| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To ensure that boost remains an empty metapackage after version
updates, we explicitly require boost files to be empty. If new
libraries exist after a version update of the boost recipe,
bitbake will emit a warning at the do_package task. For example,
at the version update from 1.58.0 to 1.59.0, the new timer
library is indicated with:
WARNING: QA Issue: boost: Files/directories were installed but not shipped in any package:
/usr/lib/libboost_timer.so.1.59.0
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
boost: 1 installed and not shipped files. [installed-vs-shipped]
Ross Burton suggested this improvement on the openembedded-core
mailing list during review of the boost recipe version update [1].
[1] http://lists.openembedded.org/pipermail/openembedded-core/2015-December/114314.html
(From OE-Core master rev: c4e33232db2da3594cc4ba38eea56ee1acb54d3a)
(From OE-Core rev: 90dcc9838e5be74f5ec7a8380cf6da3bddb1c955)
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@oss.bmw-carit.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is created by qemu for the do_rootfs case, which bypasses pseudo, so we
need to correct the ownership. This fixes a warning issued by
rootfs_check_host_user_contaminated.
(From OE-Core master rev: 4ff6b8cadec10e17dbf884a873a227e29944f5d1)
(From OE-Core rev: 36eb5b6e75361053b5dd00652df6361499d8a645)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Upstream released their 3.01 so the alpha releases we were downloading have
moved. Update the SRC_URI so it continues to download.
(From OE-Core rev: 2ba9f90e86d25aa0b9319093478ea2218e1423e4)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
WARNING: QA Issue: gcc-cross-canadian-i586-dbg: found library in wrong location:
/PATH/sysroots/x86_64-oesdk-linux/usr/libexec/i586-oe-linux/gcc/
i586-oe-linux/5.2.0/.debug/libcc1.so.0.0.0
This warning is introduced by commit f6e47aa(gcc-target 5.1: fix for libcc1)
(From OE-Core rev: 62c51c4178fb66341498c71c74ce42652568c7fa)
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This applies upstream fixes to fix a segfault in systemd-logind on
shutdown.
[Fixes YOCTO #9265]
(From OE-Core rev: 4939402d8c67d68e20618cdfdd091bd8cc3f535a)
Signed-off-by: Bill Randle <william.c.randle@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upstream nfs-utils use 'rpc-statd.service' and Yocto introduced
'nfs-statd.service' instead but forgot to update the mount.nfs helper
'start-statd' accordingly.
(From OE-Core rev: 48d1a2882bedc1c955071b3602dc640b530fbc47)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The SRCREV in the busybox git recipe did not point to a commit ID
on the master branch. Point the variable to something reachable from
the master branch (which fixes this recipe's fetch()).
Suggested-by: Khem Raj <raj.khem@gmail.com>
(From OE-Core rev: 6ff2acbc72dc958cb3b97998462015010c44d946)
Signed-off-by: Brad Mouring <brad.mouring@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Busybox upstream fixed the issue where an incorrect comparison of
addresses led to bogus renegotiation of a new ll ip in 1.24. Backport
this change to 1.23.2.
(From OE-Core rev: 47cb52741c946b6bbe09d5ee9a9f2fe855e8d5fb)
Signed-off-by: Brad Mouring <brad.mouring@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes a proper D-Bus service file for obexd in systems that do
not support systemd.
(From OE-Core rev: 75c5dc8d4a5506bf5b89292a96c7b9f91e9d71c8)
(From OE-Core rev: a68ff298c8466adbce5f81b4f8104dfdc226eaf7)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This dependency is floating otherwise, It races against openssl-native
and when openssl config does not match with openssl on build host the
build fails occasionally
x86_64-linux/usr/include/openssl/ripemd.h:70:4: error: #error RIPEMD is
disabled.
# error RIPEMD is disabled.
Change-Id: I5ff6d8f058ff99c64ad4dc7c0377724071003ae6
(From OE-Core master rev: d0c8d98077622a700d92384f676770cb4d6d4f46)
(From OE-Core rev: 0e3888cc455139bc5ca6080b1d2bc897f42ef7ad)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than modifying files in .git/hooks, which can be read-only
(e.g., if it is a link to a directory in /usr/share), move away the
entire .git/hooks directory temporarily.
(From OE-Core master rev: a88d603b51a9ebb39210d54b667519acfbe465c3)
(From OE-Core rev: 09a2718cb030f8cce202ded0e823cadea4c71f6a)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the name to core2-32 from core2.
There's no AVAILTUNES with the name core2. Make sure that we specify
the correct TUNE name so PACKAGE_EXTRA_ARCHS is expanded correctly.
[ YOCTO #9197 ]
(From OE-Core rev: 0903d6f0098f112d4263812df109e0c44c166db8)
(From OE-Core rev: 883c38cf0e59082276f933f9b47e276b6b88270f)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Anuj Mittal <anujx.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We get below host contamination warnings of license files for
each recipe, when we try to create a separate ${PN}-lic package (which
contains license files), by setting LICENSE_CREATE_PACKAGE equal to "1"
in local.conf.
-- snip --
WARNING: QA Issue: libcgroup: /libcgroup-lic/usr/share/licenses/libcgroup/generic_LGPLv2.1 is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: attr: /attr-lic/usr/share/licenses/attr/libattr.c is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: bash: /bash-lic/usr/share/licenses/bash/COPYING is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
-- CUT --
Since the license files from source and OE-core, are populated in a normal
shell environment rather in pseudo environment (fakeroot); the ownership of
these files will be same as host user running bitbake. During the do_package
task (which runs in pseudo environment (fakeroot)), os.link preserves the
ownership of these license files as host user instead of root user.
This causes license files to have UID same as host user id and resulting in
above warnings during do_package_qa task.
Changing ownership of license files to root user (which has UID and GID as 0)
under pseudo environment will solve above warnings, and on exiting pseudo
environment the license files will continue to be owned by host user. Perform
this manipulation within try/except statements, as tasks which are not exected
under pseudo (such as do_populate_lic) result in OSError when trying to
change ownership of license files.
(From OE-Core master rev: a411e96c3989bc9ffbd870b54cd6a7ad2e9f2c61)
(From OE-Core rev: c87a3507c4557827b3a495a876cf6411ce225407)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ISC DHCP allows remote attackers to cause a denial of
service (application crash) via an invalid length field
in a UDP IPv4 packet.
(From OE-Core master rev: f9739b7fa8d08521dc5e42a169753d4c75074ec7)
(From OE-Core rev: 71c92a9e62f4278a946e272b0798d071191dd751)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GNU make segfaults when run in a chroot environment because
of a known bug in GNU make 4.1. See [1] for details.
Works if /dev/pts is mounted before chroot.
[1] http://savannah.gnu.org/bugs/?43434
[YOCTO #9067]
Reported-by: Alexander Larsson <alexl@redhat.com>
(From OE-Core master rev: 0fe2a4b428b1b9a937914d87ec089b5a64f641eb)
(From OE-Core rev: 1def72ab689bbf0d2974ab771febf241befa2495)
Signed-off-by: Anuj Mittal <anujx.mittal@intel.com>
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The Xorg libraries use REQUIRED_DISTRO_FEATURES to stop building on
distributions without the x11 feature but this stops people building native
tooling that uses libX11, such as libsdl-native.
(From OE-Core rev: f2970211690be3cb99ef7404f98010f3fecae45d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the DEPENDS are added as part of the PACKAGECONFIG logic the list of
packages are expanded so that any required nativesdk-/-native/multilib prefixes
and suffixes are added.
However the special handling of virtual/foo names doesn't check that the prefix
already exists, which breaks under nativesdk as in that situation there's an
explicit nativesdk- prefix *and* MLPREFIX is set to nativesdk-. This results in
the same prefix being applied twice, and virtual packages such as virtual/libx11
ending up as virtual/nativesdk-nativesdk-libx11.
(From OE-Core rev: 9e7d207e207bf0319b09d403d87d37f24e3dfbee)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the resulting /etc/os-release file have valid shell
assignment syntax. This makes it loadable by a shell script, using the
'source' command:
source /etc/os-release
(From OE-Core rev: bab590d738e218fb2da2b3bf27933fe4562de870)
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: f6e0ea000fa3b9a726ab56500f643f9902371618)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
U-Boot needs the U-Boot header in a ramdisk image to boot it.
Add this header to the cpio.gz image, so that it can be booted
with U-Boot.
(From OE-Core rev: 240ecb6ac624cd6e5d813d8144c7a7f2d7adb31f)
Signed-off-by: Arnold Csorvasi <arnold.csorvasi@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 8376fa3d4ef6175b83ab7f1ec8e4e20ec14964f4)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use PACKAGECONFIG instead of using logic in DEPENDS and EXTRA_OECONF, adding new
options for PulseAudio, tslib, DirectFB, OpenGL and X11. Pass
--disable-x11-shared so that it links to the X libraries instead of using
dlopen().
Disable tslib by default as the kernel event input subsystem is generally used.
SDL's OpenGL support requires X11 so check for both x11 and opengl, and merge
the dependencies.
Finally enable native builds, with a minimal PACKAGECONFIG that will build from
oe-core for native and nativesdk.
(From OE-Core rev: 66205c6096ce9d8bc828bf9b61d927cb495f69b1)
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 3d6c31c3a4ff34376e17005a981bb55fc6f7a38f)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The procces to do a wic image is to save a file with
variables required by wic and then call wic using this
file. Because this is external to bitbake if the vars
change, the image won't be rebuild; an example of such
is IMAGE_BOOT_FILES.
This patch adds these variables to vardeps of do_rootfs
when a wic image is build. This will rebuild the image
if a variable needed by wic changes.
[YOCTO #8693]
(From OE-Core rev: 91d4706d356659e46923a8314f1a2aa259ead4fe)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 12c54d50ed4c321dc272beb3c6cb770965c979f1)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hardcoding a full input path with zero flexibility goes against everything the
Yocto Project is about. Rework it to let the user specify the wks base
filename with WKS_FILE and it'll search the layers for the wks file and use
it.
(From OE-Core rev: cb5c5d950a83b85881eeadc0362230fa2720962f)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 8cc7f5229f5447c2183ac319dd52c7ed737ec89b)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
https://www.openssl.org/news/secadv/20160301.txt
(From OE-Core rev: c99ed6b73f397906475c09323b03b53deb83de55)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Not required for master, an update to 1.0.2g has been submitted.
Backport to fido is required.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch from http://w1.fi/security/2015-5/
and rebase for wpa-supplicant 2.4
(From OE-Core rev: 4d0ebfd77c07475494665dde962137934dd2194a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Not needed in master since the upgrade to 2.5
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 0c702756dd0009c4112028fbf2479a346867b32c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
(From OE-Core rev: 646a8cfa5398a22062541ba9c98539180ba85d58)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
(From OE-Core rev: ca7cbcf22558349f0b43ed7dc84ad38d7c178c55)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2015-7511 libgcrypt: side-channel attack on ECDH with Weierstrass curves
affects libgcrypt < 1.6.5
Patch 1 is a dependancy patch. simple macro name change.
Patch 2 is the cve fix.
(From OE-Core rev: c691ce99bd2d249d6fdc4ad58300719488fea12c)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2016-2225 Make sure to always terminate decoded string
This change is being provide to comply to Yocto compatiblility.
(From OE-Core rev: 093d76f3f4a385aae46304bd572ce1545c6bcf33)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2016-2224 Do not follow compressed items forever.
This change is being provide to comply to Yocto compatiblity.
(From OE-Core rev: 4fe0654253d7444f2c445a30b06623cef036b2bb)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd
affects libbsd <= 0.8.1 (and therefore not needed in master)
(From OE-Core rev: e56aba3a822f072f8ed2062a691762a4a970a3f0)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2015-7547: getaddrinfo() stack-based buffer overflow
(From OE-Core rev: cf754c5c806307d6eb522d4272b3cd7485f82420)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 05e551d821594b0f4c06328386b6a82e0801ac2a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use
(From OE-Core rev: 8322814c7f657f572d5c986652e708d6bd774378)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2016-0754 curl: remote file name path traversal in curl tool for Windows
(From OE-Core rev: b2c9b48dea2fd968c307a809ff95f2e686435222)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 7474c7dbf98c1a068bfd9b14627b604da5d79b67)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: f62eb452244c3124cc88ef01c14116dac43f377a)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
this address both
Socat security advisory 7 and MSVR-1499: "Bad DH p parameter in OpenSSL"
and Socat security advisory 8: "Stack overflow in arguments parser
[Yocto # 9024]
(From OE-Core rev: 0218ce89d3b5125cf7c9a8a91f4a70eb31c04c52)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
this patch fixes an incomplete patch in CVE-2015-8126
(From OE-Core rev: f4a805702df691cbd2b80aa5f75d6adfb0f145eb)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
(From OE-Core rev: d0a8313a03711ff881ad89b6cfc545f66a0bc018)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character
this time with the recipe changes.
(From OE-Core rev: 62d6876033476592a8ca35f4e563c996120a687b)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
(From OE-Core rev: 307056ce062bf4063f6effeb4c891c82c949c053)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: a2b1d9a6f0f29a2d21c80e549b10f3522df20c11)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add patch from commit 96b1b5c127e9e0e637aaf7948cf3330a94a5cd57 to cross-localedef-native
to avoid broken images built with ENABLE_BINARY_LOCALE_GENERATION set to 1:
$ sh -c "export LANG=de_DE; ls -la"
sh: loadlocale.c:130: _nl_intern_locale_data: Assertion `cnt < (sizeof (_nl_value_type_LC_COLLATE) / sizeof (_nl_value_type_LC_COLLATE[0]))' failed.
Aborted
(From OE-Core rev: 2ddfcfaa996d8c675b5c161acb605dc5573eba67)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 113812945c3cddfec75d67d781c0fa2d7ee02762)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we don't do this, we can use an mke2fs.conf from a different path which
may contain incompatible flags and lead to obtuse build failures such as:
Invalid filesystem option set: has_journal,extent,huge_file,flex_bg,metadata_csum,64bit,dir_nlink,extra_isize
To fix this, wrap the mke2fs binary and its hardlinks and point at the
correct configuration file.
In particular this fixes conflicts between master and jethro builds
affecting the main autobuilder.
(From OE-Core rev: 0ef6277463517fb0e52b4bd65ca5f6ab42315773)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: f3831307d7c849e60c4141f7bfe4067ec5ff224a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If there are multiple builds on the same machine then piglit writing it's
generated sources to /tmp will race. Instead, export TEMP to tell the tempfile
module to use a temporary directory under ${B}.
(From OE-Core rev: 226a26e51eb0789686509d3e22a3766e2e3e8666)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring(), and upgrades to LINUX_VERSION 4.1.17
(From OE-Core rev: f070d5fee56a4589a6abf422e6872373c5557c6d)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring()
(From OE-Core rev: 8cb97ea8ed59ee77c0542b50d1af65bf9a3c3fef)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
