| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use MIRRORS to provide git repo fallbacks using the https protocol,
for cases where git native protocol fetches may fail due to local
firewall rules, etc.
These rules should cover all git native repos used by recipes within
oe-core, with the exception of mtd-utils, for which there's currently
no upstream alternative to the git native protocol for anonymous
access ( see http://git.infradead.org/mtd-utils.git ).
(From OE-Core rev: abb8895d5b42a5dc171360a261a2652acd14ee7e)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
http://sv.gnu.org/ now redirects to http://savannah.gnu.org/
(From OE-Core rev: cf21f45fc7fa7a70df48e9eb6bdf38d0aa902f9b)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
[YOCTO #11730]
Include .kernel-meta directory in the prune list of the find to
prevent .kernel-meta directory included into installable package.
(From OE-Core rev: 3bcf227dc68f215b2d4d7b58aeea71d237ac719e)
Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: b3175533438801a4244bc2eb102fd72613f74289)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
1.4.6 -> 1.4.7
(From OE-Core rev: c05beaee30f4389fb59693e6690ab156214bcc74)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Put it in goarch.bbclass which all go related recipes inherit.
(From OE-Core rev: 9e899bbc081cb932c1492f6d6802b908d70ef42f)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added e2fsprogs-native to the list of default dependencies for
wic (WKS_FILE_DEPENDS_DEFAULT) as all fs-related utilities
have to be in this list.
Thanks to Patrick Ohly for noticing this.
[YOCTO #11817]
(From OE-Core rev: b1d9f5ba5d75c6e4dae10d9d9b2c03fd3099721d)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
test_mkfs_extraopts test case fails on ab with error caused
by using -K --mixed options:
output: extent-tree.c:2696: btrfs_reserve_extent: BUG_ON `ret` triggered, value -28
For this test case it's not important to use particular options,
so changing options to anything less influential is OK.
Changed extra options for mkfs.btrfs to '--quiet' to fix the failure.
(From OE-Core rev: 6a1489f8deb2b26181ca340a0f6ef62aa18a5188)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
RPM file signing is enabled with --with-imaevm during configuration.
If enabled, the RPM signing tool rpmsign will call libimaevm.so provided
by the recipe ima-evm-utils.
(From OE-Core rev: 9d7797e4374c111f0dff523fd49354bcc33dc2af)
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Added e2fsprogs-native to the list of dependencies for wic-tools
as all fs-related utilities have to be in this list.
(From OE-Core rev: d0ebcf62109d6a131e02cd4c0f04bba203ed6579)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
A change from Ross removed the dual -dev/-dbg packages but this broke
deb/ipk rootfs constuction due to a dependency on a package which doesn't
exist (for dev-pkgs images). Remove the dependency on that package to
allow images to build.
(From OE-Core rev: 51b3ee298635b11d5784caaa0ac1c8f4034c25a5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we have more than one CONVERSION_CMD being used, for example
ext4.gz.sha256sum we will see errors about "metadata is not
deterministic". This is because we do not have a stable order of
intermediate files that will be removed in the generated shell command.
We fix this by calling sorted() on the set of rm_tmp_images so that we
will have a stable hash again.
Cc: Patrick Ohly <patrick.ohly@intel.com>
(From OE-Core rev: 98a2afeb3a53bec7a72a4a9846e1dba636cc6f3d)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add 'bitbake -m' to the sync method and ensure all process related to
bitbake are correctly unloaded before doing the different measurements.
Also add a call to sync funtion on Test4 before final measurment of
eSDK deploy dir disk usage.
(From OE-Core rev: 9210c9ce051dfffaa7afa36bb4a926cea289ffd4)
Signed-off-by: Jose Perez Carranza <jose.perez.carranza@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: f4e86314dac536755b2489a5b442b0f36909cae5)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 7ca10a92b9f7a9102d44e3b110a485917fa0224a)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the introduction of chaining compression/conversion support we can
convert the old image_types_uboot.bbclass code that did a hand-chaining
of a set of ${filesystem}.${compression} into generic and arbitrary
support to sign whatever the user wants to sign for their image.
This, for the record, does remove setting a valid compression type in
the record in favour of just saying none. This is not a generally
useful feature in U-Boot and I believe being versatile in terms of being
able to pass in arbitrary compressions is more important.
(From OE-Core rev: 65f27122950a35a67ce39ae4cfe93d0dca6b0dab)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When chaining of compression/conversion types was added, we had a new
way to handle doing things like "ext4.bz2.sha256sum" or
"ext2.gz.u-boot". However, because the U-Boot image class isn't
included normally, it wasn't properly converted at the time. After the
support was added the "clean" argument that the .u-boot code uses no
longer functions. The fix for this inadvertently broke chaining
compression/conversion. First, correct the u-boot conversion code.
Fixes: 46bc438374de ("image.bbclass: do exact match for rootfs type")
Cc: Zhenhua Luo <zhenhua.luo@nxp.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Patrick Ohly <patrick.ohly@intel.com>
(From OE-Core rev: 0a7ce0b971a208956cb895ba5a869ec8c5d94703)
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As we're not using them and they're getting in the way of
reproducibility.
[YOCTO #11718]
(From OE-Core rev: 1bd3ed18379c330c1c733dc9f043dbbe8aa0d254)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: b56e33fa439429f6d93860a49653ba1b16e00bbb)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com>.
(From OE-Core rev: 791a3493c88c9c249f21f6d893b2061e1d8a0af6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
FTP is inferiour to HTTP is all respects, so use the HTTP URL for the tarball.
(From OE-Core rev: 6a9e38be6e9dcbeff033944f9a3a18e3838af10d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using shutil.copy2() to copy .git/index to a temporary file tries to
copy SELinux attributes which might fail for confined users in SELinux
environments.
E.g. our builders are running in docker containers and modification of
sources (inclusive updated of .git/index) is done outside. Trying to
copy .git/index fails with
| $ python3 -c 'import shutil; shutil.copy2("index", "a")'
| ...
| PermissionError: [Errno 13] Permission denied: 'a'
and an AVC like
| denied { relabelto } for pid=18043 comm="python3" name="a" dev="dm-29" ino=1067553 scontext=system_u:system_r:container_t:s0:c39,c558 tcontext=unconfined_u:object_r:build_file_t:s0 tclass=file permissive=0
is created. This can not be solved by adapting the SELinux policy because
this is a very deep constraint violation:
| constrain file { create relabelfrom relabelto } ((u1 == u2 -Fail-) or (t1 == can_change_object_identity -Fail-) ); Constraint DENIED
|
| Possible cause is the source user (system_u) and target user (unconfined_u) are different.
I do not see much sense in using 'shutil.copy2()' here; 'shutil.copyfile()'
seems to be a better choice (target file is created in a secure way by
tempfile.NamedTemporaryFile()).
By placing the tempfile into /tmp we avoid potential problems related to
git's 'core.sharedRepository'. As a (positive) side effect, the source
tree will not be modified anymore (at least by this part of code) which
prevented to mount it read-only from somewhere else.
(From OE-Core rev: 3c3c8ecc61dfed68987750d79b5482ab2f6fa02f)
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
They are redundant since nopackages are being inherited.
(From OE-Core rev: 71af69fa898e5614920710ca9e0cea832a2401e4)
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
They are redundant since nopackages are being inherited.
(From OE-Core rev: 2414e9f286d34af2db5982a988b78362decb7961)
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Drop deltask do_package* syntax, inheriting nopackages instead.
(From OE-Core rev: 2eee6c4ac9ce1b020e9a6658a957459f1915fdb1)
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wic will attempt to use pseudo from the wic-tools sysroot to run, but it
was only sure to be in there if do_install had executed - which is not
the case if it had been restored from sstate, in which case it failed
horribly as seen when running the wic.Wic.test_fs_types and
test_mkfs_extraopts tests on the Yocto Project autobuilder recently. Add
an explicit dependency on pseudo-native to ensure it's always there.
(From OE-Core rev: ada7408a55ec58e4aa1b094462f8a681e60be613)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The distro should set a default kernel type (?=) which could be
overriden by local.conf (=) or extensions (templates). The kernel itself
should only use "??=" to provide a value which allows builds to succeed.
(From OE-Core rev: d3a41fbd94462efc8c6f1b55f6fb54001b447c45)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PV is the recipe major version number. cve-check tries to map that to
NVD database release versions of the component. If the recipe sources
are taken from git, the PV can be automatically modified to include
git details, but the syntax is like 233+gitAUTOINC+a1e2ef7ec9.
In CVE checks we want to remove the git details and just use the major
version information, in this example 233.
Thus use "+git" as the separator and use the first part before the separator
as SW product version number in CVE check.
Fixes version number for e.g. systemd recipe. If systemd PV is
233+gitAUTOINC+a1e2ef7ec9 there will be no matches from CVE database where
latest release mentioned is plain 233. If the filter is set to +git, then
CVE PV is 233 and issues like this are detected by do_cve_check:
https://nvd.nist.gov/vuln/detail/CVE-2017-1000082
(From OE-Core rev: db8815abe3db60b0510fb378bf6d82172c2f2768)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we had a gst-python recipe, but it supported only GStreamer
0.1. After GStreamer switched the Python bindings to use GObject
introspection, we were no longer able to build the bindings, and they
were dropped in this patch:
https://patchwork.openembedded.org/patch/93793/
However, at this point, we have a gobject-introspection class, so we can
use the bindings again, this time with GStreamer 1.0.
(From OE-Core rev: 6650bd1b9c770b01525356f9a1fabd758360ee8f)
Signed-off-by: Martin Kelly <mkelly@xevo.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
in config.log we can see:
WARNING: aarch64-linaro-linux-pkg-config not found, library detection may fail.
ffmpeg configure script is not looking for pkg-config at the rigt place since it
is assuming cross compilation. let's force its value in the recipe.
This patches 'fixes' library detection, so it also adds:
--disable-libxcb
--disable-libxcb-shm
--disable-libxcb-xfixes
--disable-libxcb-shape
Which were dangling configure options, which started to be enabled after the
pkg-config fix, so they need now to be explicitely disabled. Follow up patch
will enable these options when DISTRO_FEATURES has x11.
(From OE-Core rev: 3d5f11f0a1fd036e28a1d3f0c3169d8e21cc1358)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The image consists only of the EFI system partition, therefore
we can avoid depending on the default wic tools.
(From OE-Core rev: f147b2502ae53d63a884a46e994ae18e12ec4ef6)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Enabling sdl2 will bring ffplay applications, which can be handy when working
with ffmpeg.
(From OE-Core rev: 5c880eb08ec29e169b9f6b7d6f2e0598a0395d30)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is used by NVD database CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2017-7273
Setting this in kernel.bbclass fixes CVE reporting for all users of
the class.
(From OE-Core rev: 2e3d325440a50265c73f7d2e782530a02458bc33)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This way also bbclasses can override it. For example kernel.bbclass
could set CVE_PRODUCT to linux_kernel for all users of the class
which compile Linux kernels.
(From OE-Core rev: 74672a7de5ada45ab8e25b89cbdea3ec33b63b7f)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD database CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2015-1863
(From OE-Core rev: cc3882ca2fea2c5a8830311eeb7840ae98da9b3c)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-6153
(From OE-Core rev: cec6f26f4d2f16c9a58fac5a6344e3d43b36ed09)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2012-3417
(From OE-Core rev: 07be7cb9405e4a6289edad8afb3a50c1f8651620)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2010-3386
(From OE-Core rev: 1c6643f139911ab27618d20f9d4ca609235a680b)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
All python versions are just python in NVD like this CVE
for python 3.4.4:
https://nvd.nist.gov/vuln/detail/CVE-2016-5699
(From OE-Core rev: 848e1be494e8ea10c729f95f02acb366e1843d75)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is used in NVD database entries like CVE:
https://nvd.nist.gov/vuln/detail/CVE-2016-1951
(From OE-Core rev: c75e5d3f4b9293cf2f2ebdd3a23743b3df7aa3df)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD to CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2017-6892
(From OE-Core rev: adfb1c7fe28a6ef2bcf698f7415fd86b01bdc489)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2017-7697
(From OE-Core rev: baafa21919082a8b61af3345c35922d205b254c6)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD as product name for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2017-8786
(From OE-Core rev: ce32c5b8ee77012b36c74323f298dc561741aebd)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is used in NVD for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2017-7246
(From OE-Core rev: 523e823988f08679a384a14c4e768b2819f8a6bf)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
NVD uses it for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2014-8146
(From OE-Core rev: eaac39100cadc81c89e6eb5ab389cd684699aa90)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
All recipes which include this .inc map to glibc NVD component.
(From OE-Core rev: 613a13725db4e05539974cc7c66584a287d7b4bd)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
NVD uses product glib and vendor gnome for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2016-6855
(From OE-Core rev: 69d6342d45316389afb4b062088919689db0a6dd)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
All recipes which include this are using gcc as product name in NVD like
https://nvd.nist.gov/vuln/detail/CVE-2015-5276
(From OE-Core rev: bd6f1430334412588c143d8029be39fe814672cd)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
NVD uses product name libflac for CVE's like:
https://nvd.nist.gov/vuln/detail/CVE-2014-8962
(From OE-Core rev: e09bd27059b26affddf466f4e55a7f4c719c3b17)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Upstream is called eglinfo no matter how the recipes are named.
There are no existing CVE's for eglinfo in NVD yet.
(From OE-Core rev: 0b8e2a017e117810c83039a316a11da66fe148b1)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
