| Age | Commit message (Collapse) | Author | Files |
|---|
|
4.4.0 -> 4.5.1
Fixes logfile permissions problem (CVE-2017-5618)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The largefile distro feature has been enabled by default in oe-core
for a long time and, more recently, also in poky-tiny. Building
without the largefile distro feature receives little or no testing.
Many packages now enable LFS without exposing a configure option, so
there should be very little expectation that disabling the distro
feature will result in a distro which globally disables LFS.
Respecting the distro feature adds a maintenance over-head and may be
the source of configurations oddities (e.g. dbus-native currently
builds with LFS disabled for no clear reason - fixed by this commit).
Ignore the largefile distro feature more widely, as a first step
towards deprecating and eventually removing it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These are recipes where the upstream has moved to GPLv3 and these old
versions are the last ones under the GPLv2 license.
There are several reasons for making this move. There is a different
quality of service with these recipes in that they don't get security
fixes and upstream no longer care about them, in fact they're actively
hostile against people using old versions. The recipes tend to need a
different kind of maintenance to work with changes in the wider ecosystem
and there needs to be isolation between changes made in the v3 versions
and those in the v2 versions.
There are probably better ways to handle a "non-GPLv3" system but right
now having these in OE-Core makes them look like a first class citizen
when I believe they have potential for a variety of undesireable issues.
Moving them into a separate layer makes their different needs clearer, it
also makes it clear how many of these there are. Some are probably not
needed (e.g. mc), I also wonder whether some are useful (e.g. gmp)
since most things that use them are GPLv3 only already. Someone could
now more clearly see how to streamline the list of recipes here.
I'm proposing we mmove to this separate layer for 2.3 with its future
maintinership and testing to be determined in 2.4 and beyond.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Briefly: Southern Chile moves from -04/-03 to -03, and Mongolia
discontinues DST.
Changes to future time stamps
Mongolia no longer observes DST. (Thanks to Ganbold Tsagaankhuu.)
Chile's Region of Magallanes moves from -04/-03 to -03 year-round.
Its clocks diverge from America/Santiago starting 2017-05-13 at
23:00, hiving off a new zone America/Punta_Arenas. Although the
Chilean government says this change expires in May 2019, for now
assume it's permanent. (Thanks to Juan Correa and Deborah
Goldsmith.) This also affects Antarctica/Palmer.
Changes to past time stamps
Fix many entries for historical time stamps for Europe/Madrid
before 1979, to agree with tables compiled by Pere Planesas of the
National Astronomical Observatory of Spain. As a side effect,
this changes some time stamps for Africa/Ceuta before 1929, which
are probably guesswork anyway. (Thanks to Steve Allen and
Pierpaolo Bernardi for the heads-ups, and to Michael Deckers for
correcting the 1901 transition.)
Ecuador observed DST from 1992-11-28 to 1993-02-05.
(Thanks to Alois Treindl.)
Asia/Atyrau and Asia/Oral were at +03 (not +04) before 1930-06-21.
(Thanks to Stepan Golosunov.)
Changes to past and future time zone abbreviations
Switch to numeric time zone abbreviations for South America, as
part of the ongoing project of removing invented abbreviations.
This avoids the need to invent an abbreviation for the new Chilean
new zone. Similarly, switch from invented to numeric time zone
abbreviations for Afghanistan, American Samoa, the Azores,
Bangladesh, Bhutan, the British Indian Ocean Territory, Brunei,
Cape Verde, Chatham Is, Christmas I, Cocos (Keeling) Is, Cook Is,
Dubai, East Timor, Eucla, Fiji, French Polynesia, Greenland,
Indochina, Iran, Iraq, Kiribati, Lord Howe, Macquarie, Malaysia,
the Maldives, Marshall Is, Mauritius, Micronesia, Mongolia,
Myanmar, Nauru, Nepal, New Caledonia, Niue, Norfolk I, Palau,
Papua New Guinea, the Philippines, Pitcairn, Qatar, Réunion, St
Pierre & Miquelon, Samoa, Saudi Arabia, Seychelles, Singapore,
Solomon Is, Tokelau, Tuvalu, Wake, Vanuatu, Wallis & Futuna, and
Xinjiang; for 20-minute daylight saving time in Ghana before 1943;
for half-hour daylight saving time in Belize before 1944 and in
the Dominican Republic before 1975; and for Canary Islands before
1946, for Guinea-Bissau before 1975, for Iceland before 1969, for
Indian Summer Time before 1942, for Indonesia before around 1964,
for Kenya before 1960, for Liberia before 1973, for Madeira before
1967, for Namibia before 1943, for the Netherlands in 1937-9, for
Pakistan before 1971, for Western Sahara before 1977, and for
Zaporozhye in 1880-1924.
For Alaska time from 1900 through 1967, instead of "CAT" use the
abbreviation "AST", the abbreviation commonly used at the time
(Atlantic Standard Time had not been standardized yet). Use "AWT"
and "APT" instead of the invented abbreviations "CAWT" and "CAPT".
Use "CST" and "CDT" instead of invented abbreviations for Macau
before 1999 and Taiwan before 1938, and use "JST" instead of the
invented abbreviation "JCST" for Japan and Korea before 1938.
Change to database entry category
Move the Pacific/Johnston link from 'australasia' to 'backward',
since Johnston is now uninhabited.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Changes to code
zic no longer mishandles some transitions in January 2038 when it
attempts to work around Qt bug 53071. This fixes a bug affecting
Pacific/Tongatapu that was introduced in zic 2016e. localtime.c
now contains a workaround, useful when loading a file generated by
a buggy zic. (Problem and localtime.c fix reported by Bradley
White.)
zdump -i now outputs non-hour numeric time zone abbreviations
without a colon, e.g., "+0530" rather than "+05:30". This agrees
with zic %z and with common practice, and simplifies auditing of
zdump output.
zdump is now buildable again with -DUSE_LTZ=0.
(Problem reported by Joseph Myers.)
zdump.c now always includes private.h, to avoid code duplication
with private.h. (Problem reported by Kees Dekker.)
localtime.c no longer mishandles early or late timestamps
when TZ is set to a POSIX-style string that specifies DST.
(Problem reported by Kees Dekker.)
date and strftime now cause %z to generate "-0000" instead of
"+0000" when the UT offset is zero and the time zone abbreviation
begins with "-".
Changes to documentation and commentary
The 'Theory' file now better documents choice of historical time
zone abbreviations. (Problems reported by Michael Deckers.)
tz-link.htm now covers leap smearing, which is popular in clouds.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
We're on the margin of the 4GB size limit for certain image types with
this configuration. This is a temporary workaround to avoid total
failures whilst we figure out better ways to save space. On such a
large image, the standard 1.3 is large and 1.2 is reasonable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Skip members whose names contain "..".
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321
Upstream patch:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f671
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade ltp from 20160126 to 20170116.
2. Delete some patches because these have been integrated in upstream.
0001-ltp-Don-t-link-against-libfl.patch
0006-sendfile-Use-off64_t-instead-of-__off64_t.patch
0007-replace-SIGCLD-with-SIGCHLD.patch
0009-Guard-error.h-with-__GLIBC__.patch
0012-fsstress.c-Replace-__int64_t-with-int64_t.patch
0013-include-fcntl.h-for-getting-O_-definitions.patch
0014-hyperthreading-Include-sys-types.h-for-pid_t-definit.patch
0015-mincore01-Rename-PAGESIZE-to-pagesize.patch
0016-ustat-Change-header-from-ustat.h-to-sys-ustat.h.patch
0017-replace-sigval_t-with-union-sigval.patch
0019-tomoyo-Replace-canonicalize_file_name-with-realpath.patch
0022-include-sys-types.h.patch
0029-trace_shed-Fix-build-with-musl.patch
0031-vma03-fix-page-size-offset-as-per-page-size-alignmen.patch
0032-regen.sh-Include-asm-unistd.h-explicitly.patch
0037-containers-netns_netlink-Avoid-segmentation-fault.patch
0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch
0040-containers-userns05-use-unsigned-int-for-ns-id.patch
3. Add new patch based on Khem Raj's 0007-replace-SIGCLD-with-SIGCHLD.patch
0001-add-_GNU_SOURCE-to-pec_listener.c.patch
4. Add new patches fix building errors with musl:
0006-fix-PATH_MAX-undeclared-when-building-with-musl.patch
0007-fix-__WORDSIZE-undeclared-when-building-with-musl.patch
0009-fix-redefinition-of-struct-msgbuf-error-building-wit.patch
Add new patch fix building errors, when the distro is poky-lsb
0012-fix-faccessat01.c-build-fails-with-security-flags.patch
5. Modify some patches because the upstream contains changes, those patches
maybe failed when they apply to the new version of ltp.
0011-Rename-sigset-variable-to-sigset1.patch
0027-sysconf01-Use-_SC_2_C_VERSION-conditionally.patch
0030-lib-Use-PTHREAD_MUTEX_RECURSIVE-in-place-of-PTHREAD_.patch
0035-fix-test_proc_kill-hang.patch
6. Rename and modify this patch.
fcntl-fix-the-time-def-to-use-time_t.patch to
0039-fcntl-fix-the-time-def-to-use-time_t.patch
7. The new version of ltp add the checking for ksh and csh, we doesn't support
ksh and csh in oe-core, so remove the checking files when the system executes
do_install function.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Revert to the upstream server, now that we can handle .lz files.
License checksum changes are due to copyright years.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
ed tarballs are now available only in .lz format, which saves them
an amazing 30 kilobytes over gz.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport the patches for CVE-2014-9913 CVE-2016-9844
CVE-2016-9844:
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip
UnZip 6.0 allows remote attackers to cause a denial of service
(crash) via a large compression method value in the central
directory file header.
CVE-2014-9913:
Buffer overflow in the list_files function in list.c in Info-Zip
UnZip 6.0 allows remote attackers to cause a denial of service
(crash) via vectors related to the compression method.
Patches come from:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/archivers/unzip/ or
https://release.debian.org/proposed-updates/stable_diffs/unzip_6.0-16+deb8u3.debdiff
Bug-Debian: https://bugs.debian.org/847486
Bug-Ubuntu: https://launchpad.net/bugs/1643750
(LOCAL REV: NOT UPSTREAM) --send to oe-core on 20170222
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The license checksum for doc/LICENSE is changed. It's a small change.
'2015' is changed to '2017'. Nothing else is changed. So the licenses
remain the same.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Manipulating stderr after freopen() fails as done by upstream
does not work with musl. The replacement is Unix specific
and uses open()/dup2().
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this patch, linking fails with a missing implementation of
yy_scan_string. This looks like a regression in flex, because 2.6.0 generated
different code that called PrParser_scan_string
resp. DtParser_scan_string.
Working around that in acpica until this is better understood or fixed
in flex is the easiest solution for now.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
qemu support for UEFI in OE-core depends on OVMF, which needs the iasl
tools provided by this recipe. There's also an iasl recipe in
meta-luv, but than can and will be replaced by this one, thus reducing
overall maintenance work.
Copied from meta-openembedded rev fa65be9ba (current master).
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
1.6.0 -> 1.6.1
Refreshed the following patches:
a) 0001-configure-Add-option-to-enable-disable-libnfnetlink.patch
b) 0002-configure.ac-only-check-conntrack-when-libnfnetlink-enabled.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These set of patches backported from upstream, which fixes the issues in
extracting hardlinks over softlinks while etracting packages by opkg.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Busybox implementation only supports head -1 option if ENABLE_INCLUDE_SUSv2
or ENABLE_FEATURE_FANCY_HEAD configuration options are enabled. Also the -and
option for find is only supported if ENABLE_DESKTOP configuration option is
enabled. These configuration options are not enabled in several builds, which is
why this patch is needed.
[YOCTO #11041]
Signed-off-by: Athanasios Oikonomou <athoik@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Otherwise, the filename is v${PV}.tar.gz which isn't straightforward.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When DEPENDS=bzip2 becomes bzip2-native in libarchive-native,
the dependency ends up getting ignored because bzip2-native
is in ASSUME_PROVIDED.
But we need the library and thus have to depend on
bzip2-replacement-native, otherwise the build proceeds
without it despite the explicit --with-bz2lib.
(From OE-Core rev: 7ae1c93ab6df46dc88b0ffaa52778738849ff38d)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d6d3346a2e465c1fc0e8e0896d8c6e7e1c49ee32)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 18033505a540a05d52cf98781f763215925e72a6)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
They are required by nativesdk-cve-check-tool.
(From OE-Core rev: 7252c6f1b4b9a63e3bac79c6eba1b66ab85e21b9)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
I discovered that we were not running autoreconf (and cannot due to the
unconvential file structure upstream), so manually run autoconf and move the
generated configure to the right place as we do already for gnu-configize.
Update no-x.patch (now that it is actually being used) so that it doesn't break
the build.
Patch out the use of INST_LIB_DIR in slsh/Makefile.in as this is the *target*
path, so is inappropriate to link to. This means we can remove the custom
do_install() which was working around the problem.
Remove all rpath patches (now overwritten by autoconf) and replace
with just passing RPATH='' via oe_runmake.
Remove the library search path patches (now overwritten by autoconf) and replace
with passing explicit pointers to the sysroot in the options.
[ YOCTO #10969 ]
(From OE-Core rev: 48fe39b09fbac973ba188938ab2a080f71ee8d68)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes musl build issues and avoids autobuilder failures.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
popd in bash might allow local users to bypass the restricted shell
and cause a use-after-free via a crafted address.
Porting patch from <https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/
bash44-006> to solve CVE-2016-9401.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Drop obsolete patch
- 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
Drop backport patches:
- 0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
- cve-2015-7236.patch
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
watchdog-keepalive is a simplified version of the watchdog daemon
and can't be installed along with watchdog daemon, we need to
choose which daemon install.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport a patch to fix userns05 case:
<<<test_output>>>
user_namespace5 1 TFAIL : userns05.c:95: userns:parent should be not equal to cpid2
user_namespace5 1 TFAIL : userns05.c:95: userns:parent should be not equal to cpid2
user_namespace5 0 TINFO : Child process returned TPASS
user_namespace5 0 TINFO : Child process returned TPASS
user_namespace5 0 TINFO : Child process returned TFAIL
incrementing stop
Rename the previous patch to add a number prefix
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andreas Horsthemke <andhorsthemke@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
(using a new class)
Absolute path symlinks are a bit of a pain for sstate and the native versions
of these recipes currently contain broken symlinks as a result. There are
only a small number of problematic recipes, at least in OE-Core, namely the
three here.
Rather than trying to make sstate handle this magically, which turns out to
be a harder problem than you'd first realise, simply make the symlinks relative
early in the process and avoid all the problems.
The alternative is adding new complexity to sstate which we could really
do without as without the complexity, you can't always tell where the
absolute symlink is relative to (due to prefixes used for native sstate).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Busybox may offer a bash applet. If enabled, the alternatives mechanism
avoids breaking logins if bash gets deinstalled while /bin/bash is configured
as a login shell.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Opkg only depends on libsolv proper, splitting libsolv-ext pkg-config
reduces opkg dependencies.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
With recipe specific sysroots, the gzip-replacement-native dance/class
is obsolete, simplify the code accordingly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream has removed a number of releases from the canonical download site,
including the 1.9 release we were using.
We shoud upgrade to the latest release but as new releases are only compressed
using lzip that means adding lzip-native to oe-core, so this is a suitable
short-term fix.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pwconv and grpconv are used in the postinstall script.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
|
Some recipe might use time, e.g.
http://git.yoctoproject.org/cgit/cgit.cgi/meta-swupd/tree/classes/swupd-image.bbclass?id=531a8e636ca891c34f2596eb7f6365a11d4b29a7#n481
Time is a bash built-in, or a separate utility (typically
in /usr/bin/), but not everybody uses bash, or has
GNU time installed by default.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
3.4 -> 4.0
Removed the following upstreamed or backported patches:
a) 0001-Fix-some-type-comparison-problems.patch
b) 0001-Fix-typo-in-comparision.patch
c) 0001-mdadm.h-bswap-is-already-defined-in-uclibc.patch
d) 0001-raid6check-Fix-if-else-indentation.patch
e) 0001-util.c-include-poll.h-instead-of-sys-poll.h.patch
f) mdadm-3.2.2_fix_for_x32.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
0001-byacc-do-not-reorder-CC-and-CFLAGS.patch is added to fix the problem
of byacc dropping options from $CC.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
It was noticed that syslogd and klogd were no longer running on system
startup, meaning no /var/log/messages etc.. It appears as though
sysklogd has never been updated to follow the expected logging
requirement for systemd as described here:
https://www.freedesktop.org/wiki/Software/systemd/syslog/
As such no service was started and no logging present. Using the above
guidelines we create two new service files syslogd.service and
klogd.service. We make use of tmpfiles.d in order to ensure the
xconsole device node exists and do other minor recipe cleanup to
ensure peaceful coexistence with sysvinit and systemd implementations.
The systemd documentation also asks that for a logger which is not
rsyslog that we also enable 'ForwardToSyslog=' in journald.conf, but
this is already the case so no action is required.
With this change in place syslogd and klogd are started at system
startup and the expected logs are available.
Unfortunately I was not able to find any work done on this upstream or
in other distros so this is my best effort at making this work.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
