summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* vim: _FORTIFY_SOURCE=2 be goneJoe Slater2020-08-041-0/+5
| | | | | | | | | | | | | | | | | vim will abort in many places with this setting. Replace it with the benign _FORTIFY_SOURCE=1. (From OE-Core rev: d9de155f6452f916edd3131addd0c2eebaf4d639) (From OE-Core rev: db1e93c33150e712b90e81450fd2e161ea2fad08) Signed-off-by: Joe Slater <joe.slater@windriver.com> (cherry picked from commit 18129cbaeddb3278efe9963718556e3765f06c1e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patchelf: Add patch to address corrupt shared library issueRichard Purdie2020-08-042-0/+38
| | | | | | | | | | | | | | | | | patchelf can corrupt shared libraries if the program headers don't immediately follow the elf header. Add a patch submitted upstream to address this. (From OE-Core rev: faaf5f34332290708f3720a5488b3d1549d9e95a) (From OE-Core rev: 1969b67592bf1cfb0088f89ecde516abf614238f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e7811c787bbe2f5d49b3506309499acc27189988) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: include epoch in product version outputRalph Siemsen2020-08-041-1/+1
| | | | | | | | | | | | | | | | | | | In the generated cve.log files, include the epoch in the product version. This better matches how versions are displayed elsewhere, in particular the bb.warn("Found unpatched CVE...") that appears on the terminal when CVEs are found. (From OE-Core rev: 99f6de1c74b581054c74c6b4598a5d47facc9964) (From OE-Core rev: a8b69927485acbe504fcd75dc2cafc4c550cb66a) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> (cherry picked from commit e1c3c0b6e5b01304e2127f5058986697e82adf93) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libexif: fix CVE-2020-13114Lee Chee Yang2020-08-042-1/+76
| | | | | | | | | | | | | (From OE-Core rev: 2e497029ee00babbc50f3c1d99580230bc46155c) (From OE-Core rev: 221e42c20148bb57986dfa862b352b9264694003) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: Run it after do_fetchKhem Raj2020-08-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in metadata, this could fail cve_check ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001 This patch ensures that download is done before running CVE scan, even though these will be external patches and may not contain CVE tags as it expects, but it will fix the run failures as seen above (From OE-Core rev: dbf143d79476e54e8da93101fc16eaedeec88362) (From OE-Core rev: 4b65abc70e84187f666e2ea2ab4dcf6bf7216658) Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* file: add bzip2-replacement-native to DEPENDS to fix sstate issueJan-Simon Moeller2020-08-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | file-native when built on a Debian 10 host will embed a dependency to 'libbz2.so.1.0' (instead of 'libbz2.so.1'). This can cause issues when sharing the sstate between hosts e.g.: recipe-sysroot-native/usr/lib/rpm/rpmdeps: error while loading shared libraries: libbz2.so.1.0: \ cannot open shared object file: No such file or directory To avoid this situation, let's add the bzip2-replacement-native to the file recipe's DEPENDS_class-native . Details in https://bugzilla.yoctoproject.org/show_bug.cgi?id=13915 . (From OE-Core rev: 5a2bc3bfa9e1a4f37b6e26a5c40a4a9c025d03f1) (From OE-Core rev: 693caddd3b62d0bcb76ec6d3d6faa6561b763598) Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de> (cherry picked from commit 4a996574464028bd5d57b90920d0887d1a81e9e9) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcr: depends on gnupg-nativeKai Kang2020-08-041-1/+1
| | | | | | | | | | | | | | | | | | | | It fails to build gcr if no commmand gpg on build host: | meson.build:44:0: ERROR: Program(s) ['gpg2', 'gpg'] not found or not executable Add dependency gnupg-native to fix the error. (From OE-Core rev: da7360247995d7c8e79dfcaa0c0761952a9013f1) (From OE-Core rev: 034f09ebd90a03a2775b44750951ce7a22e00564) Signed-off-by: Kai Kang <kai.kang@windriver.com> (cherry picked from commit e4a6eda4c246b2bca059defed796bdab19a7ab5f) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* timezone: upgrade 2019c -> 2020aPierre-Jean Texier2020-08-041-5/+5
| | | | | | | | | | | | | | See full changelog https://github.com/eggert/tz/blob/master/NEWS#L11 (From OE-Core rev: 9d74b048e3a160d7a9a20e85817e9eb3a558af63) (From OE-Core rev: 9a75b44244b42cdd341ee38a253b2d935ae05ee1) Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Upgrade 3.7.7 -> 3.7.8Adrian Bunk2020-08-042-251/+2
| | | | | | | | | | Backported patch removed. (From OE-Core rev: 2c33c482ba6691ae82252f192b3c03e8c8fb7d55) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Remove option 'obscure' from common-passwordhaiqing2020-07-081-4/+1
| | | | | | | | | | | | | | | | libpam does not support 'obscure' checks to password, there are the same checks in pam_cracklib module. And this fix can remove the below error message while updating password with 'passwd': pam_unix(passwd:chauthtok):unrecognized option[obscure] (From OE-Core rev: f5b90eeed7366432b39c7cd8c6ee8c23e2d4abe8) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ea761dbac90be77797308666fe1586b05e3df824) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* relocatable.bbclass: Avoid an exception if an empty pkgconfig dir existPeter Kjellerstedt2020-07-081-9/+11
| | | | | | | | | | | | | | Rewrite relocatable_native_pcfiles() so that it can handle that any of the checked pkgconfig directories are empty without causing an exception. (From OE-Core rev: d449e6b536c197b6723dab1d61e989706c14f19c) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f9c5df6dc1c13e9b05ff1b47ad84ad339f6779a4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel.bbclass: Fix Module.symvers supportLili Li2020-07-081-1/+1
| | | | | | | | | | | | | | | | | | | | | Starting from v5.8-rc1 commit 269a535ca931 (modpost: generate vmlinux.symvers and reuse it for the second modpost"), kernel will generate new vmlinux.symvers instead of dumping all the vmlinux symbols into Module.symvers in the first pass. Error log: 'run.do_shared_workdir.16614' failed with exit code 1: DEBUG: cp: cannot stat 'Module.symvers': No such file or directory This change will check the file Module.symvers existence before copying it. (From OE-Core rev: 03248953d1eacede00971289dc9fff8d97d00464) Signed-off-by: Lili Li <lili.li@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cd2d62a08a1dfcd890a03ee55132b6d6c65f5ab7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-fitimage: introduce FIT_SIGN_ALGRichard Leitner2020-07-081-1/+5
| | | | | | | | | | | | | | | make fitImage configuration signature algorithm selectable with FIT_SIGN_ALG. (From OE-Core rev: e24b27a2b49e97cec6153f2d642d17a901b8ba12) (From OE-Core rev: 12dceaba5a7e3afed2ccb43d0788e5b95c602951) Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: fixed CVE-2020-13777haiqing2020-07-084-0/+298
| | | | | | | | | | | | | | | | | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket Backport the patch from upstream: https://gitlab.com/gnutls/gnutls.git commit c2646aeee94e71cb15c90a3147cf3b5b0ca158ca commit 50ad8778a81f9421effa4c5a3b457f98e559b178 commit 3d7fae761e65e9d0f16d7247ee8a464d4fe002da (From OE-Core rev: 86870cd2ff3555161ea5bb434740338ec20495a0) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-10702 & CVE-2020-13765Lee Chee Yang2020-07-083-0/+102
| | | | | | | | (From OE-Core rev: 684307688eb0c1a98be8885164ecc8f578a36cf8) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libjpeg-turbo: Fix CVE-2020-13790jason.lau2020-07-082-0/+82
| | | | | | | | | | | | | | | | libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. Upstream-Status: Backport [https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a] CVE:CVE-2020-13790 (From OE-Core rev: 90f4e2f299d8cd6c839b73307dc7b0ec3d389294) Signed-off-by: Liu Haitao <haitao.liu@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: un-break disabling the readline PACKAGECONFIGAlexander Kanavin2020-07-081-0/+1
| | | | | | | | | | | | | Previously the readline module would have been built regardless of readline's presence in the sysroot, and the recipe would fail at package_qa. (From OE-Core rev: 4a4413aa521f35414d94f883a74aec3beb628a9a) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: make gdbm optionalAlexander Kanavin2020-07-083-5/+46
| | | | | | | | | | | | The use case is building a gpl3-free image, without having to rely on outdated recipes from meta-gplv2 layer. (From OE-Core rev: 033a63507d1ccd423b8023575729ff089614303b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix CVE-2019-3689wenlin.kang@windriver.com2020-07-082-0/+103
| | | | | | | | | | Fix CVE-2019-3689 (From OE-Core rev: 15186556c7e6ccdb3a308c90563f61b0bbd57407) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mesa: fix meson configure fix when 'dri' is excluded from PACKAGECONFIGYann Dirson2020-06-021-1/+1
| | | | | | | | | | (From OE-Core rev: ee95a399285abbde84e0148ca957b59d65bcad0a) Signed-off-by: Yann Dirson <yann@blade-group.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 78efff8741f869647790810a3dd41459b9d9d8a6) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: Don't advertise example services by defaultPaul Barker2020-06-021-0/+5
| | | | | | | | | | | | | | | | The example service files are placed into /etc/avahi/services when we run `make install` for avahi. This results in ssh and sftp-ssh services being announced by default even if no ssh server is installed in an image. These example files should be moved away to another location such as /usr/share/doc/avahi (taking inspiration from Arch Linux). (From OE-Core rev: 3d8fdfc57d7fd846c8668daf730cf820ea5ecb13) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* strace: fix failing ptestsAlexander Kanavin2020-06-022-3/+6
| | | | | | | | | | | | | | | | 1. They need to be run under regular user. 2. Some tests genuinely need more time than 30 seconds 3. The Makefile patch erroneously introduced a test-breaking change. (From OE-Core rev: 3d6bf58c7080c1cacf3ed1f270ff5acf4858c790) (From OE-Core rev: 7bc11ef93b02ff3b223fc0b3b730ce7b06181156) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a5e90281ac211e912ec6bfd6873e56152ec8bd4e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2020-8616/7Lee Chee Yang2020-06-023-0/+237
| | | | | | | | | | fix CVE-2020-8616 and CVE-2020-8617 (From OE-Core rev: b280b3fe22a1fda62707bfa40ca78439ad201736) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu: update SRC_URIAlexander Kanavin2020-06-021-3/+8
| | | | | | | | | | | New releases of ICU are published on github. (From OE-Core rev: c90113c61877b35211878286cd3b60a36b8c8684) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-validate: upgrade 1.16.1 -> 1.16.2Alexander Kanavin2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: 53d655fdf2c7004fa95e2bb591f1e4d2289ba674) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-vaapi: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: 16b254a5c7674bd9894a20037b10202d1450ac58) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-rtsp-server: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: e197e69d32dd8bf0d6861f26a0fe9a46547a4e7e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-python: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: b6006b561265dc6972011d4dd1a9539b501438f1) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-omx: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: a468d593c0e17ca5a0db7314ab227b76c0fd5d69) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-libav: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: 8810b03648f64da502293a6a46057ea2f12e5f58) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-ugly: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: 8d319a209475559ef129e3181cda4a7edf68cc22) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-bad: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: 06a6dc2355463568e8e0979bffe4899b916726df) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-good: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: f27f40c36f12ec30b5def1d8d48aa9ed221f8402) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-plugins-base: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: dedd38b6d864aacb79007b624fe69bdeec20e98d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: ebd7c24aa0fd5718b23af047090bd8ddf6e80d37) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-python: add a patch to fix python 3.8 buildsAlexander Kanavin2020-06-022-1/+27
| | | | | | | | | (From OE-Core rev: 1d047307e11d59eb9ac0affb308407488e1853e4) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wireless-regdb: Upgrade 2019.06.03 -> 2020.04.29Adrian Bunk2020-06-021-2/+1
| | | | | | | | | | | (From OE-Core rev: 5b71a3f3d1bca6b52f53b97971131a6771618420) (From OE-Core rev: 91686105f34f578458a5db1b8a40f15ca27a7944) Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2020-1752Zhixiong Chi2020-06-022-0/+67
| | | | | | | | | | | | Backport the CVE patch from upstream: git://sourceware.org/git/glibc.git commit ddc650e9b3dc916eab417ce9f79e67337b05035c (From OE-Core rev: 50b04216e47b1bf0da8170c7fd62d18a07d10152) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstatesig: Optimise get_taskhash for hashequivRichard Purdie2020-06-021-2/+11
| | | | | | | | | | | | | | | | With hashequiv the get_taskhash function is called much more regularly and contains expensive operations. This these don't change based upon hash in a given build, improve the caching within the function to reduce overhead. (From OE-Core rev: de98cfe3cde4b8d5f4b163b5fba3f129651ef06a) (From OE-Core rev: 4c7e12ee42ff6ab228c2d8aa23a8153ff0debd4b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript : fix CVE-2019-10216Lee Chee Yang2020-06-022-0/+54
| | | | | | | | (From OE-Core rev: 4620180a073b721dbc91d14ab64285187bec4cb7) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-11869Lee Chee Yang2020-06-022-0/+98
| | | | | | | | (From OE-Core rev: 5ada35d14598505448c16a52e8fe129e72f1ed0b) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2020-8492Trevor Gamblin2020-06-022-0/+249
| | | | | | | | | | | | | | | | CVE: CVE-2020-8492 (From OE-Core rev: c9ee462bb606b34ab31cfb90f84a5302d15135cf) (From OE-Core rev: 5c8662e6ff870da917ed5efa02179d6da4addba9) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5811ed9140fab64da59d0d2ad6e6b0fec8341a20) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* targetcontrol: Fix leaking log handlerRichard Purdie2020-06-021-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | We had a mystery failure on the autobuilder where runqemu appeared to be failing as a logfile directory no longer existed. The key to reproducing was running a runqemu where the image was deleted (as devtool does), then running another runqemu test. E.g.: 'oe-selftest -r devtool.DevtoolExtractTests.test_devtool_deploy_target wic.Wic2.test_qemu_efi' This then tries to write to the logfile from the first test, the image directory was deleted and we get strange failures. The fix is to remove the logging handler when qemu is stopped. (From OE-Core rev: 924b020eacf111b4fd4d731b363084e254a3422d) (From OE-Core rev: 6893eb741c4cd4849e2fde1f86d9911b6c89db5b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b335fa867805f612154ae92c5a1e727d3fb29ca) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/qemurunner: Clean up failure handlingRichard Purdie2020-06-021-3/+8
| | | | | | | | | | | | | | | | | | | | | | If you fail to setup the tap devices, runqemu will error quickly however stdout/stderr are not shown to the user, instead a SystemExit traceback is shown. This could explain some long since unexplained failures on the autobuilder. Rework the error handling so SystemExit isn't used and the standard log failure messages can be shown. The code could likely ultimatley need some restructuring to work effectively. (From OE-Core rev: 83b8e66b66aa9848ed9c8761a21cb47c6443d0c6) (From OE-Core rev: 19120fce4f55f6a2903812ed9461273a85cb3544) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e820c86fb9ddfadea0c27f29e14b985ee3178320) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to zeus head revisionzeus-22.0.3yocto-3.0.3Richard Purdie2020-05-141-1/+1
| | | | | | (From OE-Core rev: 9bab7c1a29a58ba7f97e253e4e0ac167b77d0e65) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1f -> 1.1.1gJan Luebbe2020-05-071-1/+1
| | | | | | | | | | This also fixes CVE-2020-1967. (From OE-Core rev: 26b13f59385c1ed871aee7653c3ee7241affca38) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: Fix CVE-2020-1712wenlin.kang@windriver.com2020-05-072-0/+521
| | | | | | | | | | Fix CVE-2020-1712 (From OE-Core rev: 0d0c87e6c6082e1ac9d60d6131f889c53c25a9cc) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.12 -> 3.6.13Wang Mingyu2020-05-071-2/+2
| | | | | | | | | | | | | (From OE-Core rev: 5cc0f0dcf1f41bc148b034b3f7abef756a328cd3) (From OE-Core rev: 7e51108dc8d3fbb63b7da9728a3790c587ee36f8) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ includes the fix for CVE-2020-11501 ] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.11.1 -> 3.6.12Alexander Kanavin2020-05-071-2/+2
| | | | | | | | | | | | (From OE-Core rev: 8652c95ceb505dd7386166842486c833ea5a7ee7) (From OE-Core rev: 7a657beeb1ff65111481501e72092b8af021c3eb) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.8 -> 3.6.11.1Alex Kiernan2020-05-072-42/+2
| | | | | | | | | | | | | | | | | Drop patch from 81485be19b18 ("gnutls: don't use HOSTTOOLS_DIR/bash as a shell on target") as upstream now honours POSIX_SHELL when set as the primary target shell. (From OE-Core rev: bc487ced3be40569157fb40c99bfa68871f74744) (From OE-Core rev: f4f933297a77f99783f9a5fb571503e1f45ad259) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-11 22:19:19 +0000