summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* build-appliance-image: Update to dizzy head revisionyocto-1.7.3dizzy-12.0.3Richard Purdie2015-09-291-1/+1
| | | | | | (From OE-Core rev: 7bb182bdd130266100fc541fd09b82d09c51cd80) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: run recipe-provided hooks outside of ${B}Ross Burton2015-09-291-16/+14
| | | | | | | | | | | | To avoid races between the sstate tasks/hooks using ${B} as the cwd, and other tasks such as cmake_do_configure which deletes and re-creates ${B}, ensure that all sstate hooks are run in the right directory, and run the prefunc/postfunc in WORKDIR. (From OE-Core rev: dc8546241a66c6eb076dc67fd165b5216b822ced) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722Armin Kuster2015-09-194-0/+589
| | | | | | | | | three security fixes. (From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: CVE-2014-8146-CVE-2014-8147Sona Sarmadi2015-09-192-0/+50
| | | | | | | | | | | | | | | | | CVE-2014-8146 icu: heap overflow via incorrect isolateCount CVE-2014-8147 icu: integer truncation in the resolveImplicitLevels function References: [1] https://github.com/pedrib/PoC/raw/master/generic/i-c-u-fail.7z [2] https://www.kb.cert.org/vuls/id/602540 [3] http://bugs.icu-project.org/trac/changeset/37080 [4] http://bugs.icu-project.org/trac/changeset/37162 (From OE-Core rev: 1bc6391f65dec41ff0360b625b7a85a161e43955) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oprofileui: Use inherit gettextSaul Wold2015-09-191-1/+1
| | | | | | | | | | | | | | oprofileui uses gettext during the configuration task so should be inherit gettext. This issue appears when an older version of gettext is used do to pinning to the older non-gplv3 version. [YOCTO #7795] (From OE-Core rev: 9a747554ba985970009a065f3403b94565e698e3) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: CVE-2015-3308Sona Sarmadi2015-09-193-0/+100
| | | | | | | (From OE-Core rev: 75b25e7d463ed1af0fd9b3dd56e407e6e72b0f6a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs.py: show intercept script output in log.do_rootfsMartin Jansa2015-09-191-1/+1
| | | | | | | | | | | | | | | * without this the output wasn't shown anywhere even when the bb.warn says: "See log for details!" (From OE-Core rev: a3c322b42c7a14584a80e04519c34689ec813210) (From OE-Core rev: b708151b798013119cbc651cd11a534c0cb816af) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs.py: Allow to override postinst-intercepts locationMartin Jansa2015-09-191-2/+4
| | | | | | | | | | | | | * useful when we need to overlay/extend intercept scripts from oe-core (From OE-Core rev: 7d08d2d5c0ae686e3bb8732ea82f30fd189b1cd8) (From OE-Core rev: 2374910466d82c817d74e9098a1636b21ff779af) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base.bbclass: Note when including pn with INCOMPATIBLE_LICENSESBeth Flanagan2015-09-191-3/+26
| | | | | | | | | | | | | | | | | | | We need to be able to tell people if we WHITELIST a recipe that contains an incompatible licese. Example: If we set WHITELIST_GPL-3.0 ?= "foo", foo will end up on an image even if GPL-3.0 is incompatible. This is the correct behaviour but there is nothing telling people that it is even happening. (From OE-Core rev: c9da529943b2f563b7b0aeb43576c13dd3b6f932) (From OE-Core rev: c468724d2932708dffc766e182a69665de6226f6) Signed-off-by: Beth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autotools.bbclass: mkdir ${B} -> mkdir -p ${B}Robert Yang2015-09-191-1/+1
| | | | | | | | | | | | ${B} is the default cwd of tasks, so there might be race issues such as: | mkdir: cannot create directory `${B}': File exists [snip] NOTE: recipe perf-1.0-r9: task do_configure: Failed (From OE-Core rev: 3390dde6addaafad84c635eb37d2eae1ac22fcb7) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: mkdir ${B} -> mkdir -p ${B}Robert Yang2015-09-191-1/+1
| | | | | | | | | | | | ${B} is the default cwd of tasks, so there might be race issues such as: | mkdir: cannot create directory `/path/to/work/qemux86-poky-linux/perf/1.0-r9/perf-1.0/': File exists [snip] NOTE: recipe perf-1.0-r9: task do_configure: Failed (From OE-Core rev: 197d9fb922cc234294e8ca090bddfcd023fc82ce) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: fix test_incremental_image_generation for changes in log outputYi Zhao2015-09-011-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | test_incremental_image_generation case failed because the log output chanaged: FAIL: test_incremental_image_generation (oeqa.selftest.buildoptions.ImageOptionsTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "/buildarea3/yzhao1/poky-build/meta/lib/oeqa/utils/decorators.py", line 90, in wrapped_f return func(*args) File "/buildarea3/yzhao1/poky-build/meta/lib/oeqa/selftest/buildoptions.py", line 25, in test_incremental_image_generation self.assertEqual(0, res.status, msg="No match for openssh-sshd in log.do_rootfs") AssertionError: 0 != 1 : No match for openssh-sshd in log.do_rootfs ---------------------------------------------------------------------- Using re search instead grep (From OE-Core rev: 1872a9430cec0c61f1ec349df198160addd430de) (From OE-Core rev: afecc84cdd491789e62fb191a4f03de61e408629) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemurunner: Improves checking for server and target IPs on qemus parametersAlejandro Hernandez2015-09-011-5/+8
| | | | | | | | | | | | | Fixes OS hanging infinitely waiting for qemus process to release bitbake.lock (From OE-Core rev: d168bf34c553dbe5de7511e158cd83869d7a88bc) (From OE-Core rev: 99ac0971aecb1b6bc113da28b79d169095e6b671) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/utils/qemurunner: fix loggingPaul Eggleton2015-09-011-25/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | OE-Core commit 519e381278d40bdac79add340e4c0460a9f97e17 unfortunately broke logging in two different ways: 1) it prevented logging to the task log from working within bitbake -c testimage. This is due to the logger object being set up too early which interferes with BitBake's own logging. If we prefix the name with "BitBake." everything works (and we don't need to set the logging level). 2) Additionally because it called the log functions on the logging module and not the logger object it set up, this caused the oe-selftest logging to start printing everything from that point forward. Fix these two issues and return us to the desired behaviour for do_testimage. (From OE-Core rev: 429b1971be06d5146bb1c14f4697966cddab3b33) (From OE-Core rev: 144c6a2d711f7cf4dafc22999ed8cf4cdb329dfc) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/QemuRunner: don't use bb for loggingRoss Burton2015-09-011-29/+32
| | | | | | | | | | | | | | | | | Instead of using bb.note() etc for logging use logging.Logger directly, allowing the use of QemuRunner outside of bitbake. Also clean up the logging/errors by moving create_socket() out of __init__()/restart() and into start(). (From OE-Core rev: 519e381278d40bdac79add340e4c0460a9f97e17) (From OE-Core rev: c3c87fa26fec8c6e620ad2f1ce95b989f8c108ed) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu-slirp: CVE-2014-3640Sona Sarmadi2015-09-012-0/+49
| | | | | | | | | | | | | | | | | Fixes NULL pointer deref in sosendto(). Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640 Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=9a72433843d912a45046959b1953861211d1838d (From OE-Core rev: f63a4f706269b4cd82c56d92f37c881de824d8bc) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: fix unexpected operator for LICENSE values with spaceMartin Jansa2015-09-011-1/+1
| | | | | | | | | | | | | | | * add quotes around pkged_lic so that it works correctly with spaces * fixes following error: run.license_create_manifest.50601: 193: [: GPLv2: unexpected operator (From OE-Core rev: 2bb8b2abb689d91b7b7e28e6bd528747bde94dd2) (From OE-Core rev: 4c31f726cf1ea2e01b1fbf1c23e96a110fbb9623) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license_class: fix license.manifest shows LICENSE field differently to recipeAníbal Limón2015-09-011-6/+7
| | | | | | | | | | | | | | | | Drop removal of [|&()*] operators in pkged_lic because this removal is only needed to validate if license is collected. [YOCTO #6757] (From OE-Core rev: 57e5f74382d51f2a8df00e18b6008e3d2b44ad1a) (From OE-Core rev: a5fe29ff72dc2ce1667caa2ab1fdfbf2c1a4413b) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-conf: fix SRC_URI_appendMartin Jansa2015-09-011-3/+3
| | | | | | | | | | | | | | | * add leading space so that it works even with some .bbappend adding additional files to SRC_URI without trailing space (From OE-Core rev: 0f282f1d4946ac6e81959c66172c115405632a26) (From OE-Core rev: 55b183aa476754b050779d36dfbb03eb936443ad) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu-vnc: CVE-2014-7815Sona Sarmadi2015-09-012-0/+54
| | | | | | | | | | | | | | | | | | | | Fixes an uninitialized data structure use flaw in qemu-vnc which allows remote attackers to cause a denial of service (crash). Upstream patch: http://git.qemu.org/?p=qemu.git;a=commit; h=b2f1d90530301d7915dddc8a750063757675b21a References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 http://www.securityfocus.com/bid/70998 (From OE-Core rev: 31e3d1bab6612d8116086f9ada048a0c094fb2c8) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: CVE-2014-7840Sona Sarmadi2015-09-012-0/+58
| | | | | | | | | | | | | | | | | Fixes insufficient parameter validation during ram load Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit; h=0be839a2701369f669532ea5884c15bead1c6e08 (From OE-Core rev: 0bd4b0c7ede8a52559e4bf05085a3f0d46a0a280) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind9.9.5: CVE-2015-5477Sona Sarmadi2015-09-012-0/+46
| | | | | | | | | | | | | | | Fixed a flaw in the way BIND handled requests for TKEY DNS resource records. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477 https://kb.isc.org/article/AA-01272 (From OE-Core rev: 18a01db3f2430095a4e6966aed5afd738dbc112e) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Use SSTATE_DIR for FILESPATHRichard Purdie2015-09-011-1/+3
| | | | | | | | | | | | | | | FILESPATH was only being overridden in one fetch location, it should be equally handled in both. Also use SSTATE_DIR as FILESPATH so that mirror urls which do remapping can search the local SSTATE_DIR for other paths. Also ensure that MIRRORS is removed in both locations, previously it was only unset in one but both codepaths should be consistent. (From OE-Core rev: d66a45c52200f73e67ebb3e6e447907bb3334319) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnome: move introspection options to gnomebaseRoss Burton2015-09-012-4/+3
| | | | | | | | | | The gnome class is really a convenience class to include other classes, so move the introspection arguments into gnomebase.bbclass. (From OE-Core rev: d0bf0e5fd9c2cb18437ccca14b2f41d410aa832a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata, tzcode-native: drop older versions 2014h, 2015bMartin Jansa2015-09-014-34/+0
| | | | | | | | | * unlike in master, the older versions weren't dropped when upgrading to 2015d (From OE-Core rev: 1341554e582407e85697f05e3fcc82fcf29c9d56) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Add backslash lost from previous commitRichard Purdie2015-08-201-1/+1
| | | | | | (From OE-Core rev: 4621675632518caae3a8c2098ee36896b9372551) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Use the backport patch from grubSaul Wold2015-08-201-0/+1
| | | | | | | | | This fixes the build error seen on newer distros that use gcc5 such as Fedora22 (From OE-Core rev: ac135bd462dc4e674260fdb97c9e2e79c2e96460) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license_class: Fix choose_lic_set into incompatible licenseAníbal Limón2015-08-201-1/+2
| | | | | | | | | | | | Use canonical_license when doing evaluation of license expresion since INCOMPATIBLE_LICENSE are already canonized. [YOCTO #8080] (From OE-Core rev: 8687b8bb8233e7f867539d69463671aa9c0806e9) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Fix tarfix.patchRichard Purdie2015-07-271-7/+7
| | | | | | | | | Accidentally forgot to merge the backport changes into the commit. Fix so the patch applies correctly. (From OE-Core rev: 5f50f90ed824ea6a8d1d1b41a5345f51a15c443f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Fix for Fedora22 and new versions of tarRichard Purdie2015-07-272-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | They managed to 'break' tar. Again. Sorry, they fixed a regression which broke dpkg-deb. The addition of: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=163e96a0e619a900eab6de827c7c5749ecc9d3f2 ("Bugfix: entries read from the -T file did not get proper matching_flag.") means that the no-recursion option gets lost. This leads to many files getting included multiple times, along with files which shouldn't be there. The commit message is horrendous. The patch actually makes the option positional (as documnted since 2003) and therefore doesn't affect the input from the -T option. Moving the --no-reursion option to earlier in the command avoids the bug. The bug was not present in tar 1.28 however it has been backported in at least Fedora 22 and heading into Fedora 21. Redhat reports of issue: https://bugzilla.redhat.com/show_bug.cgi?id=1230762 [tar] https://bugzilla.redhat.com/show_bug.cgi?id=1241508 [dpkg] Discussion of bug in upstream tar: http://www.mail-archive.com/bug-tar@gnu.org/msg04799.html [YOCTO #7988] (From OE-Core rev: 6be698b7270f73f40d38713ecf13f12aec0ced61) (From OE-Core rev: 386898afde40971653af646d55e64aef65807e3b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-devtools/dpkg/dpkg_1.17.25.bb
* oeqa/bbtests: Fix to ensure DL_DIR is setRichard Purdie2015-07-261-6/+9
| | | | | | | | | | | write_config overwrites the config rather than appends to it, so ensure we write both variables in one go. (From OE-Core rev: c94ba6160d5965d4d2071154b43112eb87f4c898) (From OE-Core rev: c58814c910d813a761b5c0e3ba63d6fddef86cc9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/bbtests: Fix race over DL_DIR and SSTATE_DIRRichard Purdie2015-07-261-0/+6
| | | | | | | | | | | | | | | | | | | | Running "-c cleanall" on shared DL_DIR and SSTATE_DIR is antisocial. It leads to hard to debug races where we wonder why files disappear and reappear from those directories. Fix this by using a specific set of directories for these tests. This avoids a long standing bug on the autobuilder where aspell and man sources would disappear. [YOCTO #6276] (From OE-Core rev: 6b089c4a79dc3aae00c8a6e7ab0f6ba4b4b5f138) (From OE-Core rev: f1447c256e027553442cf507e217323f7868000c) (From OE-Core rev: e4434982e0d2c086ee946d3742c257daf31e8bfd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Fix subversion-native on Fedora22Richard Purdie2015-07-261-0/+1
| | | | | | | | | | | | | | | | Similarly to: http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=9b19d6548a345009a6de79a6820c07a72054d961 we also need to fix the subversion-native case with gcc5 by using the same fix to the BUILD_CPPFLAGS. (From OE-Core rev: a5e7a1e597e7bbe3bbc547f43a89d00a8a9a9924) (From OE-Core rev: 7d445547df528aa9e5bfb85568a7270e27f633ef) (From OE-Core rev: 7e57945be22c1d141c6a9be6f73f585cd07938a6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Add -P to CPPFLAGSKhem Raj2015-07-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | see https://gcc.gnu.org/gcc-5/porting_to.html we need to stop the preprocessor from generating the #line directives or we run into issues like | checking for apr_int64_t Python/C API format string... | configure: error: failed to recognize APR_INT64_T_FMT on this platform | Configure failed. The contents of all config.log files follows to aid debugging | ERROR: oe_runconf failed Rightly subversion should be fixed but lets leave that to subversion folks Change-Id: I02a89798ff949f79967ab0a73adcddaa4218662d (From OE-Core rev: 7793b1c425077ed6ed11a9bc2a8b1b96612b1c96) (From OE-Core rev: 4954cd6abad556d75beec860e82750bb1090a109) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cross-localedef-native: Use older C standards for older codeRichard Purdie2015-07-261-1/+1
| | | | | | | | | | This older code needs specific compiler options to allow it to work with gcc 5. These options are used in the 2.21 recipe in master/fido so this simply backports them. (From OE-Core rev: 447dba2a6a077c83083556ab79ab265d4b8a048f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Backport const qualifier fix for gcc-5Khem Raj2015-07-262-0/+34
| | | | | | | | | | | | | | | | gcc-5 is stricter and complains about const to non-const conversions, we backport the patch from upstream into 2.00 Change-Id: I17db365fdd253daaa1ab726e2a70ecad0ac7b2ae (From OE-Core rev: ea3d48471db19a2432e4afd86df8caad51ee5166) (From OE-Core rev: f396bcfdc4f05d0a047903262edc5b52f3c85b6e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-bsp/grub/grub2.inc
* binutils: fix native builds when host has gcc5George McCollister2015-07-262-0/+77
| | | | | | | | | | | | Cherry pick upstream commit to fix -Werror=logical-not-parentheses error when building with native gcc5. (From OE-Core rev: b3bd0dba3139a3e79bfcebe137248c7bdcadf04d) (From OE-Core rev: c8bc2d7913e11278990d1fe82066e26f7fc1c11b) Signed-off-by: George McCollister <george.mccollister@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix native builds when host has gcc5Martin Stolpe2015-07-261-0/+1
| | | | | | | | | | | | | | | | GCC"s preprocessor starts to add newlines which are not handled properly by ncurses build system startin from version 5.0. See also: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7870 (From OE-Core rev: 3a5435b371c84ec28b6936b8c8fa6541a592d061) (From OE-Core rev: 8492e143af25bf64d07fc117e7f1607aadf89f09) Signed-off-by: Martin Stolpe <martin.stolpe@gmail.com> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Security Advisory - libxml2 - CVE-2015-1819Yue Tao2015-07-202-0/+182
| | | | | | | | | | | | | | | | | | for CVE-2015-1819 Enforce the reader to run in constant memory (From OE-Core rev: 9e67d8ae592a37d7c92d6566466b09c83e9ec6a7) (From OE-Core rev: de6e4114d5285ea0d2a53d19c93ce96430cc9e30) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-core/libxml/libxml2.inc Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Fix CVE-2013-6435Leonardo Sandoval2015-07-202-0/+110
| | | | | | | | | | | | | | | | | | | Backport to fix CVE-2013-6435. Description on [1] and original patch taken from [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6435 [2] https://bugzilla.redhat.com/attachment.cgi?id=956207 [YOCTO #7181] (From OE-Core rev: 6bf846ed5ccd1a4d01b36630708b2b9aa9e69ed5) (From OE-Core rev: 74d4895c4d30a45af5856228a00810bd14e5e071) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Fix CVE-2014-8118Leonardo Sandoval2015-07-202-0/+44
| | | | | | | | | | | | | | | | | | | Backport patch to fix CVE-2014-8118. Description is on [1] and original patch taken from [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1168715 [2] https://bugzilla.redhat.com/attachment.cgi?id=962159 [YOCTO #7181] (From OE-Core rev: 0a1f924157cb75d0f67cf534762c89dc8656d352) (From OE-Core rev: f61750cfc3dd14a72b1ade4274b1a577136111fe) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: drop 12-cve-2014-9636-test-compr-eb.patchRoy Li2015-07-202-46/+0
| | | | | | | | | | | | | | 12-cve-2014-9636-test-compr-eb.patch is same as unzip-6.0_overflow3.diff, is to fix CVE-2014-9636 (From OE-Core rev: 9cf42db4e545cd260faf45931d3b3c63ab3b3aab) (From OE-Core rev: 7567dbc552819906a876b729e2a599ec412139a3) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-firmware: Package Marvell pci8897 and usb8897 firmwareNg Wei Tee2015-07-201-3/+16
| | | | | | | | | (From OE-Core rev: 86106da1068ec802ec9e1dd7bcdd9baf78182cb7) Signed-off-by: Ng Shui Lei <shui.lei.ng@intel.com> Signed-off-by: Ng Wei Tee <wei.tee.ng@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dbus: CVE-2015-0245: prevent forged ActivationFailureJussi Kukkonen2015-07-202-0/+49
| | | | | | | | | | | | Fix CVE-2015-0245 by preventing non-root and non-systemd processes from fooling the dbus daemon into thinking systemd service activation failed. (From OE-Core rev: a8aa06b2405dec31a306fdf47bd1fdf740fde7bd) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix four CVE defectsRoy Li2015-07-205-0/+278
| | | | | | | | | | | | | | Port four patches from unzip_6.0-8+deb7u2.debian.tar.gz to fix: cve-2014-8139 cve-2014-8140 cve-2014-8141 cve-2014-9636 (From OE-Core rev: 429ab46f975c05f65120beddf50099c7cb0b2f86) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315Roy Li2015-07-203-1/+451
| | | | | | | | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315 Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. (From OE-Core rev: f86a178fd7036541a45bf31a46bddf634c133802) (From OE-Core rev: 7c667c6aa0302649c125b0325a2e6f641810cb09) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: update --with-llvm-shared-libs configure optionAndre McCurdy2015-07-201-1/+1
| | | | | | | | | | | | | | As per the Mesa 10.2 release notes, "--with-llvm-shared-libs" has been renamed to "--enable-llvm-shared-libs". http://www.mesa3d.org/relnotes/10.2.html (From OE-Core rev: b534c13bb13c1ab2739daaf32b59d917e93106fd) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: install populate-extfs.shMartin Jansa2015-07-201-0/+2
| | | | | | | | | | | | | | | | * install populate-extfs.sh from contrib, be aware that in order to use it you need to set DEBUGFS shell variable, otherwise it will try to use debugfs from relative path which is almost always incorrect: CONTRIB_DIR=$(dirname $(readlink -f $0)) DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs" (From OE-Core rev: 1a3a7a1ba8c271acd13cb1d740ef83ee02829e33) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gpgme: fix CVE-2014-3564Kai Kang2015-07-202-1/+59
| | | | | | | | | | | | | | | | | | Backport patch to fix CVE-2014-3564. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f (From OE-Core rev: 421e21b08a6a32db88aaf46033ca503a99e49b74) (From OE-Core rev: 7643fe96bbce57995580162b5339674cc4a9c81f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta/recipes-support/gpgme/gpgme_1.4.3.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflowHaris Okanovic2015-07-202-0/+46
| | | | | | | | | | | | | | | | | | | | | | | Backport Arjun Shankar's patch for CVE-2015-1781: A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. https://sourceware.org/bugzilla/show_bug.cgi?id=18287 (From OE-Core rev: c0f0b6e6ef1edc0a9f9e1ceffb1cdbbef2e409c6) (From OE-Core rev: 96ff830b79c64d8f35c311b66906b492cbeeeb55) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-03 02:42:41 +0000