| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9843 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9843
(From OE-Core rev: 32db742922b6e4127d65abf42905a07eca6a2255)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9842 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9842
(From OE-Core rev: 715645a1be700e132a31aa9c40da1e66dd427ae8)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9841 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9841
(From OE-Core rev: aa650d4f5eb2b671e76d7c4da3ef080e26eed543)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add backported patch to fix CVE-2016-9840 which was fixed in zlib 1.2.9
https://nvd.nist.gov/vuln/detail/CVE-2016-9840
(From OE-Core rev: c34064cceeb56806ed8ddf3aff73a3971378066c)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream init script uses SIGUSR2 to terminate that daemon because
SIGTERM is ignored. As the killproc function does not support specifying
a signal, switch to start-stop-daemon. Drop the retry loop because
SIGUSR2 is lethal for agent.
(From OE-Core rev: 1e6235de0a3f6302cee37332f03b1ba403c789d1)
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tcf-agent ignores SIGTERM, so upstream uses USR2 instead. This issue was noticed
by Jan Kiszka and Brian Avery around the same time:
https://patchwork.openembedded.org/patch/139546/
https://patchwork.openembedded.org/patch/139560/
However, these patches fixed only the init scripts, not the systemd service
file. This patch fixes the systemd file.
(From OE-Core rev: f3c9d850af1c8dab9d46ddb136d84710e7f73fa2)
Signed-off-by: Martin Kelly <mkelly@xevo.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a conffile has been deleted (common when building a debugfs) the status
command will throw errors instead of handling that situation. Stop the code
being executed in the first place if it wasn't asked for, and handle errors
gracefully.
[ YOCTO #10761 ]
(From OE-Core rev: c32bca840d262ebc5ac93b06d0bce79729a178b1)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per the patch
(From OE-Core rev: a0cb33b3285de03ae901e474da255efc88811c2d)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Cherry-pick from meta-gplv2:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2/commit/?id=e42ded0ee35d0aab0de8fa090eda9f1c08bcbb4c
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are generated from --help output of the host tools which is clearly
incorrect, particularly given the older nature of this recipe. Simply
disable them entirely.
(From OE-Core rev: a70dc7d38764e1835ed947599b7fcbe3cc71d5b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cherry-pick from meta-gplv2:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2/commit/?id=46349e1a8734fb94a04bf7c234c01fa175333238
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When building for aarch64 (ie relying only on generic C code rather
than asm) libgmp.so contains undefined references to __gmpn_add_nc
and __gmpn_sub_nc which causes attempts to link with -lgmp to fail:
| .../usr/lib/libgmp.so: undefined reference to `__gmpn_sub_nc'
| .../usr/lib/libgmp.so: undefined reference to `__gmpn_add_nc'
Solution based on a historical patch posted to the gmp mailing list:
https://gmplib.org/list-archives/gmp-discuss/2006-May/002344.html
Cherry-pick from meta-gplv2:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2/commit/?id=d8668018d5d795be2297f878fd871a27edf532bf
(From OE-Core rev: 93af40ae113e9b505a9739ca2688360f12015fb7)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libevdev configure script contains an unconditional check for
libcheck. If libcheck is found, libevdev unit tests will be built.
Without a dependency, the presence of libcheck in sysroot is non
deterministic (in morty and earlier) and builds can fail if libcheck
is available during do_configure but not during do_compile.
(In pyro and later, the libcheck dependency is not required to make
libevdev builds deterministic due to recipe specific sysroots).
(From OE-Core rev: 9dc52a9959b05c9fa548f1991366f29ae873a793)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1
(From OE-Core rev: 8d53b03e8fa1bc20c0d77d6cd7869bd7f7325987)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1
(From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affects ruby < 2.4.1
(From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affects ruby < 2.4.1
(From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affects ruby < 2.4.1
(From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affects ruby < 2.4.1
(From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
affectes ruby < 2.3.1
(From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.34.0 to and including 7.54.1
Not affected versions: curl < 7.34.0 and >= 7.55.0
(From OE-Core rev: 3cd67ae472cf163a592aac6ca783e451068fca0c)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: libcurl 7.15.0 to and including 7.54.1
Not affected versions: libcurl < 7.15.0 and >= 7.55.0
(From OE-Core rev: 2ad0d34313b30f3f18d2f15879294fab310aa874)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: libcurl 7.1 to and including 7.51.0
Not affected versions: libcurl >= 7.52.0
(From OE-Core rev: 559ccc284987846c5b266cc2bc5ecd91c1c155f9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 26e464767ab53cb78e4ede10c77fe12907a7daad)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 3b73976716ee71a8040221f22c5fbda79512a958)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.10.7 to and including 7.50.3
Not affected versions: curl < 7.10.7 and curl >= 7.51.0
(From OE-Core rev: 2da99dc9f7f3d8373cc3108c18300723ad4a243a)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.12.2 to and including 7.50.3
Not affected versions: curl < 7.12.2 and curl >= 7.51.0
(From OE-Core rev: d664a1372c3322093038fc8443026e3499e977ec)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.34.0 to and including 7.50.3
Not affected versions: curl < 7.34.0 and curl >= 7.51.0
(From OE-Core rev: daeb0f5369f7c9ff470c9db3ba6ae42ac5abea2c)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.3 to and including 7.50.3
Not affected versions: curl < 7.3 and curl >= 7.51.0
(From OE-Core rev: 3b97fc78d9cfee6586f3d55f04f20f72fd1af8dd)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 1fc1c9a11eee2f5ba727b18300a92949b166b035)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: b754be84206b454789fbd6d444d00a4e422cb3e9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: ff3904dec584daf627c267bf639d69aca13a1227)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 12325a8ebb5cab1837a6f6092eaa623a1a784eb6)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: ade8551d6a6810e87e83af72ea217aeca55c65c4)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 7e367796d4bf97e299ee966b120f924de0f2bb04)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 94daee02cad9930d4ada648fd4bfdb63510643c0)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 6536bfecb13b06765fdf6cb6fd70ce64f9077b8e)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 7bdb52d06a46ad659fc85db1992f9c6ab2fcf065)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 75e953388fa1973cdbd0897894a3e5398de16a10)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: eeb7197d85435ec73be8b77accc0feea7e1536bb)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 46504a224a9f33f1f8752bbcd51a285d19920524)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 87aebc2b02131d2fce0621faf399916c4789c293)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 3a604aa5cb0d35a9df10a5b958eb4a871de76c26)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 24b62c84102116e6531babc68d8d2fb33e3f2d5c)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 6e39b24d003fb4e702097a01142fcfe2861593dd)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From OE-Core rev: 8fb9a143e93de5a2de4b7d5fe2712c29d7ca4263)
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2017-10668
https://nvd.nist.gov/vuln/detail/CVE-2017-11335
Patches from:
CVE-2017-9147:
https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06
CVE-2017-9936:
https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-10688:
https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
CVE-2017-11355:
https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3)
(From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd)
(From OE-Core rev: dc7573cd330d1fc2e4bd50c1ba171906e1d5d5c0)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
minor fixes to get to apply
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libtiff is vulnerable to a heap buffer overflow in the tools/tiffcp
resulting in DoS or code execution via a crafted BitsPerSample value.
Porting patch from <https://github.com/vadz/libtiff/commit/
5c080298d59efa53264d7248bbe3a04660db6ef7> to solve CVE-2017-5225.
(From OE-Core rev: 434990304bdfb70441b399ff8998dbe3fe1b1e1f)
(From OE-Core rev: d26ea3b9b698fcb059aaa34c2408e3b95ca4f31d)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change
fix in Ruby SVN r57410 to apply to ruby 2.2.5:
https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410
Fixes [YOCTO #12271]
(From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
(From OE-Core rev: c79b479ab4b129007c6679bb0bdd8e2ec7ecb6ad)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
epitest.fi is down and hostap-utils source is now available in
w1.fi. So, move SRC_URI to https://w1.fi
Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards,
this recipe will be removed from oe-core in future (most likely to
meta-handheld)
[YOCTO #12051]
(From OE-Core rev: 541b14c58132e8460a762617889bd5e3d736c1a4)
(From OE-Core rev: 0bc03289b775fefcb7f03e5463c79e4f96cd0b12)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Invisible Mirror FTP service is currently down, and FTP is horrible, so
switch to the HTTP mirror.
(From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d)
(From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
