Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=denzil-7.0.2 2013-01-04T22:23:43+00:00 2013-01-04T22:23:43+00:00 Elizabeth Flanagan elizabeth.flanagan@intel.com 2013-01-04T22:12:44+00:00 urn:sha1:3456295898bf157e40ea1f8c335f0b7285d3d8a7 With the pending point release for denzil we need to point to the release revision and the correct branch. (From OE-Core rev: 0a9e8bf35afd5990c1b586bba5eb68f643458a4b) Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:26+00:00 Scott Garman scott.a.garman@intel.com 2012-12-28T00:28:51+00:00 urn:sha1:151d4fbc4e10aea97515757d3f2ff70f86ea9148 Patch from: http://cups.org/strfiles/3867/str3867.patch The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896 [YOCTO #3582] [ CQID: WIND00299595 ] (From OE-Core rev: f4aca76c7933abf2771999c309d49ab91a3d9480) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Merged with denzil branch, partial fix for denzil bug [YOCTO #3652] Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:25+00:00 Li Wang li.wang@windriver.com 2012-12-13T06:51:22+00:00 urn:sha1:caa1d0308959800ef8d4b730bfbf31fa15593e62 Store node type separately in RsvgNode commit 34c95743ca692ea0e44778e41a7c0a129363de84 upstream The node name (formerly RsvgNode:type) cannot be used to infer the sub-type of RsvgNode that we're dealing with, since for unknown elements we put type = node-name. This lead to a (potentially exploitable) crash e.g. when the element name started with "fe" which tricked the old code into considering it as a RsvgFilterPrimitive. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3146 https://bugzilla.gnome.org/show_bug.cgi?id=658014 [YOCTO #3581] [ CQID: WIND00376773 ] Upstream-Status: Backport (From OE-Core rev: 6d030fcb69221da073ce413049deb8447934bed5) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Resolved merge conflicts with denzil branch. Fixes denzil bug [YOCTO #3651]. Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:25+00:00 yanjun.zhu yanjun.zhu@windriver.com 2012-12-11T10:00:32+00:00 urn:sha1:a86e32a18b542c2c3c5ce0faf5b162fc6c2ebd50 CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 (From OE-Core rev: e6fddd1961061895e9335fa94b636163efdc9caa) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:25+00:00 Scott Garman scott.a.garman@intel.com 2012-12-27T22:48:56+00:00 urn:sha1:156c2554b76cde2d6d9350aaaf9848986201375d For details of these security issues, please see: http://www.openwall.com/lists/oss-security/2012/12/25/1 Thanks to Eren Turkay <eren@hambedded.org> for submitting source patches that apply cleanly to freetype 2.4.9. This fixes denzil bug [YOCTO #3649] (From OE-Core rev: be34916d81b71385a560a6990c7b30eba243b356) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:25+00:00 Scott Garman scott.a.garman@intel.com 2012-12-27T17:53:08+00:00 urn:sha1:b6037b6d2fc9cb4e8a3564468da0f796ed9235d8 the patch come from: http://src.chromium.org/viewvc/chrome/trunk/src/third_party/libxml/ \ src/include/libxml/tree.h?r1=56276&r2=149930 libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2871 [YOCTO #3580] [ CQID: WIND00376779 ] (From OE-Core rev: fa3d44594360786b2526d64f0ea5bc26b44a1fa8) Signed-off-by: Li Wang <li.wang at windriver.com> This fixes denzil bug [YOCTO #3648] Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:24+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2012-07-18T21:48:58+00:00 urn:sha1:88b65c79ac181f39ac2b6ac70f6f3688c4c91f12 This catches up with the STAGING_KERNEL_DIR location change and uses the correct variable to future proof this issue. [YOCTO #2783] (From OE-Core rev: 28715eff6dff3415b1d7b0be8cbb465c417e307f) (From OE-Core rev: f02a7341e37aec155772e1546d8b21ef2c9f5e9d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:24+00:00 Scott Garman scott.a.garman@intel.com 2012-12-23T06:05:09+00:00 urn:sha1:bfae0622b52cbd4486a149a7e00e158a699941cb This will allow use to automagically set the SRCREV for builds on the autobuilder. It will still require manual updating for releases. (From OE-Core rev: 1b4781e5c6eee234fcf57dd53d5167b31d81a482) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:23+00:00 Scott Garman scott.a.garman@intel.com 2012-12-23T05:52:27+00:00 urn:sha1:01c1421270ae0c14a6547d7025137d36f3e98b0e This fixes a segmentation fault when passing -a without an argument. Fixes [YOCTO #2903] (From OE-Core rev: f5b8ba5e51ac41cf375119a88083617f667a85d5) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2013-01-03T12:34:23+00:00 Mihai Lindner mihaix.lindner@linux.intel.com 2012-08-10T09:07:38+00:00 urn:sha1:2ccb03f9b71db3bace4e60fafafcc2c80bd8b48f Yocto #2926: syslog.conf should not have tabs within the selector field. Removed tabs from the selector field of syslog rules. Tabs or spaces should be used, in syslog.conf, only when separating selectors from actions. (From OE-Core rev: 1316be4e597332a629842b3f5a7dde8e45dd057d) (From OE-Core rev: c806466c8d4a9d0d4a66d34d3565d5879c2f2b0f) Signed-off-by: Mihai Lindner <mihaix.lindner@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Resolved merge conflicts with denzil branch. Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>