summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* rt-tests: added missing dependencies in MakefileJackie Huang2013-02-142-2/+54
| | | | | | | | | | | | | | The following targets missed dependency on librttest.a: pi_stress rt-migrate-test hackbench [YOCTO #3549] (From OE-Core rev: f941c73bbb20fb7a7b183f2b5b3e57c74d03b8dc) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Update the SRC_URI in systemtap recipeMaxin B. John2013-02-141-1/+1
| | | | | | | | | | | The SRC_URI in systemtap recipe uses 'sources.redhat.com' which redirects to 'sourceware.org'. This causes random fetch failures. Updating the recipe to use the direct link. (From OE-Core rev: c9c0ef2131d8a848b8222a223a6296edf4b9737a) Signed-off-by: Maxin B. John <Maxin.John@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* freetype: Update EXTRA_OECONF to use host gcc.Noor Ahsan2013-02-141-2/+2
| | | | | | | | | | | | | * It uses host gcc in its configure script. When IA32 toolchain is installed it starts using its binaries instead of native gcc. Modified EXTRA_OECONF so that host gcc is used. (From OE-Core rev: 5e6025d0d90d31182e09dadd238669520d688c43) Signed-off-by: Noor Ahsa <noor_ahsan@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* arch-armv4.inc: add --fix-v4bx to TARGET_LD_KERNEL_ARCH only for armv4 and ↵Martin Jansa2013-02-141-1/+7
| | | | | | | | | | | | | | | | | | | strongarm1100 * without this patch it does apply --fix-v4bx not only to armv4, but also all higher (because they also have armv4 in TUNE_FEATURES) * it causes SIGILL on armv4t http://lists.linuxtogo.org/pipermail/openembedded-devel/2012-November/042298.html * someone please test on armv4 device (I tested only bitbake -e output that it's correctly applied with DEFAULTTUNE == armv4 * maybe we can should fix this in binutils instead (both 2.22 and 2.23 are affected) (From OE-Core rev: 1691ff86c8aefd3c193ae9a2cdd998c7dc6d3270) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2 CVE-2012-2871Li Wang2013-02-143-1/+36
| | | | | | | | | | | | | | | | | | | | | | | | | the patch come from: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/src \ /include/libxml/tree.h?r1=56276&r2=149930 libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871 [YOCTO #3580] [ CQID: WIND00376779 ] Upstream-Status: Pending (From OE-Core rev: 6d4453ce06191c09787e65d3b6a704651608d8b7) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs: fix CVE-2012-4025yanjun.zhu2013-02-144-1/+447
| | | | | | | | | | | | | | | | | | | | | | CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 (From OE-Core rev: 4493173c1ab7a0528e0c74935a105e474521ed1c) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: Including locale packagesElizabeth Flanagan2013-02-141-6/+1
| | | | | | | | | | | | | | As locale packages are installed on the image, we should be including them in the package/license manifest. This ensures that the manifests are accurate and complete. [ YOCTO #2461 ] (From OE-Core rev: f03efceb8a529df944592ff9031639f4e2f7a97d) Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: Avoid grep error messageMark Hatle2013-02-141-1/+2
| | | | | | | | | | Touch a file that is later greped to make sure it exists. (From OE-Core rev: 178f0d6abfb443ed5d4cc5dab51fc2b78ffade2b) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* license.bbclass: Collect LICENSE level packagesFlanagan, Elizabeth2013-02-141-2/+2
| | | | | | | | | | Some bad logic in license.bbclass misses certain package level LICENSEs. (From OE-Core rev: 059dc4ff86d1b1517a53d8f3dc63fe5278751c5d) Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* librsvg: CVE-2011-3146Li Wang2013-01-072-2/+1092
| | | | | | | | | | | | | | | | | | | | | | | | | Store node type separately in RsvgNode commit 34c95743ca692ea0e44778e41a7c0a129363de84 upstream The node name (formerly RsvgNode:type) cannot be used to infer the sub-type of RsvgNode that we're dealing with, since for unknown elements we put type = node-name. This lead to a (potentially exploitable) crash e.g. when the element name started with "fe" which tricked the old code into considering it as a RsvgFilterPrimitive. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3146 https://bugzilla.gnome.org/show_bug.cgi?id=658014 [YOCTO #3581] [ CQID: WIND00376773 ] Upstream-Status: Backport (From OE-Core rev: fdd6da5933a3e7dd1e0ca2afd7107839b4fa65e8) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups CVE-2011-3170Li Wang2013-01-072-1/+56
| | | | | | | | | | | | | | | | | | | | | | | | the patch come from: http://cups.org/strfiles/3914/str3914.patch The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170 [YOCTO #3583] [ CQID: WIND00299594 ] Upstream-Status: Backport (From OE-Core rev: c82517bb667484854eaa05b6e9efd9ee0f164fec) (From OE-Core rev: 1f555a6a45eb68011cbe759acf486ac507a6599c) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups - CVE-2011-2896Li Wang2013-01-072-1/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the patch come from: http://cups.org/strfiles/3867/str3867.patch The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896 [YOCTO #3582] [ CQID: WIND00299595 ] Upstream-Status: Backport (From OE-Core rev: 0742b7aecaada435f90f39f26914906a5eb1fd4f) (From OE-Core rev: 1518fc8febbe99fc7ce9b86e087f8bb1c02552d8) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cups: CVE-2012-5519Li Wang2013-01-072-1/+2967
| | | | | | | | | | | | | | | | | | lpadmin to (limited) root privilege escalation http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5519 http://www.cups.org/strfiles/4223/str4223v2-1.4.4-debian.patch [YOCTO #3579] [ CQID: WIND00392016 ] Upstream-Status: Backport (From OE-Core rev: 9f6964b489ef3e0f175bf33a94ab819408875da8) (From OE-Core rev: 5031fedc6f8d7232fd934c66237c6dd1d84af05f) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnss-mdns: fix mDNS resolving speedConstantin Musca2013-01-071-7/+7
| | | | | | | | | | | | | | | | | We need to fix the "hosts: files dns mdns4" nsswitch.conf line because for a .local lookup it does a DNS lookup first which will fail. The recommended solution is: hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 [YOCTO #2502] (From OE-Core rev: dbb350b90417962f2da4c1064ab0174badeb0f26) (From OE-Core rev: 1384f8842a02bb6cbfd935f4125cd9b019b2be3e) Signed-off-by: Constantin Musca <constantinx.musca@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "initrdscripts: fix udevd in the live boot init scripts"Ross Burton2013-01-072-4/+2
| | | | | | | | | | | | | This cherry-pick slipped through testing and lead to unbootable hddimg images. This reverts commit 0140519ba15bfb27ccbfb3d41c7e678a1118fc5c. [ YOCTO #3634 ] (From OE-Core rev: 3fc5923b4c8e99fe22e10fb52181c951330a12f2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bootimg: Use FAT 32 for images larger than 512MBDarren Hart2013-01-071-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes [YOCTO #2138] Commit 217584211625b1c496fe5b78aa4765ccf605d2b9 dropped the forced use of FAT32 for the hddimg generation as it broke with very small images (< 32MB). Unfortunately, left to its own devices, mkdosfs appears to select FAT16 even for very large images, resulting in 2.2GB images being generated as FAT16: $ ls -lah core-image-lsb-sdk-atom-pc-20121010233936.hddimg -rw-rw-r-- 1 dvhart dvhart 2.2G 2012-10-17 08:00 core-image-lsb-sdk-atom-pc-20121010233936.hddimg $ file !$ file core-image-lsb-sdk-atom-pc-20121010233936.hddimg core-image-lsb-sdk-atom-pc-20121010233936.hddimg: x86 boot sector, code offset 0x58, OEM-ID "SYSLINUX", sectors/cluster 128, root entries 512, Media descriptor 0xf8, sectors/FAT 138, heads 64, sectors 4502496 (volumes > 32 MB) , serial number 0x50761926, label: "boot ", FAT (16 bit) The result was a runtime boot error from SYSLINUX and a failure to boot live images greater than 1GB in size. While strictly speaking it is the cluster count that determines which FAT size is used, that calculation requires more information than we have readily available (such as sectors per cluster). If we let mkdosfs determine sectors per cluster and just set a sane threshold above which FAT32 is used, we get correct bootable images. With this patch the 2.2GB core-image-lsb-sdk uses FAT32 and the 21 MB core-image-minimal uses FAT16, and both boot in qemu successfully: $ ls -lah tmp/deploy/images/core-image-lsb-sdk-atom-pc-20121212220835.hddimg -rw-r--r-- 1 dvhart dvhart 2.2G 2012-12-12 14:18 tmp/deploy/images/core-image-lsb-sdk-atom-pc-20121212220835.hddimg $ file !$ file tmp/deploy/images/core-image-lsb-sdk-atom-pc-20121212220835.hddimg tmp/deploy/images/core-image-lsb-sdk-atom-pc-20121212220835.hddimg: x86 boot sector, code offset 0x58, OEM-ID "SYSLINUX", sectors/cluster 8, Media descriptor 0xf8, heads 64, sectors 4470304 (volumes > 32 MB) , FAT (32 bit), sectors/FAT 4357, reserved3 0x800000, serial number 0x50c902b7, label: "boot " $ ls -lah tmp/deploy/images/core-image-minimal-atom-pc-20121212220600.hddimg -rw-r--r-- 1 dvhart dvhart 21M 2012-12-12 14:06 tmp/deploy/images/core-image-minimal-atom-pc-20121212220600.hddimg $ file !$ file tmp/deploy/images/core-image-minimal-atom-pc-20121212220600.hddimg tmp/deploy/images/core-image-minimal-atom-pc-20121212220600.hddimg: x86 boot sector, code offset 0x58, OEM-ID "SYSLINUX", sectors/cluster 4, root entries 512, sectors 41408 (volumes <=32 MB) , Media descriptor 0xf8, sectors/FAT 41, heads 64, serial number 0x50c8ffec, label: "boot ", FAT (16 bit) I have tested and booted core-image-minimal and core-image-lsb-sdk for atom-pc with qemu-system-i386 using this patch. (From OE-Core rev: 28d625022d524eb8832f17e221679f68202401a2) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Cc: Steve Sakoman <steve@sakoman.com> Cc: Joshua Immanuel <josh@hipro.co.in> Cc: Przemek Czesnowicz <przemyslawx.czesnowicz@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sato-icon-theme: fix buildAndreas Müller2012-12-132-3/+3
| | | | | | | | | | | | | | | | | | | | Can't locate XML/Simple.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /home/andreas/tmp/oe-core-eglibc/sysroots/x86_64-linux/usr/lib/icon-naming-utils/icon-name-mapping line 12. | BEGIN failed--compilation aborted at /home/andreas/tmp/oe-core-eglibc/sysroots/x86_64-linux/usr/lib/icon-naming-utils/icon-name-mapping line 12. | make[3]: *** [install-data-local] Error 2 | make[3]: Leaving directory `/home/andreas/tmp/oe-core-eglibc/work/all-angstrom-linux/sato-icon-theme-0.4.1-r5/sato-icon-theme-0.4.1/16x16/actions' | make[2]: *** [install-am] Error 2 | make[2]: Leaving directory `/home/andreas/tmp/oe-core-eglibc/work/all-angstrom-linux/sato-icon-theme-0.4.1-r5/sato-icon-theme-0.4.1/16x16/actions' | make[1]: *** [install-recursive] Error 1 | make[1]: Leaving directory `/home/andreas/tmp/oe-core-eglibc/work/all-angstrom-linux/sato-icon-theme-0.4.1-r5/sato-icon-theme-0.4.1/16x16' | make: *** [install-recursive] Error 1 | ERROR: oe_runmake failed | ERROR: Function failed: do_install (see /home/andreas/tmp/oe-core-eglibc/work/all-angstrom-linux/sato-icon-theme-0.4.1-r5/temp/log.do_install.21502 for further information) (From OE-Core rev: 8e057a58769000dfa16c77ba4555f6e169f0298b) Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-common: Ensure sysconfdir exists before installing files to itRichard Purdie2012-12-131-0/+1
| | | | | | | | Depending on the eglibc configuaration, the directory may or may not exist. (From OE-Core rev: 20e897ca36734cbd77e53e34d9993c941fde1081) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pulseaudio: explicitly set --with-database=simpleMario Domenech Goulart2012-12-132-1/+2
| | | | | | | | | | | | | | The default value for --with-database is "auto". So, if some package installs a database library and pulseaudio auto detects, that library will be added to the dependencies list, causing a dependency error at do_rootfs time. For example, samba installs libtdb, which is one of the pulseaudio supported databases. (From OE-Core rev: 400ebfde27a2de4014d4711ac80a87116ad17e55) Signed-off-by: Mario Domenech Goulart <mario@ossystems.com.br> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* distutils-common-base: Create staticdev pacakge for static librariesStefan Herbrechtsmeier2012-12-131-1/+4
| | | | | | | | (From OE-Core rev: 1a7de9112c8855036f4e07796be18856404eb1c9) Signed-off-by: Stefan Herbrechtsmeier <stefan@herbrechtsmeier.net> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel.bbclass: remove explicit version.h targetBruce Ashfield2012-12-131-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The compilation routine for the kernel has an explicit call to build version.h, which works fine for most kernels, but the location of it has recently changes. commit d183e6f5 [UAPI: Move linux/version.h] commit 10b63956 [UAPI: Plumb the UAPI Kbuilds into the user header installation and checking] moves the file to include/generated/linux/version.h and then to include/generated/uapi/linux/version.h. As a result kernel builds of 3.7 or bisection builds of intermediate kernel commits will fail with: make[2]: *** No rule to make target `include/linux/version.h'. Stop. Making the explicit version.h build conditional on the version, or via a file test would fix the problem, but it introduces some complexity to the build. Even without an explicit call to build version.h, it is always produced by the kernel build, so it can simply be removed. This extra make line was originally so that the kernel version could be determined, so that then different instructions could be executed depending on whether it was a 2.4 or 2.6 kernel. Since we no longer support 2.4, this code is no longer needed. [YOCTO: #3293] (From OE-Core rev: 1ccc1560114d14f7492c034620ad8d7a8d2ef175) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-yocto: checkout known branch before leaving do_validate_branchesBruce Ashfield2012-12-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | We should always leave the tree on a BSP branch or master when do_validate_branches completes to avoid modifying version tracked files are part of the build process. Modifying these files will lead to errors when changing branches, since the contents would be lost. This is evident in the case that a the meta branch is reset to a known SRCREV and the tree was left on the meta branch. This branch tracks the meta/meta-series, and other artifacts of the original tree construction. When the build process runs, it updates these same files, which creates a conflict when switching branches. This has been fixed in the tree construction scripts to not track these files, but a secondary fix is also required of not leaving the build on these branches, to allow arbitrary trees to be built. [YOCTO #3413] (From OE-Core rev: 36f4e23d037dae758cd42189f2ab00f22a1cd723) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autogen: use pkg-config directly instead of guile-configRoss Burton2012-12-132-2/+180
| | | | | | | | | | | | | | | | | | The autoconf macros in autogen use dpkg (!) and guile-config to determine what/where Guile is. If the build host has an installed guile, these can produce conflicting results. More interestingly, if the Guile library source and compiled form have bad timestamps (source newer than compiled) the configure scripts knows that Guile is present but doesn't know what version it is, resulting in compile errors. [ YOCTO #3370 (partially) ] (From OE-Core rev: 29f37af146b50fa39021884ef97bca9711ee924b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: touch compiled modules on sstate installRoss Burton2012-12-131-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | When guile is installed from sstate, if the compiled files get a modified time older than the source files then guile will produce warnings like this: ;;; note: source file /data/poky-master/tmp/sysroots/x86_64-linux/usr/share/guile/2.0/ice-9/boot-9.scm ;;; newer than compiled /data/poky-master/tmp/sysroots/x86_64-linux/usr/lib/guile/2.0/ccache/ice-9/boot-9.go Not staging the files and letting guile re-compile them on demand won't work: ;;; compiling /data/poky-master/tmp/sysroots/x86_64-linux/usr/share/guile/2.0/system/base/compile.scm ;;; it seems /data/poky-master/tmp/sysroots/x86_64-linux/usr/share/guile/2.0/system/base/compile.scm ;;; is part of the compiler; skipping auto-compilation So, use a sstate postinst function to explicitly touch the compiled files after the extraction to ensure that they are fresher. [ YOCTO #3370 ] (From OE-Core rev: 1e96fea6c603a500e21b9cd4626ecd19049bf04b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: fix bashism in scriptRoss Burton2012-12-131-2/+4
| | | | | | | (From OE-Core rev: e206443c132ee94227580fad16b16332007aec42) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rsync doesn't create hardlinks for certain filesAmy Fong2012-12-131-0/+6
| | | | | | | | | | | | | | | | | | | commit 4205a4c5d959643cf6c186e0939e202fb6006b82 Author: Amy Fong <Amy.Fong@windriver.com> Date: Thu Nov 29 09:21:49 2012 -0500 rsync cannot create hardlink for node file when use option --link-dest=DIR. By default, rsync's configure file disables certain capabilities when crosscompiling. Signed-off-by: Amy Fong <Amy.Fong@windriver.com> (From OE-Core rev: 4e6b3eeb7cf2ea002819daa57a1248de2daac0cd) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs: fix for CVE-2012-4024yanjun.zhu2012-12-132-0/+75
| | | | | | | | | | | | | | | | | | | | Reference:http://squashfs.git.sourceforge.net/git/gitweb.cgi?p= squashfs/squashfs;a=commit;h=19c38fba0be1ce949ab44310d7f49887576cc123 Fix potential stack overflow in get_component() where an individual pathname component in an extract file (specified on the command line or in an extract file) could exceed the 1024 byte sized targname allocated on the stack. Fix by dynamically allocating targname rather than storing it as a fixed size on the stack. [YOCTO #3513] (From OE-Core rev: a45ec682748b0d6e5bb21af04d205edb5ef1360e) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libproxy: Fix for CVE-2012-4504yanjun.zhu2012-12-132-0/+30
| | | | | | | | | | | | | | | | | Reference:https://code.google.com/p/libproxy/source/detail?r=853 Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504 [YOCTO #3487] (From OE-Core rev: a1ef9a5f647abfafd337b22b6353848962bcb00d) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pulseaudio: explicitly disable xen, rather than letting it detectGilbert Coville2012-12-132-1/+2
| | | | | | | (From OE-Core rev: 3b7a39d5e386f5e5b098b532d70c32d611a47ac9) Signed-off-by: Gilbert Coville <gilbert_coville@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcgroup: Use BPN in SRC_URIRichard Purdie2012-12-131-1/+1
| | | | | | | | | | | If we don't do this, multilib and other varients using BBCLASSEXTEND will fail. (this patch is a subset of 9a97367038a1e2431bf94211dabbc5aedbbee3bb - Ross Burton) (From OE-Core rev: da81f2816086c240ad5ebf74f3b8a2caed0b6cae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-framework: udev: Handle alternative binary pathsOtavio Salvador2012-12-132-6/+21
| | | | | | | | | | | This allows use of udev daemon for different installation destinations so allowing use of udev's from systemd code for initramfs. (From OE-Core rev: dcf95bed1d9152d9cdb908b4e131e1c7c46cec84) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initrdscripts: fix udevd in the live boot init scriptsRoss Burton2012-12-134-5/+9
| | | | | | | | | | | | | | | udevd moved location and isn't in $PATH anymore, so use an absolute path to start it. The control socket path moved too, so mkdir the directory it's in. Mounts the new devtmpfs on /dev device tree. (From OE-Core rev: 75f28875bcae2f91437d89d1ad97df29226e3303) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexandru Damian <alexandru.damian@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-framework: init: Stop mount warnings during bootOtavio Salvador2012-12-131-2/+5
| | | | | | | | | | For a completely quiet boot using recent versions of utilities, the /etc/fstab and /var/lock need to be available. (From OE-Core rev: 49434f789a772620a8eae7220812296523616956) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildhistory.bbclass: Fix hostname print for 'No changes' caseOtavio Salvador2012-12-131-1/+1
| | | | | | | | (From OE-Core rev: 0acd5a16a874b438eb288292833080bac9f9ea8b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-modules: remove unused lttng-syscalls patchTom Zanussi2012-12-131-41/+0
| | | | | | | | | | | | commit b7e184508 (lttng-2.0: fix srcrev/pv to match the recipe filenames) removed the lttng-sycalls-protect-is_compat_task-from-redefiniti.patch from the SRC_URI but forgot to remove the patch itself. (From OE-Core rev: 47df8cbb6eb757a439d3d9f44e2615faa74fd258) Signed-off-by: Tom Zanussi <tom.zanussi@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-2.0: fix srcrev/pv to match the recipe filenamesChristopher Larson2012-12-133-8/+7
| | | | | | | | | | | Somehow the recipe names got bumped, but the SRCREV and PVs in the recipes didn't get updated, so they were still building old versions. (From OE-Core rev: 29668e3698251c032e9d1b7d69370c11dd6b3c64) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-core-tools-profile: replace 'legacy' lttng with lttng 2.0Tom Zanussi2012-12-131-4/+21
| | | | | | | | | | | | | | packagegroup-core-tools-profile currently pulls in the 'legacy' lttng packages, which are useless without legacy lttng support in the kernel. This makes packagegroup-core-tools-profile pull in the lttng 2.0 packages instead, which don't need any kernel modifications to work. (From OE-Core rev: 6b196f4b7feca7caa5d2a09c0e4d6a2c57df6cd3) Signed-off-by: Tom Zanussi <tom.zanussi@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg-utils: bump SRCREV to latestMartin Jansa2012-12-131-1/+1
| | | | | | | (From OE-Core rev: d18bb4731898b3a9bb35a8d794d67e15e636dc02) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pulse: fix Bashism in string testSaul Wold2012-12-132-2/+2
| | | | | | | (From OE-Core rev: daba8aabaea5d16becd06b8b0639a34c3158d855) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kmod: fix git repo URLEric Bénard2012-12-131-1/+1
| | | | | | | (From OE-Core rev: d56e4f19559c4389f3ced2ebe53ea4f49c8969b0) Signed-off-by: Eric Bénard <eric@eukrea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image.bb: Bump SRCREV for 1.3_M5.rc41.3_M5.rc4Elizabeth Flanagan2012-10-101-1/+1
| | | | | | Bumping the SRCREV for danny in preparation for 1.3_M5.rc4 Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
* gdbm: Resolve host contamination issueRichard Purdie2012-10-101-0/+3
| | | | | | | | | | | | | | | | | | The autoconf macros detect the presence of -ldbm or -lndbm on the host system and add the library to link against, for now good reason I can explain. This patch makes the build behave determinstically whether they're present or not. Other than the extra linkage, there doesn't appear to be any other change in behaviour from these options and they look like dead code. The extra linkage can cause problems where sstate is used on a machine where the extra librbary isn't present causing build failures. (From OE-Core rev: f609bf5525450bfdb8e0864d44c41cce7f9319c9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image.bb: Bump SRCREV for 1.3_M5.rc4Elizabeth Flanagan2012-10-101-1/+1
| | | | | | Bumping the SRCREV for danny in preparation for 1.3_M5.rc4 Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
* Revert "build-appliance-image.bb: Bumping SRCREV for 1.3_M4"Elizabeth Flanagan2012-10-101-1/+1
| | | | | | Wrong build number in the commit log This reverts commit c030e463abf4940186df49394e2414e856d4b381.
* build-appliance-image.bb: Bumping SRCREV for 1.3_M4Elizabeth Flanagan2012-10-101-1/+1
| | | | | | In preparation for 1.3_M4, bumping SRCREV for the build appliance Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
* pkgconfig: Drop the RREPLACES for pkgconfig-devRichard Purdie2012-10-102-2/+1
| | | | | | | | | | | | | | | This line causes pkgconfig-dev to replace pkgconfig so the package with all the files in is replaced by one with no files. This makes no sense and hence we should just remove this broken line. At this point in the release, this is the safest way to fix this even if an empty -dev package is left available. [YOCTO #2878] (From OE-Core rev: 5bed2bb831b379a8fbf2f725435af4b7c934359e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* eglibc: force make to use /bin/bashSaul Wold2012-10-102-1/+6
| | | | | | | | | | | | | | | | | | | | | The eglibc core build still has a number of issues with /bin/dash. Recently found is both sysdeps/unix/make-syscalls.sh and it's output, which make calls via SHELL do not play well with /bin/dash. By force make to use /bin/bash via SHELL setting it works correctly. Currenly known issues are: make-syscalls.sh line with a bad substitution, which can be corrected by: vdso_symver="$(printf '%s\n' ${vdso_symver} | sed 's/\./_/')" Following that there is an issue with emiting a '\n' through a second echo and then to the compiler. There maybe more issues beyond that. [YOCTO #3080] (From OE-Core rev: 9d002f7cdc5309c4d850a76e4fd73ff04c980a07) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: add archlib_exp variable used to generate ARCHLIB_EXP in config.hTom Zanussi2012-10-103-1/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | perl.c uses an ARCHLIB_EXP define to generate compile-time code that adds the archlibexp path to @INC during run-time initialization of a new perl interpreter. Because we've changed this value in a temporary way to make it possible to use ExtUtils::Embed in the target build (the temporary value in config.sh gets re-stripped out during packaging), the ARCHLIB_EXP value that gets generated still uses the temporary version instead of the original expected version (i.e. becauses it's in the generated config.h, it doesn't get stripped out during packaging like the others in config.sh). This creates an unmodified version called archlib_exp that gets used by a modified config_h.SH to get the correct value into config.h This patch uses an unmodified version of archlibexp called archlib_exp, introduced to config.sh, which is used to generate the correct value of ARCHLIB_EXP into config.h Fixes [YOCTO #3099]. (From OE-Core rev: cbcfdeb1d55e2e76f199750bda401bad126ae234) Signed-off-by: Tom Zanussi <tom.zanussi@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip license: bzip2 not bzip.Flanagan, Elizabeth2012-10-101-0/+0
| | | | | | | | | | The name of the license for bzip2 is wrong causing warnings to be thrown. (From OE-Core rev: 566c6101cc7a8d90973eb22478ffc77eac23f81c) Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-cross-canadian: Fix gettext dependencyRichard Purdie2012-10-101-1/+1
| | | | | | | | | | | There was a problem in commit ad23395cd1f6c0cbfcc6980b6071d589f9f6cde0 since gettext-nativesdk was translated to gettext instead of nativesdk-gettext. This fixes to use the correct dependency. (From OE-Core rev: a6e325342cb489e05927d6cb2bb0a24fa6c20ef8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>