summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* python3: python3: Fix build error x86->x86Ricardo Ribalda Delgado2019-11-182-0/+27
| | | | | | | | | | | | | | | | | | | | | When building x86->x86 the system will try to execute .so and related items from the default PYTHONPATH. This will fail if the target CPU contains instructions that the host CPU does not have, add CROSSPYTHONPATH into PYTHONPATH so we can prepend the list to find correct libs. Fixes: Illegal instruction (core dumped) Makefile:625: recipe for target 'sharedmods' failed make: *** [sharedmods] Error 132 make: *** Waiting for unfinished jobs.... (From OE-Core rev: 2f8086ce87bbb62ef971be4da80c2c2b9d8c9c66) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix build on softfloat mipsMatthias Schoepfer via Openembedded-core2019-11-182-0/+202
| | | | | | | | | | | | | | | | This patch originally only meant to correct the python3 build for mips with softfloat, as the original test only checked for mips hardfloat. Replaced custom C Program for triplet detection with autotools triplet detection. (From OE-Core rev: f3326309c7c22a6034917f6eee21908c61f44a2f) Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix do_install fail for parallel buiildChangqing Li2019-11-182-0/+35
| | | | | | | | | | | | | | | When using make -j with the 'install' target, it's possible for altbininstall (which normally creates BINDIR) and libainstall (which doesn't, though it installs python-config there) to race, resulting in a failure due to attempting to install python-config into a nonexistent BINDIR. Ensure it also exists in the libainstall target. (From OE-Core rev: dc84f40fd485863fb6c77e641d76135b21867d39) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-meson: Remove some unused variablesPeter Kjellerstedt2019-11-181-5/+0
| | | | | | | | | (From OE-Core rev: ec563bf0009e1124adb966130f610b9df291fa19) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: Backport patch to handle strings in cross file argsPeter Kjellerstedt2019-11-182-0/+88
| | | | | | | | | | | | This allows <language>_args and <language>_link_args properties, e.g., c_link_args, in meson.cross to be specified as either a string or a list. (From OE-Core rev: 1913e688ad95d465e9b9d16ad57f2bdef2b50d93) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go-1.12: update to 1.12.9 minor releaseKhem Raj2019-11-181-3/+3
| | | | | | | (From OE-Core rev: 03b303dbc92521606ff4051bd253f8acc01fd9e5) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: Upgrade 1.12.5 -> 1.12.6Adrian Bunk2019-11-181-3/+3
| | | | | | | (From OE-Core rev: 8dfe441fd3ad46732c2775b817de1a0d816a87e4) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: update 1.12.1->1.12.5Alexander Kanavin2019-11-181-3/+3
| | | | | | | (From OE-Core rev: 4e642e6f7b6e51c64e990b74aff3d84b78cd894e) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: update to 3.1.1.1Armin Kuster2019-10-3014-798/+2
| | | | | | | | | | | | | bug fix only update. Drop patches included in update. For full set of changes, see: https://git.qemu.org/?p=qemu.git;a=shortlog;h=refs/tags/v3.1.1.1 (From OE-Core rev: 14f04e6b6c1fa40a1c39cd186627b4b8442f2d5e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: fix CVE-2019-16276Chen Qi2019-10-302-0/+164
| | | | | | | | | | | | (From OE-Core rev: 5fc9b154754e67553296a00a39ed16ab6a1d59de) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e31f87e289dfd3bbca961e927447a9c7ba816d3f) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit e02e8fa2e82cceaaa6a433466f52f97b0984762a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: Fix CVE-2019-10160Changqing Li2019-10-302-0/+82
| | | | | | | | | | | | (From OE-Core rev: 23d48f2bea2d358bd8d7d4efd07792bc1f3666bd) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit b4240b585d7fcac2fdbf33a8e72d48cb732eb696) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 10d87a3085665a959a5fda64ae3895cb27ddf343) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: CVE-2019-16056Chen Qi2019-10-302-0/+91
| | | | | | | | | | | (From OE-Core rev: 49ff6c7ef1d366007c49083f4e5faaf5a9eb086f) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 27be9cf71a6fe906a23e81b56f1cc18a6fc9ef97) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: add tk-lib as runtime dependency for python-tkinterYi Zhao2019-10-302-2/+2
| | | | | | | | | | | | | | | | Fixes: ERROR: python-2.7.16-r0 do_package_qa: QA Issue: /usr/lib/python2.7/lib-dynload/_tkinter.so contained in package python-tkinter requires libtk8.6.so, but no providers found in RDEPENDS_python-tkinter? [file-rdeps] (From OE-Core rev: f83ecbabb911c46de77708ede759a0b768928ea2) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit f78248a2380bbbbf271b5bb02c762f5bc7a3a92e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: include CVE patches for python-native as wellAnuj Mittal2019-10-302-5/+5
| | | | | | | | | | | | Also avoids maintaining a different set of patches for both. (From OE-Core rev: e73d5bb4a21497ed645e2a0a4b88c2eeaf65080a) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b3b1c00cc46b33ddbf7e008267032220e1e298af) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: Fix native patch to python3Ricardo Ribalda Delgado2019-10-081-1/+1
| | | | | | | | | | | | | | | | | Fixes: File "/workdir/build/tmp/work/dbfp4-poky-linux/qv4l2/1.17.0+gitAUTOINC+95f39aae48-r0/recipe-sysroot-native/usr/lib/python3.7/site-packages/mesonbuild/dependencies/base.py", line 574, in _call_pkgbin cache[(self.pkgbin, targs, fenv)] = self._call_pkgbin_real(args, env, use_native) File "/workdir/build/tmp/work/dbfp4-poky-linux/qv4l2/1.17.0+gitAUTOINC+95f39aae48-r0/recipe-sysroot-native/usr/lib/python3.7/site-packages/mesonbuild/dependencies/base.py", line 556, in _call_pkgbin_real cmd = self.pkgbin.get_command() + "-native" + args TypeError: can only concatenate list (not "str") to list (From OE-Core rev: 9051c10e46960a357f0339e347618f5d83923fe4) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix build issue on new hosts with glibc 2.30Armin Kuster2019-10-083-0/+146
| | | | | | | | | | | | | | | | | | | | | | This fixes the following error: TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:254:16: error: static declaration of ‘gettid’ follows non-static declaration 254 | _syscall0(int, gettid) | ^~~~~~ TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:185:13: note: in definition of macro ‘_syscall0’ 185 | static type name (void) \ | ^~~~ In file included from /usr/include/unistd.h:1170, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/include/qemu/osdep.h:90, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20: /usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here 34 | extern __pid_t gettid (void) __THROW; | ^~~~~~ (From OE-Core rev: fbedc2d73ff472c89ba273a890408f93015e8f17) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Fix CVE-2019-8934Dan Tran2019-10-082-0/+216
| | | | | | | | | (From OE-Core rev: 7f13e4e9ef51bf62729a9a955967aa4752d0d2e8) Signed-off-by: Dan Tran <dantran@microsoft.com> [Fix up against lastest warrior] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* json-c: Don't --enable-rdrandAdrian Bunk2019-10-081-2/+0
| | | | | | | | | | | | | | | | | | | | | In recent years AMD CPUs have had various problems with RDRAND giving either non-random data or no result at all, which is problematic if either build or target machine has a CPU with this problem. The fallback is /dev/urandom, and I'd trust the kernel here. --enable-rdrand was added in an upgrade to a new upstream version without mentioning any reason. [YOCTO #13534] (From OE-Core rev: 07b19cd9ef127ec87f727e154eda62272a828275) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.7.3 -> 3.7.4Anuj Mittal2019-10-082-154/+2
| | | | | | | | | | | | | | | | Also fixes CVE-2019-9740, CVE-2019-9948. For details, see: https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-4-final (From OE-Core rev: 6b7604c536a7a2da99490a7550f997a8e35ca043) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ Backported patch removed. ] Signed-off-by: Adrian Bunk <bunk@stusta.de> [Bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: update to 3.7.3Alexander Kanavin2019-10-085-285/+5
| | | | | | | | | | | | | | License-update: copyright years (From OE-Core rev: 845b9a4ed2b83d716688a7b0d8bf13f37e79a025) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ Backported patches removed. ] Signed-off-by: Adrian Bunk <bunk@stusta.de> [Bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: backport rewrite from masterRoss Burton2019-09-306-565/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As detailed at [1] the XML feeds provided by NIST are being discontinued on October 9th 2019. As cve-check-tool uses these feeds, cve-check.bbclass will be inoperable after this date. To ensure that cve-check continues working, backport the following commits from master to move away from the unmaintained cve-check-tool to our own Python code that fetches the JSON: 546d14135c5 cve-update-db: New recipe to update CVE database bc144b028f6 cve-check: Remove dependency to cve-check-tool-native 7f62a20b32a cve-check: Manage CVE_PRODUCT with more than one name 3bf63bc6084 cve-check: Consider CVE that affects versions with less than operator c0eabd30d7b cve-update-db: Use std library instead of urllib3 27eb839ee65 cve-check: be idiomatic 09be21f4d17 cve-update-db: Manage proxy if needed. 975793e3825 cve-update-db: do_populate_cve_db depends on do_fetch 0325dd72714 cve-update-db: Catch request.urlopen errors. 4078da92b49 cve-check: Depends on cve-update-db-native f7676e9a38d cve-update-db: Use NVD CPE data to populate PRODUCTS table bc0195be1b1 cve-check: Update unpatched CVE matching c807c2a6409 cve-update-db-native: Skip recipe when cve-check class is not loaded. 07bb8b25e17 cve-check: remove redundant readline CVE whitelisting 5388ed6d137 cve-check-tool: remove 270ac00cb43 cve-check.bbclass: initialize to_append e6bf9000987 cve-check: allow comparison of Vendor as well as Product 91770338f76 cve-update-db-native: use SQL placeholders instead of format strings 7069302a4cc cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELIST 78de2cb39d7 cve-update-db-native: Remove hash column from database. 4b301030cf9 cve-update-db-native: use os.path.join instead of + f0d822fad2a cve-update-db: actually inherit native b309840b6aa cve-update-db-native: use executemany() to optimise CPE insertion bb4e53af33d cve-update-db-native: improve metadata parsing 94227459792 cve-update-db-native: clean up JSON fetching 95438d52b73 cve-update-db-native: fix https proxy issues 1f9a963b9ff glibc: exclude child recipes from CVE scanning [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement (From OE-Core rev: 8c87e78547c598cada1bce92e7b25d85b994e2eb) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Security fix for CVE-2019-15847Armin Kuster2019-09-304-0/+646
| | | | | | | | | | | Affects <= 9.2.0 Dropped Changelog changes (From OE-Core rev: a579b111349fd9ad91b2d40a51f194fd25af723a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-8.3: Security fix for CVE-2019-14250Armin Kuster2019-09-302-0/+45
| | | | | | | | | | Affects < 9.2 (From OE-Core rev: 125c77be468adf8b3be8d00f99d80bd77f7d2e1e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix mips patch which changes default emulationNathan Rossi2019-09-301-6/+3
| | | | | | | | | | | | | | The patch incorrectly removes 'mips_elf32_ntrad_le_vec' from the 'targ_selvecs' replacing it with duplicate entries for 'mips_elf32_ntrad_be_vec'. Correct this so that the default binutils can still handle 'mips_elf32_ntrad_le_vec' binaries. (From OE-Core rev: 21c59450d1c891dadfe1484337bd0a6007a4aa01) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: CVE-2018-12886Zhixiong Chi2019-09-302-0/+814
| | | | | | | | | | | | | Backprot CVE patch from the upstream: https://github.com/gcc-mirror/gcc.git [commit f98495d] https://nvd.nist.gov/vuln/detail/CVE-2018-12886 (From OE-Core rev: a3b083f8b2566bdb4e6b7db15d2a1e000bda57dd) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: reduce the variables in symtabZhixiong Chi2019-09-302-0/+95
| | | | | | | | | | | | | | | | Backport the patch from upstream: https://github.com/gcc-mirror/gcc.git [commit beb921e] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=269925 Add the premark_used_variables function, meanwhile do not mark not premarked external variables in prune_unused_types_walk. (From OE-Core rev: 7edf5725631e69c22627e41ecf5de3222f1d624b) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-14250 CVE-2019-14444Anuj Mittal2019-09-303-0/+63
| | | | | | | | (From OE-Core rev: 41579d569738a23b80d4599fd6ec082488c6cfee) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: backport fix for builds with -Werror=return-typeMartin Jansa2019-09-302-0/+85
| | | | | | | | (From OE-Core rev: 0ccf907992a0e3560897ac300ee6b1352d969c42) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Use less as pagerRicardo Ribalda Delgado2019-09-302-0/+22
| | | | | | | | | | | | | | | | | | | Debian traditionaly uses /usr/bin/pager as the system pager, which is a link to the user preferred pager. This is a Debianism. Without this patch: root@qt5122:~# dpkg -l sh: pager: command not found dpkg-query: error: showing package list on pager subprocess returned error exit status 127 (From OE-Core rev: 51fb10275cd9013e3c5fcb94f88e3529e2b8f069) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: backport fixesAnuj Mittal2019-09-303-0/+175
| | | | | | | | | | | | | | The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 (From OE-Core rev: 1a3527231d3c0fa42d16c5b1980c07d68105fea2) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2019-13638Trevor Gamblin2019-09-302-0/+45
| | | | | | | | | | | (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) (From OE-Core rev: 87106ff3f2d24b58a90767e288f783aa92c25748) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rsync: fix CVEs for included zlibAnuj Mittal2019-09-305-0/+393
| | | | | | | | | | | | | | | | | | | | rsync includes its own copy of zlib and doesn't recommend linking with the system version [1]. Import CVE fixes that impact zlib version 1.2.8 [2] that is currently used by rsync. [1] https://git.samba.org/rsync.git/?p=rsync.git;a=blob;f=zlib/README.rsync [2] https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3agnu%3azlib%3a1.2.8 (From OE-Core rev: a55fbb4cb489853dfb0b4553f6e187c3f3633f48) (From OE-Core rev: 93ce13106abc05f4a68a6265590e3770f0bf49a2) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2018-20815Armin Kuster2019-09-302-0/+39
| | | | | | | | (From OE-Core rev: 0b73e48c64cb8e651c81b19ddabdd108e4024697) Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: add a patch fixing the native build on newer kernelsBartosz Golaszewski2019-09-302-0/+340
| | | | | | | | | | | | | The build fails on qemu-native if we're using kernels after commit 0768e17073dc527ccd18ed5f96ce85f9985e9115. This adds an upstream patch that fixes the issue. (From OE-Core rev: a898245271e8d5c5a5b11041fc0442ac60931ee9) Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2019-9740Anuj Mittal2019-09-302-0/+152
| | | | | | | | | | | | CVE-2019-9947 is same as CVE-2019-9740 and mark it as such. See: https://bugs.python.org/issue30458 (From OE-Core rev: 86626171f5a8734c96e9b683f6fec5b779cd20e9) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2019-13636Anuj Mittal2019-09-302-0/+114
| | | | | | | | (From OE-Core rev: 78193d3037c5ce7333b344e651c78e6e2e5ca371) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: fix CVE-2019-9740Anuj Mittal2019-09-302-0/+216
| | | | | | | | | | | (From OE-Core rev: 8eddac3305b7b428565103cde88cba444e3f0dd0) (From OE-Core rev: feb8ba6821da5c5ccb7b3f9d71eb9f8859006d23) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2019-9070 is same as CVE-2019-9071Anuj Mittal2019-09-301-0/+1
| | | | | | | | | | | | | | | See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395 (From OE-Core rev: cef180de3684491f1ac4180ddbcc102121222181) (From OE-Core rev: 789be0bd85bfcd6ee27d68fa53f67bd221f8286b) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: fix CVE-2019-12972 CVE-2019-9071Anuj Mittal2019-09-303-0/+217
| | | | | | | | | | | (From OE-Core rev: 093f0914f261a27d58ecba9c1e9d3b78a35af012) (From OE-Core rev: 9422bf471953c8e548a369574d960791ceb28a24) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2018-20852 CVE-2019-9636Anuj Mittal2019-07-293-0/+280
| | | | | | | (From OE-Core rev: eb415873caad54dbf332f9ebf5f3164da3459953) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/lib+scripts: Convert to SPDX license headersRichard Purdie2019-06-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This adds SPDX license headers in place of the wide assortment of things currently in our script headers. We default to GPL-2.0-only except for the oeqa code where it was clearly submitted and marked as MIT on the most part or some scripts which had the "or later" GPL versioning. The patch also drops other obsolete bits of file headers where they were encoountered such as editor modelines, obsolete maintainer information or the phrase "All rights reserved" which is now obsolete and not required in copyright headers (in this case its actually confusing for licensing as all rights were not reserved). More work is needed for OE-Core but this takes care of the bulk of the scripts and meta/lib directories. The top level LICENSE files are tweaked to match the new structure and the SPDX naming. (From OE-Core rev: 3248a9e3c5a197321b1c4417509b9309cc3bae97) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* strace: Tweak ptest disk space managementRichard Purdie2019-06-072-0/+20
| | | | | | | | | | | If the test is successful, remove the log and exp files. This stops strace using around 600MB of disk space and running our ptest images out of space. (From OE-Core rev: 4b1e917ed4e9921d9f165722c6cd33c9b1c08e20) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl/modules: Add various missing ptest perl module dependenciesRichard Purdie2019-06-074-1/+9
| | | | | | | | | | | Whilst not complete, this resolves some module dependency failures being seen by various lib*-perl ptests and in quilt. (From OE-Core rev: 3f5f91a2a1f3ebb8151834ce4223dcd33f363803) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl-rdepends: Add missing module dependenciesRichard Purdie2019-06-071-0/+2
| | | | | | | | | | Adding these fixes the acl and attr ptests to work within minimal images. (From OE-Core rev: 914d2967e04bcf76e1aef07392527ea3c2d257e7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packagesRichard Purdie2019-06-071-1/+1
| | | | | | | | | | | | | This solves ptest runtime errors where make was missing causing the ptests to fail. (From OE-Core rev: 47bcd4dec32e87b7353b079f63931d11cd0568e6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for warrior context] [Dropped ptest fixes for pkg w/o ptests in warrior] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: add a fix for CVE-2019-9948 and CVE-2019-9636Martin Jansa2019-06-075-1/+254
| | | | | | | | | (From OE-Core rev: 6c8994a6ae8860c4b27d8ec990344c6b099cc685) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: update to 2.7.16Alexander Kanavin2019-06-0710-486/+29
| | | | | | | | | | | | | Drop backported patches License-update: copyright years (From OE-Core rev: 0fec1d486a3ef663dc4bbab76e5ec0ed646f23e4) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* run-postinsts: Fix full execution of scripts at first bootAlejandro Enedino Hernandez Samaniego2019-06-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | run-postinsts runs a given set of scripts during the first boot of the device, when one of these scripts prints something to stdout (isnt daemonized correctly), since stdout is not available at that time, the script execution immediately returns with an error (exit_group()), this error causes the script to terminate all threads within the process, causing undesired behavior since the script might still had to execute some other code. Replace eval built-in with (), since () executes in a subshell, even if one of the scripts exits, all threads of that process will only be within that session, this ensures other scripts meant to be run are still run afterwards. [YOCTO #13266] (From OE-Core rev: 9d1cb1b38f22cb3ab93ac8b431601df12f76dc22) Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: Fix aarch64 build with muslPaul Barker2019-05-202-0/+53
| | | | | | | | | (From OE-Core rev: 334fb1db7bcf7456c9db263080cd281571c512dd) Signed-off-by: Paul Barker <paul@betafive.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: set CVE_PRODUCTChen Qi2019-05-201-0/+2
| | | | | | | | | (From OE-Core rev: 6694be65f542eb35f4d1ed432d7ae89d7f1453cd) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 20:10:29 +0000