| Age | Commit message (Collapse) | Author | Files |
|---|
|
Add upstream patch to fix syscalls/add_key02 test for nonempty
NULL payload:
https://github.com/linux-test-project/ltp/commit/25045624e941ee76a13febd36187e23c6c435507
Signed-off-by: Milosz Wasilewski <milosz.wasilewski@linaro.org>
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upgrade sysstat from 11.5.5 to 11.5.6.
Signed-off-by: susanbian <bianyq@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch adds ptest for slang, it uses `make runtests` to run tests.
The Makefile runs runtests.sh for each *.sl and *.slc tests.
runtests.sh is patched for printing test results in a common format,
Makefile is patched in order not to compile any dependencies.
Changes v2->v3: rebased on the latest master (1d9a88f6).
Signed-off-by: Stefan Strogin <sstrogin@cisco.com>
Cc: xe-linux-external@cisco.com
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch is generic enough, That it can be applied universally
and makes maintainence easier
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
build fails else with
| + make -j 8 -l 6 cc=ccache gcc
| make: *** No rule to make target 'gcc'. Stop.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This directory is deleted by do_install, so luckily the lack of error checking
meant this didn't break.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Use 0037-faccessat-and-fchmodat-Fx-build-warnings.patch instead of
0012-fix-faccessat01.c-build-fails-with-security-flags.patch.
The new patch has been merged upstream and will be available in next LTP
release.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
This recipe was carried only for LSB compatibility,
with upstream being defunct for a long time; if there is a need
for a modern, supported implementation of mail/mailx, then
s-nail (http://sdaoden.eu/code.html) or mailutils (http://mailutils.org/)
should be used.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
These were required by LSB 4.1 tests; there's no other reason to continue
carrying them in oe-core.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
It was only in oe-core because of LSB; let's remove it. Current libpng is 1.6.x.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Last version of qt4 was released 2 years ago, and Qt4 was
officially EOLd at the end of 2015. On the other hand, LSB is no longer
being developed, and so will 'require' Qt4 until the end of time.
Let's pull the plug.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
This adds or fixes the Upstream-Status for all remaining patches missing it
in OE-Core.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix a variety of spelling and format mistakes to improve the ease of reading the
tags programatically.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add information necessary to build for x11, but
do not enable that option.
Fix parallel build directory creation issue.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Eliminate CVE patches that are now in source.
Add CUPSCONFIG to configure options.
Signed-off-by: Joe Slater <jslater@windriver.com>
to be scrunched
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upgrade libnewt from 0.52.19 to 0.52.20.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The modern version of zone.tab is required by tzselect e.g.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.
uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Few of the perl scripts referring '#!/bin/sed' inside the script. But when
'usrmerge' feature is enabled this path would be /usr/bin/sed. So to satisfy
build dependency add '/bin/sed' to it's providers list.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Most of shell scripts refer to '#!/bin/{sh,bash}' inside the script. But when
'usrmege' feature is enabled this path will be /usr/bin/{sh, bash}.
so to satisify build dependency add '/bin/{sh,bash}' to its providers list.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
uintptr_t is defined in stdint.h
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes build with musl and upcoming glibc
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Note that this just removes a host path leakage: diffutils still
doesn't depend on coreutils so 'pr' might not actually be there
on image (this only breaks "diff -l" so no big deal).
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Denys Zagorui <denys.zagorui@globallogic.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This vulnerability is also called "rpcbomb".
Backport upstream patch to fix this vulnerability.
CVE: CVE-2017-8779
Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade hdparm from 9.51 to 9.52
2. Update the checksum of LIC_FILES_CHKSUM
The following content is appended to LICENSE.TXT, the licence is still BSD & GPLv2.
The apt.c file is Copyright (c) 2009 Jan Friesse <jfriesse@gmail.com>.
You may use/distribute apt.c freely, under the terms of either
(your choice) the GNU General Public License version 2,
or a BSD style license.
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade lsbinitscripts from 9.68 to 9.72
2. Rebase the following patch file.
functions.patch
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
backport commit bdbfea3 from logrotate upstream.
Signed-off-by: Zhenbo Gao <zhenbo.gao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade libxml-namespacesupport-perl from 1.11 to 1.12
2. Update the checksum of licence file because the author and contributors's name list is deleted.
The content of licence has no change.
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade acpica from 20150515 to 20170303
2. Rebase the patch file for 20170303
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. rebase patch 0034-periodic_output.patch
This patch can't apply, because in memcg_stress_test.sh, it used a
different value for RUN_TIME: 15*60, we can check it here:
https://github.com/linux-test-project/ltp/blob/20170516/testcases/kernel/controllers/memcg/stress/memcg_stress_test.sh#L40
Previous is 60*60, we can check it here:
https://github.com/linux-test-project/ltp/blob/20170116/testcases/kernel/controllers/memcg/stress/memcg_stress_test.sh#L40
2. delete patch 0039-fcntl-fix-the-time-def-to-use-time_t.patch
This patch didn't need any more, because the upstream has remove the
unneeded time() declaration. We can check it here:
https://github.com/linux-test-project/ltp/commit/f8c96804e5e89d360707c9670b18221b11cf3858
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* Using "cp -a" leaks UID of user running the builds, causing
many QA warnings.
* See this thread for details:
http://lists.openembedded.org/pipermail/openembedded-core/2015-November/112904.html
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER
mode protection mechanism and consequently read arbitrary files via the
use of the .libfile operator in a crafted postscript document.
Use-after-free vulnerability in Ghostscript 9.20 might allow remote
attackers to execute arbitrary code via vectors related to a reference
leak in .setdevice.
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER
mode protection mechanism and consequently execute arbitrary code by
leveraging type confusion in .initialize_dsc_parser.
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript,
has a NULL pointer dereference in the jbig2_huffman_get function in
jbig2_huffman.c. For example, the jbig2dec utility will
crash (segmentation fault) when parsing an invalid file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2016-7977
https://nvd.nist.gov/vuln/detail/CVE-2016-7978
https://nvd.nist.gov/vuln/detail/CVE-2016-7979
https://nvd.nist.gov/vuln/detail/CVE-2017-9216
Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=6f749c0c44e7b9e09737b9f29edf29925a34f0cf
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=875a0095f37626a721c7ff57d606a0f95af03913
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=3ebffb1d96ba0cacec23016eccb4047dab365853
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Having 'lsof' as a +s (setuid) binary could lead to security issues if
a compromise in the binary is found. It is better that it be -s by
default as a precaution.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This vulnerability is also called "rpcbomb".
Backport upstream patch to fix this vulnerability.
CVE: CVE-2017-8779
Signed-off-by: Fan Xin<fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
NIS functionality has been split out into independent
library from glibc
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Re-introduce the patch that was deemed to be not needed
but it infact is still needed with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The following warning occurs when building with meta-zephyr
with MACHINE set to arduino-101-sss:
WARNING: /srv/sdc/builds/11319/meta/recipes-extended/ghostscript/ghostscript_9.20.bb: Unable to get checksum for ghostscript SRC_URI entry objarch.h: file could not be found
This is due to the the TARGET_ARCH = "arc" for meta-zephyr is not
supported by ghostscript and causing bitbake unable to locate the
correct config file during recipe parse.
Adding checker in the recipe to raise an exception if the target
architecture is "arc". This would then only display an error if
someone specifically tries to build the recipe:
ERROR: ghostscript was skipped: incompatible with host arc-yocto-elf (not in COMPATIBLE_HOST)
[YOCTO #11344]
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote
attackers to cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted Postscript document that calls .sethalftone5 with an
empty operand stack.
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because
of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c
during operations on a crafted JBIG2 file, leading to a denial of service (application
crash) or possibly execution of arbitrary code.
References:
https://nvd.nist.gov/vuln/detail/CVE-2016-8602
https://nvd.nist.gov/vuln/detail/CVE-2017-7975
Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=f5c7555c303
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e57e483298
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
