| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
(From OE-Core rev: fc7dddf939b04dbd5b5d92ecf3a5c422ee5caf15)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 73d3efbaeb2f412ab8d3491d2da3f3124fc009f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update was made with the convert-scruri.py script in scripts/contrib
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
(From OE-Core rev: 827a805349f9732b2a5fa9184dc7922af36de327)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 43aa25b523b2c11ce483ea22435196dfca259b30)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c479b8a810d966d7267af1b4dac38a46f55fc547)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
vim is vulnerable to Use After Free
Problem: Checking first character of url twice.
reference:
https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3
(From OE-Core rev: 53ce5f292fd8d65fd89c977364ea6f7d813c7566)
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2021-22897 is affecting only Windows, hence whitelisting this CVE.
Link: https://security-tracker.debian.org/tracker/CVE-2021-22897
Link: https://ubuntu.com/security/CVE-2021-22897
(From OE-Core rev: 543a72e115340f3a7378b8b85bd48a0b495b3919)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Set a path to where sendmail would exist making the output deterministic
as it no longer depends on the build host and the presense of sendmail
there.
(From OE-Core rev: a8ec8c9eaed898c3cc719efd87a2f4296c6304a6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 32e03a430f13960fe07f08c04eaa58017d977f6c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
glibc 2.34+ has added this API new
(From OE-Core rev: eaebf0884d7e1ffb8a14cc1ff947d0724e7bb6a1)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a2b2479d20d029f5a11dba8cf7f7ca3e4a5bbbe2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Based on d22d87b9c4ac85ffb3506e2acaf2a8a627f55e8e, but kept idn2
as default.
(From OE-Core rev: c912cd493f02458d22c78791fc3175f613b8108e)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rngd needs to start after `systemd-udev-settle` in order for the kernel
modules of the random source hardware to be loaded before it is started.
However, since the `rngd.service` does not require or want
`systemd-udev-settle.service` it might not be scheduled for start and
the `After=systemd-udev-settle.service` there has no effect.
Adding `Wants=systemd-udev-settle.service` provides a weak requirement
to it, so that the `rngd` is started after it, if possible.
(From OE-Core rev: 006b5221ed6dac9964f49a03a55de2e847118dc1)
Signed-off-by: Claudius Heine <ch@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e9715d4234eb7b45dee8b323799014646f0a1b07)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
vim is vulnerable to Heap-based Buffer Overflow
reference:
https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f
(From OE-Core rev: 0fb9be3925f258a7e8009c581c1cf93ace2a498b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This hasn't been needed since libsoup 2.65.2.
(From OE-Core rev: bdaa86fa4636e4b48e7a001d969d2f9175fb1ff2)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 250a3f9a804917c8a9427d0209365d27b1b8fa4a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
(From OE-Core rev: 8e5bb5f05cf171889ec2b34dcf24ff1985660074)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 54d3d023ce55ba4a7160ed25a283f0918e7d8e2e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: Debian.org
MR: 110174
Type: Security Fix
Disposition: Backport from https://sources.debian.org/patches/nettle/3.4.1-1+deb10u1/
ChangeID: 47746f3e58c03a62fef572797d0ae6e0cd865092
Description:
Affects: Nettle < 3.7.2
Minor fixup for nettle_secp_224r1 to _nettle_secp_224r1 to match 3.5.1
(From OE-Core rev: 10f2333afd739669013a65112f6471f09e13d124)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
curl v7.79.0 contained fixes for three CVEs:
The description of CVE-2021-22945[1] contains:
> This flaw was introduced in commit 2522903b79 but since MQTT support
> was marked 'experimental' then and not enabled in the build by default
> until curl 7.73.0 (October 14, 2020) we count that as the first flawed
> version.
which I believe means that curl v7.69.1 is not vulnerable.
curl v7.69.1 is vulnerable to both CVE-2021-22946[2] and CVE-22947[3].
These patches are from Ubuntu 20.04's curl 7.68.0 package. The patches
applied without conflicts, but I used devtool to regenerate them to
avoid fuzz warnings.
[1] https://curl.se/docs/CVE-2021-22945.html
[2] https://curl.se/docs/CVE-2021-22946.html
[3] https://curl.se/docs/CVE-2021-22947.html
(From OE-Core rev: b9b343704afc28a6182f699ef17943afacd482a8)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://git.lysator.liu.se/nettle/nettle
MR: 112331
Type: Security Fix
Disposition: Backport from https://git.lysator.liu.se/nettle/nettle/-/commit/0ad0b5df315665250dfdaa4a1e087f4799edaefe
ChangeID: ffbbadbfa862e715ec7da4695d7db67484f8517a
Description:
Affects nettle < 3.7.3
(From OE-Core rev: ddcdb9baec74391844d5e3cf3c891d63d2eef865)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://dist.apache.org
MR: 112793
Type: Security Fix
Disposition: Backport from https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.patch
ChangeID: c8247210204ffcc7d1425e3d60f077ad3dd54ebc
Description:
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the
Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue
was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed
compared to 1.6.3 and is vulnerable to the same issue.
(From OE-Core rev: 315262830bfe2bc8b2a9259541bb3a0bc83a2cdd)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://sources.debian.org/patches/libgcrypt20/1.8.4-5+deb10u1
MR: 111591
Type: Security Fix
Disposition: Backport from https://sources.debian.org/data/main/libg/libgcrypt20/1.8.4-5%2Bdeb10u1/debian/patches/31_cipher-Fix-ElGamal-encryption-for-other-implementati.patch
ChangeID: d066a9baacc0d967dd80ac54c684cde031ac686e
Description:
Affects before 1.8.8 and 1.9.x before 1.9.3
(From OE-Core rev: 7de5e19a668f268f0cc56617a9f5760054acb5f5)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Some distributions with UTF-8 locale have problem when National Language
Support is enabled. Add there an option to disable it.
(From OE-Core rev: 9224b01eaa46986b1c363a541e88f20387d8c30b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit da630d6d81a396c3e1635fbd7b8103df47ed2732)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: https://github.com/lz4/lz4
MR: 111604
Type: Security Fix
Disposition: Backport from https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
ChangeID: 58492f950164e75954a97cf084df6f9af3d88244
Description:
(From OE-Core rev: 00acbc19a48e2b03c910ff5dc62e51eda32bdf03)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
lzo was missing CVE_PRODUCT and related CVEs (at least CVE-2014-4607) were
not reported.
(From OE-Core rev: 69e33b9eee6ae97208e766fd96353dfcb8c20bd5)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 366cf8201e36df1ac836e49de04ccda1f763ca9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 90798e892fd3e0d2ef77a7ba64a33ea9f8ef317b)
(From OE-Core rev: 97348726aea3ee088f48715df0e64a172665855d)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 33a997a80a56fba4138780fadda231ae4fd751ea)
[gnupg 2.2 is an LTS release so this series are all bug fixes.
https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000452.html]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: eb7ad793d8c2e924adccc62e7680bb1cac640e89)
(From OE-Core rev: 09b4ccb6c2b2048f92eea82a2291e92c7d9ec5ff)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit df0bb1cb96389d534b53faf677a0f6ee30dd672d)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Source: poky.org
MR: 105607
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-support/gnupg?h=hardknott&id=0c06506d42f9e1f43a54a178cda47cfea3f12f81
ChangeID: 4341d0331368d6cd51d635d2c70555b3dce61792
Description:
This addresses CVE-2020-25125 and provides some other minor
updates and translations.
Updated commits for reference:
e234d04c3 Werner Koch Release 2.2.23
aeb8272ca Werner Koch gpg: Fix AEAD preference list overflow
038314665 Werner Koch po: auto update
1a4b0fd79 Yuri Chornoivan po: Update Ukrainian translation
93d10403a Jakub Bogusz po: Update Polish translation
a8a8105bc Werner Koch po: Add key-check.c to the list of translatable sources.
cad9955ac Petr Pisar po: Update Czech translation.
896c528ba Werner Koch gpg: Fix segv importing certain keys.
0a9665187 NIIBE Yutaka scd: Fix a regression for OpenPGP card.
bcae9cd4e Nagy Ferenc László po: Minor update to the Hungarian translation.
d2fe2ffd7 Werner Koch sm: Fix a bug in the rfc2253 parser
f799b3ddb Werner Koch Post release updates
(From OE-Core rev: 965683336816eba7cb0548e59faf224f74b306b1)
(From OE-Core rev: 4079feb6dc2876cc7f2d0a5582be98e01188c2d7)
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c06506d42f9e1f43a54a178cda47cfea3f12f81)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: ad9f9fd5609c2014454c73045bc603c9883977e3)
(From OE-Core rev: 5c02b4bcf3243aac017ca2edbc0af5ac0f6e06b7)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 33eade06ebb327be80eef278835053759ffe23fa)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 1aeb32228d92568e90f313a2a027c6790937eb8a)
(From OE-Core rev: 08186dd7594820dbb7e9c7f7385672917882b262)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 50e1649a320f2e631da9e6393efb8459fd979e88)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 6c93507e92e55f1171ff2efd5a61bcf85265f790)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 297f8c4eb4ff209b5ea69910902d216d86dbe2bf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
curl v7.78 contained fixes for five CVEs:
CVE-2021-22922[1] and CVE-2021-22923[2] are only present when support
for metalink is enabled. EXTRA_OECONF contains "--without-libmetalink"
so these fixes are unnecessary.
CVE-2021-22926[3] only affects builds for MacOS.
CVE-2021-22924[4] and CVE-2021-22925[5] are both applicable. Take the
patches from Ubuntu 20.04 curl_7.68.0-1ubuntu2.6 package which is close
enough that the patch for CVE-2021-22924 applies without conflicts..
[1] https://curl.se/docs/CVE-2021-22922.html
[2] https://curl.se/docs/CVE-2021-22923.html
[3] https://curl.se/docs/CVE-2021-22926.html
[4] https://curl.se/docs/CVE-2021-22924.html
[5] https://curl.se/docs/CVE-2021-22925.html
(From OE-Core rev: 3631da82b3542df1c1e4bbd499fc2dbe67f5f3ec)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Applied trivial patch for cve issue CVE-2021-22898
Link: https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
(From OE-Core rev: ba99fce9354555e556158a0af8ec809ae00cb62b)
Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 38a0c77bf576caa3ac54934d141e489599d1b906)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bintray service has been discontinued causing boost do_fetch to fail:
WARNING: boost-1.72.0-r0 do_fetch: Failed to fetch URL
https://dl.bintray.com/boostorg/release/1.76.0/source/boost_1_72_0.tar.bz2,
attempting MIRRORS if available
(From OE-Core rev: ea7c3d5dce5e89ed746480b53789546222c961b5)
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6a76da15ece9d27fca20ace12db4978092e042b7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update CVE_PRODUCT to also include 'berkeley_db'. For example,
CVE-2020-2981 uses 'berkeley_db'.
(From OE-Core rev: 753e6510df01fb4d71f46639bef06e1361f87170)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad799b109716ccd2f44dcf7a6a4cfcbd622ea661)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adjusting the tolerance to a more reasonable time
given the load on the AB and given the high amount(100) of
events some of the tests like `common_timeout` generates.
[YOCTO #14163]
(From OE-Core rev: 3c59989b7a09f412704f90480c3726a0cb7df746)
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38b36d2b90d570149e63816e68f457aea28a5092)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reversal of global setting in previous commit necessitates
a local fix, otherwise, this happens:
File "/home/pokybuild/yocto-worker/reproducible-debian/build/build-st-52142/tmp/work/x86_64-linux/diffoscope-native/172-r0/recipe-sysroot-native/usr/lib/python3.9/ctypes/__init__.py", line 392, in __getitem__
func = self._FuncPtr((name_or_ordinal, self))
AttributeError: nativepython3: undefined symbol: archive_errno
(From OE-Core rev: 0f4531275c1e332de81b31b89e52f588fc34b14a)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87884d9938829d5ae5d250f483c749e00cd83322)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This only affects glibc systems and have been
found on runqemu core-image-minimal with gstreamer ptest-runner
STOP: ptest-runner
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted
(From OE-Core rev: b7435fae07c7f6859e951d4796486b4cc65d44bc)
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1cb679e6a4528a2cef16f65342d5e65adb14cb16)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With commit dc778c70449ee5401b5a24ad18b22b88338c47c5, dependency was
moved to openssl-bin which in itself was a fine change, but dropping
dependency on openssl too should have been kept along, dropping this
meant that openssl binary wont be able to validate secure connections as
the CApath files wont be installed, which infact are required for
openssl bins to work, following call e.g. fails
$ openssl s_client -connect google.com:443
....
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 20 (unable to get local issuer certificate)
....
The local issuer certs are not found in default location
/usr/lib/ssh-1.1/certs, this dir and its content is installed by openssl package
therefore re-add the dependency on openssl
(From OE-Core rev: ba2774dc6ba119094861c0723858e4b47e9b7eed)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andrei Gherzan <andrei@gherzan.ro>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eaf377315efc73d6ffe361372a873918b3bb3bf5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Take patches from Ubuntu 20.04 7.68.0-1ubuntu2.5, which is close enough
that they apply without conflicts.
(From OE-Core rev: 134a27d05f06791b738bb801e68b6916477add04)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In particular 170 includes rpm header fixes which stop the webpages
for rpm diffs breaking web browsers and are important in the context
of the autobuilder.
(From OE-Core rev: 3b04da3a02b746241196f1fe42a9a345212cfc07)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 275738c3f2116de9b812b46e00d80b4de6975d7f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Needed to support reproducible build testing on autobuilder
(From OE-Core rev: c9ce8ef2ff29ed87703b9262d661d916595b2c38)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* it doesn't listen on http and the redirect sometimes doesn't work
WARNING: iso-codes-4.6.0-r0 do_fetch: Failed to fetch URL git://salsa.debian.org/iso-codes-team/iso-codes.git;protocol=http;branch=main;, attempting MIRRORS if available
The protocol should be changed to https, like all other salsa.debian.org pulls are, so that it doesn't depend on mirrors.bbclass to resolve this.
meta/classes/mirrors.bbclass:git://salsa.debian.org/.* git://salsa.debian.org/PATH;protocol=https \n \
from log.do_fetch:
DEBUG: Fetcher accessed the network with the command LANG=C git -c core.fsyncobjectfiles=0 fetch -f --progress http://salsa.debian.org/iso-codes-team/iso-codes.git refs/*:refs/*
fatal: unable to access 'http://salsa.debian.org/iso-codes-team/iso-codes.git/': Couldn't connect to server
WARNING: Failed to fetch URL git://salsa.debian.org/iso-codes-team/iso-codes.git;protocol=http;branch=main;, attempting MIRRORS if available
...
warning: redirecting to https://salsa.debian.org/iso-codes-team/iso-codes.git/
(From OE-Core rev: e739b039aebcd1ca839b0460e950d5b8bc2e3cdb)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 749eeb8cfaa8ffcfda29f3f06a77debaf6304288)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added missing HOMEPAGE and DESCRIPTION found using the test command
`oe-selftest -r distrodata.Distrodata.test_missing_homepg`
[YOCTO #13471]
(From OE-Core rev: 41b106617387a642338ab2ef3565ea5d48ce5685)
Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 325db7fea11315e8dd53274853f33b716247d1bf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes: [YOCTO #13471]
(From OE-Core rev: 54e0df20665be8df9d8961d8c4e716e38104ba16)
Signed-off-by: Ida Delphine <idadelm@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6db24928d62aeb093a0e6da6619713eaca57a96f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to my tests this incorrect symbols resolution at runtime no
longer happens. Ubuntu is still carrying the patch but also probably
doesn't need to, they are also on a much older version. It sounds
like there was once a linkage bug somewhere which has likely been
resolved since.
Drop the patch as it doesn't seem needed anymore. If it were a real
issue it should be submitted upstream too, the status is incorrect.
(From OE-Core rev: 06d9fa9aa2935550f7967f84285b97e6c9a2cea1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02f36ed515afed550dfcd986977ce2106dee556a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
(From OE-Core rev: 52a912ae4951a9040257b9ce5dd600390a7d8133)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3eabbb5c15fb55ae3d46b2377c09bb58226d965)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The patch was submitted and merged upstream.
(From OE-Core rev: 5112dc734efbb47cbe278bb8cf75ae97136739a6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 871bce0703ca9d14e5c44f6ee0b66fcb13cfb630)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sometimes I've seen it also reporting "Bus error" instead of segmentation fault
* upstream bug report:
https://unicode-org.atlassian.net/browse/ICU-21175
* on 80 core machine it failed 11 times in 1000 rebuilds of icu in various files:
icu.019.stderr.compile:make[1]: *** [out/build/icudt66l/windowsZones.res] Segmentation fault
icu.035.stderr.compile:make[1]: *** [out/build/icudt66l/supplementalData.res] Segmentation fault
icu.095.stderr.compile:make[1]: *** [out/build/icudt66l/plurals.res] Segmentation fault
icu.116.stderr.compile:make[1]: *** [out/build/icudt66l/curr/supplementalData.res] Segmentation fault
icu.313.stderr.compile:make[1]: *** [out/build/icudt66l/supplementalData.res] Segmentation fault
icu.415.stderr.compile:make[1]: *** [out/build/icudt66l/supplementalData.res] Segmentation fault
icu.476.stderr.compile:make[1]: *** [out/build/icudt66l/metadata.res] Segmentation fault
icu.495.stderr.compile:make[1]: *** [out/build/icudt66l/supplementalData.res] Segmentation fault
icu.496.stderr.compile:make[1]: *** [out/build/icudt66l/supplementalData.res] Segmentation fault
icu.505.stderr.compile:make[1]: *** [out/build/icudt66l/pluralRanges.res] Segmentation fault
icu.756.stderr.compile:make[1]: *** [out/build/icudt66l/numberingSystems.res] Segmentation fault
* apply 0001-Fix-big-endian-build.patch in do_patch like this new patch
(From OE-Core rev: 00af6882a24ca69f9e8147546a220dc73e4d6087)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The LINGUAS file can be written by two different Makefile targets
and if they race, the desktop file contents isn't deterministic.
Fix the makfile to avoid this.
(From OE-Core rev: 670efddd8d009828651cd55aa673e68d2268cef3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 416bc7b697764075fbf73683cd8bddf36d839244)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add a couple of configure options to avoid determism issues in the vim build.
This can happen due to the addition of glib-2.0 to the native sysroot through
later task additions to the sysroot through indirect dependencies.
(From OE-Core rev: a7e6887d73e36be47a7b1b187cc6dc8d3e0dd9f4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 914f86054f5ea0a115767c1b3d9cdb4c4ef9545b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: bf0e67e6b9d8b5cb532b7b479872a9930f50063f)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38ecb83c444406b5157712d87aef3bbb320b45ec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/p11-glue/p11-kit/releases/tag/0.23.22
Release notes:
Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
anchor: Prefer persistent format when storing anchor [#329]
common: Fix infloop in p11_path_build [#326, #327]
proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
common: Check for a NULL locale before freeing it [#321]
Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
https://github.com/p11-glue/p11-kit/commit/c4e75e10021ce86ab42682ea4936dce94ced2f77
patch to fix trailing newline using custom_target() caused error
with DISTRO_FEATURES api-documentation due to meson bugs, enable
manpages PACKAGECONFIG should prevent this error.
| warning: failed to load external entity "../version.xml"
| ../p11-kit-docs.xml:11: parser error : Failure to process entity version
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| ../p11-kit-docs.xml:11: parser error : Entity 'version' not defined
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| unable to parse ../p11-kit-docs.xml
(From OE-Core rev: 641c9f6a20672e26e66191e6363b534d5b87abf5)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b112ba291835061640123c13784e2b33cc73f17d)
[0.23.x is an lts release, bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: f28b3af0c7011f9c9e4d463b5d4cc6552321a9af)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e811db2f614500f16415fc09801f229968428e7)
[0.23.x is an lts release, bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
