Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=mickledore 2023-11-14T00:19:27+00:00 2023-11-14T00:19:27+00:00 Steve Sakoman steve@sakoman.com 2023-11-14T00:18:27+00:00 urn:sha1:7235399a86b134e57d5eb783d7f1f57ca0439ae5 (From OE-Core rev: 23b5141400b2c676c806df3308f023f7c04e34e0) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-13T22:22:20+00:00 Xiangyu Chen xiangyu.chen@windriver.com 2023-11-12T12:57:44+00:00 urn:sha1:7f366c7d843d979e7b2c33f76cc8723f281cb890 CVE: CVE-2023-4692 Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass. Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea] CVE: CVE-2023-4693 There an out-of-bounds read at fs/ntfs.c, a physically present attacker may leverage that by presenting a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack may allow sensitive data cached in memory or EFI variables values to be leaked presenting a high Confidentiality risk. Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94] (From OE-Core rev: 51236150a3740d95e3601499d3918af5a37f8f86) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit: a8bc6f041599ce8da275c163c87f155a2f09369c) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-13T02:41:21+00:00 Steve Sakoman steve@sakoman.com 2023-11-13T02:39:01+00:00 urn:sha1:c0c48c613df5a1f9d397398a9817e843c01d991e (From OE-Core rev: 3c35416a8bff3a857004beadbd053d50eca30ce2) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-13T02:38:12+00:00 Steve Sakoman steve@sakoman.com 2023-11-13T02:35:35+00:00 urn:sha1:b4fc02f9414ff16b541669150cabe0d79a95f155 This reverts commit b0d96ea432196800fedb45e6d1da44a3523fad63. This caused failures on the build performance tests on the autobuilder. (From OE-Core rev: c337b5a45d43eefee171e7043f70cf19e6eb2cce) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-12T21:36:17+00:00 Steve Sakoman steve@sakoman.com 2023-11-12T21:30:58+00:00 urn:sha1:028ef3991e952797bd89435be1439bdde5009af4 (From OE-Core rev: 0f4cd6a395404352e2f66bdd11a7727c1f117046) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-12T21:30:08+00:00 Alexis Lothoré alexis.lothore@bootlin.com 2023-08-18T14:17:11+00:00 urn:sha1:03ccc1284aee335253607c5d71c6cbf73c28a2cc Sporadic errors have been observed in autobuilder when trying to store new tests results: error: failed to push some refs to 'push.yoctoproject.org:yocto-testresults' hint: Updates were rejected because the tag already exists in the remote. The new tag name is generated by gitarchive based on known tags from the repository (learnt with git tag). In autobuilder case, this repository is a shallow clone, so git tag only returns most recent tags, which mean we could miss some older tags which exist in remote but not locally. In this case, gitarchive will likely create a tag which already exists in remote, and so will fail to push Fix this tag duplication by using git ls-remote to learn about existing tags instead of git tag. To do so, create a helper ("get_tags") which manages both nominal case (target directory is a git repository with a proper remote) and fallback case (target directory is not from a clone, no remote has been configured) Fixes [YOCTO #15140] (From OE-Core rev: b0d96ea432196800fedb45e6d1da44a3523fad63) Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9cbbe9689866158825a7ae774b7965b41ff5c461) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-12T21:30:07+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2023-08-16T06:55:50+00:00 urn:sha1:f0265a9051412eaf41290b5d86786c870112e9fc This reverts commit 5a0a7da85a3acfd4a20a07478eabefdab60f313a. This caused failres on the build performance tests on the autobuilder. (cherry picked from commit cbfa57a982c0e633e41d3ea00543f87ad818c43a) (From OE-Core rev: 1506737eae894310bb98a82cf43c91f4b17d5878) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-11T18:26:04+00:00 Steve Sakoman steve@sakoman.com 2023-11-11T18:23:53+00:00 urn:sha1:b8bb4e6cb0b531507ec26d569f1f6c3e7a5aeaf0 (From OE-Core rev: ae69823d9439ba1995ef48676a2d2236a50fe665) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-11T18:23:01+00:00 Steve Sakoman steve@sakoman.com 2023-11-06T16:56:01+00:00 urn:sha1:ee3efb03e142a42b33b6c62655f7b38b0058988f (From meta-yocto rev: 62fb88d93c7a706ed191df71dc67f80b47e7c602) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2023-11-11T18:23:01+00:00 Xiangyu Chen xiangyu.chen@windriver.com 2023-11-10T05:07:21+00:00 urn:sha1:65c06a2ea863445219d7103a7d347df36ccbd53a Upgrade 1.9.13p3 to 1.9.15p2 to fix bugs and CVEs License-update: file removed upstream Drop patch as issue fixed upstream. Changelogs: 1.9.15p2: https://www.sudo.ws/releases/stable/#1.9.15p2 1.9.15p1: https://www.sudo.ws/releases/stable/#1.9.15p1 1.9.15: https://www.sudo.ws/releases/stable/#1.9.15 1.9.14p3: https://www.sudo.ws/releases/stable/#1.9.14p3 1.9.14p2: https://www.sudo.ws/releases/stable/#1.9.14p2 1.9.14p1: https://www.sudo.ws/releases/stable/#1.9.14p1 1.9.14: https://www.sudo.ws/releases/stable/#1.9.14 (From OE-Core rev: 1681813ef11c813d8b7433790dfc60425e31bc63) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>