Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=sumo-next 2019-11-07T19:47:27+00:00 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:38:02+00:00 urn:sha1:8d61ccc45cd2e7cb0e8d02e0a8618eb6973dd51f There's a Jenkins plugin for Git. (From OE-Core rev: f2adf5e4d3e9afc6d45665bbe728c69d195a46ef) (From OE-Core rev: a28d17187dd4c7ac6aa7e5d28f3cfc0c9060bd94) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:38:01+00:00 urn:sha1:ceb4c456201f09b9eb510cf16622bbe15ad49f51 There's a Jenkins plugin for Subversion. (From OE-Core rev: ac115c3b5f1dcb95fb7d39537693fe0dcd330451) (From OE-Core rev: 457d52c1a86bad074e174e2004c54ac5be1728bd) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-devtools/subversion/subversion_1.12.0.bb 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:38:00+00:00 urn:sha1:bb6f339bc9d622b28a0abf80f6a89bca02dc4070 There's a Boost module for Drupal. (From OE-Core rev: 30ff8bb6502d45549c698be052a1caf4cb5c611f) (From OE-Core rev: 44c521f7cb04e0cd308489ae2ba05349ab1d3987) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:37:59+00:00 urn:sha1:74b7b34e0aeb8cb206f48cc5e0b0c8bae9503a9f (From OE-Core rev: 2c3d689e4f78d8ea00b1bd2239af80c8fe038074) (From OE-Core rev: 6faf4f340ea8c2b11d609584897a7f5447abc2a0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-extended/ed/ed_1.15.bb 2019-11-07T19:47:27+00:00 Anuj Mittal anuj.mittal@intel.com 2019-11-06T15:37:58+00:00 urn:sha1:95d6d83772813f25afe1e48cb38fd47bbaaa0f96 rsync includes its own copy of zlib and doesn't recommend linking with the system version [1]. Import CVE fixes that impact zlib version 1.2.8 [2] that is currently used by rsync. [1] https://git.samba.org/rsync.git/?p=rsync.git;a=blob;f=zlib/README.rsync [2] https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3agnu%3azlib%3a1.2.8 (From OE-Core rev: a55fbb4cb489853dfb0b4553f6e187c3f3633f48) (From OE-Core rev: 1ce0a922853b6136a019763b64e58194bb0df00f) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-devtools/rsync/rsync_3.1.3.bb 2019-11-07T19:47:27+00:00 Anuj Mittal anuj.mittal@intel.com 2019-11-06T15:37:57+00:00 urn:sha1:376ff1ce4c70054f2237a1bb55a32424d34d5488 Differentiate it from openssl gem for Ruby. (From OE-Core rev: 2ec481b19d6c9c20ce6573de77ae89e576d6b8cb) (From OE-Core rev: a879a194aae0f1e97f3683f5ce01eaa8b5c0dd15) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-connectivity/openssl/openssl_1.1.1c.bb 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:37:56+00:00 urn:sha1:dd06a288fa81aef25da8619c7503817d3059a98d This is actually a memory leak in gif2png 2.x, so whitelist it in the libpng recipe. (From OE-Core rev: 341e43ebd935daeb592cb073bf00f80c49a8ec2d) (From OE-Core rev: 581fa36d300fda00ae50c07b038fe847887f7ed3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-multimedia/libpng/libpng_1.6.37.bb 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:37:55+00:00 urn:sha1:26e1179507275a2440593bbf5ad2110175ab83a1 This CVE is about race conditions in 'ps' which make it unsuitable for security audits. As these race conditions are unavoidable ps shouldn't be used for security auditing, so this isn't a valid CVE. (From OE-Core rev: b3fa0654abf9ac32f683ac174e453ea5e64b6cb8) (From OE-Core rev: 618a3203d53d33e6403386f1204bcaf327b68f37) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-extended/procps/procps_3.3.15.bb 2019-11-07T19:47:27+00:00 Ross Burton ross.burton@intel.com 2019-11-06T15:37:54+00:00 urn:sha1:5dea226778613329c79109c8dfa77c5211a83085 (From OE-Core rev: f1d5273d53d66b217f3d4975f5cb5eb367b1aab1) (From OE-Core rev: 2395ae4a332928de3f5fcb840ef196e7a7d77386) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-extended/pam/libpam_1.3.1.bb 2019-11-07T19:47:27+00:00 Chen Qi Qi.Chen@windriver.com 2019-11-06T15:37:53+00:00 urn:sha1:1c0bb22388f767f4f312368abf94226dee8a50aa (From OE-Core rev: 43aaa117386490c822b824974fb095bd0d3ce1a3) (From OE-Core rev: 76b3996974de8ca8729d7d262b1c90cd2def02d5) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Conflicts: meta/recipes-sato/webkit/webkitgtk_2.24.0.bb