| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whitelisted below CVEs:
1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.
2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.
(From OE-Core rev: 2ebd235bc86032e388fb7e565834f3200e09d081)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2943efe3f56d394308f9364b439c25f6a7613288)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rngd daemon may spam the console when using an older version
than 6.11.
Backport patches from https://github.com/nhorman/rng-tools/pull/99/commits
(From OE-Core rev: 28707d202e56c9fe12492e3370fb56d920560642)
Signed-off-by: Julien Massot <julien.massot@iot.bzh>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-certdata2pem.py-use-python3.patch
removed since it is included in 20210119
(From OE-Core rev: 2a558ee61a2452a209d39cd1528a309c549c0f4e)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit afd86357e07f69090eaff4c5db2c517867dd4ccf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: ed36f9145923b70556a7bedb34255042fa507a80)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9bc2943a7819c7e6d1bd4c1c03b265671811784c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
-License-Update: format changed
(From OE-Core rev: fd8ffc7cfc14be9cf620da0d392db73272b2398d)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0007f38b03bcb0bd561bd9181fbffc7dec47fe9a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
backport CVE-2020-8284 fixes from upstream, but drop
binary file tests/data/test1465.
upstream fixes for CVE-2020-8231, CVE-2020-8285 and CVE-2020-8286
does not applies cleanly to 7.69.1, fedora have working patch
hence import patch from Fedora.
https://koji.fedoraproject.org/koji/rpminfo?rpmID=24270817
(From OE-Core rev: 16ec5dea53d24cc1449d173912c1056c873fa98d)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch makes gcc produce broken code. It is unclear why it is there
in the first place. Drop it.
(From OE-Core rev: 5d3354a1f03f17668c393049928375335059d4e5)
Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f3cace37496fe1dc4fd045f688f7d441505c437)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 2c25bdd3624002f04be2cf188d8df5d3a0b48dcb)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 46d837442ab216941df2d02f60c69155463e02d8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support for gdbm was made optional in 3260ad9e, but it was still being
used unconditionally.
(From OE-Core rev: d4efeada4b8011f18a1ba9464c70e1a2ebe33d3b)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 09d303ca295dc27874c72b30c37a64d1fdf4c5c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: a6694d72a6b2ac6c33183aa418673e882b0d07a0)
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2654384db4999c78bc3d98215a4eecdab63541b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nativesdk support
In order to make wic tool work in sdk which is out of an
existed Yocto build, it needs to port wic tool as a nativesdk
recipe.
First, make these runtime depends recipes to support nativesdk
(From OE-Core rev: caf6dac96888d983ead4e75896b78f96777c40d6)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb4f7f078e1d3b1afbf93ca4dc5e690f60c59412)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
scons is using host ar to create it, which may or may not
be built with reproducible option by default. Rather than
patch scons for the benefit of a single recipe, let's
just not install the .a, which is unused anyway.
(From OE-Core rev: 2d44aee1424d50949a8f38bc5b020d93804d5279)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7e44275f4d286f005b2f19e3dcc9c6d390b98f30)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Patch is added to address an issue preventing libffi
from compiling under clang.
Change-Id: I55e36d252ec8e84de9b35fea18044c2c0e8c5aab
(From OE-Core rev: a4944e9b553ddf55da9d9a1243fadc93a620b003)
Signed-off-by: Brett Warren <brett.warren@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 01e8c53488dd5ebb206bef2415549e8ac1ac7601)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream renamed master -> dev, update SRC_URI to match.
[YOCTO #14135]
(From OE-Core rev: 5d7ddba37e8f59f181e47bf122a551c212bbb8ac)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3369aa0322693604533ef7d30dca234e52605fe2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per https://groups.google.com/g/sqlite-dev/c/U7OjAbZO6LA this issue
is believed to be either iOS specific, or fixed in 3.8.9.
(From OE-Core rev: c5bfb3e4680fb69b7ce793c57082354c12ce3f13)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry-picked from d11a2157befcfe40517140988dd26bf0ed7240b6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 9b5ae61015637c1bf790a0700069da9e65bafefc)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The srcrev bump is actually bring single commit [1] on top of 2.4.0 which fixes ptest
runs with messges like
ERROR: Unable to detach from controlling tty, Inappropriate ioctl for device
[1] https://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/commit/?id=834670317bd3f6e427e1ac461c07ada6b8936dfd
(From OE-Core rev: a724eeeead28cbe7cfb8ffbcf40f6ac29e22ff61)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 791da075619139fa55751f8013c73d2fbf0cf64c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 83e9731584de86662c009201873759d1b1b3c317)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fd180d21ec907726b2fcd7709b93cb8e464390d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for un ptests in multiple directories, useful in multilib
builds.
Changes,
1e9a845 Add support to specify multiple folder for ptest-runner
287ba30 Makefile: Fix TEST_LDFLAGS gcc cmdline position
[YOCTO #12604]
(From OE-Core rev: bd7de7dd0992e0d7a6cc322a54cf9e69b052acca)
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1203ee86e3cf4d73f6ba513452717f1c4f78c501)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libbsd contains a multitude of licenses. For (commercial) projects the
3rd clause of the BSD-4-Clause license can be problematic. But only a
few man pages use this license. This means that the main package
containing the binary library itself is not under BSD-4-Clause ruling.
(From OE-Core rev: 5ff745ae91540e1a664647aff7ad5ea8bd39c01f)
Signed-off-by: Mark Jonas <toertel@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9c3e3f83b5fb162d161a7b9773d426418a22c05f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The license headers are clear that the code is "or later", fix LICENSE
to match.
(From OE-Core rev: c0d1eb1efad160b7832abd87a168ca547c296d94)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f0b5cdfcb104ac50222a47652e090ad8770e49f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
remove some extra whitespaces
(From OE-Core rev: 3ac10faff7ef00f68031400e86a6882ce0d5090a)
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 32ce3716761165b9df12306249418645724122cc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2020-13632
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13632
(From OE-Core rev: 8d54034bb8e522f9827ec6422b32cbd4e5bf1346)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2020-13631
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13631
(From OE-Core rev: 582f253d6781a006841a436a49c3f7fdddc5bb7b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2020-13630
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13630
(From OE-Core rev: 5780879dec867bdb3c7eeeffb7a958a8b50188a4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2020-13435
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13435
(From OE-Core rev: 4780662ebaba0931ac0084d40670d9be93c0da9b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2020-13434
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13434
(From OE-Core rev: 0338c2eb099532eb3b9a9de038f6b1a757348513)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: f2e07dcf2c8ced2efcb6b67db45b9c5dc5ca5309)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The official links on:
https://curl.haxx.se/download.html
use https now and we're seeing this warning:
WARNING: curl-native-7.72.0-r0 do_fetch: Failed to fetch URL http://curl.haxx.se/download/curl-7.72.0.tar.bz2, attempting MIRRORS if available
(From OE-Core rev: 9f39e53b0e1bf74b233b3e33a9996934a198f533)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0aa24abf6c4d68efa63026d2496b6adc16734d35)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To avoid false positives (such as CVE-2010-0734, rubygems:curl), expand
the CVE_PRODUCT list to include all the vendors that have been used.
(From OE-Core rev: 3c0029c9cf22b6983020edf9ce2aeb7b326d8c12)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb265122cccea9466405fdd924ad10ce8cda0dec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport the CVE patch from the usptream:
https://gitlab.com/gnutls/gnutls.git
commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a
(From OE-Core rev: fe3eebd129409fd8ed3ad1705a87eced5a61b33e)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 84b1bc500e318657cb7a8a189b59cc63bc91dca3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix error:
file /usr/include/gpgme.h conflicts between attempted installs of gpgme-dev-1.13.1-r0.core2_64 and lib32-gpgme-dev-1.13.1-r0.core2_32
part of diff:
-#if 64
+#if 0
#ifndef _FILE_OFFSET_BITS
-#error GPGME was compiled with _FILE_OFFSET_BITS = 64, please see the section "Largefile support (LFS)" in the GPGME manual.
+#error GPGME was compiled with _FILE_OFFSET_BITS = 0, please see the section "Largefile support (LFS)" in the GPGME manual.
#else
-#if (_FILE_OFFSET_BITS) != (64)
-#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 64, please see the section "Largefile support (LFS)" in the GPGME manual.
+#if (_FILE_OFFSET_BITS) != (0)
+#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 0, please see the section "Largefile support (LFS)" in the GPGME manual.
#endif
#endif
#endif
LFS support is enabled by default, and this header is generated during
build according to current configure
(From OE-Core rev: 82df23b088a4844d1f171bfa70c212ff62c3a741)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bd056f9c4c22740a4f7ede00c758a21037eae5ca)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix error:
file /usr/include/ffitarget.h conflicts between attempted installs of lib32-libffi-dev-3.3-r0.armv7vet2hf_vfp and libffi-dev-3.3-r0.cortexa57
part of diff
#ifndef LIBFFI_ASM
-typedef unsigned long ffi_arg;
-typedef signed long ffi_sarg;
-
-typedef enum ffi_abi {
- FFI_FIRST_ABI = 0,
- FFI_SYSV,
- FFI_VFP,
- FFI_LAST_ABI,
-#if defined(__ARM_PCS_VFP) || defined(_M_ARM)
- FFI_DEFAULT_ABI = FFI_VFP,
+#ifdef __ILP32__
+#define FFI_SIZEOF_ARG 8
+#define FFI_SIZEOF_JAVA_RAW 4
+typedef unsigned long long ffi_arg;
+typedef signed long long ffi_sarg;
+#elif defined(_M_ARM64)
+#define FFI_SIZEOF_ARG 8
+typedef unsigned long long ffi_arg;
+typedef signed long long ffi_sarg;
#else
- FFI_DEFAULT_ABI = FFI_SYSV,
-#endif
-} ffi_abi;
+typedef unsigned long ffi_arg;
+typedef signed long ffi_sarg;
#endif
-#define FFI_EXTRA_CIF_FIELDS \
- int vfp_used; \
- unsigned short vfp_reg_free, vfp_nargs; \
- signed char vfp_args[16] \
-
-#define FFI_TARGET_SPECIFIC_VARIADIC
-#ifndef _M_ARM
-#define FFI_TARGET_HAS_COMPLEX_TYPE
+typedef enum ffi_abi
+ {
+ FFI_FIRST_ABI = 0,
+ FFI_SYSV,
+ FFI_LAST_ABI,
+ FFI_DEFAULT_ABI = FFI_SYSV
+ } ffi_abi;
#endif
/* ---- Definitions for closures ----------------------------------------- */
#define FFI_CLOSURES 1
-#define FFI_GO_CLOSURES 1
#define FFI_NATIVE_RAW_API 0
#if defined (FFI_EXEC_TRAMPOLINE_TABLE) && FFI_EXEC_TRAMPOLINE_TABLE
#ifdef __MACH__
-#define FFI_TRAMPOLINE_SIZE 12
-#define FFI_TRAMPOLINE_CLOSURE_OFFSET 8
+#define FFI_TRAMPOLINE_SIZE 16
+#define FFI_TRAMPOLINE_CLOSURE_OFFSET 16
#else
#error "No trampoline table implementation"
#endif
#else
-#ifdef _MSC_VER
-#define FFI_TRAMPOLINE_SIZE 16
-#define FFI_TRAMPOLINE_CLOSURE_FUNCTION 12
-#else
-#define FFI_TRAMPOLINE_SIZE 12
-#endif
+#define FFI_TRAMPOLINE_SIZE 24
#define FFI_TRAMPOLINE_CLOSURE_OFFSET FFI_TRAMPOLINE_SIZE
#endif
+#ifdef _M_ARM64
+#define FFI_EXTRA_CIF_FIELDS unsigned is_variadic
+#endif
+
(From OE-Core rev: 6392d99de30e74c41b289c43fd98601e6cbc34ab)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efe8d76810973e7032e729beee106b8acc39b8ed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
For example, CVE-2019-18397 uses fribidi instead gnu_fribidi.
(From OE-Core rev: e6e40f16e66e8720cd7c6f67f4328936967d3ee9)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fa5d0f2c61a704436d71e5f02042fa8b2940f541)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stability / bugfix / security release
Fixes CVE-2018-20030, CVE-2020-13114, CVE-2020-13113,
CVE-2020-13112, CVE-2020-0093, CVE-2019-9278, CVE-2020-12767,
CVE-2016-6328, CVE-2017-7544
(From OE-Core rev: 2657e0614003819c3717429c3192b2e61a160a88)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 76e8c645cb2568c2dfa014af0eeac36d8f8b60ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was discussed and accepted upstream by the project so their license is consistent.
Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018
and https://gitlab.com/gnutls/gnutls/-/merge_requests/1285.
(From OE-Core rev: 284a8cb6c51517d07f5f21b224ffb57333f1fc27)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 267d07301c79c24969c169add05284f612c41d77)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security and bug fix release on the stable 3.6.x branch
Fixes CVE-2020-13777
Detailed list of changes at:
https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html
(From OE-Core rev: 79b821161275cad5d9c54078e65293109184ad65)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd88c81804a4a52b9875f2244c9f35911539be96)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
async_pipe is missing the executor_type type, which is expected by
asio in /usr/include/boost/asio/impl/read.hpp. Without this, it's
not possible to even compile code that uses constructs such as:
boost::asio::io_service foo;
boost::process::async_pipe foopipe{ boost::process::async_pipe(foo) };
This is only relevant for Dunfell because master has already moved to
boost-1.73.0 in which this bug has been fixed. The bug is also not
present in Zeus, which uses boost-1.71.0.
(From OE-Core rev: f3f6cc45b0b95cce337947df8dfaa9402251541c)
Signed-off-by: Viktor Rosendahl <Viktor.Rosendahl@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As an unconditionally dependency of subversion, extend serf recipe for
building a nativesdk variant being usable by nativesdk-subversion.
(From OE-Core rev: 3b78a39535089bbafbeb1ebd854efe180890f375)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ff731a25a49c768f04a474438efccb3bb505a898)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
libnl is required by networkmanager.
(From OE-Core rev: 30b4d8b5fd45c78f5da3706dd91c43d795de6eb0)
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b3c96103a5063eeefb0c537227eab3f77616b9c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backported from master with two differences:
1. Move exit in do_make_icudata_class-target after big endian patch
application (not required for master since new upstream icu includes
the patch)
2. In do_install_append_class-target test for existence of .dat input
file before calling icupkg
icu data generation was found to be racy, and causig AB failures;
making it serial and leaving it on is not an option as it regresses
to several minutes.
The specific bug is that rules.mk has:
LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH ../bin/gencnval -s . -d ./out/build/icudt66l mappings/convrtrs.txt
which creates a file and numerous rules like
LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH ../bin/genrb -s ./misc -d ./out/build/icudt67l -i ./out/build/icudt67l -k -q numberingSystems.txt
which quietly read it. There is no prerequisite for the former to complete first.
The race is extra complicated to fix as rules.mk is itself
generated through a custom in-tree python tool.
(From OE-Core rev: df4bfb154e7fce9645f5738aa04b3eb3ef5093fe)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit df89e8d1136fd406ba35ae573e2cb0cfc88c6aad)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: cabaf5654db5db12b6576ef0ebae9bc7b422a8ca)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e16ef0c2e0ec2bbb862231cd84e7650bd5789af)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: sqlite.org
MR: 104526
Type: Security Fix
Disposition: Backport from https://www.sqlite.org/src/vinfo/10fa79d00f8091e5?diff=1
ChangeID: a1c012b8c8aecd4970f3ae16686bf25f2376f542
Description:
Affects sqlite < 3.32.3
Fixes CVE CVE-2020-15358
(From OE-Core rev: 8eb5fad746b716cba350c6cd6a30766534a90a28)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://curl.haxx.se/
MR: 104472, 104458
Type: Security Fix
Disposition: Backport from https://github.com/curl/curl/commit/{600a8cded447cd/8236aba58542c5f}
ChangeID: 1300924f7a64b22375b4326daeef0b686481e30c
Description:
- Affected versions: curl 7.20.0 to and including 7.70.0
- Not affected versions: curl < 7.20.0 and curl >= 7.71.0
Fixes both CVE-2020-8169 and CVE-2020-8177
(From OE-Core rev: f42702baee57ab3d1b7ab7833e72c7d56ad4ee94)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This helps with gpl3-free builds.
(From OE-Core rev: 9142c12c0f45effdcebf8c8061f8b0a6b1517cf3)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3260ad9e8ff185b4799269bbcdd9f638e976c4b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These workarounds are removed because a previous patch
solve the host path reference for gawk and perl, and it skips
the do_package_qa issue by setting the INSANE_SKIP. But it
introduces regression for do_rootfs. The dependencies are
calculated and will require packages like python, perl, gawk
and csh. The error is like below.
Error:
Problem: conflicting requests
- nothing provides /bin/csh needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/nawk needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/python needed by vim-tools-8.2-r0.corei7_64
So we keep the previous patch which solve the host path reference
problem and restore the long-used 'chmod -x' workaround here.
(From OE-Core rev: 68b2dc03e55b4977b8647e8d36c40c851414c13b)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bf3e799e32b4de300887b844b0b7bce3d60ca379)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was fixed in upstream version 2.34.0.
(From OE-Core rev: a4f975a0bca892a7c0f0d496b76ffb30e469914a)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9562c93799a37cd18aceb6f24378ba02a69865f0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also makes appending "-fcommon" to CFLAGS obsolete and enables
native builds with a host gcc v10.
(From OE-Core rev: b71ea7245a3d42ba96fb5a389f85049250bbc29e)
Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7717b35265e6ef8ef71a4eca4074294dfcc2110c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vim will abort in many places with this setting. Replace
it with the benign _FORTIFY_SOURCE=1.
(From OE-Core rev: d9de155f6452f916edd3131addd0c2eebaf4d639)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 18129cbaeddb3278efe9963718556e3765f06c1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On target, when running `db_verify /var/lib/rpm/Packages', we get
the following error.
db_verify: BDB0571 library build did not include support for database verification
This is because db_verify is installed but 'verify' PACKAGECONFIG is
not enabled. So fix it by not installing do_verify in such case.
(From OE-Core rev: b45f1a3b8007ab34dcbe0cba365823da179d0c50)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b5ffdb296f211403f987b5d5a724a94ee91dc80c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|