| Age | Commit message (Collapse) | Author | Files |
|---|
|
* useradd/userdel functions will fail for recipes which override their target prefix
(e.g. to /opt/foo), because it will try to use pseudo from native-sysroot/opt/foo/bin/pseudo
(From OE-Core rev: 96189e71a86c0f4833e8e51d678208fd908bfe30)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
affects openssl < 1.0.1i
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects openssl < 1.0.1i
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects openssl < 1.0.1i
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects openssl < 1.0.2i
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Fix CVE-2016-6318
Backport from cracklib upstream:
https://github.com/cracklib/cracklib/commit/47e5dec521ab6243c9b249dd65b93d232d90d6b1
(From OE-Core rev: bc7691c47f21a7d7549788fe0370c3080fc4dff5)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Add CVE-2016-4477 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/
(From OE-Core rev: d4d4ed5f31c687b2b2b716ff0fb8ca6c7aa29853)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/
(From OE-Core rev: ed610b68f7e19644c89d7131e34c990a02403c62)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
We've had some upstream mirror instability so use our own mirror for the
iptables sources to ensure this doesn't affect the test results.
(From OE-Core rev: 25f6af8895d5f5c6dcedde0a21285d63522769c8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch adds the packages python3-signal, python3-enum and python3-selectors,
while it also fixes python3-subprocess which in turn fix the installation of
python3-modules
[YOCTO #10276]
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
|
|
remotesensing.org domain has been taken over by someone unrelated.
There does not seem to be an up-to-date tiff homepage, but
osgeo.org is a reliable download site.
(From OE-Core rev: f544e1d10e9dc0f750efdb45a78ce9d5c9603070)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport patch to fix CVE-2015-8607 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/0b6f93036de171c12ba95d415e264d9cf7f4e1fd
(From OE-Core rev: e2289647ace9ef96e6a7e4aae201fd9149e56678)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport patch to fix CVE-2016-6185 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/08e3451d7
(From OE-Core rev: 81e550d0c23c9842b85207cdfa73bbe9102e01fb)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Substitute /usr/local with ${bindir}
(From OE-Core rev: bc372d65bc395290e1b7132908a3b943e1b73144)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
pre-5.25.0 perl by default tries to link to an antiquated libnm (new
math) which is not used anymore since the early 1990's. After 2014
another libnm appeared for NetworkManager causing build failures.
(From OE-Core rev: 97d2ba227044571408151f84cfe611e1a72dd816)
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport patch to fix CVE-2016-2381 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
(From OE-Core rev: 07ca8a0131f43e9cc2f720e1cdbcb7ba7c074886)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Several ExtUtils-MakeMaker tests fail when cross-compiled and run on
the target machine. Backport an upstream patch to fix the issues. Also
update the customized.dat hash file for the files modified by this patch
and other existing patches so the porting/customized.t test passes.
[YOCTO #8656]
(From OE-Core rev: bf1160a62d758b0148856482cb7b3f6fed63a0c2)
Signed-off-by: Bill Randle <william.c.randle@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add libssp to the list of dependencies when building with perl-ptest
as some tests require it.
[YOCTO #8656]
(From OE-Core rev: 9ea1d6474c5cd3546d1cad7c0f02a1ee8b3c76bb)
Signed-off-by: Bill Randle <william.c.randle@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
During the upgrade from Perl 5.22.0 to 5.22.1 in commit
f4c9908eae1ae3dcc38877abe2d5fbeb46851dd4 the config.sh file was hand edited
to change the subversion numbers. However, the edit was not entirely
correct. As a result the Perl version test failed. Set the correct
version strings.
[YOCTO #8656]
(From OE-Core rev: 6e06fec1ca71979e361d8a6e35ef4ec442e71881)
Signed-off-by: Bill Randle <william.c.randle@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
affects qemu < 2.7.0-rc0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects qemu < 2.6.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects qemu < 2.6.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects qemu < 2.6.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects qemu < 2.6.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects Qemu < 2.6.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects util-linux < 2.28.2
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
The upgrade addresses CVE-2016-3116:
- Validate X11 forwarding input. Could allow bypass of
authorized_keys command= restrictions,
found by github.com/tintinweb.
Thanks for Damien Miller for a patch. CVE-2016-3116
References:
https://matt.ucc.asn.au/dropbear/CHANGES
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
affects wget < 1.18.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
openssh < 7.2p2
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
openssh < 7.3
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
affects openssh < 7.3
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
When building busybox, an occasional error was observed.
The error is consistently the same:
libbb/appletlib.c:164:13: error: 'NUM_APPLETS' undeclared (first use in this function)
while (i < NUM_APPLETS) {
The reason is the include file where NUM_APPLETS is defined is not yet generated (or is being modified)
at the time libbb/appletlib.c is compiled.
The attached patchset fixes the problem by assuring libb is compiled as the last directory.
[YOCTO#10116]
(From OE-Core rev: a866a05e2c7d090a77aa6e95339c93e3592703a6)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It is a busybox upstream known bug. When the busybox sed sub-command 'n'
hit the files EOF, it print an extra character that have been printed, but
the GNU sed would not print it.
In busybox source code ../editors/sed.c
------------------------------------------------------------------------
case 'n':
if (!G.be_quiet)
sed_puts(pattern_space, last_gets_char);
if (next_line) {
free(pattern_space);
pattern_space = next_line;
last_gets_char = next_gets_char;
next_line = get_next_line(&next_gets_char, &last_puts_char, last_gets_char);
substituted = 0;
linenum++;
break;
}
/* fall through */
/* Quit. End of script, end of input. */
case 'q':
/* Exit the outer while loop */
free(next_line);
next_line = NULL;
goto discard_commands;
------------------------------------------------------------------------
when read at the end of the file, the 'next_line' is null, it would go
"case 'q'" and goto discard_commands, the discard_commands would print
the old pattern space which have been printed.
So in order to comply with GNU sed, in case 'n', when the next_line is null
I add "else" at the end of the second "if": "goto again;" and send it to
the busybox upstream, the busybox maintainer adopt it and make a little
changes to the patch, we can see it at:
His reply:
http://lists.busybox.net/pipermail/busybox/2016-September/084613.html
The new patch on busybox master branch:
https://git.busybox.net/busybox/commit/?id=76d72376e0244a5cafd4880cdc623e37d86a75e4
(From OE-Core rev: 5a680c267454d7c135c4bfe4e551a780f38a5087)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
version 5.4.1 of rpm was not properly distclean before release, which
causes problems when cross-compiling.
The previous version this recipe called make distclean, but that would
trigger a call to ./configure which would fail when no gcc is
available and make the whole do_configure fail further down the line
This patch manually removes the files from the recipe.
(From OE-Core rev: 6c9f61233f64356291a0c42761a833f3b151114c)
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
We need to call rpmcliInit to ensure the rpm relocation code is called.
when we allow rpm2cpio to be relocatable, The adjusted path used to find
the macro files was being built into the binary and this path was valid
for the machine it was built on and some of our other build machines,
but invalid on some others, and was not being properly overridden at
runtime.
when we export the wrsdk and source the sdk, then execute rpm2cpio xxx.rpm|cpio -t.
we will get the following error :
"rpm-5.4.14/rpmdb/dbconfig.c:493:
db3New: Assertion `dbOpts != ((void *)0) && *dbOpts != '\0'' failed.
(From OE-Core rev: aea2bf5c8101ac0bb27776a5614be345835c4a03)
Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
OE-core uses rpm's --nosignature, but it never worked:
self._invoke_smart('config --set rpm-check-signatures=false')
Now fix it with:
* Define SUPPORT_NOSIGNATURES to 1 in system.h
* !QVA_ISSET(qva->qva_flags, SIGNATURE) -> QVA_ISSET(qva->qva_flags, SIGNATURE),
otherwise, when use --nosignature would read database and verify
signature, this is not expected.
This can fix some race issues, for example, when more than one process
are querying rpm file with "rpm -qp --nosignature", they may hang up
because of race issues (the processes are trying to get RW/RD lock on
the database, but they shouldn't read the database at all since -qp and
--nosignature are used).
(From OE-Core rev: 038c09d6ab9581030efdc16aa1b96972970eeaab)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Use md5 sum instead of mtime as the "digest" method for rpm_sys channel.
The digest is used to determine if the channel has been updated. It was
found out that mtime was not a reliable digest. On some systems mtime
of the rpm db does not get updated after every transaction if transactions
(smart install / remove commands) are fired in quick succession. As a
consequence smartpm cache and rpm db get out of sync.
[YOCTO #10244]
(From OE-Core rev: e7267b4e78461e71a1175f93e2eb5e90272c2b47)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This will add a patch to debug random errors seen in the
autobuilders, it won't solve the errors, but will give us
a better idea of what is happening.
[YOCTO #8383]
(From OE-Core rev: c52a7e910a3a52a7455a2409d9ade449bbbd66d4)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
RPMv5 has removed support for _RPMVSF_NOSIGNATURES,
the flag can be replaced with a flags set:
"RPMVSF_NODSAHEADER|RPMVSF_NORSAHEADER|RPMVSF_NODSA
RPMVSF_NORSA"
(From OE-Core rev: 5c0c1b8a64643ad7130b17b5dfce9cecffa6d962)
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: fa2ca7660e8f3279736624aa2493b4ca952ae466)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
musl doesn't like lazy loading that xorg uses, therefore
load the needed modules explicitly
[YOCTO #10169]
(From OE-Core rev: e279c9a30f0df400b06a47a487967a734854714b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
QEMU usermode doesn't support n32 binaries, erroring with "Invalid
ELF image for this architecture".
(From OE-Core rev: 66aa39a959bd41f7063fe64a9225eb9fd6c3293b)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
-nativesdk recipes
It is not necessary for those targets, adds to the build time, and pulls
in the unneeded qemu-native dependency.
(From OE-Core rev: be18364edd5cd2c664f68120063a1e147563faab)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CMake wants a relative path for CMAKE_INSTALL_*DIR, an absolute path
breaks cross-compilation. This fact is documented in the following
ticket: https://cmake.org/Bug/view.php?id=14367
$sysconfdir and $localstatedir are not relative to $prefix, so they are
still set as absolute paths. With his change ${PROJECT}Targets.cmake
that are generated by cmakes "export" function will contain relative
paths instead of absolute ones.
(From OE-Core rev: c03b32bd71dbe04f2f239556fea0b53215e403d7)
Signed-off-by: Thomas Witt <Thomas.Witt@bmw.de>
Signed-off-by: Clemens Lang <clemens.lang@bmw-carit.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Now, useradd dollar sign requires three prepending backslash characters to
avoid unintended expansion. It used to be just one prepending backslash
character before Krogoth. Restore that behaviour.
[YOCTO #10062]
(From OE-Core rev: 9e43a73c7ad576666d53c8c9e0283bc6bb9087a8)
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Affected versions:
Affected versions: libcurl 7.19.6 to and including 7.50.1
Not affected versions: libcurl >= 7.50.2
Reference to upstream patch:
https://curl.haxx.se/CVE-2016-7141.patch
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes race condition when checking digests in sudoers.
Reference:
http://seclists.org/oss-sec/2015/q4/327
Reference to upstream fixes:
https://www.sudo.ws/repos/sudo/raw-rev/397722cdd7ec
https://www.sudo.ws/repos/sudo/raw-rev/0cd3cc8fa195
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Libraries needing versioned symbols, for example mysql, are not
supported by current version of binutils in krogoth.
When mysql library from MariaDB is compiled with the current
version of binutils we encounter errors at runtime as seen
below where php linked to mysql tries to run:
php: relocation error: php: symbol mysql_server_init, version
libmysqlclient_16 not defined in file libmysqlclient.so.18
with link time reference
Above error appears even though symbols exist in library:
245: 000000000001ecc0 0 FUNC GLOBAL DEFAULT 13 mysql_server_init@@libmysqlclient_16
279: 000000000001ecc0 297 FUNC GLOBAL DEFAULT 13 mysql_server_init@@libmysqlclient_18
The problem results from a bug in binutils that has already been
fixed upstream as well as on the 2.26 and 2.27 branches. We advance
the SRCREV on the 2.26 branch used in krogoth release to pick up the fix.
Details about bug: https://sourceware.org/bugzilla/show_bug.cgi?id=19698
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Make sure that we have a pristine source tree after do_unpack.
[YOCTO #9064]
(From OE-Core rev: eccae514b71394ffaed8fc45dea7942152a334a1)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
In the case of using an external toolchain that supports multilib
compilation with a single binary, TARGET_PREFIX is the same for both main
and multilib abis. Without READELF exported, python3 assumes it is
either the readelf for ${BUILD_SYS}-readelf. Exporting cross readelf
fixes the build issue.
checking LDLIBRARY... libpython$(LDVERSION).so
checking for i586-montavistamllib32-linux-ranlib...
x86_64-montavista-linux-ranlib
checking for i586-montavistamllib32-linux-ar...
x86_64-montavista-linux-ar
checking for i586-montavistamllib32-linux-readelf... no
checking for readelf... readelf
configure: WARNING: using cross tools not prefixed with host triplet
(From OE-Core rev: 3442ee423813d547be7899a25ea31efe719e662f)
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
