summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ruby: Security fix for CVE-2017-14033Rajkumar Veer2017-11-212-0/+90
| | | | | | | | | | affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 (From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9229Thiruvadi Rajaraman2017-11-212-0/+37
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Secruity fix for CVE-2017-9226Thiruvadi Rajaraman2017-11-212-0/+34
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9228Thiruvadi Rajaraman2017-11-212-0/+27
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2017-9227Thiruvadi Rajaraman2017-11-212-0/+25
| | | | | | | | | | affects ruby < 2.4.1 (From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Security fix for CVE-2016-7798Thiruvadi Rajaraman2017-11-212-1/+167
| | | | | | | | | | affectes ruby < 2.3.1 (From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2017-1000101Rajkumar Veer2017-11-212-0/+95
| | | | | | | | | | | Affected versions: curl 7.34.0 to and including 7.54.1 Not affected versions: curl < 7.34.0 and >= 7.55.0 (From OE-Core rev: 3cd67ae472cf163a592aac6ca783e451068fca0c) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2017-1000100Rajkumar Veer2017-11-212-0/+48
| | | | | | | | | | | Affected versions: libcurl 7.15.0 to and including 7.54.1 Not affected versions: libcurl < 7.15.0 and >= 7.55.0 (From OE-Core rev: 2ad0d34313b30f3f18d2f15879294fab310aa874) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-9586Thiruvadi Rajaraman2017-11-212-0/+67
| | | | | | | | | | | Affected versions: libcurl 7.1 to and including 7.51.0 Not affected versions: libcurl >= 7.52.0 (From OE-Core rev: 559ccc284987846c5b266cc2bc5ecd91c1c155f9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8624Thiruvadi Rajaraman2017-11-212-0/+69
| | | | | | | | | | | Affected versions: curl 7.1 to and including 7.50.3 Not affected versions: curl >= 7.51.0 (From OE-Core rev: 26e464767ab53cb78e4ede10c77fe12907a7daad) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8617Thiruvadi Rajaraman2017-11-212-0/+31
| | | | | | | | | | | Affected versions: curl 7.1 to and including 7.50.3 Not affected versions: curl >= 7.51.0 (From OE-Core rev: 3b73976716ee71a8040221f22c5fbda79512a958) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8623Thiruvadi Rajaraman2017-11-212-0/+175
| | | | | | | | | | | Affected versions: curl 7.10.7 to and including 7.50.3 Not affected versions: curl < 7.10.7 and curl >= 7.51.0 (From OE-Core rev: 2da99dc9f7f3d8373cc3108c18300723ad4a243a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8621Thiruvadi Rajaraman2017-11-212-0/+105
| | | | | | | | | | | Affected versions: curl 7.12.2 to and including 7.50.3 Not affected versions: curl < 7.12.2 and curl >= 7.51.0 (From OE-Core rev: d664a1372c3322093038fc8443026e3499e977ec) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8620Thiruvadi Rajaraman2017-11-212-0/+147
| | | | | | | | | | | Affected versions: curl 7.34.0 to and including 7.50.3 Not affected versions: curl < 7.34.0 and curl >= 7.51.0 (From OE-Core rev: daeb0f5369f7c9ff470c9db3ba6ae42ac5abea2c) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8619Thiruvadi Rajaraman2017-11-212-0/+57
| | | | | | | | | | | Affected versions: curl 7.3 to and including 7.50.3 Not affected versions: curl < 7.3 and curl >= 7.51.0 (From OE-Core rev: 3b97fc78d9cfee6586f3d55f04f20f72fd1af8dd) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8618Thiruvadi Rajaraman2017-11-212-0/+50
| | | | | | | | | | | Affected versions: curl 7.1 to and including 7.50.3 Not affected versions: curl >= 7.51.0 (From OE-Core rev: 1fc1c9a11eee2f5ba727b18300a92949b166b035) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2016-8615Thiruvadi Rajaraman2017-11-212-1/+74
| | | | | | | | | | | Affected versions: curl 7.1 to and including 7.50.3 Not affected versions: curl >= 7.51.0 (From OE-Core rev: b754be84206b454789fbd6d444d00a4e422cb3e9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7593Rajkumar Veer2017-11-212-0/+99
| | | | | | | | (From OE-Core rev: ff3904dec584daf627c267bf639d69aca13a1227) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7602Rajkumar Veer2017-11-212-0/+70
| | | | | | | | (From OE-Core rev: 12325a8ebb5cab1837a6f6092eaa623a1a784eb6) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7601Rajkumar Veer2017-11-212-0/+53
| | | | | | | | (From OE-Core rev: ade8551d6a6810e87e83af72ea217aeca55c65c4) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7598Rajkumar Veer2017-11-212-0/+66
| | | | | | | | (From OE-Core rev: 7e367796d4bf97e299ee966b120f924de0f2bb04) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7596Rajkumar Veer2017-11-212-0/+309
| | | | | | | | (From OE-Core rev: 94daee02cad9930d4ada648fd4bfdb63510643c0) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7595Rajkumar Veer2017-11-212-0/+49
| | | | | | | | (From OE-Core rev: 6536bfecb13b06765fdf6cb6fd70ce64f9077b8e) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7594Rajkumar Veer2017-11-213-0/+95
| | | | | | | | (From OE-Core rev: 7bdb52d06a46ad659fc85db1992f9c6ab2fcf065) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2017-7592Rajkumar Veer2017-11-212-1/+42
| | | | | | | | (From OE-Core rev: 75e953388fa1973cdbd0897894a3e5398de16a10) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2016-10270Rajkumar Veer2017-11-212-0/+135
| | | | | | | | (From OE-Core rev: eeb7197d85435ec73be8b77accc0feea7e1536bb) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2016-10269Rajkumar Veer2017-11-212-0/+132
| | | | | | | | (From OE-Core rev: 46504a224a9f33f1f8752bbcd51a285d19920524) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix CVE-2016-10267Rajkumar Veer2017-11-212-0/+71
| | | | | | | | (From OE-Core rev: 87aebc2b02131d2fce0621faf399916c4789c293) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix CVE-2016-10266Rajkumar Veer2017-11-212-0/+61
| | | | | | | | (From OE-Core rev: 3a604aa5cb0d35a9df10a5b958eb4a871de76c26) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix CVE-2016-10268Rajkumar Veer2017-11-212-0/+31
| | | | | | | | (From OE-Core rev: 24b62c84102116e6531babc68d8d2fb33e3f2d5c) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Secruity fix CVE-2016-10093Rajkumar Veer2017-11-212-0/+48
| | | | | | | | (From OE-Core rev: 6e39b24d003fb4e702097a01142fcfe2861593dd) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix for CVE-2016-10271Rajkumar Veer2017-11-212-0/+31
| | | | | | | | (From OE-Core rev: 8fb9a143e93de5a2de4b7d5fe2712c29d7ca4263) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fixesYi Zhao2017-11-215-0/+395
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335 References: https://nvd.nist.gov/vuln/detail/CVE-2017-9147 https://nvd.nist.gov/vuln/detail/CVE-2017-9936 https://nvd.nist.gov/vuln/detail/CVE-2017-10668 https://nvd.nist.gov/vuln/detail/CVE-2017-11335 Patches from: CVE-2017-9147: https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06 CVE-2017-9936: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a CVE-2017-10688: https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1 CVE-2017-11355: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556 (From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3) (From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd) (From OE-Core rev: dc7573cd330d1fc2e4bd50c1ba171906e1d5d5c0) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> minor fixes to get to apply Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: Security Advisory - libtiff - CVE-2017-5225Li Zhou2017-11-212-0/+93
| | | | | | | | | | | | | | | | | | Libtiff is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. Porting patch from <https://github.com/vadz/libtiff/commit/ 5c080298d59efa53264d7248bbe3a04660db6ef7> to solve CVE-2017-5225. (From OE-Core rev: 434990304bdfb70441b399ff8998dbe3fe1b1e1f) (From OE-Core rev: d26ea3b9b698fcb059aaa34c2408e3b95ca4f31d) Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix build of ruby-native with gcc7Joshua Lock2017-11-212-0/+34
| | | | | | | | | | | | | | | Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change fix in Ruby SVN r57410 to apply to ruby 2.2.5: https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410 Fixes [YOCTO #12271] (From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated Doc set to 2.2.3Scott Rifenbark2017-11-1210-25/+65
| | | | | | | | | | | Poky.ent - variables changed <manual>.xml - Updated manual revision table mega-manual.sed - updated 2.2.2 to 2.2.3 (From yocto-docs rev: 4566d401f58f4532b71747c8fe8a486d1091a371) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: Replace deprecated git branch parameter "--set-upstream"Andre Rosa2017-11-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | Since 2017-08-17 (git version 2.14.1.473.g3ec7d702a) using deprecated git branch parameter "--set-upstream" causes a fetcher error. Replace it by "--set-upstream-to". https://git.kernel.org/pub/scm/git/git.git/commit/?id=52668846ea2d41ffbd87cda7cb8e492dea9f2c4d says, it's deprecated since 2012-08-30 so hopefully all still supported host distributions have new enough git to support "--set-upstream-to". ERROR: PACKAGE do_unpack: Fetcher failure: ...; git -c core.fsyncobjectfiles=0 branch --set-upstream master origin/master failed with exit code 128, output: fatal: the '--set-upstream' option is no longer supported. Please use '--track' or '--set-upstream-to' instead. ERROR: PACKAGE do_unpack: Function failed: base_do_unpack (Bitbake rev: 991b533f1d61042a7b3edd1fbf3dea0bf9991606) Signed-off-by: Andre Rosa <andre.rosa@lge.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa_supplicant: fix WPA2 key replay security bugRoss Burton2017-10-162-0/+940
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA2 is vulnerable to replay attacks which result in unauthenticated users having access to the network. * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake * CVE-2017-13078: reinstallation of the group key in the Four-way handshake * CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake * CVE-2017-13080: reinstallation of the group key in the Group Key handshake * CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake * CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame Backport patches from upstream to resolve these CVEs. (From OE-Core rev: c79b479ab4b129007c6679bb0bdd8e2ec7ecb6ad) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yotoc/4.1: update to 4.1.43 plus CVE-2017-1000251Armin Kuster2017-10-101-10/+10
| | | | | | | (From meta-yocto rev: 95560bdc6414069ad2679f366fbf3a9946815d72) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* hostap-utils: use w1.fi for SRC_URIMaxin B. John2017-10-101-3/+2
| | | | | | | | | | | | | | | | | | | | | epitest.fi is down and hostap-utils source is now available in w1.fi. So, move SRC_URI to https://w1.fi Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards, this recipe will be removed from oe-core in future (most likely to meta-handheld) [YOCTO #12051] (From OE-Core rev: 541b14c58132e8460a762617889bd5e3d736c1a4) (From OE-Core rev: 0bc03289b775fefcb7f03e5463c79e4f96cd0b12) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yotoc/4.8: update to 4.8.25 plus CVE-2017-1000251Armin Kuster2017-10-101-10/+10
| | | | | | | (From meta-yocto rev: 3a7bbdd637481afd6da47a4084c2dc7cac5836f4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yotoc/4.4: update to 4.4.87 plus CVE-2017-1000251Armin Kuster2017-10-101-10/+10
| | | | | | | (From meta-yocto rev: d642307afcc35f1ba01af5e5c3acd0848c93090b) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* diffstat: use HTTP mirror for SRC_URIRoss Burton2017-10-101-1/+1
| | | | | | | | | | | | | | The Invisible Mirror FTP service is currently down, and FTP is horrible, so switch to the HTTP mirror. (From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d) (From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* v86d: take tarball from debianAlexander Kanavin2017-10-101-3/+3
| | | | | | | | | | | | | | Gentoo is removing the package due to dead upstream; Debian might carry it for a while longer. (From OE-Core rev: 5026730a2f0701ebad4ddf57990b1ae3b484ae72) (From OE-Core rev: ac16b6d3a734de2e2ea3e491d23817774a3e57f6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpng: lsb version 1.2.56 url fixArmin Kuster2017-10-101-4/+2
| | | | | | | | | The mirrors are not working so remove them. Simplify the SRC_URI as the archive in only in the older-releases dir. (From OE-Core rev: 889cc3404255e9ba920909e90fbf3ab846a5d97a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpng: use SourceForge mirrorRoss Burton2017-10-101-2/+4
| | | | | | | | | | | | | | | | | | | | The Gentoo mirror also deletes old versions when they're not used, so revert back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to handle new releases moving the version we want. Original idea by Maxin B. John <maxin.john@intel.com>. (From OE-Core rev: 791a3493c88c9c249f21f6d893b2061e1d8a0af6) (From OE-Core rev: 16af873638830477a435574f1fedc643af2e2661) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Hand applied to work with morty version Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sign_rpm.bbclass: force rpm serial signingLeonardo Sandoval2017-10-101-0/+6
| | | | | | | | | | | | | | | Newer versions of gpg (at least 2.1.5 and 2.2.1) have issues when signing occurs in parallel so (unfortunately) the signing must be done serially. Once the upstream problem is fixed, this patch must be reverted, otherwise we loose all the intrinsic parallelism from bitbake. [YOCTO #12022] (From OE-Core rev: 3aced3783b808449cd50f12684c061151861a1a5) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/cases/signing: ignore removal errors when cleaning temporary gpg ↵Leonardo Sandoval2017-10-101-2/+5
| | | | | | | | | | | | | | | | | | | | | | | directory The high-level method tempfile.TemporaryDirectory give us no way to ignore erros on removal thus use tempfile.mkdtemp instead. Ignoring possible issues on removal is neccesary because it contains gpg sockets that are automatically removed by the system once the process terminates, otherwise the following log is observed: .. .. File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd os.unlink(name, dir_fd=topfd) FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.browser' [YOCTO #11821] (From OE-Core rev: e7f139c5d97a3871215c88c5bfc07ecf4e8fd7f3) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lunux-yocto/4.8: update to 4.8.25 plus bluetooth: CVE-2017-1000251Armin Kuster2017-10-103-16/+16
| | | | | | | (From OE-Core rev: fdb9c64f225eaf94c9087dfac52ed6a7779b0744) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.4: update to 4.4.87 plus bluetooth: CVE-2017-1000251Armin Kuster2017-10-103-16/+16
| | | | | | | (From OE-Core rev: aadd6461cfd2d296df79efc253b7edbbe80f40f0) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 17:12:06 +0000