fac530554057613) (From OE-Core rev: bb12f99a5bce3fcee1ef36406197231723647a8d) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: update to 2.2.15Oleksandr Kravchuk2020-04-092-7/+10
| | | | | | | | | | | | (From OE-Core rev: e60b3994d4bc282191302e1fd9b7d2106ee2f6cb) (From OE-Core rev: 431bd084f71f9479c2ff9f37237799ad1f02d289) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite3: fix CVE-2019-16168Qi.Chen@windriver.com2020-04-092-0/+41
| | | | | | | | | | | (From OE-Core rev: 8d663da7e5fad8dd936fbefeba67db6e0e356975) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup: set CVE_PRODUCTRoss Burton2020-04-091-0/+2
| | | | | | | | | | (From OE-Core rev: 5aa78e651ddef8a19768fa713993568cd3cc2a13) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: fix build for x32Anuj Mittal2020-04-092-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit: d336110b94 boost: update to 1.67.0 dropped the patch that ensured boost doesn't over-ride the architecture flags set by us resulting in errors: | build/tmp/work/x86_64_x32-poky-linux-gnux32/boost/1.69.0-r0/recipe-sysroot/usr/include/bits/long-double.h:44:10: fatal error: bits/long-double-64.h: No such file or directory | #include <bits/long-double-64.h> | ^~~~~~~~~~~~~~~~~~~~~~~ | compilation terminated. Remove the relevant part from gcc.jam again to ensure we are passing them correctly again. Fixes [YOCTO #13598] (From OE-Core rev: aad28f42b1c8aa1335c040630ebff4a69be07e35) (From OE-Core rev: 1cfd56ebdbcbab4ded1b0ea3c4bc44d3e83a9288) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ebbfe23acfbc820ad7b71c95539b5af97a8be49d) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lz4: Whitelist CVE-2014-4715Adrian Bunk2020-01-281-0/+3
| | | | | | | | | (From OE-Core rev: ca4fc78584ec5a7bbeac188f4ed935b3128eb6eb) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* popt: fix SRC_URIOleksandr Kravchuk2020-01-161-1/+1
| | | | | | | | | | | | | rpm5.org has been down for about a year now. Use linuxfromscratch.org as an alternative reliable source instead. (From OE-Core rev: 2e2fb4e9db2e328dcb771951feb7f7ab5c0c4dd6) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d9224014da9a512b1b8837e4e7a736d465c97be3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: set CVE vendor to BoostRoss Burton2020-01-161-0/+2
| | | | | | | | | | | | There's a Boost module for Drupal. (From OE-Core rev: e8ffa02f3efcf5303b8cf57eb29e498e816e63c0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: fix CVE-2019-18197Joe Slater2019-11-182-0/+34
| | | | | | | | | | | | Use patch from upstream after 1.1.33 release. (From OE-Core rev: aa88f0f3b7f70ddc88f187c91860505b256aeda3) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: fix CVE-2019-12904Yi Zhao2019-10-304-0/+603
| | | | | | | | | | | | | | | | | | | | | | | | | In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-12904 Patches from: https://github.com/gpg/libgcrypt/commit/1374254c2904ab5b18ba4a890856824a102d4705 https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762 https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020 (From OE-Core rev: a981d9b753a13e100af1f654fb3384f0bcda0b65) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 37e390ff05b6a4509019db358ed496731d80cc51) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 4c207cb1ad46c0d2005ab3eae70d78c937e084b5) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcroco: Fix two CVEsMuminul Islam2019-10-302-0/+39
| | | | | | | | | | CVE: CVE-2017-8834 CVE-2017-8871 (From OE-Core rev: fe2d5b0d56201110323911d206243fdcc7f80115) Signed-off-by: Muminul Islam <muislam@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls:upgrade 3.6.7 -> 3.6.8Zang Ruochen2019-10-301-2/+2
| | | | | | | | | | | | | | | -Upgrade from gnutls_3.6.7.bb to gnutls_3.6.8.bb. (From OE-Core rev: c5d2ca323a255f09c7b3378af5956671205867f4) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b34486a616ab4d4b30247a5dff58a18ef26ed709) [Bug fix only update. Including: CVE-2019-3836 CVE-2019-3829 https://lists.gnupg.org/pipermail/gnutls-help/2019-May/004527.html] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Curl: Security fix for CVE-2019-5482Armin Kuster2019-09-302-0/+66
| | | | | | | | | | | | | | | | | | Source: curl.org MR: 99905 Type: Security Fix Disposition: Backport from https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d ChangeID: e0c807da8937f687a4b2e28eaa6b4b5a51845bc5 Description: Fixes CVE-2019-5482 - Affected versions: libcurl >= 7.19.4 to and including 7.65.3 - Not affected versions: libcurl < 7.19.4 (From OE-Core rev: d2e5558133f970a8a196c545dd00af9315c1a06a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgpg-error: Fix build with gawk 5.xSean Nyekjaer2019-09-302-0/+162
| | | | | | | | | | Based on poky master, but for version 1.35 (From OE-Core rev: 4e110b7d3b6e84015249f4174766dd3790f9bbbe) Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: Fix build and enable context and coroutines on aarch64Bedel, Alban2019-09-301-0/+2
| | | | | | | | | | | | Like for ARM bjam need some hints about the ABI to properly build on aarch64. While at it also enable context and coroutine as these are supported on aarch64. (From OE-Core rev: 219befc2dad0c6df171f46725c995ce0038fa4f8) Signed-off-by: Alban Bedel <alban.bedel@aerq.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rng-tools: fix very long shutdown delay with systemdBedel, Alban2019-09-301-1/+2
| | | | | | | | | | | | | | | | | The systemd service file has DefaultDependencies=no but is not properly configured to also stop the unit. Because of this the unit keep running after shutdown but systemd still waits for it to finish to then later resort to a hard kill. All this take 1m30s with the default configuration. To fix this problem add the missing Before=shutdown.target and Conflicts=shutdown.target to have systemd stop the unit on shutdown. (From OE-Core rev: b6daf8a5755842c0e38b1a88687a18432138a45a) Signed-off-by: Alban Bedel <alban.bedel@aerq.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: fix CVE-2019-13117 CVE-2019-13118Anuj Mittal2019-09-303-0/+111
| | | | | | | | | | | (From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5) (From OE-Core rev: 7a3b5f260c498da39ecedb313898d1f5482ddd2f) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix CVE-2019-5435 CVE-2019-5436Anuj Mittal2019-07-293-0/+298
| | | | | | | (From OE-Core rev: 952bfcc3f4b9ee5ba584da0f991f95e80654355a) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: fix CVE-2019-12735Anuj Mittal2019-07-292-0/+65
| | | | | | | (From OE-Core rev: c7efa41e7fed263413d5f55d5ed5d17e874623a3) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: Fix CVE-2019-11068Adrian Bunk2019-06-302-1/+127
| | | | | | | | | (From OE-Core rev: 7fa78955448aa371d3e032c12fe078e5ddfd68a0) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-runner: enable child procs as session leaderRandy MacLeod2019-06-302-1/+215
| | | | | | | | | | | | | | | | | | | | | When running the run-execscript bash ptest as a user rather than root, a warning: bash: cannot set terminal process group (16036): Inappropriate ioctl for device bash: no job control in this shell contaminates the bash log files causing the test to fail. This happens only when run under ptest-runner and not when interactively testing! The changes made to fix this include: 1. Get the process group id (pgid) before forking, 2. Set the pgid in both the parent and child to avoid a race, 3. Find, open and set permission on the child tty, and 4. Allow the child to attach to controlling tty. (From OE-Core rev: 25121d92f1a4cd70223038e09a719fec94355ee6) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-runner: update SRCREV to latest HEAD on ptest-runner2 repoSakib Sajal2019-06-301-1/+1
| | | | | | | | | | | | | 63d097c Add SPDX-License-Identifier: GPL-2.0-or-later in source files (HEAD) fb93c99 utils.c: close all file descriptors after completing a ptest (From OE-Core rev: 884e0d80d0113e8af5bdbd7988e391c1292e37c2) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Randy Macleod <randy.macleod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Use ca-certificates as default trust store filePhilippe Normand2019-06-181-0/+1
| | | | | | | | | | | | | | | | | Since version 2.58 the glib-networking TLS database relies on GnuTLS's system trust store, so not enabling it leads to TLS errors in applications depending on glib-networking. The raised runtime warning is: process:500): GLib-Net-WARNING **: 09:14:09.321: Failed to load TLS database: Failed to load system trust store: GnuTLS was not configured with a system trust (app:490): ... TLS Error: TLS certificate has unknown CA. (From OE-Core rev: 1d147be584d2f016853edbe9751247d7daa0b5d0) (From OE-Core rev: 712c78984c891e6357e1b1dc414431fb6c226c49) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcre: Add make dependency for ptestRichard Purdie2019-06-071-0/+2
| | | | | | | | | | The tests are run from a makefile so this dependency is needed. (From OE-Core rev: d2361e9bb6caf66cf6d492fc5957c601fd3f9e6d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr/apr-util: Add ptest dependency on libgccRichard Purdie2019-06-072-0/+3
| | | | | | | | | | | | | | Avoid: libgcc_s.so.1 must be installed for pthread_cancel to work when running the ptest without libgcc. (From OE-Core rev: f704c1021e311ad493374d8cd38e800b79a96746) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packagesRichard Purdie2019-06-071-1/+1
| | | | | | | | | | | | | This solves ptest runtime errors where make was missing causing the ptests to fail. (From OE-Core rev: 47bcd4dec32e87b7353b079f63931d11cd0568e6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for warrior context] [Dropped ptest fixes for pkg w/o ptests in warrior] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nettle: fix the Segmentation faultMingli Yu2019-05-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The commit[8ac8fa8ee1 nettle: update to 3.4.1] add CFLAGS_append = " -std=c99" to silence the below error for native build: | ../nettle-3.4.1/rsa-sign-tr.c: In function 'sec_equal': | ../nettle-3.4.1/rsa-sign-tr.c:243:3: error: 'for' loop initial declarations are only allowed in C99 mode for (size_t i = 0; i < limbs; i++) ^ | ../nettle-3.4.1/rsa-sign-tr.c:243:3: note: use option -std=c99 or -std=gnu99 to compile your code | Makefile:263: recipe for target 'rsa-sign-tr.o' failed But the above change will trigger below Segmentation fault: # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault So update the logic to CFLAGS_append = " -std=gnu99" to fix the issue. (From OE-Core rev: 91359a91b8c89dc5e1f3a946137204156c47a3af) (From OE-Core rev: cccf000f07eb8b60874c66c60a47c46d546e5ca0) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.5 -> 3.6.7Adrian Bunk2019-05-121-4/+3
| | | | | | | | | | | | | | | | | This is a new upstream release from the same stable branch bringing new features and bugfixes (including CVE fixes). COPYING changed http -> https. configure no longer has a --without-libunistring-prefix option. (From OE-Core rev: 93993fe8ffd31e3e94946023b2cd8927ae595fc3) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [includes: CVE-2019-3836 CVE-2019-3829] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: update to 7.64.1Oleksandr Kravchuk2019-05-121-2/+2
| | | | | | | | | | (From OE-Core rev: 61433a177c5ce19a0c560a6e1062bad8194cecc8) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "nettle: fix ptest failure"Richard Purdie2019-04-123-44/+24
| | | | | | | | | | | | | | This reverts commit 83faaf7b2a5f4fc4ae504b300134409e90389770. This should never have merged as the change was rejected upstream and adding a library to the ptest package resulted in it providing that SONAME which led to being included in images like core-image-sato. This in turn led to a ton of ptest failures in the 2.7 r1 QA report. (From OE-Core rev: 039e7b25f0018e6923d14b40c35252f99e1d3ea3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nettle: fix ptest failureMingli Yu2019-04-123-24/+44
| | | | | | | | | | | | | | | | | | | | | | Remove dlopen-test.patch which originally used to fix the test dlopen-test, but autually the patch didn't resolve the issue as dlopen-test.patch supposes the file /usr/lib/libnettle.so exists. Instead deploy ${D}${PTEST_PATH}/libnettle.so to fix the dlopen-test failure. Update the initialization for the salt to fix below Segmentation fault and also nettle-pbkdf2-test failure. # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00] [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f Segmentation fault (From OE-Core rev: 83faaf7b2a5f4fc4ae504b300134409e90389770) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup-2.4: use gobject-introspection.bbclass on/off mechanismAndreas Müller2019-04-111-8/+0
| | | | | | | (From OE-Core rev: 951b8394a7665902ec9b0572585c605251beb002) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* atk: use gobject-introspection.bbclass on/off mechanismAndreas Müller2019-04-111-8/+0
| | | | | | | (From OE-Core rev: 9fca94a4fe8e6f884689accc7d35c453811b6654) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* at-spi2-core: use gobject-introspection.bbclass on/off mechanismAndreas Müller2019-04-111-6/+4
| | | | | | | (From OE-Core rev: 7d2d1a45e0d6fe0dba289d686a510f844151df2f) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ptest-runner: Add several logging fixesRichard Purdie2019-04-094-1/+161
| | | | | | | | | This change adds three patches to improve the handling of stdout/stderr and child processes to try and improve logging reliability in ptest-runner. (From OE-Core rev: 1c0fffc401cdb581a93d16d225f53c83359ff209) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: update for new catalog pathRoss Burton2019-04-051-2/+2
| | | | | | | | | The XML catalogue is now at the canonical path, ${sysconfdir}/xml/catalog. (From OE-Core rev: 2c91c3ef14269b7b329b3008e5b3a8e65ea4f494) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite3: fix CVE-2019-9936 and CVE-2019-9937Ross Burton2019-04-013-0/+217
| | | | | | | (From OE-Core rev: 4ec161ea684b305b303f32e96ce23f472c82e1a1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: fix CVE-2016-6328 and CVE-2018-20030Ross Burton2019-03-293-1/+182
| | | | | | | (From OE-Core rev: 037b544431076b94e85281c7deb527a44a600f5a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bmap-tools: fix upstream version checkAlexander Kanavin2019-03-291-1/+1
| | | | | | | (From OE-Core rev: c03172749018e2d9fae85b35ff9176ba922857e6) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* db: fix upstream version checkAlexander Kanavin2019-03-291-1/+1
| | | | | | | | | | | | | | | The new regex excludes the 5.3.28+dfsg1 which is a Debian repackaging of the original tarball: * Repack the .orig tarball to eliminate prebuilt binaries that need a Visual Studio plugin to build from source. (Closes: #898215) https://metadata.ftp-master.debian.org/changelogs/main/d/db5.3/unstable_changelog (From OE-Core rev: 0bba7bbdb9600095f367bbe2f6926e216a7b56ce) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpsl: Extend with native, nativesdkAlex Kiernan2019-03-251-0/+2
| | | | | | | | | To allow wget with libpsl to build native/nativesdk versions we need those variants here. (From OE-Core rev: e2df6087694af09715141c5cb38af3e7db4ad758) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: disable documentation neatlyRoss Burton2019-03-241-4/+1
| | | | | | | | | No need to sed the Makefile as we can just pass --disable-docs. (From OE-Core rev: 72e8597562fa7d8b0f19ed5c8727ebdf172c96a9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcroco: fix CVE-2017-7961Ross Burton2019-03-242-1/+48
| | | | | | | (From OE-Core rev: 480f15850820746cecdfe0b8450b2be484c1f8f9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcre: update patch statusRoss Burton2019-03-241-1/+1
| | | | | | | (From OE-Core rev: 3e06fc90f8c3e657db471e4d6eb20b0059d3f690) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Remove the c_rehash shell re-implementationOtavio Salvador2019-03-191-1/+1
| | | | | | | | | | | We had a c_rehash shell re-implementation being used for the native package however the ca-certificates now uses the openssl rehash internal application so there is no use for the c_rehash anymore. (From OE-Core rev: 672b076158247f823a518b7c33b50c82272d6388) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Update to 8.1.1017Tom Rini2019-03-183-5/+5
| | | | | | | | | | | | The most current release of vim is now 8.1.1017. The only problem currently is that the disable_acl_header patch is still not upstream. Cc: Wenzong Fan <wenzong.fan@windriver.com> Cc: Changqing Li <changqing.li@windriver.com> (From OE-Core rev: 791b278c513abb6587d4efcf2e4e974a0bf280ae) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nspr: update 4.21Armin Kuster2019-03-111-2/+2
| | | | | | | (From OE-Core rev: f0083af1bba06fbf7aa4ed524f6a34a42555a8bd) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss: update to 3.42.1Armin Kuster2019-03-112-37/+2
| | | | | | | | | remove nss-fix-SHA_HTONL-bug-for-arm-32be.patch now included (From OE-Core rev: 0de293ce514c24305a520b2291158477f77cb3ac) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-04-28 04:57:17 +0000