summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2021-07-18libxml2: Update to 2.9.12timo/dunfell/libxml2-2.9.12Tony Tascioglu
Drop CVE patches which are fixed by the new upstream version. Modify conflicting patches to apply to the new versions: libxml2/libxml-m4-use-pkgconfig.patch libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch Drop fix-python39, which is merged upstream. Removed hunk for tstLastError.py from libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch since it has been fixed upstream by: 8c3e52e: Updated python/tests/tstLastError.py libxml2.registerErrorHandler(None,None): None is not acceptable as first argument failUnlessEqual replaced by assertEqual The checksums for the licence file changed because a typo was fixed across the files. The licence remains the same. The obsolete MD5 checksums for the tar files have been dropped in favor of SHA256. The new release also adds fuzz tests, which are removed from the makefile to allow the ptests to run. Fuzz testing is done upstream and there is no need to run them as part of ptests which are intended for functionality testing. (From OE-Core rev: c7c429d05ca51b0404f09981f6c9bcad7dc33222) Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Backport to dunfell Fixes CVE-2021-3541 References: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3541 https://bugzilla.redhat.com/show_bug.cgi?id=1950515 Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
2021-07-11report-error: Drop pointless inheritRichard Purdie
The base class is always inherited, drop the unneeded inherit. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 837d62c066589e5a12a0bf894ae7b24e8b048665) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11update-rc.d: update SRCREV to pull in fix for non-bash shell supportMarek Vasut
This pulls in non-bash shell fix for enable/disable command, upstream commit 8636cf4 ("update-rc.d: Fix enable/disable command"). This way update-rc.d works with e.g. dash shell again. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Changqing Li <changqing.li@windriver.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f697332a3a753898183d7c5d2965dd75db9b0a24) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11tzdata: Allow controlling zoneinfo binary formatZoltán Böszörményi
tzcode 2020b changed the default format from "-b fat" to "-b slim". Allow external control for the binary format. Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c9e8b716eb71d4526517825eacefb91ab2c1781c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11oeqa/selftest/multiprocesslauch: Fix test raceRichard Purdie
Having two possible failures in multiprocesslauch creates a race where one failure may occur and stop processes being lanuched meaning the second failure may not be seen. Rather than having periodic races appearing on the autobuilder, only have one failure, making the test much more deterministic. [YOCTO #13054] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 31e9dcda40aae3ce0801580c838928956e1455e3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11dwarfsrcfiles: Avoid races over debug-link filesRichard Purdie
We use dwarfsrcfiles in package.bbclass to list the source files used by a binary. This is done before they're stripped and linked to debug symbols in separate files. It is possible a binary may already have a link to separate debug symbols, e.g. some of the test binaries in lttng-tools ptest. In those cases, the linked binary may be changed by package.bbclass code whilst dwarfsrcfiles is reading it. That would result in a rare SIGBUS race causing the binary to fail. To avoid this, break the debug file search path so no other binaries are found. Also fix a segfault if no binary is specified while here. [YOCTO #14400] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit efef732859e265533acf16f2f4da3b29d50e0df4) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11dhcp: fix CVE-2021-25217Minjae Kim
A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient. reference: https://www.openwall.com/lists/oss-security/2021/05/26/6 https://kb.isc.org/docs/cve-2021-25217 Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11busybox: fix CVE-2021-28831Chen Qi
Backport patch to fix CVE-2021-28831. (From OE-Core rev: e579dbd9a6b2472ca90f411c0b594da9e38c9aca) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Akash Hadke <akash.hadke@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-11bootchart2: update 0.14.8 -> 0.14.9Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4ed68ea38bbdb91729f822a8f1a5fe7e5d2d713) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-08glibc: update to lastest 2.31 release HEADSteve Sakoman
Includes the following fixes: 4f0a61f753 wordexp: handle overflow in positional parameter number (bug 28011) 8e88c0d888 Fix SXID_ERASE behavior in setuid programs (BZ #27471) 74a4425fae Enhance setuid-tunables test bb5bb87959 tst-env-setuid: Use support_capture_subprogram_self_sgid 700264179c support: Add capability to fork an sgid child 7fa6d30eea support: Typo and formatting fixes 0de2b69c31 support: Pass environ to child process 0c92f409a7 S390: Also check vector support in memmove ifunc-selector [BZ #27511] Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-08webkitgtk: Upgrade to 2.28.4Khem Raj
This is a bug fix release in the stable 2.28 series. Fixes several crashes and rendering issues. backport a patch from master to fix clang11 build error Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6d38f23f5c34dfb2a2d28b834b0c35b1f7778f85) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-08webkitgtk: upgrade 2.28.2 -> 2.28.3Richard Purdie
This is a bug fix release in the stable 2.28 series. - Enable kinetic scrolling with async scrolling. - Fix web process hangs on large GitHub pages. - Bubblewrap sandbox should not attempt to bind empty paths. - Fix threading issues in the media player. - Fix several crashes and rendering issues. Remove CVE-2020-13753.patch since fix is included in 2.28.3 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1e67e325ba620fe91ef11ab2a1029fbbc54b3c69) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06python3: upgrade 3.8.10 -> 3.8.11Tim Orling
Release Date: June 28, 2021 This is a security release of Python 3.8 Note: The release you're looking at is Python 3.8.11, a security bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. Get the latest release of 3.9.x here. Security content in this release contains three fixes. There's also two fixes for 3.8.10 regressions. Take a look at the change log for details. According to the release calendar specified in PEP 569, Python 3.8 is now in security fixes only stage of its life cycle: 3.8 branch only accepts security fixes and releases of those are made irregularly in source-only form until October 2024. Python 3.8 isn't receiving regular bugfixes anymore, and binary installers are no longer provided for it. Python 3.8.10 was the last full bugfix release of Python 3.8 with binary installers. References: https://docs.python.org/release/3.8.11/whatsnew/changelog.html#python-3-8-11-final Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06oeqa/selftest/archiver: Allow tests to ignore empty directoriesRichard Purdie
If we tweak sstate to not remove empty directories under conditions where a race could occur, we see failures from: "oe-selftest -r archiver.Archiver.test_archiver_filters_by_type archiver.Archiver.test_archiver_filters_by_type_and_name" since an empty directory is left behind. Update the tests to ignore empty directories. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 10cda713faea9a348fd278137ac75e4a6d76a71c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06devtool: deploy-target: Fix preserving attributes when using --stripFlorian Amstutz
Commit a2db4fa127a3347fc6df31f895fb0b552669119e added ${WORKDIR}/deploy-* to PSEUDO_IGNORE_PATHS. This breaks the --strip mode since ${D} is copied to deploy-target-stripped. Use the directory devtool-deploy-target-stripped instead. [YOCTO #14451] Signed-off-by: Florian Amstutz <florian.amstutz@scs.ch> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 02661f20faf11d0fa2f1874bd423f5d9fa7a31c9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06sstate/staging: Handle directory creation race issueRichard Purdie
The sstate code tries to be careful about racing around directory creation. In particular, the copyhardlinktree code creates the directory tree first allowing for "already exists" errors and ignoring them, then hardlinks the files in. Unfortunately the sstate removal code can race against this since it will try and remove empty directories. If there is some bad timing, a newly created directory can be removed before it was populated, leading to build failures. We could try and add locking but this would damage performance, we've been there before. It is also unclear where to actually place locks just based on the contents of a manifest file which may cover multiple sstate install locations for a given task. Instead, lets disable directory removal in the problematic "shared" core path. This could result in a few more empty directories being left on disk but those should be harmless and better than locking hurting performance or rare build races. [YOCTO #13999] [YOCTO #14379] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4f94d9296394bc7ce241439f00df86eb5912875f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06oeqa/selftest/runcmd: Tweal test timeoutsRichard Purdie
Load on the autobuilder meant we see occasionaly timeout issues with these tests. Slightly increase the test timeouts to better reflect the real world timings we see. [YOCTO #14262] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fccd2ade0e345625ed9a4b74a7431b000ce2214f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06sstate.bbclass: fix errors about read-only sstate mirrorsMichael Ho
If a read-only sstate mirror is used in conjunction with hash equiv, then OSError will be raised when an sstate-cache hit is achieved. This is because sstate_task_postfunc will try to "touch" the symlinks that point to the read-only sstate mirror when sstate_report_unihash has changed SSTATE_PKG. This commit adds an additional exception handler to silently mask read only rootfs errors thrown during the touch. The fix is also duplicated to sstate_eventhandler as the code is very similar but it may not be needed there. Example of the error: File: 'exec_python_func() autogenerated', lineno: 2, function: <module> 0001: *** 0002:sstate_task_postfunc(d) 0003: File: '/poky/meta/classes/sstate.bbclass', lineno: 774, function: sstate_task_postfunc 0770: 0771: omask = os.umask(0o002) 0772: if omask != 0o002: 0773: bb.note("Using umask 0o002 (not %0o) for sstate packaging" % omask) *** 0774: sstate_package(shared_state, d) 0775: os.umask(omask) 0776: 0777: sstateinst = d.getVar("SSTATE_INSTDIR") 0778: d.setVar('SSTATE_FIXMEDIR', shared_state['fixmedir']) File: '/poky/meta/classes/sstate.bbclass', lineno: 703, function: sstate_package 0699: if not os.path.exists(siginfo): 0700: bb.siggen.dump_this_task(siginfo, d) 0701: else: 0702: try: *** 0703: os.utime(siginfo, None) 0704: except PermissionError: 0705: pass 0706: 0707: return Exception: OSError: [Errno 30] Read-only file system Signed-off-by: Michael Ho <Michael.Ho@bmw.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 244b3be0358a66e0cca4016fe26144e3d7323390) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-06package_pkgdata: Avoid task hash mismatches for generic task changesRichard Purdie
Add SSTATETASKS to package_prepare_pkgdata[vardepsexclude] since otherwise the task hashes vary depending upon which packaging backends are enabled and likely other changes which add/remove unrelated sstate tasks. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4011d31d4372639fd72ee0eefae210bf59c90d13) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05perf: Use python3targetconfig to ensure we use target librariesRichard Purdie
We've seen some reproducibility issues on the autobuilder in perf where the size of the python module varies slightly between systems. After some head scratching and removing the --quiet option to the python module build, you can see it using -Lrecipe-sysroot-native in the linking commandline for the module. This means it is linking against the native library on systems where that works, skipping it and using the target one otherwise, probably with warnings in logs we've not seen. The fix is to inherit the python3targetconfig class which ensures that the target sysroot is used, then the byte differences between the builds go away and things are sane(r) again. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8e2b6c042edd9ec76cb8281247604e4f81518780) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05selftest: do not hardcode /tmp/sdkAlexander Kanavin
This races if there are several copies of the test running at the same time. [YOCTO #14438] (From OE-Core rev: deab11848036941771f2b3dc5cdaee83395280b5) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit ea707e8726cd7012d101d02e69503b7c98bdaf3e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05kernel-devicetree: Fix interaction when packaging disabledRichard Purdie
When packaging is disabled using the nopackages class, ensure we don't add to PACKAGES. This fixes builds where we have an unpackaged kernel alongside a packaged kernel. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d6b114cf5a9b22688c0b59a3afc46a07450d87b5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05kernel: Fix interaction when packaging disabledRichard Purdie
When packaging is disabled using the nopackages class, ensure we don't add to PACKAGES. This fixes builds where we have an unpackaged kernel alongside a packaged kernel. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2522daf22e2c27dd9c7926feda0345978217c6c3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05linux-yocto/5.4: update to v5.4.129Bruce Ashfield
Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: 82ffbc138a1f Linux 5.4.129 9011aaab90b8 certs: Move load_system_certificate_list to a common function e20b90e4f81b certs: Add EFI_CERT_X509_GUID support for dbx entries 06ab9df09eb3 x86/efi: move common keyring handler functions to new file ac7d3f554472 certs: Add wrapper function to check blacklisted binary hash 61168eafe024 mm, futex: fix shared futex pgoff on shmem huge page a33b70d62552 mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() e045e9e79d2a mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes 037a1d67d236 mm: page_vma_mapped_walk(): get vma_address_end() earlier fa89d536948a mm: page_vma_mapped_walk(): use goto instead of while (1) a499febd9935 mm: page_vma_mapped_walk(): add a level of indentation b1783bf8c8e4 mm: page_vma_mapped_walk(): crossing page table boundary 80b2270a14b8 mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block ef161ccaca70 mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd 4961160272b7 mm: page_vma_mapped_walk(): settle PageHuge on entry 52e2b20fb5e4 mm: page_vma_mapped_walk(): use page for pvmw->page 82ee7326af7a mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split bd4389215227 mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() b767134ec30a mm/thp: fix page_address_in_vma() on file THP tails 41432a8a6776 mm/thp: fix vma_address() if virtual address below file offset 4b0a34e222e5 mm/thp: try_to_unmap() use TTU_SYNC for safe splitting bd092a0f1942 mm/thp: make is_huge_zero_pmd() safe and quicker 4c37d7f269f8 mm/thp: fix __split_huge_pmd_locked() on shmem migration entry 7ce4b73d349b mm, thp: use head page in __migration_entry_wait() 68ce37ebe0f2 mm/rmap: use page_not_mapped in try_to_unmap() 432b61863ac7 mm/rmap: remove unneeded semicolon in page_not_mapped() cfe575954ddd mm: add VM_WARN_ON_ONCE_PAGE() macro 42f11f0fe977 kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() 06ab015d1849 kthread_worker: split code for canceling the delayed work timer d77c9c8537db i2c: robotfuzz-osif: fix control-request directions bb85717e3797 KVM: do not allow mapping valid but non-reference-counted pages d6f751ecccfb nilfs2: fix memory leak in nilfs_sysfs_delete_device_group 702acfcbfa68 pinctrl: stm32: fix the reported number of GPIO lines per bank 76c10e10ba7b net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY aa00b9780482 net: ll_temac: Add memory-barriers for TX BD access d807b93f9bca PCI: Add AMD RS690 quirk to enable 64-bit DMA 5830f2081d98 recordmcount: Correct st_shndx handling 70866199220e net: qed: Fix memcpy() overflow of qed_dcbx_params() b7168ec176fd KVM: selftests: Fix kvm_check_cap() assertion 58687d143515 r8169: Avoid memcpy() over-reading of ETH_SS_STATS cb4a2e4e224a sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS 97e0102e1824 r8152: Avoid memcpy() over-reading of ETH_SS_STATS f12a5b48bcc8 net/packet: annotate accesses to po->ifindex cdcedd3c8683 net/packet: annotate accesses to po->bind 343406f9c198 net: caif: fix memory leak in ldisc_open 8707ce86e927 net: phy: dp83867: perform soft reset and retain established link 9f2d04dfb3c4 inet: annotate date races around sk->sk_txhash d40ff07a7b7d ping: Check return value of function 'ping_queue_rcv_skb' 9df4f031536b net: ethtool: clear heap allocations for ethtool function 62aed2df294a mac80211: drop multicast fragments eb2b1216bc8f net: ipv4: Remove unneed BUG() function e0c950d2fddb dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma f7b1926c7c5d dmaengine: mediatek: do not issue a new desc if one is still current 3d995587c3ea dmaengine: mediatek: free the proper desc in desc_free handler c09af3877b53 dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() f2c027a7750f cfg80211: call cfg80211_leave_ocb when switching away from OCB 78bf3c613148 mac80211_hwsim: drop pending frames on stop ae9de9444b54 mac80211: remove warning in ieee80211_get_sband() 0e486713779a dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() 456367b24190 Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" 1442186236ad spi: spi-nxp-fspi: move the register operation after the clock enable 7bc73260c4b1 MIPS: generic: Update node names to avoid unit addresses 0855fe6d8835 arm64: link with -z norelro for LLD or aarch64-elf 3173390b8dbc kbuild: add CONFIG_LD_IS_LLD 3450f5eb8c9e mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk 48a5449c0be1 ARM: 9081/1: fix gcc-10 thumb2-kernel regression 4a8e89e0fd0b drm/radeon: wait for moving fence after pinning 4577708b2a22 drm/nouveau: wait for moving fence after pinning v2 c77c617e26e2 Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell." 6bd0da6c9b12 Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue." e2dc07ca4e01 module: limit enabling module.sig_enforce Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d621feee60e71bea68c853626e74669b9d953346) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05linux-yocto/5.4: update to v5.4.128Bruce Ashfield
Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: 4037804c5574 Linux 5.4.128 fd7c4bd58249 usb: dwc3: core: fix kernel panic when do reboot d7e403eea007 usb: dwc3: debugfs: Add and remove endpoint dirs dynamically 5babc3977565 clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940 aad8f1d88ed6 clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue 5394080643bc clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support c53cc5f9587c ARM: OMAP: replace setup_irq() by request_irq() 7d266c8a2ae8 KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read 0c2a4178d796 tools headers UAPI: Sync linux/in.h copy with the kernel sources 7381c4d0bc10 net: fec_ptp: add clock rate zero check 190ecdf53d67 net: stmmac: disable clocks in stmmac_remove_config_dt() 4f69c8930674 mm/slub.c: include swab.h 9ddeea35c47d mm/slub: fix redzoning for small allocations c0837e021d90 mm/slub: clarify verification reporting 79855be6445b net: bridge: fix vlan tunnel dst refcnt when egressing a2241e62f6b4 net: bridge: fix vlan tunnel dst null pointer dereference b6c0ab11c88f net: ll_temac: Fix TX BD buffer overwrite 6d120ab4dc39 net: ll_temac: Make sure to free skb when it is completely used a32f70e06980 drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue. dbde458378ef drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell. 92e08a5ffae9 cfg80211: avoid double free of PMSR request 01ade7c84fda cfg80211: make certificate generation more robust 05b4fdec273b dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc f3c629b164ca x86/fpu: Reset state for all signal restore failures 4f1e9bafa195 x86/pkru: Write hardware init value to PKRU when xstate is init 13c5f1f0798c x86/process: Check PF_KTHREAD and not current->mm for kernel threads 80c56699cf1a ARCv2: save ABI registers across signal handling cbb425f62df9 KVM: x86: Immediately reset the MMU context when the SMM flag is cleared 58877ce3fecd PCI: Work around Huawei Intelligent NIC VF FLR erratum a36d9bdc1917 PCI: Add ACS quirk for Broadcom BCM57414 NIC 4c90f90a91d7 PCI: aardvark: Fix kernel panic during PIO transfer 0e888c237754 PCI: aardvark: Don't rely on jiffies while holding spinlock f3b600a2b6bc PCI: Mark some NVIDIA GPUs to avoid bus reset 775c25b7a334 PCI: Mark TI C667X to avoid bus reset c7660ab8126e tracing: Do no increment trace_clock_global() by one 79894a5d75ab tracing: Do not stop recording comms if the trace file is being read 4ab1152bb778 tracing: Do not stop recording cmdlines when tracing is off 0061eff74824 usb: core: hub: Disable autosuspend for Cypress CY7C65632 6f87c0e21ad2 can: mcba_usb: fix memory leak in mcba_usb 22cba878abf6 can: j1939: fix Use-after-Free, hold skb ref while in use 776e0d16ac84 can: bcm/raw/isotp: use per module netdevice notifier c297559a2a2a can: bcm: fix infoleak in struct bcm_msg_head 35b651d6bdf3 hwmon: (scpi-hwmon) shows the negative temperature properly 8ea34be15fb5 radeon: use memcpy_to/fromio for UVD fw upload 0b445249635d pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled d7d307fb3e70 spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() 04e5fbe604d3 ASoC: rt5659: Fix the lost powers for the HDA header 81376d3d5ede regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting 19f88ca68ccf net: ethernet: fix potential use-after-free in ec_bhf_remove 63137ea2423c icmp: don't send out ICMP messages with a source address of 0.0.0.0 c3e6fbc7ba7c bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path 87971d582c66 bnxt_en: Rediscover PHY capabilities after firmware reset 755da76ec5de cxgb4: fix wrong shift. 81de2ed06df8 net: cdc_eem: fix tx fixup skb leak a49cbb762ef2 net: hamradio: fix memory leak in mkiss_close 0f868a684376 be2net: Fix an error handling path in 'be_probe()' c14c276d7f35 net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock 3dd2aeac2e96 net: ipv4: fix memory leak in ip_mc_add1_src 7b18f289fd0b net: fec_ptp: fix issue caused by refactor the fec_devtype 4252bf6c2b24 net: usb: fix possible use-after-free in smsc75xx_bind 217395c5ab15 lantiq: net: fix duplicated skb in rx descriptor ring 5f7acbf602d8 net: cdc_ncm: switch to eth%d interface naming 3daa97817aa8 ptp: improve max_adj check against unreasonable values 26b8d10703a9 net: qrtr: fix OOB Read in qrtr_endpoint_post 8d3de2b47e53 netxen_nic: Fix an error handling path in 'netxen_nic_probe()' a670a78fb180 qlcnic: Fix an error handling path in 'qlcnic_probe()' b0bb49b0fbc3 net: make get_net_ns return error if NET_NS is disabled 5d47a84f459c net: stmmac: dwmac1000: Fix extended MAC address registers definition c82e4e78094d alx: Fix an error handling path in 'alx_probe()' 4cefa061fc63 sch_cake: Fix out of bounds when parsing TCP options and header 6defc77d48ef netfilter: synproxy: Fix out of bounds when parsing TCP options ad689fec4498 net/mlx5e: Block offload of outer header csum for UDP tunnels 946a36f82a0b net/mlx5e: allow TSO on VXLAN over VLAN topologies 0bb0270832c8 net/mlx5: Consider RoCE cap before init RDMA resources 4b16118665e9 net/mlx5e: Fix page reclaim for dead peer hairpin 3c3461ed267b net/mlx5e: Remove dependency in IPsec initialization flows 2ae0f0a409c8 net/sched: act_ct: handle DNAT tuple collision 23f3d2779dd6 rtnetlink: Fix regression in bridge VLAN configuration 5a88477c1c85 udp: fix race between close() and udp_abort() cc4c6b19093c net: lantiq: disable interrupt before sheduling NAPI 2038cd15eacd net: rds: fix memory leak in rds_recvmsg cc16e7d36e5c vrf: fix maximum MTU 398a24447eb6 net: ipv4: fix memory leak in netlbl_cipsov4_add_std e7fbd8184fa9 batman-adv: Avoid WARN_ON timing related checks bf99ea52970c kvm: LAPIC: Restore guard to prevent illegal APIC register access 566345aaabac mm/memory-failure: make sure wait for page writeback in memory_failure 0498165c6fec afs: Fix an IS_ERR() vs NULL check 2a3f74ca167e dmaengine: stedma40: add missing iounmap() on error in d40_probe() 10fd28745d8b dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM 1e3c5c450567 dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM a82d4d5e9fe6 Linux 5.4.127 f7afaf778591 fib: Return the correct errno code 51cc5ad292da net: Return the correct errno code 376a703f9dce net/x25: Return the correct errno code 107140952ecd rtnetlink: Fix missing error code in rtnl_bridge_notify() 12fa0fdbcd0f drm/amd/display: Allow bandwidth validation for 0 streams. 8c48345fdc98 net: ipconfig: Don't override command-line hostnames or domains c8e4a72b255e nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() 655d4dc10a23 nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails ed4bee6e1bb7 nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() 31ac5531110a scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V 4791b8948741 scsi: qedf: Do not put host in qedf_vport_create() unconditionally 8034fc4ee9ef ethernet: myri10ge: Fix missing error code in myri10ge_probe() ea4a9a34c9b2 scsi: target: core: Fix warning on realtime kernels 86fd5b27db74 gfs2: Fix use-after-free in gfs2_glock_shrink_scan 527f70f76742 riscv: Use -mno-relax when using lld linker e58f4b5046e0 HID: gt683r: add missing MODULE_DEVICE_TABLE 50b8e1be15f6 gfs2: Prevent direct-I/O write fallback errors from getting lost c8eff6762943 ARM: OMAP2+: Fix build warning when mmc_omap is not built e4c3f7a6a3b2 drm/tegra: sor: Do not leak runtime PM reference 7f5a4b24cdbd HID: usbhid: fix info leak in hid_submit_ctrl 20fbcfaaa571 HID: Add BUS_VIRTUAL to hid_connect logging 41b9b39e1b37 HID: multitouch: set Stylus suffix for Stylus-application devices, too 2173746ed125 HID: quirks: Add quirk for Lenovo optical mouse cdf5e4747da9 HID: hid-sensor-hub: Return error for hid_set_field() failure 1f760c4e655c HID: hid-input: add mapping for emoji picker key 818bf51031cf HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 d0f47648b87b net: ieee802154: fix null deref in parse dev addr ffe4d2a0684d Linux 5.4.126 0f8837070136 proc: only require mm_struct for writing d63f00ec908b tracing: Correct the length check which causes memory corruption 7e4e824b109f ftrace: Do not blindly read the ip address in ftrace_bug() 74430f3f6149 scsi: core: Only put parent device if host state differs from SHOST_CREATED e694ddc8f3de scsi: core: Put .shost_dev in failure path if host state changes to RUNNING fe7bcd794a53 scsi: core: Fix failure handling of scsi_add_host_with_dma() 79296e292d67 scsi: core: Fix error handling of scsi_host_alloc() 8c9400c4855e NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. 86377b239e04 NFSv4: Fix second deadlock in nfs4_evict_inode() 3e3c7ebbfac1 NFS: Fix use-after-free in nfs4_init_client() 83668ab1dbbf kvm: fix previous commit for 32-bit builds 0147af30925a perf session: Correct buffer copying when peeking events 34769f17e47c NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() 0057ecef9f32 NFS: Fix a potential NULL dereference in nfs_get_client() e3ecd9c09fcc IB/mlx5: Fix initializing CQ fragments buffer 796d3bd4ac93 KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message 71c751cbb9e8 sched/fair: Make sure to update tg contrib for blocked load 26ab08df8656 perf: Fix data race between pin_count increment/decrement 8aeb339571c6 vmlinux.lds.h: Avoid orphan section with !SMP fc57713afaca RDMA/mlx4: Do not map the core_clock page to user space unless enabled 64f1fb6acc2a RDMA/ipoib: Fix warning caused by destroying non-initial netns a0828219185d usb: typec: mux: Fix copy-paste mistake in typec_mux_match 139af3b2192c regulator: max77620: Use device_set_of_node_from_dev() c4e10f92c319 regulator: core: resolve supply for boot-on/always-on regulators 5ef23506695b usb: fix various gadget panics on 10gbps cabling b4903f7fdc48 usb: fix various gadgets null ptr deref on 10gbps cabling. 191144bcfe3a usb: gadget: eem: fix wrong eem header operation cc40404bd0dd USB: serial: cp210x: fix alternate function for CP2102N QFN20 02fafcf74cde USB: serial: quatech2: fix control-request directions eedd4b494538 USB: serial: omninet: add device id for Zyxel Omni 56K Plus a2119ad276f1 USB: serial: ftdi_sio: add NovaTech OrionMX product ID 28b9764eb568 usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind 4fe7635a245b usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path 9523c42be986 usb: typec: wcove: Use LE to CPU conversion when accessing msg->header 5e8ca8c79f74 usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling 366369b89bed usb: dwc3: ep0: fix NULL pointer exception c469c8dddc7d usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms 32c2e6c2e4eb usb: f_ncm: only first packet of aggregate needs to start timer 0c05a8bc0e76 USB: f_ncm: ncm_bitrate (speed) is unsigned 4d14a82ef112 cgroup1: don't allow '\n' in renaming 298499d73d2d btrfs: promote debugging asserts to full-fledged checks in validate_super d4b047651fb1 btrfs: return value from btrfs_mark_extent_written() in case of error dccd575337ac staging: rtl8723bs: Fix uninitialized variables bff1fbf0cf07 kvm: avoid speculation-based attacks from out-of-range memslot accesses 977d11df7932 drm: Lock pointer access in drm_master_release() b246b4c70c12 drm: Fix use-after-free read in drm_getunique() b5502580cf95 spi: bcm2835: Fix out-of-bounds access with more than 4 slaves a225ee1fe41c x86/boot: Add .text.* to setup.ld 8c2c1db4f2e4 i2c: mpc: implement erratum A-004447 workaround c7f0393a370e i2c: mpc: Make use of i2c_recover_bus() 3cdbefdd3146 spi: Cleanup on failure of initial setup 85a7998e7211 spi: Don't have controller clean up spi device before driver unbind 92350839d329 powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers 96cea4843b8f powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers 3e9aa125f69c nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME c385af145eb4 bnx2x: Fix missing error code in bnx2x_iov_init_one() ece8ad75e318 dm verity: fix require_signatures module_param permissions a450b5b6c01d MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER eb5c4794b79e nvme-fabrics: decode host pathing error for connect 70036fb61ea8 net: dsa: microchip: enable phy errata workaround on 9567 128bb4b0e5d2 net: appletalk: cops: Fix data race in cops_probe1 19e14481cc7d net: macb: ensure the device is available before accessing GEMGXL control registers cd05e1a61a05 scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal e773147692c6 scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq 1e209effe36c scsi: vmw_pvscsi: Set correct residual data length 90476c1bfff0 scsi: bnx2fc: Return failure if io_req is already in ABTS processing a3842219a69d RDS tcp loopback connection can hang 3e324774411d net/qla3xxx: fix schedule while atomic in ql_sem_spinlock f9e7a38d148e wq: handle VM suspension in stall detection 92215c1f24c0 cgroup: disable controllers at parse time e29d22371de8 net: mdiobus: get rid of a BUG_ON() 21df0c2e7d19 netlink: disable IRQs for netlink_lock_table() e0172831c61a bonding: init notify_work earlier to avoid uninitialized use 9d7d4649dc1c isdn: mISDN: netjet: Fix crash in nj_probe: 77b9f527731e spi: sprd: Add missing MODULE_DEVICE_TABLE cbeee4ccc1c7 ASoC: sti-sas: add missing MODULE_DEVICE_TABLE 575ad4ab2057 vfio-ccw: Serialize FSM IDLE state with I/O completion 02d3f4f0aadb ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet 8a9478cfb21b ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet 02851cb0cae3 usb: cdns3: Fix runtime PM imbalance on error f3ed12af6bbb net/nfc/rawsock.c: fix a permission check bug 3e7c190475d9 spi: Fix spi device unregister flow 9f9ad67183aa ASoC: max98088: fix ni clock divider calculation c9002013ffe0 proc: Track /proc/$pid/attr/ opener mm_struct Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0c48b8526b56530baa50eb78d3870fe252b3ca1f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05linux-yocto/5.4: update to v5.4.125Bruce Ashfield
Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: 3909e2374335 Linux 5.4.125 d99029e6aab6 neighbour: allow NUD_NOARP entries to be forced GCed 8e0bb29446d1 i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops bdc17b2f8264 xen-pciback: redo VF placement in the virtual topology defcc2b5e54a lib/lz4: explicitly support in-place decompression 97e814e6b5cd x86/kvm: Disable all PV features on crash 9084fe1b3572 x86/kvm: Disable kvmclock on all CPUs on shutdown 7620a669111b x86/kvm: Teardown PV features on boot CPU as well f82030a586a1 KVM: arm64: Fix debug register indexing 2295e87a5e39 KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode 0450af01ae7e btrfs: fix unmountable seed device after fstrim 3b7f3cab1d47 mm/filemap: fix storing to a THP shadow entry 0a890e220954 XArray: add xas_split 03a390d8796d XArray: add xa_get_order fd8e06a7a723 mm: add thp_order f192885f7cee bnxt_en: Remove the setting of dev_port. 14fd3da3e8d3 mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY 6d4da27bd9ef btrfs: fixup error handling in fixup_inode_link_counts dad974d2494a btrfs: return errors from btrfs_del_csums in cleanup_ref_head 0fd9149a82e3 btrfs: fix error handling in btrfs_del_csums 295859a55549 btrfs: mark ordered extent and inode with error if we fail to finish 12ca65539b04 x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing b0c0d8b5bf94 drm/amdgpu: make sure we unpin the UVD BO 24c06e5452c3 drm/amdgpu: Don't query CE and UE errors 5d4c4b06ed9f nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect cc2edb99ea60 ocfs2: fix data corruption by fallocate 2cd6eedfa634 pid: take a reference when initializing `cad_pid` fe4e0bd4c26c usb: dwc2: Fix build in periphal-only mode 920697b004e4 ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed 52fc8f05c158 ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators 2cac47eed455 ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch d349ff008cb3 ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx 0afd601d8e0a ALSA: timer: Fix master timer notification d65bc969ec8b HID: multitouch: require Finger field to mark Win8 reports as MT 368c5d45a87e HID: magicmouse: fix NULL-deref on disconnect 142d5ca797a9 HID: i2c-hid: Skip ELAN power-on command after reset 4d94f530cd24 net: caif: fix memory leak in cfusbl_device_notify f52f4fd67264 net: caif: fix memory leak in caif_device_notify c97cdb70b72d net: caif: add proper error handling 64824f626c0c net: caif: added cfserl_release function b6f97555c71f Bluetooth: use correct lock to prevent UAF of hdev object 8d3d0ac73a4a Bluetooth: fix the erroneous flush_work() order 28efacc21d2a tipc: fix unique bearer names sanity check 9ac67fdf64e0 tipc: add extack messages for bearer/media failure 0fa160a75748 bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act 22ea29c39717 ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells 5b97dd983255 ARM: dts: imx7d-pico: Fix the 'tuning-step' property 55fa22d1d8b2 ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property 3a559111bd10 arm64: dts: zii-ultra: fix 12V_MAIN voltage f78c28a0dda1 arm64: dts: ls1028a: fix memory node 3616dd03bc43 i40e: add correct exception tracing for XDP adfd6355fc8b i40e: optimize for XDP_REDIRECT in xsk path 06f667dba42e i2c: qcom-geni: Add shutdown callback for i2c de37510ec67d ice: Allow all LLDP packets from PF to Tx bafd0a7461f0 ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared 3583ab29177c ice: write register with correct offset 7ba7fa78a92d ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions 112533f50c7e ixgbevf: add correct exception tracing for XDP b5cc02c6986f ieee802154: fix error return code in ieee802154_llsec_getparams() 4ca8aa37cb43 ieee802154: fix error return code in ieee802154_add_iface() 66f3ab065b70 netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches da8d31e80ff4 netfilter: nft_ct: skip expectations for confirmed conntrack 14c0381e2639 ACPICA: Clean up context mutex during object deletion 8e8678936f0d net/sched: act_ct: Fix ct template allocation for zone 0 385e1861f31b HID: i2c-hid: fix format string mismatch 279e2136dd21 HID: pidff: fix error return code in hid_pidff_init() c8a95cb0c02d ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service 087b803a5b49 vfio/platform: fix module_put call in error flow 60dcad10e2c7 samples: vfio-mdev: fix error handing in mdpy_fb_probe() 870973918b2a vfio/pci: zap_vma_ptes() needs MMU 5da371c3fdfb vfio/pci: Fix error return code in vfio_ecap_init() a4ed60297770 efi: cper: fix snprintf() use in cper_dimm_err_location() bc8f6647a73c efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared 2986fdd3211f netfilter: conntrack: unregister ipv4 sockopts on error unwind 90870b45fc62 hwmon: (dell-smm-hwmon) Fix index values 0338fa4af9f3 nl80211: validate key indexes for cfg80211_registered_device e9487a498753 ALSA: usb: update old-style static const declaration aaa41b3094ea net: usb: cdc_ncm: don't spew notifications 96a40c3fa3d3 btrfs: tree-checker: do not error out if extent ref hash doesn't match Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ac4206f38bba852b1171419ad72a6e1c75ccec4c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05linux-yocto/5.4: update to v5.4.124Bruce Ashfield
Updating linux-yocto/5.4 to the latest korg -stable release that comprises the following commits: 70154d2f82a9 Linux 5.4.124 23c7e3235a3a usb: core: reduce power-on-good delay time of root hub 241abccc8a33 neighbour: Prevent Race condition in neighbour subsytem 3c36980ba681 net: hso: bail out on interrupt URB allocation failure 1bd48a2af84e Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference"" 866648d965f0 net: hns3: check the return of skb_checksum_help() 72cda5259f5e drivers/net/ethernet: clean up unused assignments 776fba1486be i915: fix build warning in intel_dp_get_link_status() c561d83be40f drm/i915/display: fix compiler warning about array overrun e3d5ff235ec5 MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c 86a62df8f4d4 MIPS: alchemy: xxs1500: add gpio-au1000.h header file 2221f233cc9e sch_dsmark: fix a NULL deref in qdisc_reset() a052751302b7 net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88 162b11831f77 ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static 3bfb58517d06 ipv6: record frag_max_size in atomic fragments in input path 8bb1077448d4 net: lantiq: fix memory corruption in RX ring fda8f74d3975 scsi: libsas: Use _safe() loop in sas_resume_port() cf20c704a26e ixgbe: fix large MTU request from VF 7a143b92d1dc bpf: Set mac_len in bpf_skb_change_head 272729d56b2d ASoC: cs35l33: fix an error code in probe() 3ee1d6e23108 staging: emxx_udc: fix loop in _nbu2ss_nuke() 0bf49b3c8d8b cxgb4: avoid accessing registers when clearing filters 68b5fc6ec52f gve: Correct SKB queue index validation. 4f4752e4d8db gve: Upgrade memory barrier in poll routine 821149ee88c2 gve: Add NULL pointer checks when freeing irqs. 6abd1d1983f2 gve: Update mgmt_msix_idx if num_ntfy changes 13c4d8986125 gve: Check TX QPL was actually assigned 37d697759958 mld: fix panic in mld_newpack() b0fb74377891 bnxt_en: Include new P5 HV definition in VF check. f7b5b4e26bf5 net: bnx2: Fix error return code in bnx2_init_board() 7a79654b9076 net: hso: check for allocation failure in hso_create_bulk_serial_device() 48da4c0577fe net: sched: fix tx action reschedule issue with stopped queue 515e7c595d84 net: sched: fix tx action rescheduling issue during deactivation 1c25c7621fb7 net: sched: fix packet stuck problem for lockless qdisc a04790d104e2 tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT 5c01181700ab openvswitch: meter: fix race when getting now_ms. 5bfdc481d812 net: mdio: octeon: Fix some double free issues 2e0fba911ca7 net: mdio: thunder: Fix a double free issue in the .remove function 20255d41ac56 net: fec: fix the potential memory leak in fec_enet_init() 41f7f37ddefe net: really orphan skbs tied to closing sk 694f68527e75 vfio-ccw: Check initialized flag in cp_init() d5e4479228b5 ASoC: cs42l42: Regmap must use_single_read/write 87803141fb3e net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count 4450f733dc3d net: netcp: Fix an error message de2bf5de17be drm/amd/amdgpu: fix a potential deadlock in gpu reset 7398c2aab4da drm/amdgpu: Fix a use-after-free dde2656e0bbb drm/amd/amdgpu: fix refcount leak f6d92ebb3eaf drm/amd/display: Disconnect non-DP with no EDID 63c61d89660a SMB3: incorrect file id in requests compounded with open 07160b004a0b platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet d1dcd53a45e1 platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI feb5d3618a18 platform/x86: hp-wireless: add AMD's hardware id to the supported list 0ed102453aa1 btrfs: do not BUG_ON in link_to_fixup_dir a10371342903 openrisc: Define memory barrier mb fed34fb07c4b scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic 55575c08502f btrfs: return whole extents in fiemap a3dea6dc1e14 brcmfmac: properly check for bus register errors 26fb7a61de4e Revert "brcmfmac: add a check for the status of usb_register" d4bab5d15bf5 net: liquidio: Add missing null pointer checks 6ba750549671 Revert "net: liquidio: fix a NULL pointer dereference" d771def6c305 media: gspca: properly check for errors in po1030_probe() 44b17737b7aa Revert "media: gspca: Check the return value of write_bridge for timeout" f6068eadc1d2 media: gspca: mt9m111: Check write_bridge for timeout f19375e9a8f2 Revert "media: gspca: mt9m111: Check write_bridge for timeout" 193c790eccfc media: dvb: Add check on sp8870_readreg return 2d5e27f0e031 Revert "media: dvb: Add check on sp8870_readreg" 5b3a68a1cf37 ASoC: cs43130: handle errors in cs43130_probe() properly 7e4ac4e151f1 Revert "ASoC: cs43130: fix a NULL pointer dereference" 3aa60a0335ea libertas: register sysfs groups properly e0c75f951f81 Revert "libertas: add checks for the return value of sysfs_create_group" 6c52bc7482e3 dmaengine: qcom_hidma: comment platform_driver_register call e829b7253e4d Revert "dmaengine: qcom_hidma: Check for driver register failure" 4bc94e60d787 isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info 6b8872d4972f Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc" 85b2c436a143 ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() b74d4ae8f538 Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()" a34338fcaad6 isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io d3d74e622e63 Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference" 5dc20457707b Revert "ALSA: usx2y: Fix potential NULL pointer dereference" ea4c563657d7 Revert "ALSA: gus: add a check of the status of snd_ctl_add" 70bf2a067915 char: hpet: add checks after calling ioremap 07d2945a3551 Revert "char: hpet: fix a missing check of ioremap" b1da7ad9ad58 net: caif: remove BUG_ON(dev == NULL) in caif_xmit e8dee217eca8 Revert "net/smc: fix a NULL pointer dereference" 22049c3d40f0 net: fujitsu: fix potential null-ptr-deref ebb533ce35b5 Revert "net: fujitsu: fix a potential NULL pointer dereference" e50a9f2548a5 serial: max310x: unregister uart driver in case of failure and abort e5d3e4b6104c Revert "serial: max310x: pass return value of spi_register_driver" 047aefd62220 Revert "ALSA: sb: fix a missing check of snd_ctl_add" bec840232fed Revert "media: usb: gspca: add a missed check for goto_low_power" e44a9941937d gpio: cadence: Add missing MODULE_DEVICE_TABLE e0c7f6cce1cf platform/x86: hp_accel: Avoid invoking _INI to speed up resume bd7a3b3ed9e3 perf jevents: Fix getting maximum number of fds 77ac90814b4e i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E 04cc05e3716a i2c: i801: Don't generate an interrupt on bus reset 45488e77e014 i2c: s3c2410: fix possible NULL pointer deref on read message after write e00da6510b3b net: dsa: sja1105: error out on unsupported PHY mode ce5355f140a7 net: dsa: fix a crash if ->get_sset_count() fails 4fe4e1f48ba1 net: dsa: mt7530: fix VLAN traffic leaks 15d1cc4b4b58 spi: spi-fsl-dspi: Fix a resource leak in an error handling path 64d17ec9f1de tipc: skb_linearize the head skb when reassembling msgs d1f76dfadaf8 tipc: wait and exit until all work queues are done bdd37028a026 Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" 5e01d87b108c net/mlx4: Fix EEPROM dump support 4fd3213e5354 net/mlx5e: Fix nullptr in add_vlan_push_action() df61870c4b1d net/mlx5e: Fix multipath lag activation 4ce2bf20b4a6 drm/meson: fix shutdown crash when component not probed 0787efc1a359 NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config 785917316b25 NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() 1fc5f4eb9d31 NFS: Fix an Oopsable condition in __nfs_pageio_add_request() e411df81cd86 NFS: fix an incorrect limit in filelayout_decode_layout() f76e76555682 fs/nfs: Use fatal_signal_pending instead of signal_pending fe201316ac36 Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails 977c34b50e6b spi: spi-geni-qcom: Fix use-after-free on unbind b95fb96e6339 net: usb: fix memory leak in smsc75xx_bind b94afae0fa7a usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() 6b5bfb8ce56d usb: dwc3: gadget: Properly track pending and queued SG 2cd572cc45b5 thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID 78e80f9c4e96 USB: serial: pl2303: add device id for ADLINK ND-6530 GC f485e4dcbe44 USB: serial: ftdi_sio: add IDs for IDS GmbH Products 8217f3c7f6cc USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 eddf691bab0f USB: serial: ti_usb_3410_5052: add startech.com device id 915452f40e2f serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' 1d8071879a2b serial: sh-sci: Fix off-by-one error in FIFO threshold register setting 3986ba109dad serial: tegra: Fix a mask operation that is always true 2c835fede13e USB: usbfs: Don't WARN about excessively large memory allocations 84af0c28ed1b USB: trancevibrator: fix control-request direction bc8b9d8c0465 serial: 8250_pci: handle FL_NOIRQ board flag f75a5b9907e8 serial: 8250_pci: Add support for new HPE serial device 72fa5c26936a iio: adc: ad7793: Add missing error code in ad7793_setup() f49149964d24 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers 7e5cac90430c iio: adc: ad7124: Fix missbalanced regulator enable / disable on error. 2c9085b0fa04 iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp() bd877887e479 iio: gyro: fxas21002c: balance runtime power in error path 657f6a33f871 staging: iio: cdc: ad7746: avoid overwrite of num_channels 12fb557863f8 mei: request autosuspend after sending rx flow control eb78fa5a3815 thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue 36b5ff1db1a4 misc/uss720: fix memory leak in uss720_probe 66a2a494ac48 serial: core: fix suspicious security_locked_down() call 48a9b7957bb2 Documentation: seccomp: Fix user notification documentation c7c6a316a887 kgdb: fix gcc-11 warnings harder 01c57232a1cb selftests/gpio: Fix build when source tree is read only d93532a4873d selftests/gpio: Move include of lib.mk up 1e20cdb93889 selftests/gpio: Use TEST_GEN_PROGS_EXTENDED 03aeefb46f07 drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate f0780e96a6e2 drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate 9351c5192b88 drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate d65ec240b3e4 dm snapshot: properly fix a crash when an origin has no snapshots b06fe1124369 ath10k: Validate first subframe of A-MSDU before processing the list aee0121afee5 ath10k: Fix TKIP Michael MIC verification for PCIe 124ce717f6b2 ath10k: drop MPDU which has discard flag set by firmware for SDIO 405d08dda2f9 ath10k: drop fragments with multicast DA for SDIO 96d4d82652fa ath10k: drop fragments with multicast DA for PCIe 6bf449a34c0d ath10k: add CCMP PN replay protection for fragmented frames for PCIe cbc470aa3f93 mac80211: extend protection against mixed key and fragment cache attacks 88664d5e5dc9 mac80211: do not accept/forward invalid EAPOL frames bbc06191e36e mac80211: prevent attacks on TKIP/WEP as well c8b3a6150dc8 mac80211: check defrag PN against current frame 1b3774e58e47 mac80211: add fragment cache to sta_info fb1b24f94d1c mac80211: drop A-MSDUs on old ciphers fa00d4928eaf cfg80211: mitigate A-MSDU aggregation attacks 5fe9fae1220e mac80211: properly handle A-MSDUs that start with an RFC 1042 header 14f29a67f404 mac80211: prevent mixed key and fragment cache attacks b90cf214e2bb mac80211: assure all fragments are encrypted 4302a6fdec60 net: hso: fix control-request directions 60d171c477e9 proc: Check /proc/$pid/attr/ writes against file opener 7f4d9d2f0be7 perf scripts python: exported-sql-viewer.py: Fix warning display cb08c8d591cb perf scripts python: exported-sql-viewer.py: Fix Array TypeError 9044d06150d0 perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report 21e2eb6a950c perf intel-pt: Fix transaction abort handling 854216d7ec10 perf intel-pt: Fix sample instruction bytes 044bbe8b92ab iommu/vt-d: Fix sysfs leak in alloc_iommu() aba3c7795f51 NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() f2a35ade2274 cifs: set server->cipher_type to AES-128-CCM for SMB3.0 5c81a4e24cf1 ALSA: usb-audio: scarlett2: Improve driver startup messages 26314d278423 ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci 6fc2850259e6 ALSA: hda/realtek: Headphone volume is controlled by Front mixer Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d91ec7d1b47d026149c488cfe1fd0af831b8fad6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-07-05gstreamer-plugins-base: fix CVE-2021-3522Minjae Kim
Out-of-bounds read in ID3v2 tag parsing reference: https://gstreamer.freedesktop.org/security/sa-2021-0001.html Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-29rpm: fix CVE-2021-3421Minjae Kim
unsigned signature header leads to string injection into an rpm database reference: https://nvd.nist.gov/vuln/detail/CVE-2021-3421 https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21 Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-28python3: apply test skipping patch unconditionallyAlexander Kanavin
Testing IMAGE_FEATURES from component recipes cannot possibly work; adjusting the test to soft-fail if needed items are not available is not trivial, so let's just skip unconditionally for now. (From OE-Core rev: 68b816cb90badddd0aafa2a5c6633e000cb21a21) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 01b41f7deed48b33b35c84e32ef55de3e63b9bc1) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-28python3: skip tests requiring tools-sdkTim Orling
Conditionally skip test_ctypes.test_find unless IMAGE_FEATURES contains 'tools-sdk' as these test cases require full packagegroup-core-buildessential Fixes: AssertionError: Failed ptests: {'python3': ['test_find_library_with_gcc', 'test_find_library_with_ld']} Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-28python3-ptest: add newly discovered missing rdepsTim Orling
Making ptest images based on core-image-minimal uncovered quite a few missing depenendcies from various recipes, here they are. (From OE-Core rev: 2cda6242f2f0f6f9c6bdef72bbb271eab7e5e1f5) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Backport to Python 3.8.10 (only python3 portion of patch) Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-28python3: upgrade 3.8.9 -> 3.8.10Tim Orling
Release Date: May 3, 2021 This is the tenth and final regular maintenance release of Python 3.8 Note: The release you're looking at is Python 3.8.10, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. FIXME: AssertionError: Failed ptests: {'python3': ['test_record_extensions', 'test_build_ext']} References: https://www.python.org/downloads/release/python-3810/ https://docs.python.org/release/3.8.10/whatsnew/changelog.html Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-28python3: upgrade 3.8.8 -> 3.8.9Tim Orling
Release Date: April 2, 2021 Note: The release you're looking at is Python 3.8.9, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. * Refresh test_local.py patch for upstream changes * Add DEPENDS on autoconf-archive: - bpo-43617: Improve configure.ac: Check for presence of autoconf-archive package and remove our copies of M4 macros. References: https://www.python.org/downloads/release/python-389/ https://docs.python.org/release/3.8.9/whatsnew/changelog.html#python-3-8-9 https://bugs.python.org/issue43617 Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27powertop: fix aclocal error too many loopsTim Orling
Backport configure.ac patches to fix aclocal: error: too many loops Adds build dependency on autoconf-archive References: https://bugzilla.redhat.com/show_bug.cgi?id=1826935 Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.7 -> 3.8.8Tim Orling
Release Date: Feb. 19, 2021 Note: The release you're looking at is Python 3.8.8, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. Notable changes in Python 3.8.8 Earlier Python versions allowed using both ; and & as query parameter separators in urllib.parse.parse_qs() and urllib.parse.parse_qsl(). Due to security concerns, and to conform with newer W3C recommendations, this has been changed to allow only a single separator key, with & as the default. This change also affects cgi.parse() and cgi.parse_multipart() as they use the affected functions internally. For more details, please see their respective documentation. (Contributed by Adam Goldschmidt, Senthil Kumaran and Ken Jin in bpo-42967.) License-Update: update copyright years Drop patches fixed in 3.8.8: - CVE-2021-3177 Fixes: CVE: CVE-2021-3426 CVE: CVE-2021-23336 References: https://www.python.org/downloads/release/python-388/ https://docs.python.org/release/3.8.8/whatsnew/changelog.html#changelog https://docs.python.org/3/whatsnew/3.8.html#notable-changes-in-python-3-8-8 https://nvd.nist.gov/vuln/detail/CVE-2021-3177 https://nvd.nist.gov/vuln/detail/CVE-2021-3426 Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.6 -> 3.8.7Tim Orling
Release Date: Dec. 21, 2020 Note: The release you're looking at is Python 3.8.7, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. * Drop patch for CVE-2020-27619 fixed in 3.8.7 References: https://nvd.nist.gov/vuln/detail/CVE-2020-27619 https://www.python.org/downloads/release/python-387/ https://docs.python.org/release/3.8.7/whatsnew/changelog.html Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.5 -> 3.8.6Tim Orling
Release Date: Sept. 24, 2020 Note: The release you're looking at is Python 3.8.6, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. References: https://www.python.org/downloads/release/python-386/ https://docs.python.org/release/3.8.6/whatsnew/changelog.html#changelog License-Update: PSFv2 -> PSF-2.0 and BSD-0-Clause Starting with Python 3.8.6, examples, recipes, and other code in the documentation are dual licensed under the PSF License Version 2 and the Zero-Clause BSD license. Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.4 -> 3.8.5Tim Orling
Release Date: July 20, 2020 Note: The release you're looking at is Python 3.8.5, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. Drop patches fixed in 3.8.5: - CVE-2019-20907 - CVE-2019-26116 References: https://nvd.nist.gov/vuln/detail/CVE-2019-20907 https://nvd.nist.gov/vuln/detail/CVE-2020-26116 https://www.python.org/downloads/release/python-385/ https://docs.python.org/release/3.8.5/whatsnew/changelog.html#changelog Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.3 -> 3.8.4Tim Orling
Release Date: July 13, 2020 Note: The release you're looking at is Python 3.8.4, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. * Drop patch for CVE-2020-14422 fixed in 3.8.4 * Refresh CVE-2021-23336 patch References: https://nvd.nist.gov/vuln/detail/CVE-2020-14422 https://www.python.org/downloads/release/python-384/ https://docs.python.org/release/3.8.4/whatsnew/changelog.html#changelog Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27python3: upgrade 3.8.2 -> 3.8.3Tim Orling
Release Date: May 13, 2020 Note: The release you're looking at is Python 3.8.3, a bugfix release for the legacy 3.8 series. Python 3.9 is now the latest feature release series of Python 3. Notable changes in Python 3.8.3: The constant values of future flags in the __future__ module are updated in order to prevent collision with compiler flags. Previously PyCF_ALLOW_TOP_LEVEL_AWAIT was clashing with CO_FUTURE_DIVISION. (Contributed by Batuhan Taskaya in bpo-39562) * Drop patch for CVE-2020-3492 fixed since 3.8.1 References: https://nvd.nist.gov/vuln/detail/CVE-2020-8492 https://www.python.org/downloads/release/python-383/ https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelog Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27libx11: Fix CVE-2021-31535Jasper Orschulko
https://lists.x.org/archives/xorg-announce/2021-May/003088.html XLookupColor() and other X libraries function lack proper validation of the length of their string parameters. If those parameters can be controlled by an external application (for instance a color name that can be emitted via a terminal control sequence) it can lead to the emission of extra X protocol requests to the X server. Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27libxml2: Fix CVE-2021-3518Jasper Orschulko
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. Upstream-Status: Backport [from fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1954243] Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27expat: fix CVE-2013-0340Jasper Orschulko
expat < 4.0 is vulnerable to billion laughs attacks (see [https://github.com/libexpat/libexpat/issues/34]). This patch backports the commits b1d039607d3d8a042bf0466bfcc1c0f104e353c8 and 60959f2b491876199879d97c8ed956eabb0c2e73 from upstream. Additionally, the SRC_URI had to be adjusted due to renaming of the source archive Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-27uninative: Upgrade to 3.2 (gcc11 support)Michael Halstead
This upgrade builds unnative with gcc11 allowing it to work with newer distros using gcc 11. Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a1c7b71c109ca68931d098f4149ab8284d56108e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-19Revert "python3: fix CVE-2021-23336"Steve Sakoman
Causes build failures on autobuilder This reverts commit 8a59c47ce4c101b2470a06ecf101ca5ab7d1f82e.
2021-06-15kernel.bbclass: fix do_sizecheck() comparisonAndrea Adami
The routine do_sizecheck() was historically needed by legacy devices with limited flash memory. The lowest extreme is probably with Zaurus collie having exactly 1024*1024 = 1048576 bytes for the kernel partition. In the years the KERNEL_IMAGE_MAXSIZE has been converted to kilobytes thus rounded so we have now KERNEL_IMAGE_MAXSIZE_collie = "1024". The effect is that now the check fails because we hit curiously this | WARNING: This kernel zImage (size=1024(K) > 1024(K)) is too big for... even though zImage is 1047288 bytes (kernel + kexecboot-klibc-initramfs). Fix this case using test -gt (greater) instead of -ge (greater or equal). Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 254ca956d63b4ce6aa294213b60bb943f9f3a9e6) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-15valgrind: fix a typoKai Kang
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0478d9b04d6a6d10e439116b23b641a1e2553e26) Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-15python3: fix CVE-2021-23336Lee Chee Yang
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. References: https://nvd.nist.gov/vuln/detail/CVE-2021-23336 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336 Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Tim Orling <timothy.t.orling@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2021-06-09ruby: 2.7.1 -> 2.7.3Lee Chee Yang
This release includes security fixes. CVE-2021-28965: XML round-trip vulnerability in REXML CVE-2021-28966: Path traversal in Tempfile on Windows CVE-2020-25613 fixed in 2.7.2, do drop the patch release notes for 2.7.2 and 2.7.3 https://www.ruby-lang.org/en/news/2020/10/02/ruby-2-7-2-released/ https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>