| Age | Commit message (Collapse) | Author | Files |
|---|
|
Update release tarball md5sum/sha256sum
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Refresh patches to apply cleanly without hunk on 1.11.1 (no changes):
- 0001-make-error-portable.patch
- 0001-configure.ac-Fix-wayland-protocols-path.patch
- 0001-shared-include-stdint.h-for-int32_t.patch
- 0001-weston-launch-Provide-a-default-version-that-doesn-t.patch
* Remove make-weston-launch-exit-for-unrecognized-option.patch
applied upstream
https://cgit.freedesktop.org/wayland/weston/commit/?h=1.11&id=fc3dd183
* Add 0001-Add-configuration-option-for-no-input-device.patch
backported from upstream
https://cgit.freedesktop.org/wayland/weston/commit/?id=75b7197f
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2016-3622 libtiff: The fpAcc function in tif_predict.c in the
tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to
cause a denial of service (divide-by-zero error) via a crafted TIFF
image.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3622
http://www.openwall.com/lists/oss-security/2016/04/07/4
Patch from:
https://github.com/vadz/libtiff/commit/92d966a5fcfbdca67957c8c5c47b467aa650b286
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2016-3623 libtiff: The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier
allows remote attackers to cause a denial of service (divide-by-zero) by
setting the (1) v or (2) h parameter to 0.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3623
http://bugzilla.maptools.org/show_bug.cgi?id=2569
Patch from:
https://github.com/vadz/libtiff/commit/bd024f07019f5d9fea236675607a69f74a66bc7b
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2016-3991 libtiff: Heap-based buffer overflow in the loadImage
function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote
attackers to cause a denial of service (out-of-bounds write) or execute
arbitrary code via a crafted TIFF image with zero tiles.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3991
http://bugzilla.maptools.org/show_bug.cgi?id=2543
Patch from:
https://github.com/vadz/libtiff/commit/e596d4e27c5afb7960dc360fdd3afd90ba0fb8ba
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2016-3990 libtiff: Heap-based buffer overflow in the
horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and
earlier allows remote attackers to cause a denial of service (crash) or
execute arbitrary code via a crafted TIFF image to tiffcp.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990
http://bugzilla.maptools.org/show_bug.cgi?id=2544
Patch from:
https://github.com/vadz/libtiff/commit/6a4dbb07ccf92836bb4adac7be4575672d0ac5f1
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2016-3945 libtiff: Multiple integer overflows in the (1)
cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in
LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote
attackers to cause a denial of service (crash) or execute arbitrary code
via a crafted TIFF image, which triggers an out-of-bounds write.
External References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3945
http://bugzilla.maptools.org/show_bug.cgi?id=2545
Patch from:
https://github.com/vadz/libtiff/commit/7c39352ccd9060d311d3dc9a1f1bc00133a160e6
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.
The patch is a backport from the latest git repo.
Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When there is a relative symlink in the layer, for example:
symA -> ../out/of/layer/file
symA will be invalid fater copied, it would be invalid from build time
if it points to a relative path, and would be invalid after extracted
the sdk if it points to a absolute py. Dereference symlink when copy
will fix the problem.
Use tar rather than shutil.copytree() to copy is because:
1) shutil.copytree(symlinks=Fasle) has bugs when dereference symlinks:
https://bugs.python.org/issue21697
And Ubunutu 1404 doesn't upgrade python3 to fix the problem.
2) shutil.copytree(symlinks=False) raises errors when there is a invalid
symlink, and tar just prints a warning, tar is preferred here since
the real world is unpredicatable
3) tar is faster than shutil.copytree() as said by oe.path.copytree()
So use tar to copy.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The c_rehash utility is supposed to be run in the folder /etc/ssl/certs
of a rootfs where the package ca-certificates puts symlinks to
various CA certificates stored in /usr/share/ca-certificates/mozilla/.
These symlinks are absolute. This means that when c_rehash is run
at rootfs creation time it can't hash the actual files since they
actually reside in the build host's directory
$SYSROOT/usr/share/ca-certificates/mozilla/.
This problem doesn't reproduce when building on Debian or Ubuntu
hosts though, because these OSs have the certificates installed
in the same /usr/share/ca-certificates/mozilla/ folder.
Images built in other distros, e.g. Fedora, have problems with
connecting to https servers when using e.g. python's http lib.
The patch fixes c_rehash to check if it runs on a build host
by testing $SYSROOT and to translate the paths to certificates
accordingly.
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Now that out of tree building is enabled, ${B} must be used instead of
${S} as the path for UBOOT_BINARY.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
rpm2cpio is in ${PN}-common, but rpm2cpio.real is in ${PN}. This seperation
is really weird. Put them both in ${PN}-common.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This doesn't compile, see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77757#c2
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The AC_PATH_XTRA check for X11 headers is never actually used, so patch that out
and remove the options in EXTRA_OECONF.
Move pcre/png/zlib toggles to PACKAGECONFIG, retaining the behaviour that only
PCRE is enabled by default.
Add missing libiconv dependency.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The slang maintainer only puts the current release at
jedsoft.org/releases/slang/slang-1.2.3.tar.bz2, all previous releases are moved
into /releases/slang/old/.
As this breaks the fetch the moment a new version is released, use PREMIRRORS to
also look in the /old/ directory.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
mkefidisk.sh will soon be deprecated in favor of .wic images.
Added deprecation warning to the script to inform users that
this script will soon be removed from the codebase.
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
inc files are also used by plugins in other layers but they do
not use same srcrev for gst-common repo for various reasons e.g.
https://github.com/ndechesne/meta-qcom/blob/master/recipes-multimedia/gstreamer/gstreamer1.0-plugins-v4l2.bb
Currently, this patch is forced on these external packages too
and fails to patch cleanly in some cases. Therefore its
better to move this SRC_URI_append to the individual .bb files
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Setting up the vardeps on write_qemuboot_conf forces the updating of
variables in qemuboot.conf when machine/deploy configuration changes.
This is particularly useful when developing or setting up the qemuboot
(e.g. changing QB_* variables) for new targets or when changing
deployment variables (e.g. KERNEL_IMAGETYPE).
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Using "npm install" instead of "cp -a" is the more correct thing to be
doing here, and ensures that symlinks for executable scripts are put
into ${prefix}/bin. (I'd prefer ${bindir}, but npm does not allow
specifying paths at that level - only a prefix.)
Fixes [YOCTO #10460].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If you set LIC_FILES_CHKSUM to point to a relative symlink then you'll
get "Could not copy license file" warnings in copy_license_files() since
the symlink won't be valid after it's copied. If the source is a symlink
then we need to dereference it first.
I encountered this when I used recipetool on the sources for capnproto,
where the c++ directory contains a LICENSE.txt symlink to the LICENSE
file in the parent directory, and this symlink ends up being pointed to
in LIC_FILES_CHKSUM.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Import a patch from upstream, which fixes a connman daemon freeze
under certain conditions (multiple active interfaces, no r/w storage).
Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When modifying the PATH variable in .bashrc, double quote characters
were used, resulting in expanding the variable $PATH with the value of
PATH of the system building the Build Appliance.
The original intent was to enter an un-expanded (literal) $PATH.
In order to that, one must use single quotes instead of double quotes.
[YOCTO#10434] [YOCTO#10504]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fixes segfaults when doing partial linking and generaring binary objects
/tmp/binu/ld/ld-new -r -b binary -o etc_certs_ui_ca_pem.o etc_certs_ui_ca_pem
0 elf32_arm_count_additional_relocs (sec=0x79bf40) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:18210
1 0x000000000047635a in bfd_elf_final_link (abfd=abfd@entry=0x783250, info=info@entry=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elflink.c:11224
2 0x000000000044df7b in elf32_arm_final_link (abfd=0x783250, info=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:12131
3 0x0000000000418917 in ldwrite () at /mnt/a/work/oe/binutils-gdb/ld/ldwrite.c:577
4 0x000000000040365f in main (argc=<optimized out>, argv=<optimized out>) at /mnt/a/work/oe/binutils-gdb/ld/ldmain.c:433
gold works ok. The patch is already applied in master binutils
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
test.regrtest depends on most of python modules so require all of them.
[YOCTO #10522]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
We don't remove sigdata files, we also shouldn't remove sigbasedata files
as this hinders debugging.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We don't remove sigdata files, we also shouldn't remove sigbasedata files
as this hinders debugging.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Updating to the korg -stable release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Integrating the korg -stable release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Updating to the korg -stable release.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's no way to ensure that files owned by the users aren't left
on the system at postrm time: Removing the user would mean those
files are now owned by a non-existing user, and later may be owned
by a completely unrelated new user.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's no way to ensure that files owned by the users aren't left
on the system at postrm time: Removing the user would mean those
files are now owned by a non-existing user, and later may be owned
by a completely unrelated new user.
[YOCTO #10442]
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
e2fsprogs builds fine with or without attr but it's possible to
end up with this sequence:
* e2fsprogs configure finds attr/xattr.h (coming from sstate)
* attr starts rebuild, attr/xattr.h is removed from sysroot
* e2fsprogs compile fails: "attr/xattr.h: No such file or directory"
Depend on attr to ensure reproducible build.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[YP#7202]: Test for linux-dummy
The new kernel.py file is intended for kernel related test cases.
The test for linux-dummy will ensure it is in good shape and can
be used as a kernel replacement at build time. To do this, the
test will first clean sstate for linux-dummy target, ensuring no
file is present in the stamps directory. After, core-image-minimal
is built, ensuring linux-dummy can be used as a kernel substitute.
Signed-off-by: Costin Constantin <costin.c.constantin@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release.
* Rebase the --disable-opengl patch.
* Remove a backported patch.
* Inherit gettext as that seems to have been missing.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Bug fix release.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Includes new default subpixel hinting mode (aka ClearType).
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release, mostly bug fixes.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly feature release.
glib-2.0-utils now includes "gio" command line utility.
Drop a patch that's now upstream. Add PACKAGECONFIG for libmount,
enabled by default.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Six-monthly release.
Package the new dark variant of GTK2-Adwaita separately.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Package 512x512 icons in adwaita-icon-theme-hires.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Bug fix releases.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Trying to configure evdev and mouse leads to errors in X startup
because xf86-input-libinput is now the default. No configuration
should be needed: xf86-input-libinput should just work out-of-the-box.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Don't install legacy X input drivers for any machines by default,
RRECOMMEND xf86-input-libinput instead.
This is the setup suggested by upstream: install only libinput by
default, but let niche legacy drivers sort higher in configuration
so they get chosen if installed. So the order is:
evdev < libinput < (synaptics|vmmouse|...)
This also removes vmmouse X driver from the qemu config. If a VMware
virtual mouse device really needs to be supported, we should enable
CONFIG_MOUSE_PS2_VMMOUSE in kernel instead: that is directly supported
by the libinput X driver.
Fixes [YOCTO #10195].
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
