summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2022-04-16libxshmfence: Correct LICENSE to HPNDrbt/licenseRichard Purdie
The license in this code is listed as MIT and whilst it is compatible with and usable as MIT, it actually looks like HPND. Clarify the license field accordingly. (From OE-Core master rev: 922b645f443c33060a8990d32e6b7b62ea5497c3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2022-03-29xserver-xorg: update to 1.20.14Steve Sakoman
Fixes: CVE-2021-4008 CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 Stable branch update: 97c5b7777 (HEAD -> server-1.20-branch, tag: xorg-server-1.20.14, origin/server-1.20-branch) xserver 1.20.14 35b4681c7 render: Fix out of bounds access in SProcRenderCompositeGlyphs() 67425fcab Xext: Fix out of bounds access in SProcScreenSaverSuspend() 6bb8aeb30 xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() acc50e609 record: Fix out of bounds access in SwapCreateRegister() 5ff3310b6 modesetting: Allow Present flips with mismatched stride on atomic drivers. 574fe59ef Fix RandR leasing for more than 1 simultaneously active lease. Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-29xserver-xorg: update to 1.20.13Steve Sakoman
Stable branch update: 86a72cb19 (tag: xorg-server-1.20.13) xserver 1.20.13 f85e4edba modesetting: unflip not possible when glamor is not set b03d7184b present: fallback get_crtc to return crtc belonging to screen with present extension Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-29xserver-xorg: update to 1.20.12Steve Sakoman
Stable branch update: b88ad0b34 (tag: xorg-server-1.20.12) xserver 1.20.12 8dea50223 Build xz tarballs instead of bzip2 b7adbac7d hw/dmx/config: Link directly with libdmxconfig.a e49738f0c xfree86: Fix NULL pointer dereference crash 9a59631a4 glx: Fix use after free in MakeCurrent 1fc0ca6e6 xfree86: Fix out of array bound access to xf86Entities a4210fe07 xfree86: Change displays array to pointers array to fix invalid pointer issues after table reallocation 22449f630 glamor: Avoid using GL_QUADS on V3D d16f64031 modesetting: Fix possible_crtcs f1e76731a modesetting: Update props for dynamically added outputs 7bf477711 xquartz: Ensure the mouse pointer is shown when switching to a native macOS alert or window 3ef6e7b76 xquartz: Fix appFlags build failure with macOS 10.15+ SDKs 2a83c840c glx: Set ContextTag for all contexts 394b6cc1c glx: don't create implicit GLXWindow if one already exists 0086535e7 modesetting: Remove few common functions from ms namespace 321964443 modesetting: remove unnecessary ms_covering_xf86_crtc dup of ms_covering_randr_crtc 52eb801d0 modesetting: Find crtc on slave outputs as fallback instead of returning primary crtc c7a2da7b9 present: fix msc offset calculation in screen mode 31544e68e present: Use crtc's screen present operation for syncing 464cbee1c modesetting: Initialize present extension despite glamor is disabled 4e11bd390 modesetting: Disable reverse prime offload mode for displays running on evdi,udl 627252933 dix: Guard against non-existing PtrFeedbackPtr d41b43345 xwayland: Add PtrFeedback to the touch device 23a53f0d5 glx: fixup symbol name for get_extensions function Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-29xserver-xorg: update to 1.20.11Steve Sakoman
Fixes CVE-2021-3472 Stable branch update: 6b767cdf6 (tag: xorg-server-1.20.11) xserver 1.20.11 a1a1aa2c1 Fix XChangeFeedbackControl() request underflow 8890c44a7 xquartz: Remove a check for NSAppKitVersionNumber >= NSAppKitVersionNumber10_7 3c3680c36 xquartz: Don't include strndup.c any more since we no longer support 10.8 and older e1fdc856a xquartz: Add a launch trampoline to better integrate with modern versions of macOS 8f8e9c53e xquartz: Don't process AppKit events if we haven't finished initializing aa6f84021 xquartz: Allocate each fbconfig separately 7aa51bb57 xquartz: Fix a compiler warning about const incompatible pointer assignment d751c46bd xquartz: Fix build with sparkle enabled 03c2e12a8 xquartz: Silence a compiler warning about missing internal methods on NSApplication fcbd57367 xquartz: Rewrite Window menu handling to not depend on X11App.windowsMenu.numberOfItems being correct in -awakeFromNib b27c6602b xquartz: Convert X11Controller ivars into @properties 625c7e4de xquartz: Convert X11Application ivars into @properties 3017fec60 xquartz: Fold quartzCommon.h into quartz.h bdaff44f9 xquartz: Fold away some unnecessary hops to X11Controller through X11Application 7d22031a6 xquartz: Fold away array_with_strings_and_numbers and simplify with more modern Objective-C 937b63ff4 xqaurtz: Remove message_kit_thread() and use dispatch instead e531d3a4c xquartz: Use objc_autoreleasePoolPush / objc_autoreleasePoolPop directly in QuartzBlockHandler 08cf6c90f xquartz: Minor code modernization -- @autoreleasepool adoption 26e0c59a9 xquartz: Remove some dead code for compatibility with older nibs 2853f3896 xquartz: Remove a workaround for AppKit versions older than Lion 1edc9b980 xquartz: Apply spell check fixes from master for easier cherry-picking of changes in xquartz 67f25cc18 xquartz: Fix applications menu table background color for dark mode 4028c2ad1 xquartz: Apply Xcode 12.4 automatic updates to nibs ff1c8e2f7 xquartz: Update the about box copyright to 2021 a16df6028 xquartz: Ensure we call into TIS on the main thread 2087b7782 xquartz: Ensure that NSRunAlertPanel() is run on the main thread 2fe5bf4ba xquartz: Remove support for older versions of libXplugin bc1a2a0d8 xquartz: Remove unused include of AvailabilityMacros.h from various sources 393da8b43 xquartz: Remove support for building for i386 43aaa1093 xquartz: Remove support for Mountain Lion and earlier versions of macOS fb492686d xquartz: Remove support for Lion and earlier versions of macOS 34784415a xquartz: Remove support for SnowLeopard and earlier versions of macOS d3f81ecaf xquartz: Remove check for libdispatch now that we don't support pre-SnowLeopard 739c5bd32 xquartz: Remove support for Leopard and earlier versions of macOS 2d7eb8249 xquartz: Remove support for Tiger and earlier versions of macOS 080f9eb76 os: Remove support for Tiger and earlier versions of macOS be9d2fd87 xquartz: Remove support for Panther and earlier versions of macOS d39eb5840 Fix typo "XQaurtz" in Xquartz.man 1f2b73176 XQuartz: recognize F16-F20 and Menu keys ecc4ebf53 xquartz: Add stub ddxInputThread() f5df31c76 meson.build: KMS support also depends on dri2 b09f5f42d xwayland: Replace LogMessage with LogMessageVerb c17872d50 xkb: Fix heap overflow caused by optimized away min. Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-29xserver-xorg: update to 1.20.10Steve Sakoman
Remove CVE patches contained in this release. Stable branch update: bc111a2e6 (tag: xorg-server-1.20.10) xserver 1.20.10 06d1a032e Check SetMap request length carefully. 7ccb3b0ea Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows 440ed5948 present/wnmd: Translate update region to screen space 54f9af1c6 modesetting: keep going if a modeset fails on EnterVT bd0f53725 modesetting: check the kms state on EnterVT 5c400cae1 configure: Build hashtable for Xres and glvnd 253569a3d xwayland: Create an xwl_window for toplevel only 0811a9ff7 xwayland: non-rootless requires the wl_shell protocol b3ae038c3 glamor: Update pixmap's devKind when making it exportable d6c389cb8 os: Fix instruction pointer written in xorg_backtrace c3e4c1a0f present/wnmd: Execute copies at target_msc-1 already 96ef31e0f present/wnmd: Move up present_wnmd_queue_vblank 669e40390 present: Add present_vblank::exec_msc field dae234efd present: Move flip target_msc adjustment out of present_vblank_create 1930ed233 xwayland: Remove pending stream reference when freeing 1ac389dda xwayland: use drmGetNodeTypeFromFd for checking if a node is a render one d108c2c82 xwayland: Do not discard frame callbacks on allow commits 174cb91d8 present/wnmd: Remove dead check from present_wnmd_check_flip 51ee6e5ce xwayland: Check window pixmap in xwl_present_check_flip2 f4006d795 present/wnmd: Can't use page flipping for windows clipped by children 1e84fda20 xfree86: Take second reference for SavedCursor in xf86CursorSetCursor 8c3c8bda2 glamor: Fix glamor_poly_fill_rect_gl xRectangle::width/height handling b28c88288 include: Increase the number of max. input devices to 256. af4c84ce8 Revert "linux: Make platform device probe less fragile" 39cb95e95 Revert "linux: Fix platform device PCI detection for complex bus topologies" 4b6fce597 Revert "linux: Fix platform device probe for DT-based PCI" Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-29xserver-xorg: update to 1.20.9Steve Sakoman
Remove CVE patches contained in this release. Stable branch update: afb77415e (tag: xorg-server-1.20.9) xserver 1.20.9 705d72139 Fix XRecordRegisterClients() Integer underflow 5b384e767 Fix XkbSelectEvents() integer underflow eff3f6cdd Fix XIChangeHierarchy() integer underflow 1d3a1092c Correct bounds checking in XkbSetNames() 249a12c54 linux: Fix platform device probe for DT-based PCI 5c96eb5f4 linux: Fix platform device PCI detection for complex bus topologies 74b7427c4 linux: Make platform device probe less fragile 4979ac8f0 fix for ZDI-11426 2720b8715 xfree86: add drm modes on non-GTF panels 7da8e7bab present: Check valid region in window mode flips 4a65b6617 xwayland: Handle NULL xwl_seat in xwl_seat_can_emulate_pointer_warp 10cabe0b9 xwayland: Propagate damage x1/y1 coordinates in xwl_present_flip 3b51978b9 doc: Update URLs in Xserver-DTrace.xml 6cbd6a09b xwayland: Use a fixed DPI value for core protocol d4e8c4622 xwayland: only use linux-dmabuf if format/modifier was advertised c726ceacc hw/xfree86: Avoid cursor use after free 0679d4660 Update URL's in man pages 3059a2e62 xwayland: Disable the MIT-SCREEN-SAVER extension when rootless 23c55ec32 xwayland: Hold a pixmap reference in struct xwl_present_event 1179938c1 randr: Check rrPrivKey in RRHasScanoutPixmap() 4912f693e modesetting: Fix front_bo leak at drmmode_xf86crtc_resize on XRandR rotation ccbcf083d xwayland: Store xwl_tablet_pad in its own private key cc3613559 xwayland: Initialise values in xwlVidModeGetGamma() 533cc6ca0 xwayland: Fix crashes when there is no pointer 3aa31823d xwayland: Clear private on device removal 22c0808ac xwayland: Free all remaining events in xwl_present_cleanup 37779d7f4 xwayland: Always use xwl_present_free_event for freeing Present events ba52e5eb0 present/wnmd: Free flip_queue entries in present_wnmd_clear_window_flip b3310ed50 present/wnmd: Keep pixmap pointer in present_wnmd_clear_window_flip fc297c87d xwayland: import DMA-BUFs with GBM_BO_USE_RENDERING only 0430d13c1 xwayland: Fix infinite loop at startup b8b10e293 modesetting: Disable pageflipping when using a swcursor 271934db9 dix: do not send focus event when grab actually does not change Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-28util-linux: fix CVE-2022-0563Steve Sakoman
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. Backport patch from upstream: https://github.com/util-linux/util-linux/commit/faa5a3a83ad0cb5e2c303edbfd8cd823c9d94c17 Patch required slight modifications to apply cleanly to util-linux 2.35.1 Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26oeqa/selftest/tinfoil: Fix intermittent event loss issue in testRichard Purdie
We've been seeing occasional test failures on the autobuilder where we don't see the expected events. It turns out this is due to run_command being helpful and eating them if the server is fast and the client slow. Adding a sleep into the run_command code makes the failure consistent. Use a new "handle_events" argument to allow us to handle all the events which is what this test requires. [YOCTO #14585] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 2292983c717b8cadcf0c443bb7b649a84ea5ad57) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26virglrenderer: update SRC_URIMinjae Kim
The git repo for virglrenderer was changed, so update the SRC_URI accordingly with the new link. Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26gnu-config: update SRC_URIMinjae Kim
The git repo for gnu-config was changed, so update the SRC_URI accordingly with the new link. Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26libxml2: fix CVE-2022-23308 regressionRalph Siemsen
The fix for the CVE in 2.9.13 caused a regression which was addressed after 2.9.13. We import that patch here. Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26ghostscript: backport patch fix for CVE-2021-3781Davide Gardenal
Upstream advisory: https://ghostscript.com/blog/CVE-2021-3781.html Other than the CVE fix other two commits are backported to fit the patch. Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-26ghostscript: fix CVE-2020-15900 and CVE-2021-45949 for -nativeSteve Sakoman
CVE patches (and the stack limits check patch) should have been added to SRC_URI_BASE so that they are applied for both target and -native packages. Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-25apt: backport patch fix for CVE-2020-3810Davide Gardenal
Upstream commit: https://salsa.debian.org/apt-team/apt/-/blob/dceb1e49e4b8e4dadaf056be34088b415939cda6/apt-pkg/contrib/arfile.cc CVE: CVE-2020-3810 Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-24qemu: backport patch fix for CVE-2020-13791Davide Gardenal
Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html CVE: CVE-2020-13791 Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-23python3: ignore CVE-2022-26488Ross Burton
This CVE is specific to Microsoft Windows, so we can ignore it. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 2bd3c5a93988140d9927340b3af68785ae03db65) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-22libsolv: fix CVE: CVE-2021-44568-71 and CVE-2021-44573-77Steve Sakoman
The existing patch for CVE-2021-3200 also fixes CVE-2021-44568 through CVE-2021-44671 and CVE-2021-44573 through CVE-2021-44677, so update CVE tags in patch to reflect this. Reference: https://github.com/openSUSE/libsolv/issues/426 Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21oeqa/selftest/tinfoil: Improve tinfoil event test debuggingRichard Purdie
We still see occasional test failures for unknown reasons. Add some debugging to show whether the matching files event was received even if the command complete wasn't. Also ensure any commandfailed/commandexit event is shown. This will hopefully aid debugging the next time the issue occurs. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2f7a788bb51ef09ee23c94176285437ea760fab7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21oeqa/runtime/ping: Improve failure message to include more detailRichard Purdie
When the ping test fails due to a timeout we only get limited debug information. Tweak the code to improve that in case it sheds any light on intermittent failures. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d81704057950e1970ef7f673fa771834fd2b3f1e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21python3targetconfig: Use for nativesdk tooRichard Purdie
nativesdk is a cross compiled target and therefore should use the target config, not the native one. Copy the target entries accordingly. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b1b5fec350b390fa7f2d26966df1411b032faf87) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21mobile-broadband-provider-info: upgrade 20210805 -> 20220315Changhyeok Bae
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ed02ee8f20094f598448d58875cb7be8a24a019f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21mobile-broadband-provider-info: upgrade 20201225 -> 20210805Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 93a335993ce592a8ee34fc9a490e327f2775e03f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21linux-firmware: upgrade 20220209 -> 20220310wangmy
License-Update: year updated to 2022 Version of some driver files updated Added files for some drivers Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit be1b1d204c89035c54a626db46c5054e553b82c2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21python3: upgrade 3.8.12 -> 3.8.13Tim Orling
Security and bug fixes (including upgrades for security and bug fixes to bundled components). For changes see: https://docs.python.org/release/3.8.13/whatsnew/changelog.html#python-3-8-13-final CVE: CVE-2022-26488 License-Update: Add 2022 to copyright years * Update bpo-36852 patch to apply after change in 3.8.13 Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21openssl: upgrade 1.1.1l -> 1.1.1nOvidiu Panait
Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778: https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 This also fixes an evp_extra_test ptest failure introduced by openssl-1.1.1m: """ not ok 19 - test_signatures_with_engine ERROR: (ptr) 'e = ENGINE_by_id(engine_id) != NULL' failed @ ../openssl-1.1.1m/test/evp_extra_test.c:1890 0x0 not ok 20 - test_cipher_with_engine <snip> """ The ptest change is already present in Yocto master since oe-core commit 5cd40648b0ba ("openssl: upgrade to 3.0.1"). Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21bluez5: fix CVE-2021-3658Minjae Kim
adapter incorrectly restores Discoverable state after powered down Upstream-Status: Backport [https://github.com/bluez/bluez/commit/b497b5942a8beb8f89ca1c359c54ad67ec843055] CVE: CVE-2021-3658 Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-21qemu: backport fix for CVE-2020-13253Davide Gardenal
Backport commits from the following MR: https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6 Two other commits have been backported in order to be able to correctly apply the patches. CVE: CVE-2020-13253 Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-14re2c: backport fix for CVE-2018-21232Davide Gardenal
Backport commits from the following issue: https://github.com/skvadrik/re2c/issues/219 CVE: CVE-2018-21232 Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-14libxml2: move to gitlab.gnome.orgRalph Siemsen
The project has migrated from www.xmlsoft.org to gitlab.gnome.org. Update the homepage accordingly, and use gnomebase to construct the download URL, rather than including it in SRC_URI explicitly. Note that the download is now in .xz format rather than .gz, so the sha256sum is updated accordingly. Post-decompression tarballs are identical, so there is no change to the libxml2 code. Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8bc17ceb997f8f31a03e5f5efc41c03ef1df3add) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-14libxml2: backport fix for CVE-2022-23308Ralph Siemsen
Use-after-free of ID and IDREF attributes, which could result in denial of service. https://nvd.nist.gov/vuln/detail/CVE-2022-23308 CVE: CVE-2022-23308 Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-14build-appliance-image: Update to dunfell head revisionRichard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-10bind: update to 9.11.36Ralph Siemsen
Security Fixes The lame-ttl option controls how long named caches certain types of broken responses from authoritative servers (see the security advisory for details). This caching mechanism could be abused by an attacker to significantly degrade resolver performance. The vulnerability has been mitigated by changing the default value of lame-ttl to 0 and overriding any explicitly set value with 0, effectively disabling this mechanism altogether. ISC's testing has determined that doing that has a negligible impact on resolver performance while also preventing abuse. Administrators may observe more traffic towards servers issuing certain types of broken responses than in previous BIND 9 releases, depending on client query patterns. (CVE-2021-25219) ISC would like to thank Kishore Kumar Kothapalli of Infoblox for bringing this vulnerability to our attention. [GL #2899] Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-09perf-tests: add bash into RDEPENDS (v5.12-rc5+)Bruce Ashfield
Upstream commit: commit 1dc481c0b0cf18d3952d93a73c4ece90dec277f0 Author: Leo Yan <leo.yan@linaro.org> Date: Sat Mar 20 18:45:54 2021 +0800 perf test: Change to use bash for daemon test When executing the daemon test on Arm64 and x86 with Debian (Buster) distro, both skip the test case with the log: Changes tools/perf/tests/shell/daemon.sh to be explicitly bash (it was already required, but was just skipped on various distros). We add it into our RDEPENDS for perf-tests to fixup 5.12+ builds. We already have relatively heavy RDEPENDS for perf tests (python3), so adding bash into the RDEPENDS isn't signifcant even for older perf builds that use the same recipe. (cherry picked from commit 159cdb159ad0e9d3ed73cfc07f9acd5c0b608e7b) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-09tiff: Add backports for two CVEs from upstreamsana kazi
Based on commit from master Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6ae14b4ff7a655b48c6d99ac565d12bf8825414f) Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Sana Kazi <sanakazisk19@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-09vim: Update to 8.2.4524 for further CVE fixesRichard Purdie
Includes CVE-2022-0696, CVE-2022-0714, CVE-2022-0729. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0d29988958e48534a0076307bb2393a3c1309e03) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-07sstate: inside the threadedpool don't write to the shared localdataJose Quaresma
When inside the threadedpool we make a copy of the localdata to avoid some race condition, so we need to use this new localdata2 and stop write the shared localdata. Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 90fe6948a9df0b43c58120a9358adb3da1ceb5b9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-07systemd: Ensure uid/gid ranges are set deterministicallyRichard Purdie
meson.build will fall back to greping /etc/login.defs for values of these if they're not set. Different distros set them (Centos 7/8 does, Ubuntu does not) so output was not deterministic. Avoid this by setting to the default values. We now match the vaules from login.defs from shadow. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 77a6ac0ac266d71e4fe67fd332662081f30cd7bf) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-07asciidoc: update git repositoryRoss Burton
The asciidoc-py3 repository has been renamed to asciidoc-py. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-03uninative: Upgrade to 3.5Michael Halstead
Add support for glibc 2.35. Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 347b8c87fb4e2c398644f900728cf6e22ba4516d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03uninative: Add version to uninative tarball nameRichard Purdie
uninative works via hashes and doesn't need the version in the tarball name but it does make things easier to inspect in DL_DIR. There were reasons such as ease of publication of the build tarballs but we can handle those differently now and the signature issues from the early code aren't an issue now. From 3.4 onwards we can use a version'd name. [YOCTO #12970] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dadba70d6a24d8ebb5576598efffa973151c7218) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03buildhistory.bbclass: create the buildhistory directory when neededJose Quaresma
When the BUILDHISTORY_RESET is enabled we need to move the content from BUILDHISTORY_DIR to BUILDHISTORY_OLD_DIR but when we start a clean build in the first run we don't have the BUILDHISTORY_DIR so the move of files will fail. | ERROR: Command execution failed: Traceback (most recent call last): | File "/xxx/poky/bitbake/lib/bb/command.py", line 110, in runAsyncCommand | commandmethod(self.cmds_async, self, options) | File "/xxx/poky/bitbake/lib/bb/command.py", line 564, in buildTargets | command.cooker.buildTargets(pkgs_to_build, task) | File "/xxx/poky/bitbake/lib/bb/cooker.py", line 1481, in buildTargets | bb.event.fire(bb.event.BuildStarted(buildname, ntargets), self.databuilder.mcdata[mc]) | File "/xxx/home/builder/src/base/poky/bitbake/lib/bb/event.py", line 214, in fire | fire_class_handlers(event, d) | File "/xxx/poky/bitbake/lib/bb/event.py", line 121, in fire_class_handlers | execute_handler(name, handler, event, d) | File "/xxx/poky/bitbake/lib/bb/event.py", line 93, in execute_handler | ret = handler(event) | File "/xxx/poky/meta/classes/buildhistory.bbclass", line 919, in buildhistory_eventhandler | entries = [ x for x in os.listdir(rootdir) if not x.startswith('.') ] | FileNotFoundError: [Errno 2] No such file or directory: '/xxx/buildhistory' Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 97bc2168da7dbacdfbf79cd70db674363ab84f6b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03libxml-parser-perl: Add missing RDEPENDSRichard Purdie
Running the ptest package in an image alone highlighted missing module dependencies. Add them to fix those errors. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3859f49db2d694c7b63fdbe25be0018afba5c738) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03cml1.bbclass: Handle ncurses-native being available via pkg-configNathan Rossi
The linux kernel will by default use pkg-config to get ncurses(w) paths, falling back to absolute path checks otherwise. If the build host does not have ncurses installed this will fail as pkg-config will not search the native sysroot for ncurses. To more all kernel/kconfig sources, inject the equivalent native pkg-config variables similar to what is done by the pkg-config-native script. This only affects the menuconfig python task itself and the oe_terminal call inside it. (cherry picked from commit abb95c421bb67d452691819e3f63dabd02e2ba37) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03bootchart2: Add missing python3-math dependencyMarek Vasut
Without this dependency, generating the bootchart may fail with: " ModuleNotFoundError: No module named 'random' " (cherry picked from commit 487e9f16a00f895159b79f1865fe8b626b47ddc2) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Mingli Yu <mingli.yu@windriver.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03wireless-regdb: upgrade 2021.08.28 -> 2022.02.18wangmy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e5c06ddfd3c0db0d0762c0241c019f59ad310e53) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03Revert "cve-check: add lockfile to task"Ross Burton
Now that all of the functions in cve-check open the database read-only, we can remove this lockfile. This means cve-check can run in parallal again, improving runtimes massively. This reverts commit d55fbf4779483d2cfd71df78d0f733b599fef739. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e60d149b41d14d177df20dbecaef943696df1586) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03cve-check: get_cve_info should open the database read-onlyRoss Burton
All of the function in cve-check should open the database read-only, as the only writer is the fetch task in cve-update-db. However, get_cve_info() was failing to do this, which might be causing locking issues with sqlite. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8de517238f1f418d9af1ce312d99de04ce2e26fc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03coreutils: remove obsolete ignored CVE listRoss Burton
Three CVEs were meant to be ignored via CVE_WHITELIST, but that wasn't the correct variable name. The CPEs for those CVEs mean that they don't get picked up in our report, so just remove the assignment. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dea00faf30ec7c19b6b5ed4651b430ba3faf69ff) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2022-03-03expat: fix CVE-2022-25315Steve Sakoman
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. Backport patch from: https://github.com/libexpat/libexpat/pull/559/commits/eb0362808b4f9f1e2345a0cf203b8cc196d776d9 CVE: CVE-2022-25315 Signed-off-by: Steve Sakoman <steve@sakoman.com>