openembedded-core.git/meta/recipes-core, branch morty Mirror of openembedded-core build-appliance-image: Update to morty head revision 2017-02-08T12:00:29+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2017-02-08T12:00:29+00:00 55c835c73cc41b6fc809c941c295d62a612e49e0 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
zlib: update SRC_URI to fix fetching 2017-01-11T23:28:50+00:00 Joshua Lock joshua.g.lock@intel.com 2017-01-05T16:34:23+00:00 b7599330f1d629384e16a5fbeffc1a65c1555667 Upstream have removed the file from zlib.net as a new version has been released, switch to fetching from the official sourceforge mirror. [YOCTO #10879] (From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Upstream have removed the file from zlib.net as a new version has
been released, switch to fetching from the official sourceforge
mirror.

[YOCTO #10879]

(From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8)

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
build-appliance-image: Update to morty head revision 2017-01-11T17:26:48+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2017-01-11T17:26:48+00:00 ae3513b8e752d0dc1757fbfc681f644a3f2855b0 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: Fix more NULL pointer derefs 2017-01-11T11:46:53+00:00 Andrej Valek andrej.valek@siemens.com 2016-12-12T13:20:21+00:00 401d552f9e4ed3341e42864e566dddb2b26019dc The NULL pointer dereferencing could produced some security problems. This is a preventive security fix. (From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.

(From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
libxml2: fix CVE-2016-4658 Disallow namespace nodes in XPointer points and ranges 2017-01-11T11:46:53+00:00 Andrej Valek andrej.valek@siemens.com 2016-12-12T13:20:20+00:00 cf810d5cc17cb6b9f53d21a404c89afe372accb7 Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. (From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.

(From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
libxml2: Necessary changes before fixing CVE-2016-5131 2017-01-11T11:46:53+00:00 Andrej Valek andrej.valek@siemens.com 2016-12-12T13:20:19+00:00 68b0f3a0bf8dfdf49be4aed1745a7f50662c555d xpath: - Check for errors after evaluating first operand. - Add sanity check for empty stack. - Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes (From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
xpath:
 - Check for errors after evaluating first operand.
 - Add sanity check for empty stack.
 - Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes

(From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
glibc: Enable backtrace from abort on ARM 2017-01-11T11:46:52+00:00 Yuanjie Huang yuanjie.huang@windriver.com 2016-12-09T17:49:34+00:00 b0e6a6048fa09dceac78bf8c46d484690ff5b098 ARM stack frames for abort and raise were limited to the the actual abort and raise call, such as: Obtained 4 stack frames. ./test-app(print_trace+0x1c) [0x10a08] ./test-app() [0x10b3c] /lib/libc.so.6(__default_sa_restorer+0) [0x4adae1e0] /lib/libc.so.6(gsignal+0xa0) [0x4adacf74] This is not terribly useful when trying to figure out what function may have called called the abort, especially when using pthreads. After the change the trace would now look like: Obtained 8 stack frames. ./test-app(print_trace+0x1c) [0x10a08] ./test-app() [0x10b3c] /lib/libc.so.6(__default_sa_restorer+0) [0x4befe1e0] /lib/libc.so.6(gsignal+0xa0) [0x4befcf74] /lib/libc.so.6(abort+0x134) [0x4befe358] ./test-app(dummy_function+0x50) [0x10adc] ./test-app(main+0xd4) [0x10c24] /lib/libc.so.6(__libc_start_main+0x114) [0x4bee7a58] (From OE-Core rev: 93bf8713d8e13c278543baea94fb8dad0cb80e49) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
ARM stack frames for abort and raise were limited to the the actual
abort and raise call, such as:

Obtained 4 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4adae1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4adacf74]

This is not terribly useful when trying to figure out what function
may have called called the abort, especially when using pthreads.

After the change the trace would now look like:

Obtained 8 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4befe1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4befcf74]
/lib/libc.so.6(abort+0x134) [0x4befe358]
./test-app(dummy_function+0x50) [0x10adc]
./test-app(main+0xd4) [0x10c24]
/lib/libc.so.6(__libc_start_main+0x114) [0x4bee7a58]

(From OE-Core rev: 93bf8713d8e13c278543baea94fb8dad0cb80e49)

Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
libxml2: Security fix CVE-2016-5131 2017-01-11T11:46:44+00:00 Yi Zhao yi.zhao@windriver.com 2016-11-28T09:55:40+00:00 1e284447b9bf42e1fd6080f5a50fe01c8267a4e6 CVE-2016-5131 libxml2: Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. External References: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131 Patch from: https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e (From OE-Core rev: 640bd2b98ff33e49b42f1087650ebe20d92259a4) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
CVE-2016-5131 libxml2: Use-after-free vulnerability in libxml2 through
2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to the XPointer range-to function.

External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131

Patch from:
https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e

(From OE-Core rev: 640bd2b98ff33e49b42f1087650ebe20d92259a4)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
util-linux: add su.1 to update-alternatives 2016-11-16T10:33:35+00:00 Ross Burton ross.burton@intel.com 2016-11-01T14:50:35+00:00 bec07530536c36b2ab2a7818a9ffc475faba27ac The su binary is handled by alternatives but the man page wasn't, so installing both util-linux-doc and shadow-doc produces errors. Also use d.expand() to neaten the code. (From OE-Core rev: 70a161ee88d3d54fec6d59039c181b43f1857dc3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
The su binary is handled by alternatives but the man page wasn't, so
installing both util-linux-doc and shadow-doc produces errors.

Also use d.expand() to neaten the code.

(From OE-Core rev: 70a161ee88d3d54fec6d59039c181b43f1857dc3)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
busybox/mdev.conf: Ignore eMMC RPMB and boot block devices 2016-11-16T10:33:35+00:00 Mike Looijmans mike.looijmans@topic.nl 2016-11-01T13:30:56+00:00 50d97edaeb18a4c6374101d222410a3b0f344bf2 eMMC devices may report block devices like "mmcblk0rpmb" and "mmcblk0boot0". These are not actually block devices and any read/write operation on them will fail. To prevent spamming error messages attempting to mount them, just ignore these devices. (From OE-Core rev: 9f4a85eb929f67420d9689d7dddadd120ed49843) Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
eMMC devices may report block devices like "mmcblk0rpmb" and
"mmcblk0boot0". These are not actually block devices and any
read/write operation on them will fail. To prevent spamming error
messages attempting to mount them, just ignore these devices.

(From OE-Core rev: 9f4a85eb929f67420d9689d7dddadd120ed49843)

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>