openembedded-core.git/meta/recipes-core, branch krogoth Mirror of openembedded-core build-appliance-image: Update to krogoth head revision 2016-11-09T00:06:44+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2016-11-09T00:06:44+00:00 28da89a20b70f2bf0c85da6e8af5d94a3b7d76c9 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is a backport from master of 2 consecutive fixes. 2016-11-08T23:03:21+00:00 Jussi Kukkonen jussi.kukkonen@intel.com 2016-08-30T08:32:07+00:00 e86ab7487450aea7e44ff70b225517dbb056e3b5 First fix commit: 1100af93cb07caf24d568c039d52fb0c80714c30 Second fix commit: b7b2e348716161deb21c9864ac5caa5f1df1fa9c The error these commits fix can prevent Eclipse debugging on certain target configurations. * base-files: Add shell test quoting tty can return "not a tt" which results in warnings when /etc/profile is executed. (From OE-Core rev: eed586dd238efe859442b21b425f04e262bcdb2b) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> * base-files: fix profile error under < /dev/null Previous attempts to constrain execution of `resize` to only TTYs did not properly handle situations when `tty` would return the string "not a tty". The symptom is "/etc/profile: line 34: test: too many arguments". Fix this by utilizing the exit code of `tty`. Also use `case` instead of `cut` to eliminate a subshell. (From OE-Core rev: e67637e4472ff3a1e2801b84ee3d69d4e14b9efc) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
First fix commit:
1100af93cb07caf24d568c039d52fb0c80714c30
Second fix commit:
b7b2e348716161deb21c9864ac5caa5f1df1fa9c

The error these commits fix can prevent Eclipse debugging on
certain target configurations.

* base-files: Add shell test quoting

  tty can return "not a tt" which results in warnings when /etc/profile
  is executed.

  (From OE-Core rev: eed586dd238efe859442b21b425f04e262bcdb2b)

  Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
  Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

* base-files: fix profile error under < /dev/null

  Previous attempts to constrain execution of `resize` to only TTYs did
  not properly handle situations when `tty` would return the string "not a
  tty". The symptom is "/etc/profile: line 34: test: too many arguments".
  Fix this by utilizing the exit code of `tty`. Also use `case` instead of
  `cut` to eliminate a subshell.

  (From OE-Core rev: e67637e4472ff3a1e2801b84ee3d69d4e14b9efc)

  Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
  Signed-off-by: Ross Burton <ross.burton@intel.com>
  Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
dropbear: fix multiple CVEs 2016-11-08T23:03:18+00:00 Sona Sarmadi sona.sarmadi@enea.com 2016-11-02T09:52:11+00:00 cca372506522c1d588f9ebc66c6051089743d2a9 CVE-2016-7406 CVE-2016-7407 CVE-2016-7408 CVE-2016-7409 References: https://matt.ucc.asn.au/dropbear/CHANGES http://seclists.org/oss-sec/2016/q3/504 [YOCTO #10443] Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2016-7406
CVE-2016-7407
CVE-2016-7408
CVE-2016-7409

References:
https://matt.ucc.asn.au/dropbear/CHANGES
http://seclists.org/oss-sec/2016/q3/504

[YOCTO #10443]

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
glibc: fix CVE-2016-1234, CVE-2016-3075, CVE-2016-5417 2016-11-08T23:03:15+00:00 Pascal Bach pascal.bach@siemens.com 2016-10-14T12:26:44+00:00 88be4b40bacc7c8a08fb76fc220f491deb2c1c3a Only relevant for krogoth since version 2.24+ (master, morty) is not affected. Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Only relevant for krogoth since version 2.24+ (master, morty) is not affected.

Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
util-linux: Security fix for CVE-2016-5011 2016-09-23T14:26:31+00:00 Armin Kuster akuster@mvista.com 2016-09-20T04:51:14+00:00 72a8636e3cfdfef8d95fee4af721dd7acaa89ffc affects util-linux < 2.28.2 Signed-off-by: Armin Kuster <akuster@mvista.com> 
affects util-linux < 2.28.2

Signed-off-by: Armin Kuster <akuster@mvista.com>
dropbear: upgrade to 2016.72 2016-09-23T14:26:30+00:00 Sona Sarmadi sona.sarmadi@enea.com 2016-09-14T12:34:38+00:00 5ebac39d1d6dcf041e05002c0b8bf18bfb38e6d3 The upgrade addresses CVE-2016-3116: - Validate X11 forwarding input. Could allow bypass of authorized_keys command= restrictions, found by github.com/tintinweb. Thanks for Damien Miller for a patch. CVE-2016-3116 References: https://matt.ucc.asn.au/dropbear/CHANGES https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
The upgrade addresses CVE-2016-3116:

- Validate X11 forwarding input. Could allow bypass of
  authorized_keys command= restrictions,
  found by github.com/tintinweb.
  Thanks for Damien Miller for a patch. CVE-2016-3116

References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
busybox: Avoid race building libbb 2016-09-23T14:26:21+00:00 Juro Bystricky juro.bystricky@intel.com 2016-09-14T17:05:46+00:00 6c94afadaa3e035bb58755985a9e193cae5e9b34 When building busybox, an occasional error was observed. The error is consistently the same: libbb/appletlib.c:164:13: error: 'NUM_APPLETS' undeclared (first use in this function) while (i < NUM_APPLETS) { The reason is the include file where NUM_APPLETS is defined is not yet generated (or is being modified) at the time libbb/appletlib.c is compiled. The attached patchset fixes the problem by assuring libb is compiled as the last directory. [YOCTO#10116] (From OE-Core rev: a866a05e2c7d090a77aa6e95339c93e3592703a6) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
When building busybox, an occasional error was observed.
The error is consistently the same:

libbb/appletlib.c:164:13: error: 'NUM_APPLETS' undeclared (first use in this function)
  while (i < NUM_APPLETS) {

The reason is the include file where NUM_APPLETS is defined is not yet generated (or is being modified)
at the time libbb/appletlib.c is compiled.
The attached patchset fixes the problem by assuring libb is compiled as the last directory.

[YOCTO#10116]

(From OE-Core rev: a866a05e2c7d090a77aa6e95339c93e3592703a6)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
busybox: fix "sed n (flushes pattern space, terminates early)" testcase failure 2016-09-23T14:26:20+00:00 Dengke Du dengke.du@windriver.com 2016-09-01T09:42:10+00:00 efcd439977d111b10bd2c74ff3bc4fa30d8b394d It is a busybox upstream known bug. When the busybox sed sub-command 'n' hit the files EOF, it print an extra character that have been printed, but the GNU sed would not print it. In busybox source code ../editors/sed.c ------------------------------------------------------------------------ case 'n': if (!G.be_quiet) sed_puts(pattern_space, last_gets_char); if (next_line) { free(pattern_space); pattern_space = next_line; last_gets_char = next_gets_char; next_line = get_next_line(&next_gets_char, &last_puts_char, last_gets_char); substituted = 0; linenum++; break; } /* fall through */ /* Quit. End of script, end of input. */ case 'q': /* Exit the outer while loop */ free(next_line); next_line = NULL; goto discard_commands; ------------------------------------------------------------------------ when read at the end of the file, the 'next_line' is null, it would go "case 'q'" and goto discard_commands, the discard_commands would print the old pattern space which have been printed. So in order to comply with GNU sed, in case 'n', when the next_line is null I add "else" at the end of the second "if": "goto again;" and send it to the busybox upstream, the busybox maintainer adopt it and make a little changes to the patch, we can see it at: His reply: http://lists.busybox.net/pipermail/busybox/2016-September/084613.html The new patch on busybox master branch: https://git.busybox.net/busybox/commit/?id=76d72376e0244a5cafd4880cdc623e37d86a75e4 (From OE-Core rev: 5a680c267454d7c135c4bfe4e551a780f38a5087) Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
It is a busybox upstream known bug. When the busybox sed sub-command 'n'
hit the files EOF, it print an extra character that have been printed, but
the GNU sed would not print it.

In busybox source code ../editors/sed.c
------------------------------------------------------------------------
    case 'n':
        if (!G.be_quiet)
                sed_puts(pattern_space, last_gets_char);
            if (next_line) {
                    free(pattern_space);
                    pattern_space = next_line;
                    last_gets_char = next_gets_char;
                    next_line = get_next_line(&next_gets_char, &last_puts_char, last_gets_char);
                    substituted = 0;
                    linenum++;
                    break;
            }
            /* fall through */

    /* Quit.  End of script, end of input. */
    case 'q':
        /* Exit the outer while loop */
            free(next_line);
            next_line = NULL;
            goto discard_commands;
------------------------------------------------------------------------
when read at the end of the file, the 'next_line' is null, it would go
"case 'q'" and goto discard_commands, the discard_commands would print
the old pattern space which have been printed.

So in order to comply with GNU sed, in case 'n', when the next_line is null
I add "else" at the end of the second "if": "goto again;" and send it to
the busybox upstream, the busybox maintainer adopt it and make a little
changes to the patch, we can see it at:

His reply:

	http://lists.busybox.net/pipermail/busybox/2016-September/084613.html

The new patch on busybox master branch:

	https://git.busybox.net/busybox/commit/?id=76d72376e0244a5cafd4880cdc623e37d86a75e4

(From OE-Core rev: 5a680c267454d7c135c4bfe4e551a780f38a5087)

Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
initramfs-live-boot: Make sure we kill udev before switching root when live booting 2016-09-23T14:25:58+00:00 Alejandro Hernandez alejandro.hernandez@linux.intel.com 2016-07-26T22:10:02+00:00 e5190cdcf4efe5e80967bded13ef8e530811b0ec When live booting, we need to make sure the running udev processes are killed to avoid unexepected behavior, we do this just before switching root, once we do, a new udev process will be spawned from init and will take care of whatever work was still missing [YOCTO #9520] (From OE-Core rev: e88d9e56952414e6214804f9b450c7106d04318d) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
When live booting, we need to make sure the running udev processes are killed
to avoid unexepected behavior, we do this just before switching root,
once we do, a new udev process will be spawned from init and will take care
of whatever work was still missing

[YOCTO #9520]

(From OE-Core rev: e88d9e56952414e6214804f9b450c7106d04318d)

Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
busybox: Add parallel make fix 2016-09-23T14:25:51+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2016-08-19T15:28:17+00:00 e3cca9da7e7a7f10db708f39097e1d8700f8ba2d We're seeing regular parallel make failures in applet headers in busybox. This adds a patch to try and avoid the issue, building upon a fix already backported from upstream. The patch has been sent to upstream. [YOCTO #10116] (From OE-Core rev: 199cef0e8a50b20d0ee6fefd1d4cf3372eba7728) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
We're seeing regular parallel make failures in applet headers in busybox.
This adds a patch to try and avoid the issue, building upon a fix already
backported from upstream. The patch has been sent to upstream.

[YOCTO #10116]

(From OE-Core rev: 199cef0e8a50b20d0ee6fefd1d4cf3372eba7728)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>