Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=daisy-11.0.3 2015-05-13T12:28:56+00:00 2015-05-13T12:28:56+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2015-05-13T12:27:45+00:00 urn:sha1:b2ba41b57550aa912da93b4aef789ff562a67fce (From OE-Core rev: 5a577ec878a15f3caaf4893b819825ffb8c81266) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-13T07:52:06+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2014-12-19T09:03:17+00:00 urn:sha1:56bd68e82c28528d9a99170611d02f5532599ef5 (From OE-Core rev: 327da66bb4d0b2a219e8a1b0805b504b269b22d9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-12T14:46:59+00:00 Martin Jansa martin.jansa@gmail.com 2014-12-18T14:54:14+00:00 urn:sha1:0fb598c6b93780efe0eb549ef031761b9a472fdc * EXTRA_LDFLAGS isn't defined for !uclibc and configure fails when it reads it unexpanded, see config.log snippet: configure:4177: checking whether the C compiler works configure:4199: i586-oe-linux-gcc -m32 -march=i586 --sysroot=/OE/sysroots/qemux86 -O2 -pipe -g -feliminate-unused-debug-types -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed ${EXTRA_LDFLAGS} conftest.c >&5 i586-oe-linux-gcc: error: ${EXTRA_LDFLAGS}: No such file or directory configure:4203: $? = 1 configure:4241: result: no (From OE-Core rev: fd6418949249be252e4831ecf88f84297f81eaeb) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Backported from OpenEmbedded Dizzy branch, commit c8f9b5c9a8e5179c2013f25decd6a5483df9c716. Signed-off-by: Jens Rottmann <Jens.Rottmann@ADLINKtech.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-12T14:46:59+00:00 Jonathan Liu net147@gmail.com 2015-03-12T09:18:56+00:00 urn:sha1:b0c18202615849fc7a35d6f23afc0696dd0e952f The ownership needs to be explicitly set otherwise it inherits the user and group id of the build user. (From OE-Core rev: 0752c79282b1cc9699743e719518e6c341d50a3a) (From OE-Core rev: e64cee7ccf9dedbadc3a63e4ed3eb15172ef4403) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Conflicts: meta/recipes-core/systemd/systemd_219.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:52+00:00 Armin Kuster akuster808@gmail.com 2015-04-29T17:44:27+00:00 urn:sha1:ccd470ba5fd739d3ca7c0e74c828642e9b9828c7 The includes two CVE fixes: CVE-2012-3406 CVE-2014-7817 (From OE-Core rev: fed4d140da67fc51d54b02df83882177f6ddab10) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:52+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-04-29T09:02:22+00:00 urn:sha1:90a33dde44446185d41bf6eb5e7aa27faacbc936 Fixes input sanitization errors. References http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4 http://www.ocert.org/advisories/ocert-2015-002.html (From OE-Core rev: f3e5b052689b2eba30e26903e964791f92241e65) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:52+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-04-29T09:02:21+00:00 urn:sha1:b9da1f441bbd8ef2c4bbcd2aabd2d42b65757827 directory traversal in read_long_names() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447 Upstream commit with the analysis: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e (From OE-Core rev: 6e7badf6819f372bd6dced191c7fda9748062126) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:52+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-04-29T09:02:20+00:00 urn:sha1:ccbb7ef72f799fd11824009f2b000090e09b8bef Memory corruption flaw in parse_datetime() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 (From OE-Core rev: 0b13fbf3f9b4419141445b381ffa9445af6e52ab) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:51+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-04-29T09:02:19+00:00 urn:sha1:cafdccb29c350a0f030ef55f9cc7d5c4c0b5a0bb Fixes CVE-2015-0973 (duplicate of CVE-2014-9495), a heap-based overflow vulnerability in the png_combine_row() function of the libpng library, when very large interlaced images were used. Upstream patch: http://sourceforge.net/p/libpng/code/ci/dc294204b641373bc6eb603075a8b98f51a75dd8/ External Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 http://seclists.org/oss-sec/2014/q4/1133 (From OE-Core rev: 10c8aeebca301ffd853e75df3f9c1d16d0352d76) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-05-01T11:34:51+00:00 Sona Sarmadi sona.sarmadi@enea.com 2015-04-29T09:02:18+00:00 urn:sha1:13eda671267c7b38be0b863319f187fc8b4eae05 Fixes an out of bounds memory access flaw in Qemu's IDE device model Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 (From OE-Core rev: 5f7cdf1e1212af5e3dcf36c8817c63cc853b1a91) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>