summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* cve-check: ensure all known CVEs are in the reportRoss Burton2019-10-311-2/+7
| | | | | | | | | | | CVEs that are whitelisted or were not vulnerable when there are version comparisons were not included in the report, so alter the logic to ensure that all relevant CVEs are in the report for completeness. (From OE-Core rev: 98256ff05fcfe9d5ccad360582c36eafb577c264) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Fix overcommit_memory failureHe Zhe2019-10-312-0/+58
| | | | | | | | | | | | | Backport a patch from upstream to fix the following runtime failure. mem.c:814: INFO: set overcommit_memory to 0 overcommit_memory.c:213: FAIL: alloc passed, expected to fail (From OE-Core rev: c4bf0b80ab1be8b4faa2af7708bdca990d94a329) Signed-off-by: He Zhe <zhe.he@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ell: update to 0.25Oleksandr Kravchuk2019-10-311-2/+2
| | | | | | | | | | | | | | | 0.24: - Add support for extended groups in settings files. 0.25: - Fix issue with stopping DHCP client and owner notification. - Fix issue with time calculation overflow and DHCP. (From OE-Core rev: 8b41a5b0418d1d85741a88b236bbe5ae30ec4355) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mdadm: fix do_package failed when changed local.conf but not cleanedChangqing Li2019-10-311-3/+2
| | | | | | | | | | | | | | | | | | reproduce steps: 1. add DISTRO_FEATURE_append = 'usrmerge' in local.conf 2. bitbake mdadm --success 3. remove DISTRO_FEATURE_append = 'usrmerge' from local.conf 4. bitbake mdadm -- failed when do_package it is not proper to change source Makefile during do_install by sed, fix by pass correct config to EXTRA_OEMAKE [YOCTO #13493] (From OE-Core rev: 8eb457bd396592094b59098496d88db0ba03d013) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxslt: fix CVE-2019-18197Joe Slater2019-10-312-0/+34
| | | | | | | | | | Use patch from upstream after 1.1.33 release. (From OE-Core rev: 1263db2759b88e423bb717cc0cfc256c7962871b) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: fix CVE-2019-17546Joe Slater2019-10-312-0/+104
| | | | | | | | | | Apply unmodified patch from upstream. (From OE-Core rev: 844e7aa217f5ecf46766a07d46f9d7f083668e8e) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: disable bzipRoss Burton2019-10-311-1/+1
| | | | | | | (From OE-Core rev: 28524e5d60c87810193ae9e083abe2ab79003378) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: add PACKAGECONFIG for compression algorithmsDan Callaghan2019-10-311-3/+10
| | | | | | | | | | | | | | | | | | | | Elfutils has optional support for bzip2 and xz (lzma). It uses this for decompressing embedded ELF sections like the .gnu_debugdata section for "mini debuginfo": https://sourceware.org/gdb/onlinedocs/gdb/MiniDebugInfo.html Previously this support was unconditionally disabled but the reasons for disabling them seem to no longer apply. Both the target and native variants of elfutils can build successfully against both bzip2 and xz. (From OE-Core rev: 37f4b2311eab6736ee92fc6ac39ddcba6d56a38e) (From OE-Core rev: a898b13763a145f15dfd8ada033ae9f0d60e4185) Signed-off-by: Dan Callaghan <dan.callaghan@opengear.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libmodulemd-v1: update to 1.8.16Alexander Kanavin2019-10-312-64/+3
| | | | | | | | | | | | | Upstream added support for optional docs, so 0001-Do-not-generate-gtkdoc-or-python-bindings.patch is replaced with an option to disable gtk-doc (as the modulemd feature is not used in oe-core anyway). (From OE-Core rev: cb5bb2b9635ebf709f1eb0b154f28419d548ad70) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* btrfs-tools: update to 5.3Alexander Kanavin2019-10-311-1/+1
| | | | | | | | (From OE-Core rev: 185e1c30fc35f7f504817454242e465678c5951d) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcr: remove intltool-nativeRoss Burton2019-10-311-1/+1
| | | | | | | | | gcr uses gettext now, so no need to depend on intltool-native. (From OE-Core rev: fc300e7adc0ad6e5573744434e5010d177f6c2db) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcr: update to 3.34.0Alexander Kanavin2019-10-311-3/+3
| | | | | | | | | | inherit gettext, as gcr is now gettextized. (From OE-Core rev: b5a5a98b7927e5fb357d9fdd82715a1dda99096f) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix CVE-2019-17594, CVE-2019-17595Trevor Gamblin2019-10-312-0/+170
| | | | | | | | | | | Backport changes to tinfo/comp_hash.c, tinfo/parse_entry.c, and progs/dump_entry.c from upstream to fix CVEs. (From OE-Core rev: 69c31032f1ec0e300c3247efa71aa9b4ebdaf23d) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fitimage: introduce FIT_SIGN_ALGRichard Leitner2019-10-311-1/+5
| | | | | | | | | | | make fitImage configuration signature algorithm selectable with FIT_SIGN_ALG. (From OE-Core rev: e24b27a2b49e97cec6153f2d642d17a901b8ba12) Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: Fix fetching sourcesFerry Toth2019-10-311-1/+1
| | | | | | | | | | | It looks like https://www.sudo.ws/download.html changed certificate and directory structure. This breaks fetching sources. (From OE-Core rev: e03afb9b776407db0ca41852d359b599676379c6) Signed-off-by: Ferry Toth <ftoth@exalondelft.nl> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemtap: support usrmergeAlessio Igor Bogani2019-10-311-4/+7
| | | | | | | | (From OE-Core rev: a732bd776717f14a7b47c0e0ba096b8921dff16d) Signed-off-by: Alessio Igor Bogani <alessio.bogani@elettra.eu> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* IMAGE_LINGUAS_COMPLEMENTARY: auto-add language packages other than localesAndreas Müller2019-10-312-1/+3
| | | | | | | | | | | | | | | | | | | This change allows layers adding packages other than locales automatically to images based on languages selected in IMAGE_LINGUAS. E.g if a layer has recipes creating packages as: | ${PN}-foo-en / ${PN}-foo-de / ${PN}-foo-it / .. it would set | IMAGE_LINGUAS_COMPLEMENTARY_append = " *-foo-%s" in its layer.conf to enable auto-adding. (From OE-Core rev: 3a9e9585aeb67234901b2f842113dbe20c3801b3) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* makedevs: fix invalidScanfFormatWidth to prevent overflowing usr_bufFrazer Leslie Clews2019-10-311-1/+1
| | | | | | | | (From OE-Core rev: 33aefbf0fe62c5e49cac453a6e09e7b1cae60174) Signed-off-by: Frazer Leslie Clews <frazer.clews@codethink.co.uk> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* makedevs: fix format strings in makedevs.c in print statementsFrazer Leslie Clews2019-10-311-4/+4
| | | | | | | | (From OE-Core rev: 5363fe01581e045ddd8e21934781b10cd3521365) Signed-off-by: Frazer Leslie Clews <frazer.clews@codethink.co.uk> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsdl2: Fix build failure when using mesa 19.2.1Alistair Francis2019-10-312-0/+42
| | | | | | | | (From OE-Core rev: e5dfed5771f3e988feb1b8744d191ffd742ad2fc) Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-17451Trevor Gamblin2019-10-312-0/+52
| | | | | | | | | | | Backport upstream fix. No upstream release version of binutils it yet, so backport the fix independently. (From OE-Core rev: 3693a0a8b9461521b95613a76b7fd79c86a3bf8f) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-17450Trevor Gamblin2019-10-312-0/+100
| | | | | | | | | | | Backport upstream fix. No upstream release version of binutils it yet, so backport the fix independently. (From OE-Core rev: a4ead72b958ded4941f96741029f4955930ba758) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ofono: tidy up the recipeNicola Lunghi2019-10-312-44/+46
| | | | | | | | | | - remove the inc file - run oe-stylize on the recipe (From OE-Core rev: 3bfec923cf717bd1082beb0e026567951c2e99c0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2019-16275Ross Burton2019-10-312-0/+83
| | | | | | | (From OE-Core rev: d7b5a2ebdb6e74a21059ac2496b5dbea4597eb87) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: clean up compile/install tasksRoss Burton2019-10-311-5/+3
| | | | | | | | | The makefile can do the right thing now. (From OE-Core rev: 6f65dd3164a6f523de82cb30e67ec3d180e45c2e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: remove redundant source checksumsRoss Burton2019-10-311-2/+0
| | | | | | | | | | oe-core e37a1ecc stopped downloading a LZMA tarball, but the checksums were not removed at the same time. (From OE-Core rev: 73a1e1135618a23f3f2a714c311df39c7b809ed5) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-numpy: Stop shipping manual config filesAdrian Bunk2019-10-3129-2022/+0
| | | | | | | | | | Automatic generation seems to work fine, and does not become outdated. (From OE-Core rev: 8993270f8bc65e152418d84fde03f8ead83c054b) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcap-ng: undefined reference to `pthread_atfork'Trevor Woerner2019-10-311-0/+1
| | | | | | | | | Some hosts need -pthread in order to link properly (e.g. openSUSE 15.1). (From OE-Core rev: 6196e68ffc83ae0655336d3466d950828d42e191) Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnu-efi: Upgrade 3.0.9 -> 3.0.10Adrian Bunk2019-10-313-20/+41
| | | | | | | | | Part of patch fixed upstream removed. (From OE-Core rev: 82169fd7684389f9cdedd6f91a00698641741a8c) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Avoid potential build configuration contaminationRichard Purdie2019-10-281-0/+1
| | | | | | | | | | | | | | | | | Changing the gl options to qemu doesn't result in a correctly rebuilt binary, the GL linkage can persist from a build where it was enabled to one where it was not. As well as clearly being incorrect and non-reproducible, this caused some mystery failures on the autobuilder. Cleaning ${B} at do_configure time avoids this. Most recipes (e.g. autotools derived ones) already clean ${B} as appropriate and avoid this issue. (From OE-Core rev: b91b30c09ffbcd81e8dcaae832b3ae4f61046236) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Remove stale gcc 8 patchfileAdrian Bunk2019-10-281-44/+0
| | | | | | | (From OE-Core rev: 176c70277d82228bc440f3fcd40ea90f0b12d641) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nspr: Upgrade 4.21 -> 4.23Adrian Bunk2019-10-282-91/+2
| | | | | | | | | Patch applied upstream removed. (From OE-Core rev: 41812d3366f0a0080624b8582fdba430243ce710) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* stress-ng: Upgrade 0.10.00 -> 0.10.08Adrian Bunk2019-10-282-26/+2
| | | | | | | | | Patch applied upstream removed. (From OE-Core rev: 0f9519de7b7a590fbd967d703d8dd9e3b905f1f1) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* screen: Upgrade 4.6.2 -> 4.7.0Adrian Bunk2019-10-286-510/+2
| | | | | | | | | Patches applied upstream removed. (From OE-Core rev: 16425fbd8e2565b1a40462840e3f0931ae1a7b6c) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: Upgrade to 4.4Adrian Bunk2019-10-282-35/+2
| | | | | | | | | Patch for issue fixed upstream removed. (From OE-Core rev: a29889c1f5e98b84c87522c6e0a058da262153e1) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Improve handling when no exported fileysystemsRichard Purdie2019-10-281-1/+1
| | | | | | | | | Ensure /etc/exports exists and is readable before calling exportfs to avoid errors. (From OE-Core rev: 723f2464f746624ece06caa9752910a52f290f95) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: fix CVE-2019-16935Chen Qi2019-10-282-0/+102
| | | | | | | (From OE-Core rev: 1a7593bcdaf8a8cf15259aee8a0e2686247f2987) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2019-16935Chen Qi2019-10-282-0/+87
| | | | | | | (From OE-Core rev: 78846c823cbb662897ce85b061a745c1dd7deeab) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unfs3: fixed the issue that unfsd consumes 100% CPUHaiqing Bai2019-10-282-0/+55
| | | | | | | | | | | | | | | | | | | | | | | The 'accept' function on the socket of unfsd daemon is always in below error state: accept(4, 0x7ffd5e6dddc0, [128]) = -1 EINVAL (Invalid argument) accept(6, 0x7ffd5e6dddc0, [128]) = -1 EINVAL (Invalid argument) And 'strace -c -p <the pid of unfsd>' shows: % time seconds usecs/call calls errors syscall ------ ----------- ----------- --------- --------- ---------------- 70.87 0.005392 0 513886 513886 accept 29.13 0.002216 0 256943 poll This error state is in the 'for' loop of the daemon, so it consumes 100% CPU. The reason is that 'listen' is not called for the TCP socket before 'accept'. Actually the called 'svc_tli_create' from libtirpc will not call 'listen' on a bound socket. (From OE-Core rev: 1f6784d2e839f81749d21ad1b615a9f7bb0e64d6) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2019-6471 and CVE-2018-5743Kai Kang2019-10-289-0/+2723
| | | | | | | | | | | | Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind. CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the other 6 patches are for CVE-2018-5743. And backport one more patch to fix compile error on arm caused by these 6 commits. (From OE-Core rev: 3c39d4158677b97253df63f23b74c3a9dd5539f6) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildhistory-analysis: filter out -src changes by defaultRoss Burton2019-10-281-1/+1
| | | | | | | | | | | Like the -dbg package, this package is automatically generated and contains source filenames. We expect this to change on every upgrade, so don't show the differences unless the user wants to see all changes. (From OE-Core rev: 30acbf6f89ba76d6fab8987ed20f72d1fa3d70fa) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: add missing description in recipes-gnomeMaxime Roussin-Bélanger2019-10-2810-2/+34
| | | | | | | | | Remove some trailing whitespace (From OE-Core rev: 5714e4fb5e35454f2f3e523b1161a6451fcd3427) Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: update and add missing homepage/bugtracker linksMaxime Roussin-Bélanger2019-10-2813-14/+21
| | | | | | | (From OE-Core rev: 9e5089dac1ae8277263ec3dced1fb1633ba98e57) Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gsettings-desktop-schemas: upgrade 3.32.0 -> 3.34.0Andreas Müller2019-10-281-2/+2
| | | | | | | | | | | Need it for gnome-settings-daemon 3.34: | meson.build:91:0: ERROR: Invalid version of dependency, need 'gsettings-desktop-schemas' ['>= 3.33.0'] found '3.32.0'. (From OE-Core rev: e94ce7ecc80efd41ec496fadf7546ea027f7dafd) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: mark connman-wait-online as SYSTEMD_PACKAGEAndré Draszik2019-10-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The connman-wait-online package currently isn't marked as systemd-enabled package. This means it is impossible to auto-enable the service during image creation or package installation, as no preset files and no pkg_postinst() snippet is being created. This change should have been done as part of the upgrade to v1.31 Note: connman-wait-online is needed when connman is in use in more complex network/interface setups for systemd's network-online.target to report success. systemd-networkd's systemd-networkd-wait-online.service alone doesn't work in such scenarios and simply times out, as it know nothing about the expected network/ interface configuration, meaning the target doesn't boot successfully (systemctl list-units --failed), and long delays are seen, caused by waiting for the systemd-networkd-wait-online.service timeout. (From OE-Core rev: 1a8d18eeee6dc188d8becc778bfa933031490781) Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-devicetree: Cope with non-standard kernel deploy subdirectoryMike Crowe2019-10-231-10/+10
| | | | | | | | | | | | | | | | kernel.bbclass installs non-standard kernels (where KERNEL_PACKAGE_NAME is not "kernel") in a subdirectory of ${DEPLOYDIR}. To achieve this kernel_do_deploy sets the deployDir shell variable to ${DEPLOYDIR} for the standard kernel or ${DEPLOYDIR}/${KERNEL_DEPLOYSUBDIR} for non-standard kernels. kernel-devicetree.bbclass's do_deploy_append ought to do the same and can do so by using the same shell variable. (From OE-Core rev: db5752911fe085337b9d3d4af85f89a0c664388e) Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fitimage: Cope with non-standard kernel deploy subdirectoryMike Crowe2019-10-231-9/+9
| | | | | | | | | | | | | | | | kernel.bbclass installs non-standard kernels (where KERNEL_PACKAGE_NAME is not "kernel") in a subdirectory of ${DEPLOYDIR}. To achieve this kernel_do_deploy sets the deployDir shell variable to ${DEPLOYDIR} for the standard kernel or ${DEPLOYDIR}/${KERNEL_DEPLOYSUBDIR} for non-standard kernels. kernel-fitimage.bbclass's kernel_do_deploy_append ought to do the same and can do so by using the same shell variable. (From OE-Core rev: d324b22d32eaea9e4337c963c8b1a33b0ba6a2dd) Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: fix CVE-2019-16276Chen Qi2019-10-232-0/+164
| | | | | | | (From OE-Core rev: e31f87e289dfd3bbca961e927447a9c7ba816d3f) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* adwaita-icon-theme: upgrade 3.32.0 -> 3.34.0Andreas Müller2019-10-232-3/+3
| | | | | | | (From OE-Core rev: b4e9af206623755651753ed1b776cedb004e59fd) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sudo: fix CVE-2019-14287Changqing Li2019-10-233-0/+292
| | | | | | | | | | | | | In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. (From OE-Core rev: 4e11cd561f2bdaa6807cf02ee7c9870881826308) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-16 00:20:07 +0000