linux/poky.git/meta, branch pyro Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=pyro 2018-05-24T16:18:18+00:00 build-appliance-image: Update to pyro head revision 2018-05-24T16:18:18+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2018-05-16T13:27:55+00:00 urn:sha1:9b7bc41dfa11d8e158d3aea1eda896c4cb9ad8a6 (From OE-Core rev: 819aa151bd634122a46ffdd822064313c67f5ba5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: Update to 2.4.4 2018-05-07T14:57:44+00:00 Armin Kuster akuster808@gmail.com 2018-05-03T16:00:59+00:00 urn:sha1:90068771dd6fbd0f90a133b9c1c95c71d7cf035f The dot releases are maint only. 2.4.4 included: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir 2.4.3 includes: CVE-2017-17405: Command injection vulnerability in Net::FTP (From OE-Core rev: ce12ff394281a42448d92109568db33739b2b542) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: fix typo in gmp PACKAGECONFIG option 2018-05-07T14:57:44+00:00 Andre McCurdy armccurdy@gmail.com 2018-01-22T23:38:06+00:00 urn:sha1:da6716b70c07fe0432116d626d9f4340609b9ed5 (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) (From OE-Core rev: a9b55cbec9f5ff11f92f50c529049e83ac898043) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: remove spurious db build dependency 2018-05-07T14:57:44+00:00 Ross Burton ross.burton@intel.com 2017-11-01T09:57:53+00:00 urn:sha1:f24ffeefb1b7a40366313b0895ed08beb8cc1ed3 The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) (From OE-Core rev: 20d9821e9131c3d715ed629ad38eed802f737056) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: upgrade to 2.4.2 2018-05-07T14:57:44+00:00 Leonardo Sandoval leonardo.sandoval.gonzalez@linux.intel.com 2017-10-12T18:35:23+00:00 urn:sha1:82528b2f84f2d519bb670ee12fa16257192e6fe9 The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) (From OE-Core rev: 4562790471c7e3f3e393cd3e8b77d28ed4196452) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> ruby: upgrade to 2.4.1 2018-05-07T14:57:44+00:00 Leonardo Sandoval leonardo.sandoval.gonzalez@linux.intel.com 2017-05-22T18:47:01+00:00 urn:sha1:5c9e4bbba7c5f604b366815ad5f776c2d6c17b06 (From OE-Core rev: 3ff2d0bc7a8e7a7e8c8e953dc0ccf84d891688ef) (From OE-Core rev: b102521a146197749dc1493307f222cbf0292921) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for pyro context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> libpng: update SRC_URI to use osl 2018-05-07T14:57:43+00:00 Armin Kuster akuster808@gmail.com 2018-04-19T16:00:57+00:00 urn:sha1:cc9ab83f7fa390e42742e18efe56009146c2de0b ERROR: libpng-1.6.28-r0 do_checkuri: Fetcher failure for URL: 'http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz'. URL http://downloads.sourceforge.net/project/libpng/libpng16/1.6.28/libpng-1.6.28.tar.xz doesn't work ERROR: libpng-1.6.28-r0 do_checkuri: Function failed: do_checkuri (From OE-Core rev: c53d61712a50c5243b14b6aa39e034e080fa0bd3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> mpfr: Update SRC_URI to use gnu 2018-05-07T14:57:43+00:00 Armin Kuster akuster808@gmail.com 2018-04-19T15:49:40+00:00 urn:sha1:fd1e91da736a2940d8e19e0ae2cddf760e585519 ERROR: mpfr-native-3.1.5-r0 do_checkuri: Fetcher failure for URL: 'http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz'. URL http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz doesn't work ERROR: mpfr-native-3.1.5-r0 do_checkuri: Function failed: do_checkuri Found gnu has the same copy (From OE-Core rev: 90e50ec8033051367f0c649e354ddf0107be3231) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> byacc: Fic SRC_URI to use yocto sources loc. 2018-05-07T14:57:43+00:00 Armin Kuster akuster808@gmail.com 2018-04-19T15:03:45+00:00 urn:sha1:38f3dc73376816e11e8ae7efff6bcd3631defa53 ERROR: byacc-native-20161202-r0 do_checkuri: Fetcher failure for URL: 'ftp://invisible-island.net/byacc/byacc-20161202.tgz'. URL ftp://invisible-island.net/byacc/byacc-20161202.tgz doesn't work ERROR: byacc-native-20161202-r0 do_checkuri: Function failed: do_checkuri Use the file saved in the Yocto Project sources repos (From OE-Core rev: 210cef54a09daf61e4c4237f9bb3afad161658b3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> libpng: fix MIRRORS usage 2018-05-07T14:57:43+00:00 Ross Burton ross.burton@intel.com 2017-07-28T15:55:55+00:00 urn:sha1:2574cef768575407960301e344408a1f525ac865 MIRRORS needs to be pairs of values for the original URL to match and the location find it on the mirror. (From OE-Core rev: a649f3da630e8ca2d3ca58b610f3918720dd5229) (From OE-Core rev: 1ea5d9f4d2afab924635462a35badfc55bd43c9c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>