summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFiles
2017-07-24kernel.bbclass: set CVE_PRODUCT to linux_kernel if not set by recipeMikko Rapeli1
It is used by NVD database CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-7273 Setting this in kernel.bbclass fixes CVE reporting for all users of the class. Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24cve-check.bbclass: use weak assignment for default CVE_PRODUCTMikko Rapeli1
This way also bbclasses can override it. For example kernel.bbclass could set CVE_PRODUCT to linux_kernel for all users of the class which compile Linux kernels. Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24wpa-supplicant_2.6.bb: set CVE_PRODUCT to wpa_supplicantMikko Rapeli1
It is used in NVD database CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2015-1863 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24sqlite3.inc: set CVE_PRODUCT to sqliteMikko Rapeli1
It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-6153 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24quota_4.03.bb: set CVE_PRODUCT to linux_diskquotaMikko Rapeli1
It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2012-3417 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24lttng-ust_2.9.1.bb: set CVE_PRODUCT to ustMikko Rapeli1
It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2010-3386 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24python.inc: set CVE_PRODUCT to pythonMikko Rapeli1
All python versions are just python in NVD like this CVE for python 3.4.4: https://nvd.nist.gov/vuln/detail/CVE-2016-5699 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24nspr_4.14.bb: set CVE_PRODUCT to netscape_portable_runtimeMikko Rapeli1
This is used in NVD database entries like CVE: https://nvd.nist.gov/vuln/detail/CVE-2016-1951 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24libsndfile1_1.0.28.bb: set CVE_PRODUCT to libsndfileMikko Rapeli1
It is used in NVD to CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-6892 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24libsamplerate0_0.1.9.bb: set CVE_PRODUCT to libsamplerateMikko Rapeli1
It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-7697 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24libpcre2_10.23.bb: set CVE_PRODUCT to pcre2Mikko Rapeli1
It is used in NVD as product name for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-8786 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24libpcre_8.40.bb: set CVE_PRODUCT to prceMikko Rapeli1
It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2017-7246 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24icu.inc: set CVE_PRODUCT to international_components_for_unicodeMikko Rapeli1
NVD uses it for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2014-8146 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24glibc-common.inc: set CVE_PRODUCT to glibcMikko Rapeli1
All recipes which include this .inc map to glibc NVD component. Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24glib.inc: set CVE_PRODUCT to glibMikko Rapeli1
NVD uses product glib and vendor gnome for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-6855 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24gcc-common.inc: set CVE_PRODUCT to gccMikko Rapeli1
All recipes which include this are using gcc as product name in NVD like https://nvd.nist.gov/vuln/detail/CVE-2015-5276 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24flac_1.3.1.bb: set CVE_PRODUCT to libflacMikko Rapeli1
NVD uses product name libflac for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2014-8962 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24eglinfo.inc: set CVE_PRODUCT to eglinfoMikko Rapeli1
Upstream is called eglinfo no matter how the recipes are named. There are no existing CVE's for eglinfo in NVD yet. Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24bluez5.inc: set CVE_PRODUCT to bluezMikko Rapeli1
bluez is the product name in NVD database for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-7837 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24acpid.inc: set CVE_PRODUCT to acpid2Mikko Rapeli1
It is used in NVD database for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2011-4578 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24glibc-package.inc: add support for armeb of multilibzhengrq1
Add support for armeb of multilib. Signed-off-by: zhengrq <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24rpm/dnf: fix Upstream-Status to reflect upstream submission statusAlexander Kanavin13
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24dhcp: add dhclient.serviceChen Qi3
Add dhclient.service. This service file mainly comes from meta-systemd, with modifications to take nfs boot into consideration. While using eth0 as the nfsboot interface, we'd like dhclient service to skip it like what ifup and connman do in sysvinit. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24glibc: fix upstream-status tag in a patchRoss Burton1
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24libffi: Support musl-x32 buildsweeaun2
Added target musl-x32 in configure.ac to support musl-x32 build in libffi. Signed-off-by: sweeaun <swee.aun.khor@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24python*-setuptools: upgrade to 36.2.0Jose Lamego3
Both python-setuptools and python3-setuptools need to be upgraded to latest upstream version. license checksum is now targeted to be performed over the actual license text at license file. These changes were tested using qemux86 with core-image-minimal. Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-24mkelfimage: Fix build on x86_64 with hardeningKhem Raj1
We get linking errors on some hosts like | ld -static --warn-multiple-gp --warn-common -T linux-i386/convert.lds -o objdir/linux-i386/convert ob jdir/linux-i386/head.o objdir/linux-i386/convert_params.o | objdir/linux-i386/convert_params.o: In function `printf': | convert_params.c:(.text+0x1fd): undefined reference to `__stack_chk_fail_local' This is because the build system is defaulting to host linker when building 32bit binaries and it may not have same defaults as OE toolchain and issue gets highlighted. fix it by using cross linker for 32bit links when building on x86_64 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-22patchelf: fix segfault for binaries linked by goldEd Bartosh2
Due to a bug in calculating adresses of modified program headers patchelf breaks executables linked by Gold linker causing them to segfault, e.g. $ tmp/sysroots-components/x86_64/m4-native/usr/bin/m4 --help Segmentation fault This is reproducible only in some cases and only for executables of ET_DYN type produced by Gold or by ld linked with pie. This should be solved by fix-adjusting-startPage.patch that fixes calculation logic. [YOCTO #11785] Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-07-22patchelf: change patch statusEd Bartosh1
The patch has been accepted upstream. Changed patch status Pending -> Accepted. Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-07-21bluez5: upgrade to 5.46Maxin B. John1
5.45 -> 5.46 This includes the new testing utility "advtest" Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-07-21python3-git: upgrade to 2.1.5Jose Lamego2
python3-git needs to be upgraded to latest upstream version. "git" is added as RDEPENDS. These changes were tested using qemux86 with core-image-minimal. Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21python3-mako: update to 1.0.7Jose Lamego2
python3-mako need to be upgraded to latest upstream version. This change was tested using qemux86 with core-image-minimal Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21libtirpc: upgrade to 1.0.2Maxin B. John4
1.0.1 -> 1.0.2 Remove these Backported and upstreamed patches: 1. 0001-Fix-for-CVE-2017-8779.patch 2. libtirpc-0.2.1-fortify.patch 3. libtirpc-1.0.2-rc3.patc Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21sqlite3: upgrade to 3.19.3Maxin B. John1
3.19.2 -> 3.19.3 Fixes a bug associated with auto_vacuum that can lead to database corruption. Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21orc: upgrade to 0.4.27Maxin B. John1
0.4.26 -> 0.4.27 Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21libsolv: upgrade to 0.6.28Maxin B. John1
0.6.27 -> 0.6.28 Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21libjpeg-turbo: upgrade to 1.5.2Maxin B. John2
1.5.1 -> 1.5.2 Remove this backported patch: 1. fix-mips.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21screen: 4.5.1 -> 4.6.0Bian Yaqin1
Update screen from 4.5.1 to 4.6.0 Signed-off-by: Bian Yaqin <bianyq@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21base.bbclass: Make .jar file depend on unzip-nativeRicardo Ribalda Delgado1
Unzip is required for jar files. Without this patch: ERROR: junit4-4.3.1-r0 do_unpack: Unpack failure for URL: 'http://downloads.sourceforge.net/junit/junit-4.3.1-src.jar'. Unpack command PATH="/var/lib/jenkins/workspace/qt5122-dyspro/build/tmp/sysroots-uninative/x86_64-linux/usr/bin ......." unzip -q -o '/var/lib/yocto/downloads/junit-4.3.1-src.jar' failed with return value 127 Suggested-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21systemd-bootchart: Fix build with glibc 2.26Jussi Kukkonen2
xlocale.h is no more, don't include it. Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21acl: reduce local pending patchesDengke Du1
Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21at: reduce local pending patchesDengke Du1
Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21vulkan-demos: Rename ${bindir}/screenshotJussi Kukkonen1
This conflicts with sato-screenshot. Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21mesa: Upgrade to 17.1.5 releaseOtavio Salvador3
This is a stable bugfix release. Following upstream bugs were fixed: Bug 100242 - radeon buffer allocation failure during startup of Factorio Bug 101657 - strtod.c:32:10: fatal error: xlocale.h: No such file or directory Bug 101666 - bitfieldExtract is marked as a built-in function on OpenGL ES 3.0, but was added in OpenGL ES 3.1 Bug 101703 - No stencil buffer allocated when requested by GLUT Also, the following patches were included in this release and as such deleted: - etnaviv_fix-shader-miscompilation.patch Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21oe-selftest: wic: add test_mkfs_extraopts test caseEd Bartosh1
Test new wks option --mkfs-extraopts with all filesystems supported by wic. Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21wic: add description of --mkfs-extraoptsEd Bartosh1
Updated help contents with the description of new wks option --mkfs-extraopts Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21wic: implement wks option --mkfs-extraoptsEd Bartosh2
This option specifies extra options to pass to mkfs.<fstype> utilities. [YOCTO #11709] Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21pkgconfig: allow kernel to be build with esdkSaul Wold2
When the kernel's menuconfig target is called while using the esdk or an esdk-based container, the pkg-config info that is found is not correct. The pkg-config info is for the target, but we need the eSDK's information in order to build the host based menuconfig. The new pkg-config-esdk script checks both that it's in SDK and being called from the check-lxdialog script in order to limit the scope of when the pkg-config automagically switches to pkg-config-native. The pkg-config-esdk is only installed as pkg-config inside the eSDK, which is why we use the sstate post install script and check for if we are in the esdk environment using the WITHIN_EXT_SDK [YOCTO #11155] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21populate_sdk_ext: Add variable to indicate running in eSDKSaul Wold1
This allows for other scripts to know that they are being executed in the context of the eSDK in order to provide different behaviour as needed. [YOCTO #11155] Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-07-21icecc.bbclass: prevent nativesdk builds depending on target specific KERNEL_CCMartin Jansa1
* without this we cause nativesdk-linux-libc-headers to depend on target specific KERNEL_CC (through icecc_get_tool -> icecc_is_kernel -> KERNEL_CC -> HOST_CC_KERNEL_ARCH -> TARGET_CC_KERNEL_ARCH -> TUNE_FEATURES(thumb) as shown by bitbake-diffsigs: OE qemux86@ ~/build/oe-core $ ls /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata* /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemuarm/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.3a9a423878d56524e0ee8e42eba1804f /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemux86/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.401071dbaa88903ece37d35a47965ff2 OE qemux86@ ~/build/oe-core $ bitbake-diffsigs /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata* basehash changed from 39774238b66763c598153132e87a2c1a to aa2d66e770bf533e312536eb0a401c4c Variable TARGET_CC_KERNEL_ARCH value changed from '${@bb.utils.contains('TUNE_FEATURES', 'thumb', '-mno-thumb-interwork-marm', '', d)} TUNE_FEATURES{thumb} = Set' to '' Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-01 10:15:32 +0000