Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=genericarm64 2016-11-06T23:35:35+00:00 2016-11-06T23:35:35+00:00 André Draszik adraszik@tycoint.com 2016-10-26T12:08:45+00:00 urn:sha1:81386beaf02de02659f728e8610c72f8ac69c408 Make sure the recipe version matches what we're actually shipping, so that tools like cve-check can do the right thing. Rather than fetching version 3.2.48 and applying all patches up to and including version 3.2.57, we just fetch the latter in the first place. (From OE-Core rev: 614ac87f2832c5359f371439559be88d6106cd6b) Signed-off-by: André Draszik <adraszik@tycoint.com> Acked-by: Sylvain Lemieux <slemieux@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-07-20T09:28:48+00:00 Ross Burton ross.burton@intel.com 2016-07-14T09:21:51+00:00 urn:sha1:220a68bfc2cfd4f243706d97e3944f02b2bc01ff If security_flags.inc is included then bash 3.2.48 fails to build: | ../bash-3.2.48/print_cmd.c:1152:3: error: format not a string literal and no format arguments [-Werror=format-security] | cprintf (indentation_string); Backport a patch from upstream to solve this. (From OE-Core rev: 293d90d757d0d1e292c90cb0e9c576faf911ffcc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-08-10T19:40:28+00:00 Andre McCurdy armccurdy@gmail.com 2015-07-15T08:16:39+00:00 urn:sha1:d00f88b8ebad3064b69ad7986b4443568bb714fb Building the host tool 'mkbuiltins' will fail if the target CFLAGS contains an option which isn't supported by the host's gcc. To prevent the issue, define LDFLAGS_FOR_BUILD based on CFLAGS_FOR_BUILD instead of CFLAGS. (From OE-Core rev: 7a8ec63f38f7a387e01343fbb971b75a66e0f851) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-03-10T10:47:46+00:00 Robert Yang liezhi.yang@windriver.com 2015-03-04T09:23:28+00:00 urn:sha1:7c504b44ef593f97f5311d0d27f667e85a2eddbb It's Makefile has the two rules: $(BUILTINS_LIBRARY): $(BUILTIN_DEFS) $(BUILTIN_C_SRC) config.h ${BASHINCDIR}/memalloc.h version.h @(cd $(DEFDIR) && $(MAKE) $(MFLAGS) DEBUG=${DEBUG} libbuiltins.a ) || exit 1 ${DEFDIR}/builtext.h: $(BUILTIN_DEFS) @(cd $(DEFDIR) && $(MAKE) $(MFLAGS) builtext.h ) || exit 1 which causes parallel issues: mkbuiltins.o: file not recognized: File truncated collect2: ld returned 1 exit status I don't have any good ideas to fix the problem, so disable parallel build for it. (From OE-Core rev: efbee563af4ab56f93ac0a6238426d1d3eb80b98) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-10-06T15:03:13+00:00 Mark Hatle mark.hatle@windriver.com 2014-10-06T14:44:54+00:00 urn:sha1:fc37a44a011d63fab394e0cbca2a0494b4d5721b Update both bash 3.2.48 (to 57), and bash 4.3 (to 30) to fix the remaining 'shellshock' security issues, CVE-2014-6278. (From OE-Core rev: a2709547644ae417fbd5435e1372068c7cd5db4c) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-10-06T14:15:51+00:00 Mark Hatle mark.hatle@windriver.com 2014-10-03T14:51:25+00:00 urn:sha1:94d2fea672140bcd561dc001da5759a927192b93 We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56. There are numerous community bug fixes included with this set, but the key items are: bash32-052 CVE-2014-6271 9/24/2014 bash32-053 CVE-2014-7169 9/26/2014 bash32-054 exported function namespace change 9/27/2014 bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash32-056 CVE-2014-6277 10/2/2014 bash43-025 CVE-2014-6271 9/24/2014 bash43-026 CVE-2014-7169 9/26/2014 bash43-027 exported function namespace change 9/27/2014 bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014 bash43-029 CVE-2014-6277 10/2/2014 (From OE-Core rev: 43deeff0c6b0ea7729d3e5f1887dfd1647dea1da) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-09-29T11:13:35+00:00 Khem Raj raj.khem@gmail.com 2014-09-26T20:21:19+00:00 urn:sha1:d6709b013364737bec7d59edd949db3891a6a8fa This is a followup patch to incomplete CVE-2014-6271 fix code execution via specially-crafted environment Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed (From OE-Core rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-09-29T11:12:46+00:00 Ross Burton ross.burton@intel.com 2014-09-25T23:05:18+00:00 urn:sha1:215e7b98ae4865b0f24b1cb9c53161fef170b270 CVE-2014-6271 aka ShellShock. "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment." (From OE-Core rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-07-29T12:08:59+00:00 Muhammad Shakeel muhammad_shakeel@mentor.com 2013-07-05T07:23:18+00:00 urn:sha1:3f7e8ad53e27b441125d232a387acb838e3feffd ptest support was already added for v4.2 but for the distros using GPLv2 version of bash (3.2.48) this update is required. (From OE-Core rev: d054da760deda0c965619372209b50f8db964e1c) Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-09T15:05:25+00:00 Saul Wold sgw@linux.intel.com 2013-01-08T22:39:50+00:00 urn:sha1:181e76c4b9832acbc03fe7cee862af06674c3f70 Same patch for non-gplv3 version: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=1fd9a16d2a4594a4e9179dc7353ac51ce32eb712 [YOCTO #3646] (From OE-Core rev: d00acdbfa7d10804ff832009888c441fda51e412) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>