linux/poky.git, branch pyro-17.0.4 Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=pyro-17.0.4 2018-05-16T13:27:50+00:00 poky: Update version to 2.3.4 2018-05-16T13:27:50+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2018-05-16T13:27:41+00:00 urn:sha1:ebb42af2829edfca1a23c7a51a431c656ffc2090 (From meta-yocto rev: 17b7a75b22b2ca1a19d0a8656c0183b738932189) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: Update to 2.4.4 2018-05-07T14:57:44+00:00 Armin Kuster akuster808@gmail.com 2018-05-03T16:00:59+00:00 urn:sha1:90068771dd6fbd0f90a133b9c1c95c71d7cf035f The dot releases are maint only. 2.4.4 included: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir 2.4.3 includes: CVE-2017-17405: Command injection vulnerability in Net::FTP (From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: fix typo in gmp PACKAGECONFIG option 2018-05-07T14:57:44+00:00 Andre McCurdy armccurdy@gmail.com 2018-01-22T23:38:06+00:00 urn:sha1:da6716b70c07fe0432116d626d9f4340609b9ed5 (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) (From OE-Core rev: a9b55cbec9f5ff11f92f50c529049e83ac898043) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: remove spurious db build dependency 2018-05-07T14:57:44+00:00 Ross Burton ross.burton@intel.com 2017-11-01T09:57:53+00:00 urn:sha1:f24ffeefb1b7a40366313b0895ed08beb8cc1ed3 The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) (From OE-Core rev: 20d9821e9131c3d715ed629ad38eed802f737056) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: upgrade to 2.4.2 2018-05-07T14:57:44+00:00 Leonardo Sandoval leonardo.sandoval.gonzalez@linux.intel.com 2017-10-12T18:35:23+00:00 urn:sha1:82528b2f84f2d519bb670ee12fa16257192e6fe9 The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) (From OE-Core rev: 4562790471c7e3f3e393cd3e8b77d28ed4196452) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: upgrade to 2.4.1 2018-05-07T14:57:44+00:00 Leonardo Sandoval leonardo.sandoval.gonzalez@linux.intel.com 2017-05-22T18:47:01+00:00 urn:sha1:5c9e4bbba7c5f604b366815ad5f776c2d6c17b06 (From OE-Core rev: 3ff2d0bc7a8e7a7e8c8e953dc0ccf84d891688ef) (From OE-Core rev: b102521a146197749dc1493307f222cbf0292921) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> scripts/test-dependencies.sh: remove 2018-05-07T14:57:44+00:00 Martin Jansa martin.jansa@gmail.com 2018-04-25T14:07:05+00:00 urn:sha1:8689313447c9aa60856805701800fef8efa5c8fc * with RSS used in pyro this script isn't very useful anymore * RSS makes sure that the dependencies are almost always deterministic the only case known to me where dependencies are different based on what was already built in TMPDIR are runtime dependencies resolved by shlibs code in package.bbclass (which is using global pkgdata, not specific to given recipe and its RSS) as described here: https://bugzilla.yoctoproject.org/show_bug.cgi?id=9217#c4 but for this case it's not worth running complete test-dependencies.sh runs (From OE-Core rev: ab87b50fa0b0468c1d3640bbe8e733b3caf61ea9) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> sstate-diff-machines.sh: Replace MACHINE_ARCH only at the beginning and separated with dash 2018-05-07T14:57:44+00:00 Martin Jansa martin.jansa@gmail.com 2018-04-25T14:07:04+00:00 urn:sha1:d5222b15597b694b8e28d77bd668f15d19855280 * I had some components where the MACHINE name was also included in PV of allarch recipe which was tripping the script into saying that they have different signatures (because for one MACHINE was the string in PV replaced with 'MACHINE' and not for other MACHINEs (From OE-Core rev: 90a8e984724c994b78639b7f16435b678bf294f8) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> sstate-sysroot-cruft.sh: Extend the whitelist 2018-05-07T14:57:44+00:00 Martin Jansa martin.jansa@gmail.com 2018-04-25T14:07:03+00:00 urn:sha1:a89aa1909651df0a8415649e696602109519dded * add more php5 entries (From OE-Core rev: d5b520f5c65651f53b3d58c16aaa4633920fda40) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> libpng: update SRC_URI to use osl 2018-05-07T14:57:43+00:00 Armin Kuster akuster808@gmail.com 2018-04-19T16:00:57+00:00 urn:sha1:cc9ab83f7fa390e42742e18efe56009146c2de0b ERROR: libpng-1.6.28-r0 do_checkuri: Fetcher failure for URL: 'http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz'. URL http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz doesn't work ERROR: libpng-1.6.28-r0 do_checkuri: Function failed: do_checkuri (From OE-Core rev: c53d61712a50c5243b14b6aa39e034e080fa0bd3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>