summaryrefslogtreecommitdiff
path: root/meta/recipes-extended
AgeCommit message (Collapse)AuthorFiles
2015-06-23cups: upgrade from 2.0.2 to 2.0.3Kai Kang2
Upgrade cups from 2.0.2 to 2.0.3. In its release log, it fixes CERT VU #810572/CVE-2015-1158/CVE-2015-1159. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-18tzdata: update to 2015eArmin Kuster2
merged inc back into recipe. Changes affecting future time stamps Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00, not 06-13 and 07-18 as we had guessed. (Thanks to Milamber.) Assume Cayman Islands will observe DST starting next year, using US rules. Although it isn't guaranteed, it is the most likely. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-18tzcode-native: update to 2015eArmin Kuster3
merged inc back into recipe. Changes affecting code When displaying data, tzselect converts it to the current locale's encoding if the iconv command works. (Problem reported by random832.) tzselect no longer mishandles Dominica, fixing a bug introduced in Release 2014f. (Problem reported by Owen Leibman.) zic -l no longer fails when compiled with -DTZDEFAULT=\"/etc/localtime\". This fixes a bug introduced in Release 2014f. (Problem reported by Leonardo Chiquitto.) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-11cracklib:Fix an error in the patchLei Maohui1
To fix an error in the patch.Otherwise,the dictionary would be wrong. Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-11sysstat: DEPENDS on base-passwdRobert Yang1
Fixed: | install -m 644 -g man man/sa1.8 /path/to/tmp/work/i586-poky-linux/sysstat/11.1.4-r0/image/usr/share/man/man8 | install: invalid group `man' Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-06-11cups: clean up autotools useRoss Burton1
Instead of hand-rolling a do_configure() simply use autotools and disable autoheader (upstream uses a hand-generated config.h.in). Also do_compile() doesn't need to pass SSLLIBS as configure uses pkgconfig to find gnutls, LIBPNG and LIBJPEG are not used anywhere in the build system, and LIBZ is detected correctly. Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-11augeas: 1.2.0 -> 1.4.0Robert Yang2
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-06-08lsof: Remove LSOF_OSKhem Raj1
This is not needed since its target recipe and we always need to pass 'linux' for OS Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-08libpam: Fix wrong crypt library detectionKhem Raj2
Surfaced when building with musl This details are in patch headers Enabel innetgr.patch for musl as well Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-03ethtool: 3.16 -> 4.0Robert Yang2
Removed ethtool-uint.patch since it is already in the source. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-06-03gawk: upgrade to 4.1.3Chen Qi4
The following two patches are removed because they have been merged in the new version. Use-DESTDIR-in-extension-Makefile.am-when-removing-..patch extension-Add-DESTDIR-prefix-to-remaining-pkgextensi.patch Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-03packagegroup-core-full-cmdline: remove lighttpdRobert Yang2
The packagegroup-core-full-cmdline-sys-services should not pull in lighttpd, move it to packagegroup-core-lsb since lsb needs it. [YOCTO #7086] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-05-30grep: fix CVE-2015-1345Kai Kang2
Backport patch to fix CVE-2015-1345. The issue was introduced with v2.18-90-g73893ff, and version 2.5.1a is not affected. Replace tab with spaces in SRC_URI as well. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-29man-pages: 3.83 -> 4.00Robert Yang1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-05-29cracklib: 2.9.3 -> 2.9.4Robert Yang1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-05-25grep: Fix LSB NG Cases for gplv2 version.Li xin2
-/tset/LI18NUX2K.L1/utils/egrep-tp/T.egrep-tp 5 -/tset/LI18NUX2K.L1/utils/fgrep/T.fgrep 5 -/tset/LI18NUX2K.L1/utils/grep-tp/T.grep-tp 5 The LSB core test requires grep egrep and fgrep can perform pattern matching in searches without regard to case if -i option is specified. Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-19msmtp: Upgrade to 1.6.2Saul Wold1
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-19libinitscripts: Upgrade to 9.63Saul Wold1
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-19libidn: Upgrade to 1.30Saul Wold1
LIC_CHKSUM updated because year was changed in those associated files. Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-14ghostscript: 9.15 -> 9.16Robert Yang4
* Update LICENSE's md5sum, the new version added a "of" in the file, the license is the same. * Remove ghostscript-9.02-parallel-make.patch, it has 932 lines and modified 24 files, which is hard to maintain, and it can't be applied since the code has changed, and if we meet parallel issues again, we need fix it in other ways. * Fix a build error of -Werror=return-type. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-05-14recipes-extended: add x11 to REQUIRED_DISTRO_FEATURESRobert Yang2
They can't be built withou x11 in DISTRO_FEATURES. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2015-05-14unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315Roy Li3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636 unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315 Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8. Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-05-14stat: fix SRC_URIRobert Yang1
The old SRC_URI is redirected to the new one, fixed: WARNING: Failed to fetch URL ftp://metalab.unc.edu/pub/Linux/utils/file/stat-3.3.tar.gz, attempting MIRRORS if available Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-07libarchive: fix out of tree buildsRoss Burton2
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-05ghostscript: Add MicroBlaze supportNathan Rossi2
* Add objarch.h for MicroBlaze big and little endian Signed-off-by: Nathan Rossi <nathan.rossi@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30pigz: set ALTERNATIVE for nativesdk package to emptyChen Qi1
Set ALTERNATIVE for nativesdk package to empty to avoid warnings like below. WARNING: pigz: NOT adding alternative provide xxx/bin/gunzip: xxx/bin/pigz does not exist Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30rpcbind: 0.2.2 -> 0.2.3Robert Yang3
* Updated 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch * Removed 0002-uclibc-rpcsvc-defines.patch since it is already in the source. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30ltp: 20150119 -> 20150420Robert Yang1
The COPYING's md5sum is changed by this commit: commit 945f9c69af665044448b0eb6816656acc84fca77 Author: Ken Dreyer <kdreyer@redhat.com> Date: Mon Jan 26 14:02:46 2015 -0700 update GPLv2 text in COPYING The FSF has issued a couple of tiny updates to the GPLv2. The main change is a new mailing address for the FSF headquarters. This license text was taken verbatim from https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt The main content are the same. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30man-pages: 3.82 -> 3.83Robert Yang1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30texinfo: remove enumerate_greater_than_ten.patchRobert Yang1
It is a backport patch, and verified that the patch is in the source. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30libaio: remove libaio-generic.patchRobert Yang1
It is already in the source. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30logrotate: remove logrotate-CVE-2011-1548.patchRobert Yang1
It is a backport patch, and verified that the patch is in the source. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-28libarchive: Security Advisory - libarchive - CVE-2015-2304Li Zhou2
libarchive: Updated libarchive packages fix security vulnerability Alexander Cherepanov discovered that bsdcpio, an implementation of the "cpio" program part of the libarchive project, is susceptible to a directory traversal vulnerability via absolute paths. Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-28less: fix CVE-2014-9488Junling Zheng2
An out of bounds read access in the UTF-8 decoding can be triggered with a malformed file in the tool less. The access happens in the function is_utf8_well_formed due to a truncated multibyte character in the sample file. The bug does not crash less, it can only be made visible by running less with valgrind or compiling it with Address Sanitizer. Version 475 of less contains a fix for this issue. The file version.c contains some entry mentioning this issue (without any credit): - v475 3/2/15 Fix possible buffer overrun with invalid UTF-8 The fix is in the file line.c. We derive this patch from: https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html Thank Claire Robinson for validating it on Mageia 4 i586. Refer to: https://bugs.mageia.org/show_bug.cgi?id=15567 Signed-off-by: Junling Zheng <zhengjunling@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27sysstat: upgrade to 11.1.4Chen Qi2
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27tzdata: update to 2015dArmin Kuster2
Changes affecting future time stamps Egypt will not observe DST in 2015 and will consider canceling it permanently. For now, assume no DST indefinitely. (Thanks to Ahmed Nazmy and Tim Parenti.) Changes affecting past time stamps America/Whitehorse switched from UTC-9 to UTC-8 on 1967-05-28, not 1966-07-01. Also, Yukon's time zone history is documented better. (Thanks to Brian Inglis and Dennis Ferguson.) Change affecting past and future time zone abbreviations The abbreviations for Hawaii-Aleutian standard and daylight times have been changed from HAST/HADT to HST/HDT, as per US Government Printing Office style. This affects only America/Adak since 1983, as America/Honolulu was already using the new style. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27tzcode: update to 2015dArmin Kuster2
Changes affecting code zic has some minor performance improvements. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27mdadm: Fix inline semanticsKhem Raj2
With gcc-5 defaulting to gnu11 C we need to follow c99 inline semantics Change-Id: I397520c36c81634556b3f3782aebc532e4a79aed Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27glibc, packagegroup-self-hosted, packagegroup-core-lsb: Consider non-glibc libcsKhem Raj1
Make skipping expression simpler to check for given libc Make sure glibc specific items are covered with right override Change-Id: I8b4a0b7cbfe38ffdc9320f798038c79c7220552b Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27libxml-simple-perl/libconvert-asn1-perl: using PERLHOSTLIBRoy Li1
Using PERLHOSTLIB as possible, which is same as ${STAGING_LIBDIR_NATIVE}/perl-native/perl/${@get_perl_version(d)} Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-24bash: explicitly define NON_INTERACTIVE_LOGIN_SHELLS in CFLAGSChen Qi1
If NON_INTERACTIVE_LOGIN_SHELLS is defined, all login shells read the startup files, even if they are not interactive. This is the behaviour of other major distros like Ubuntu and Fedora. We also need to set it so that when executing `su -l xxx -c env' command, /etc/profile is parsed. [YOCTO #5359] [YOCTO #7137] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-24shadow: fix `su' behaviourChen Qi2
0001-su.c-fix-to-exec-command-correctly.patch is removed. Below is the reason. This patch is introduced to solve the 'su: applet not found' problem when executing `su -l xxx -c env'. The patch references codes of previous release of shadow. However, this patch introduces bug#5359. So it's not correct. Let's first look at the root cause of 'su: applet not found' problem. This problem appears when /bin/sh is provided by busybox. When executing `su -l xxx -c env' command, the following function is invoked. execve("/bin/sh", ["-su", "-c", "env"], [/* 6 vars */]) Note that the argv[0] provided to new executable file (/bin/sh) is "-su". As /bin/sh is a symlink to /bin/busybox. It's /bin/busybox that is executed. In busybox's appletlib.c, it would examine argv[0], try to find an applet that has the same name, and then try to execute the main function of the applet. This logic results in `su' applet from busybox to be executed. However, we default to set 'BUSYBOX_SPLIT_SUID' to "1", so 'su' is not found. Further more, even if we set 'BUSYBOX_SPLIT_SUID' to "0", so that 'su' applet is found. The whole behaviour is still not correct. Because 'su' from shadow takes higher priority than that from busybox, so 'su' from busybox should never be executed on such system unless it's specified clearly by the end user. The logic of busybox's appletlib.c is totally correct from the point of busybox itself. It's an integration problem. To solve the above problem, this patch comment out SU_NAME in /etc/login.defs so that the final function executed in shadow's su is as below. execve("/bin/sh", ["-sh", "-c", "env"], [/* 6 vars */]) [YOCTO #5359] [YOCTO #7137] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-24ghostscript: add objarch.h for armebKrishnanjanappa, Jagadeesh1
ghostscript application fails to fetch objarch.h file while building for armeb. The fetch failure is due to absence of this file in the default set of directories that the OpenEmbedded build system searches (i.e FILESPATH) for patches and files. This patch adds the required objarch.h file for armeb in one of the default locations where OpenEmbedded build system searches. Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21txdata: update to 2015cArmin Kuster2
Changes affecting future time stamps Egypt's spring-forward transition is at 24:00 on April's last Thursday, not 00:00 on April's last Friday. 2015's transition will therefore be on Thursday, April 30 at 24:00, not Friday, April 24 at 00:00. Similar fixes apply to 2026, 2037, 2043, etc. (Thanks to Steffen Thorsen.) Changes affecting past time stamps The following changes affect some pre-1991 Chile-related time stamps in America/Santiago, Antarctica/Palmer, and Pacific/Easter. The 1910 transition was January 10, not January 1. The 1918 transition was September 10, not September 1. The UTC-4 time observed from 1932 to 1942 is now considered to be standard time, not year-round DST. Santiago observed DST (UTC-3) from 1946-07-15 through 1946-08-31, then reverted to standard time, then switched its time zone to UTC-5 on 1947-04-01. Assume transitions before 1968 were at 00:00, since we have no data saying otherwise. The spring 1988 transition was 1988-10-09, not 1988-10-02. The fall 1990 transition was 1990-03-11, not 1990-03-18. Assume no UTC offset change for Pacific/Easter on 1890-01-01, and omit all transitions on Pacific/Easter from 1942 through 1946 since we have no data suggesting that they existed. One more zone has been turned into a link, as it differed from an existing zone only for older time stamps. As usual, this change affects UTC offsets in pre-1970 time stamps only. The zone's old contents have been moved to the 'backzone' file. The affected zone is America/Montreal. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21tzcode: update to 2015cArmin Kuster2
Changes affecting commentary Mention the TZUpdater tool. Mention "The Time Now". (Thanks to Brandon Ramsey.) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21xz: remove liblzma-dev and liblzma-dbg from PACKAGESRobert Yang1
There should be only one dev and dbg package. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21recipes: Fix charset.alias for muslKhem Raj18
This is same gnulib fix replicated across needed recipes Change-Id: I756713407111a726eae98e26c9c1ff64981371c0 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21parted: Add patches to fix build on muslKhem Raj3
Theese patches are actually generic but expose issues when compiling on musl Change-Id: Ib5312af280d2c399334c5645fbea215737933ae5 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21at: Remove glibc specific codeKhem Raj2
Fixes errors like | /home/kraj/work/bleeding/openembedded-core/build/tmp-musl/work/i586-oe-linux-musl/at/3.1.16-r0/at-3.1.16/parsetime.y:264: undefined reference to `__isleap' | collect2: error: ld returned 1 exit status Change-Id: Ie6ec970b12c918de640ba47e090b2f67a3a43f4e Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-21cracklib: 2.9.2 -> 2.9.3Robert Yang1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>