summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* libproxy: fix CVE-2020-25219Lee Chee Yang2020-10-272-0/+62
| | | | | | | | (From OE-Core rev: f2e07dcf2c8ced2efcb6b67db45b9c5dc5ca5309) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Change SRC_URI from http to httpsRandy MacLeod2020-10-061-1/+1
| | | | | | | | | | | | | | | The official links on: https://curl.haxx.se/download.html use https now and we're seeing this warning: WARNING: curl-native-7.72.0-r0 do_fetch: Failed to fetch URL http://curl.haxx.se/download/curl-7.72.0.tar.bz2, attempting MIRRORS if available (From OE-Core rev: 9f39e53b0e1bf74b233b3e33a9996934a198f533) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0aa24abf6c4d68efa63026d2496b6adc16734d35) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: add vendors to CVE_PRODUCT to exclude false positivesRoss Burton2020-09-171-1/+3
| | | | | | | | | | | | | To avoid false positives (such as CVE-2010-0734, rubygems:curl), expand the CVE_PRODUCT list to include all the vendors that have been used. (From OE-Core rev: 3c0029c9cf22b6983020edf9ce2aeb7b326d8c12) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bb265122cccea9466405fdd924ad10ce8cda0dec) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: CVE-2020-24659Zhixiong Chi2020-09-172-0/+118
| | | | | | | | | | | | | | Backport the CVE patch from the usptream: https://gitlab.com/gnutls/gnutls.git commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a (From OE-Core rev: fe3eebd129409fd8ed3ad1705a87eced5a61b33e) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 84b1bc500e318657cb7a8a189b59cc63bc91dca3) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: fix multilib header conflictChangqing Li2020-09-021-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix error: file /usr/include/gpgme.h conflicts between attempted installs of gpgme-dev-1.13.1-r0.core2_64 and lib32-gpgme-dev-1.13.1-r0.core2_32 part of diff: -#if 64 +#if 0 #ifndef _FILE_OFFSET_BITS -#error GPGME was compiled with _FILE_OFFSET_BITS = 64, please see the section "Largefile support (LFS)" in the GPGME manual. +#error GPGME was compiled with _FILE_OFFSET_BITS = 0, please see the section "Largefile support (LFS)" in the GPGME manual. #else -#if (_FILE_OFFSET_BITS) != (64) -#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 64, please see the section "Largefile support (LFS)" in the GPGME manual. +#if (_FILE_OFFSET_BITS) != (0) +#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 0, please see the section "Largefile support (LFS)" in the GPGME manual. #endif #endif #endif LFS support is enabled by default, and this header is generated during build according to current configure (From OE-Core rev: 82df23b088a4844d1f171bfa70c212ff62c3a741) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bd056f9c4c22740a4f7ede00c758a21037eae5ca) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libffi: fix multilib header conflictChangqing Li2020-08-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fix error: file /usr/include/ffitarget.h conflicts between attempted installs of lib32-libffi-dev-3.3-r0.armv7vet2hf_vfp and libffi-dev-3.3-r0.cortexa57 part of diff #ifndef LIBFFI_ASM -typedef unsigned long ffi_arg; -typedef signed long ffi_sarg; - -typedef enum ffi_abi { - FFI_FIRST_ABI = 0, - FFI_SYSV, - FFI_VFP, - FFI_LAST_ABI, -#if defined(__ARM_PCS_VFP) || defined(_M_ARM) - FFI_DEFAULT_ABI = FFI_VFP, +#ifdef __ILP32__ +#define FFI_SIZEOF_ARG 8 +#define FFI_SIZEOF_JAVA_RAW 4 +typedef unsigned long long ffi_arg; +typedef signed long long ffi_sarg; +#elif defined(_M_ARM64) +#define FFI_SIZEOF_ARG 8 +typedef unsigned long long ffi_arg; +typedef signed long long ffi_sarg; #else - FFI_DEFAULT_ABI = FFI_SYSV, -#endif -} ffi_abi; +typedef unsigned long ffi_arg; +typedef signed long ffi_sarg; #endif -#define FFI_EXTRA_CIF_FIELDS \ - int vfp_used; \ - unsigned short vfp_reg_free, vfp_nargs; \ - signed char vfp_args[16] \ - -#define FFI_TARGET_SPECIFIC_VARIADIC -#ifndef _M_ARM -#define FFI_TARGET_HAS_COMPLEX_TYPE +typedef enum ffi_abi + { + FFI_FIRST_ABI = 0, + FFI_SYSV, + FFI_LAST_ABI, + FFI_DEFAULT_ABI = FFI_SYSV + } ffi_abi; #endif /* ---- Definitions for closures ----------------------------------------- */ #define FFI_CLOSURES 1 -#define FFI_GO_CLOSURES 1 #define FFI_NATIVE_RAW_API 0 #if defined (FFI_EXEC_TRAMPOLINE_TABLE) && FFI_EXEC_TRAMPOLINE_TABLE #ifdef __MACH__ -#define FFI_TRAMPOLINE_SIZE 12 -#define FFI_TRAMPOLINE_CLOSURE_OFFSET 8 +#define FFI_TRAMPOLINE_SIZE 16 +#define FFI_TRAMPOLINE_CLOSURE_OFFSET 16 #else #error "No trampoline table implementation" #endif #else -#ifdef _MSC_VER -#define FFI_TRAMPOLINE_SIZE 16 -#define FFI_TRAMPOLINE_CLOSURE_FUNCTION 12 -#else -#define FFI_TRAMPOLINE_SIZE 12 -#endif +#define FFI_TRAMPOLINE_SIZE 24 #define FFI_TRAMPOLINE_CLOSURE_OFFSET FFI_TRAMPOLINE_SIZE #endif +#ifdef _M_ARM64 +#define FFI_EXTRA_CIF_FIELDS unsigned is_variadic +#endif + (From OE-Core rev: 6392d99de30e74c41b289c43fd98601e6cbc34ab) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit efe8d76810973e7032e729beee106b8acc39b8ed) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: extend CVE_PRODUCT to include fribidiChen Qi2020-08-271-1/+1
| | | | | | | | | | | | For example, CVE-2019-18397 uses fribidi instead gnu_fribidi. (From OE-Core rev: e6e40f16e66e8720cd7c6f67f4328936967d3ee9) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fa5d0f2c61a704436d71e5f02042fa8b2940f541) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: update to 0.6.22Alexander Kanavin2020-08-125-238/+19
| | | | | | | | | | | | | | | | Stability / bugfix / security release Fixes CVE-2018-20030, CVE-2020-13114, CVE-2020-13113, CVE-2020-13112, CVE-2020-0093, CVE-2019-9278, CVE-2020-12767, CVE-2016-6328, CVE-2017-7544 (From OE-Core rev: 2657e0614003819c3717429c3192b2e61a160a88) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 76e8c645cb2568c2dfa014af0eeac36d8f8b60ff) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.zhengruoqin2020-08-072-0/+91
| | | | | | | | | | | | | | This was discussed and accepted upstream by the project so their license is consistent. Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018 and https://gitlab.com/gnutls/gnutls/-/merge_requests/1285. (From OE-Core rev: 284a8cb6c51517d07f5f21b224ffb57333f1fc27) Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 267d07301c79c24969c169add05284f612c41d77) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.13 -> 3.6.14Alexander Kanavin2020-08-071-2/+1
| | | | | | | | | | | | | | | | | | Security and bug fix release on the stable 3.6.x branch Fixes CVE-2020-13777 Detailed list of changes at: https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html (From OE-Core rev: 79b821161275cad5d9c54078e65293109184ad65) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cd88c81804a4a52b9875f2244c9f35911539be96) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: backport fix to make async_pipes work with asioViktor Rosendahl2020-08-072-0/+55
| | | | | | | | | | | | | | | | | | | async_pipe is missing the executor_type type, which is expected by asio in /usr/include/boost/asio/impl/read.hpp. Without this, it's not possible to even compile code that uses constructs such as: boost::asio::io_service foo; boost::process::async_pipe foopipe{ boost::process::async_pipe(foo) }; This is only relevant for Dunfell because master has already moved to boost-1.73.0 in which this bug has been fixed. The bug is also not present in Zeus, which uses boost-1.71.0. (From OE-Core rev: f3f6cc45b0b95cce337947df8dfaa9402251541c) Signed-off-by: Viktor Rosendahl <Viktor.Rosendahl@bmw.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* serf: extend for nativesdkJens Rehsack2020-07-221-1/+1
| | | | | | | | | | | | | As an unconditionally dependency of subversion, extend serf recipe for building a nativesdk variant being usable by nativesdk-subversion. (From OE-Core rev: 3b78a39535089bbafbeb1ebd854efe180890f375) Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ff731a25a49c768f04a474438efccb3bb505a898) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnl: Extend for native/nativesdkChristian Eggers2020-07-161-0/+2
| | | | | | | | | | | | libnl is required by networkmanager. (From OE-Core rev: 30b4d8b5fd45c78f5da3706dd91c43d795de6eb0) Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b3c96103a5063eeefb0c537227eab3f77616b9c0) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: make filtered data generation optional, serial and off by defaultAlexander Kanavin2020-07-162-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Backported from master with two differences: 1. Move exit in do_make_icudata_class-target after big endian patch application (not required for master since new upstream icu includes the patch) 2. In do_install_append_class-target test for existence of .dat input file before calling icupkg icu data generation was found to be racy, and causig AB failures; making it serial and leaving it on is not an option as it regresses to several minutes. The specific bug is that rules.mk has: LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH ../bin/gencnval -s . -d ./out/build/icudt66l mappings/convrtrs.txt which creates a file and numerous rules like LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH  ../bin/genrb -s ./misc -d ./out/build/icudt67l -i ./out/build/icudt67l -k -q numberingSystems.txt which quietly read it. There is no prerequisite for the former to complete first. The race is extra complicated to fix as rules.mk is itself generated through a custom in-tree python tool. (From OE-Core rev: df4bfb154e7fce9645f5738aa04b3eb3ef5093fe) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit df89e8d1136fd406ba35ae573e2cb0cfc88c6aad) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iso-codes: switch upstream branch master -> mainHongxu Jia2020-07-071-1/+1
| | | | | | | | | | (From OE-Core rev: cabaf5654db5db12b6576ef0ebae9bc7b422a8ca) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6e16ef0c2e0ec2bbb862231cd84e7650bd5789af) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite3: Security fix for CVE-2020-15358Armin Kuster2020-07-072-0/+48
| | | | | | | | | | | | | | | | | | | Source: sqlite.org MR: 104526 Type: Security Fix Disposition: Backport from https://www.sqlite.org/src/vinfo/10fa79d00f8091e5?diff=1 ChangeID: a1c012b8c8aecd4970f3ae16686bf25f2376f542 Description: Affects sqlite < 3.32.3 Fixes CVE CVE-2020-15358 (From OE-Core rev: 8eb5fad746b716cba350c6cd6a30766534a90a28) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fixes for CVE-2020-{8169/8177}Armin Kuster2020-07-023-0/+209
| | | | | | | | | | | | | | | | | | | | Source: https://curl.haxx.se/ MR: 104472, 104458 Type: Security Fix Disposition: Backport from https://github.com/curl/curl/commit/{600a8cded447cd/8236aba58542c5f} ChangeID: 1300924f7a64b22375b4326daeef0b686481e30c Description: - Affected versions: curl 7.20.0 to and including 7.70.0 - Not affected versions: curl < 7.20.0 and curl >= 7.71.0 Fixes both CVE-2020-8169 and CVE-2020-8177 (From OE-Core rev: f42702baee57ab3d1b7ab7833e72c7d56ad4ee94) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr-util: make gdbm optionalAlexander Kanavin2020-06-261-3/+3
| | | | | | | | | | | | This helps with gpl3-free builds. (From OE-Core rev: 9142c12c0f45effdcebf8c8061f8b0a6b1517cf3) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3260ad9e8ff185b4799269bbcdd9f638e976c4b4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: restore the 'chmod -x' workaround in do_installChen Qi2020-06-261-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | These workarounds are removed because a previous patch solve the host path reference for gawk and perl, and it skips the do_package_qa issue by setting the INSANE_SKIP. But it introduces regression for do_rootfs. The dependencies are calculated and will require packages like python, perl, gawk and csh. The error is like below. Error: Problem: conflicting requests - nothing provides /bin/csh needed by vim-tools-8.2-r0.corei7_64 - nothing provides /usr/bin/nawk needed by vim-tools-8.2-r0.corei7_64 - nothing provides /usr/bin/python needed by vim-tools-8.2-r0.corei7_64 So we keep the previous patch which solve the host path reference problem and restore the long-used 'chmod -x' workaround here. (From OE-Core rev: 68b2dc03e55b4977b8647e8d36c40c851414c13b) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bf3e799e32b4de300887b844b0b7bce3d60ca379) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* at-spi2-atk: Remove -fcommonAdrian Bunk2020-06-231-2/+0
| | | | | | | | | | | | This was fixed in upstream version 2.34.0. (From OE-Core rev: a4f975a0bca892a7c0f0d496b76ffb30e469914a) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9562c93799a37cd18aceb6f24378ba02a69865f0) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdbm: add patch to fix link failure against gcc 10Richard Leitner2020-06-232-2/+48
| | | | | | | | | | | | | This also makes appending "-fcommon" to CFLAGS obsolete and enables native builds with a host gcc v10. (From OE-Core rev: b71ea7245a3d42ba96fb5a389f85049250bbc29e) Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 7717b35265e6ef8ef71a4eca4074294dfcc2110c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: _FORTIFY_SOURCE=2 be goneJoe Slater2020-06-181-0/+5
| | | | | | | | | | | | | vim will abort in many places with this setting. Replace it with the benign _FORTIFY_SOURCE=1. (From OE-Core rev: d9de155f6452f916edd3131addd0c2eebaf4d639) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 18129cbaeddb3278efe9963718556e3765f06c1e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* db: do not install db_verify if 'verify' is not enabledChen Qi2020-06-181-0/+3
| | | | | | | | | | | | | | | | | | On target, when running `db_verify /var/lib/rpm/Packages', we get the following error. db_verify: BDB0571 library build did not include support for database verification This is because db_verify is installed but 'verify' PACKAGECONFIG is not enabled. So fix it by not installing do_verify in such case. (From OE-Core rev: b45f1a3b8007ab34dcbe0cba365823da179d0c50) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b5ffdb296f211403f987b5d5a724a94ee91dc80c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lz4: disable static libraryAlexander Kanavin2020-06-181-1/+1
| | | | | | | | | | | | | | It was found to be built in a non-reproducible way. [YOCTO #13925] (From OE-Core rev: 44d22ea87fde918d32957bc757c6c98482681f5d) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f8f3f03e7ffcefdb6a97b747a26276dec4bfa77c) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: fix CVE-2020-13114Lee Chee Yang2020-06-052-1/+76
| | | | | | | | (From OE-Core rev: 2e497029ee00babbc50f3c1d99580230bc46155c) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* re2c: correct upstream locationAlexander Kanavin2020-05-221-1/+2
| | | | | | | | | (From OE-Core rev: 89afb271b32ed3dbe9c899fbfd30f9a80af161da) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite: backport CVE fixesSakib Sajal2020-05-143-0/+104
| | | | | | | | | | | Fixes CVE-2020-11655 and CVE-2020-11656 (From OE-Core rev: e63a38ca6ea95c0dbc79d5024c0cec31062d2e39) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: CVE-2020-10531Wang Mingyu2020-05-072-0/+129
| | | | | | | | | | | | | | security Advisory References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531 (From OE-Core rev: 12f0cbf348d5acb0a7913bb5dc98e7fccc5ec34f) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libffi: fix v3.3 compile on ppc64leAndrew Geissler2020-05-072-0/+63
| | | | | | | | | | | | | | | | The latest released version of libffi no longer compiles on ppc64le based machines. Some searching found a patch that fixed our issue but had not been submitted upstream to libffi. It has now been submitted upstream with this PR: https://github.com/libffi/libffi/pull/561 (From OE-Core rev: ed7ce0d5e9009d80a79c39bb3d0d45de6e7721c0) Signed-off-by: Andrew Geissler <geissonator@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: revert 1.72.0 regressionAndrew Geissler2020-05-072-0/+54
| | | | | | | | | | | | | | | https://www.boost.org/users/history/version_1_72_0.html documents a "Known Issue" and has a revert patch for an issue that causes code to fail to compile that includes the coroutine function. Without this patch, code which includes the asymmetric_coroutine.hpp will fail to compile. (From OE-Core rev: b9998aa98052cc1c05f59d070677f74bd64c5a10) Signed-off-by: Andrew Geissler <geissonator@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: do not adjust script paths building for targetJoe Slater2020-05-072-6/+33
| | | | | | | | | | | | | | | When cross-compiling, do not change scripts to use host versions of perl and gawk. Also, use INSANE_SKIP to suppress QA complaints if perl or gawk are not on the target. (From OE-Core rev: 9a96733e29daf84cca9212538f3fc5bd7bb144f4) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.12 -> 3.6.13Wang Mingyu2020-05-051-2/+2
| | | | | | | | | (From OE-Core rev: 41d9beb709713eb5a16bb31393717dce71db6018) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: Mark strtod_l unavailable on muslKhem Raj2020-04-051-0/+2
| | | | | | | | | Musl version is just a wrapper to strtod and not an exposed API (From OE-Core rev: 660fdaa95858485b1caa779f1137a933c1f5d5f6) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: Add knobs to generate a subset of ICU dataKhem Raj2020-04-053-17/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent versions of ICU (64+) provides a tool for configuring ICU locale data file with finer granularity [1] Default generated size for libicudata.so.66.1 is ~27M, which is quite large for embedded systems and all of them may not even need all locale data. This patch calls the icudata buildtool during configure on the icudata and utilizes a filter called 'filter.json` ( empty by default) to create the data, default behavior should remain same but someone can add a filter.json in own layer to configure this data, e.g. { "localeFilter": { "filterType": "language", "whitelist": [ "en", "de", "it" ] } } would only generate the locale data for english/german/italian This would reduce the size of libicudata.so.66.1 to 12M Ensure that icudata is generated using host-tools so it can deal with endianness correctly, when host and target systems have different endianness install the icudtata file back into in/ folder so that main build can now pickup this data file instead of regenerating it and wiping out the filter changes that are expected to take effect Use native compiler tools Update the big-endian support patch to apply to latest Makefile.in from icudata source and mark it as backport defer applying 0001-Fix-big-endian-build.patch after moving new data/ in [1] https://github.com/unicode-org/icu/blob/master/docs/userguide/icu_data/buildtool.md (From OE-Core rev: 5e5be67744d7ddf5a9ac433ecba02f697a84a325) Signed-off-by: Khem Raj <raj.khem@gmail.com> Suggested-by: Wouter Meek <w.meek@metrological.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* db: Add dbm packageconfigOvidiu Panait2020-03-291-0/+2
| | | | | | | | | | Add "dbm" packageconfig to enable legacy dbm support in libdb. This support is needed to build libpam pam_userdb.so plugin. (From OE-Core rev: 841573cea6d06dcba45227a8126153b0629b1b0c) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apr: add option for disabling time dependant testsJeremy Puhlman2020-03-292-0/+71
| | | | | | | | | [YOCTO #13839] (From OE-Core rev: ff617d478cb3213deb23cf0124c04beab4d4ecc8) Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.19 -> 2.2.20Wang Mingyu2020-03-291-2/+2
| | | | | | | (From OE-Core rev: c787a48dc26a937df019e4fcb1e37b7b06824798) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: upgrade 65.1 ->66.1Wang Mingyu2020-03-211-3/+3
| | | | | | | | | -License-Update: Copyright year updated to 2020. (From OE-Core rev: d8b928f60e1274edc3d97f14ebe60e81aa0057f1) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fribidi: upgrade 1.0.8 -> 1.0.9Wang Mingyu2020-03-211-3/+3
| | | | | | | (From OE-Core rev: 571bf9faf5dc98144bfe991fae3ffcebd5e886f1) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* boost: fix reproducibilty issuesJeremy Puhlman2020-03-121-0/+5
| | | | | | | | | fix cmake file references of image dir path (From OE-Core rev: e12caa834bef6b5d0cad7e96f79374a0dbf86aea) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.69.0 -> 7.69.1Pierre-Jean Texier2020-03-121-2/+2
| | | | | | | | | | | | Contains a number of fixes for issues discovered post-7.69.0. For details, see full changelog: https://curl.haxx.se/changes.html#7_69_1 (From OE-Core rev: d3af3cf801ab5b235bce427bc73d2e6b29083368) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glew/curl: specify exclusive package configsKai Kang2020-03-121-2/+2
| | | | | | | | | | Specify exclusive package configs for glew and curl to make sure that conflict package configs will NOT set at same time. (From OE-Core rev: 8579673bdb314dbc554f40fc4c4c1db3d0bb0d63) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nspr: Move to meta-oeAdrian Bunk2020-03-118-541/+0
| | | | | | | | | It was used only by nss. (From OE-Core rev: baecda5b32b66d09dadccbcbe706c5ec0a270568) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss: Move to meta-oeAdrian Bunk2020-03-1113-637/+0
| | | | | | | | | rpm was the last user in OE-core. (From OE-Core rev: 15aa3bdf798b0e45a20f877e203f3750b623754f) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite3: fix CVE-2020-9327Anuj Mittal2020-03-102-0/+142
| | | | | | | (From OE-Core rev: 6acb9746744536019d5c04ce482a873916aac99f) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* p11-kit: Add nativesdk variantCodrin Ciubotariu2020-03-101-0/+2
| | | | | | | | | | | | | The nativesdk variant is needed by the buildtools-tarball, when p11-kit feature is enabled for gnutls. The error message is: Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-wget', 'nativesdk-gnutls', 'nativesdk-p11-kit'] (From OE-Core rev: 744f2472df627cd85dd11aa9da445a2a1af196ed) Signed-off-by: Codrin Ciubotariu <codrin.ciubotariu@microchip.com> Cc: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.68.0 -> 7.69.0Pierre-Jean Texier2020-03-071-2/+2
| | | | | | | | | | | Bugfix release. For details, see full changelog - https://curl.haxx.se/changes.html#7_69_0 (From OE-Core rev: 2d6a9904a838c5e498c0e2a2e34169cd2877a785) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdbm: Disable readlindJeremy A. Puhlman2020-03-061-1/+1
| | | | | | | | | | Turns off readline for both native and target. Also corrected a typo with enable-libgdbm-compat (From OE-Core rev: 5a9f81f73e9397b90e4d6d0eed859e53915cdb46) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup-2.4: upgrade 2.68.3 -> 2.68.4Anuj Mittal2020-03-021-2/+2
| | | | | | | (From OE-Core rev: fc2479d488974c4af154f215f9de7e0e5b3b3c71) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* enchant2: upgrade 2.2.7 -> 2.2.8Anuj Mittal2020-03-021-2/+2
| | | | | | | (From OE-Core rev: d9d386122f70b6692f614e526fe3168d674533bf) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-14 15:57:18 +0000