Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=zeus-next 2020-02-11T23:05:12+00:00 2020-02-11T23:05:12+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2020-02-04T22:20:35+00:00 urn:sha1:5602cc200b73678490902fd71faf66c02b2ee077 There is a bug in patch 2.7.3 and earlier where index lines in patches can change file modes when they shouldn't: http://git.savannah.gnu.org/cgit/patch.git/patch/?id=82b800c9552a088a241457948219d25ce0a407a4 This leaks into debug sources in particular (e.g. tcp-wrappers where source files are read-only). Add the dependency to target recipes to avoid this problem until we can rely on 2.7.4 or later. We could try and remove all index lines from patch files but it will be a losing battle. We could try and identify all the recipes which change modes on files in patches but again, its a losing battle. Instead, compromise and have patch-native as a dependency for target recipes. We use patch-replacement-native since patch-native is in ASSUME_PROVIDED. Also add nativesdk-patch to buildtools-tarball. [YOCTO #13777] (From OE-Core rev: 5ed0840c93804488cd1c1aba6cb382b2434714a5) (From OE-Core rev: fd3bd61a6fe5190c575dc968f3a0be9c1cbf21ed) (From OE-Core rev: 148f1f8caf5d9a262c1f55e437326ce6139a743e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-13T22:02:16+00:00 Ross Burton ross.burton@intel.com 2019-11-04T12:27:13+00:00 urn:sha1:006b110cdb356f549fb27f0f4341bfb18e87a68b (From OE-Core rev: 41b1d53cea0302f1c3954c6ab048366c908cf754) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-09-06T13:58:09+00:00 Ross Burton ross.burton@intel.com 2019-09-03T15:59:05+00:00 urn:sha1:6dd03197a5e67179812ebe3a69f9dbf47189f049 These patches improve CVE fixes but trip up patch status sanity checks, so add CVE tags to them. (From OE-Core rev: b30e060639d99849e27e5136c33c52d27e3288dc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-08-22T21:48:26+00:00 Anuj Mittal anuj.mittal@intel.com 2019-08-21T01:44:45+00:00 urn:sha1:f326d31c4e16aa9b7f9dc0ca139f52594352cb85 The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 (From OE-Core rev: 9ea833b7d1655e042a513ea2225468c84f1c8bfb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-08-13T08:37:37+00:00 Trevor Gamblin trevor.gamblin@windriver.com 2019-08-08T14:04:53+00:00 urn:sha1:6e5636d56bd21283a9bec716d21ea6aedb1bd0b7 (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-07-31T22:03:01+00:00 Anuj Mittal anuj.mittal@intel.com 2019-07-30T09:52:39+00:00 urn:sha1:df9d8dbe7552a1d909c3ef8757befa46eb39a460 (From OE-Core rev: f201b9db5d148cb9fe03b78ca085493a27f7e24c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-08-23T06:50:01+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-08-22T12:10:40+00:00 urn:sha1:a11008a90dd0643b9ae6833905e5c2918d493f27 (From OE-Core rev: 1314a6953aa647706107557faaba8574e307d2bd) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-04-13T15:58:07+00:00 Jackie Huang jackie.huang@windriver.com 2018-04-11T06:56:10+00:00 urn:sha1:16174d9342f2c0ed376d8e797e8a7f04ed04f57c * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 * upstream tracking: https://savannah.gnu.org/bugs/index.php?53566 * Fix arbitrary command execution in ed-style patches: - src/pch.c (do_ed_script): Write ed script to a temporary file instead of piping it to ed: this will cause ed to abort on invalid commands instead of rejecting them and carrying on. - tests/ed-style: New test case. - tests/Makefile.am (TESTS): Add test case. (From OE-Core rev: 6b6ae212837a07aaefd2b675b5b527fbce2a4270) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-04-13T15:58:07+00:00 Jackie Huang jackie.huang@windriver.com 2018-04-11T06:56:09+00:00 urn:sha1:31714674e4dc9c1196553be7363c8a1d08565b4c * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-6951 * upstream tracking: http://savannah.gnu.org/bugs/?53132 * Fix segfault with mangled rename patch - src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). (From OE-Core rev: cdf74e1c67698b2d44a7460ff7d365d6da7b7b96) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-03-08T18:39:32+00:00 Huang Qiyu huangqy.fnst@cn.fujitsu.com 2018-03-07T03:10:10+00:00 urn:sha1:e5969c7ec781ddf5a70acee3adfaa2c1229e944c Upgrade patch from 2.7.5 to 2.7.6. (From OE-Core rev: e5dcd58e5b2ef0b8e2bbe90e9bb1cede4e76bf75) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>