| Age | Commit message (Collapse) | Author |
|---|
|
License checksums were changed due to modified copyright years.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove patches for issues fixed upstream.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix some missing or corrupted patch Upstream-Status values.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Also backport a patch to fix issues introduced by fix for CVE-2019-6109.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
enabled
* import 2 fixes from LuneOS
* with l2tp PACKAGECONFIG enabled connman depends on MACHINE_ARCH xl2tpd:
=== Comparing signatures for task do_package_write_ipk.sigdata between hammerhead and mako ===
ERROR: connman different signature for task do_package_write_ipk.sigdata between hammerhead and mako
NOTE: Starting bitbake server...
Hash for dependent task xl2tpd/xl2tpd_git.bb.do_packagedata changed from 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 to c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Unable to find matching sigdata for /OE/build/luneos-master/webos-ports/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_git.bb.do_packagedata with hashes 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 or c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
upstream patch
This also fixes a dhcp breakage noticed by Enrico Scholz.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed patch has been upstreamed.
Changelog:
- Fix issue with handling invalid gateway addresses.
- Fix issue with handling updates of default gateway.
- Fix issue with DHCP servers that require broadcast flag.
- Add support for option to use gateways as time servers.
- Add support for option to select default technology.
- Add support for Address Conflict Detection (ACD).
- Add support for IPv6 iptables management.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bugfix-only compared to 9.11.5, mostly CVE fixes.
COPYRIGHT checksum changed due to 2018 -> 2019.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to run sed with the -u option to ensure the output is unbuffered else
ptest-runner may timeout thinkig things were idle. Busybox doesn't have the -u
option so we need to RDEPEND on sed (which is a good thing to do if we use it
anyway).
Alex Kanavin should get credit for discovering the problem.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix CVE-2017-6519.
CVE: CVE-2017-6519
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix this CVE (Bluetooth discoverability may be enabled with no agents to handle
requests) by backporting a number of patches from upstream.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: copyright years updated
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We had a c_rehash shell re-implementation being used for the native
package however the ca-certificates now uses the openssl rehash
internal application so there is no use for the c_rehash anymore.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The tc command is provided both by busybox and iproute2.
Signed-off-by: Lars Persson <larper@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is long since past time for rsh and company to be retired from the
world. Disable building these now.
Suggested-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- We cannot build rsh, rshd, rlogind and rcp on musl. This is handled
gracefully in the configure scripts and spelled out with EXTRA_OECONF.
Expand this to include rexec to cover all of the related functionality.
- Rework adding in the xinetd.d files for these services to only do so
when we even have the services being built. This leads to no rsh/rshd
sub-packages on musl at all.
- If we use the normal alternatives mechanism to allow for this or
netkit-rsh to provide rsh/rshd functionality we end up with QA issues
on musl as we have unused ALTERNATIVES logic. Switch to making use of
RPROVIDES / RCONFLICTS logic instead and make it match the netkit-rsh
packaging names.
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are no alternative provides of these packages anymore. To avoid
QA issues when building with musl, don't put these under an alternative
at all.
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In order to have more robust stand-alone network tools in oe-core, bring
in inetutils from meta-openembedded/meta-networking. This imports the
recipes as of git commit:
commit 408204073e6bdcd8ac586e05d5b75213417673f2
Author: Martin Jansa <martin.jansa@gmail.com>
Date: Thu Aug 16 20:39:15 2018 +0000
inetutils: fix build with glibc-2.28
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
nslookup was undeprecated 15 years ago,
and installing bind-utils should replace the busybox version.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream already fixed this properly by using pkg-config.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The old bsd cryptodev engine was removed in
https://github.com/openssl/openssl/pull/3699
and the new one added in:
https://github.com/openssl/openssl/pull/3744
It can be enabled by configuring with "enable-devcryptoeng".
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The fix is heavily based on Khem's previous fix for bn.h/BN_LLONG breakage:
https://git.openembedded.org/openembedded-core/commit/?id=f787b0bb9b0626ddbf2ac94cb206c76716a3773d
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is only needed by 95-test_external_pyca_data which is
actually skipped on the target.
[YOCTO #13204]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
openssl-ptest was recording now results, despite most tests passing. Fix
so that the successes/skips/failures are reported correctly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Perl and its dependencies have a decent footprint impact. On my
xz compressed filesystem:
634880: /usr/lib/libperl.so.5.24.4
Put c_rehash in the openssl-misc package so the dependency can be
avoided where it isn't needed.
Change-Id: Iae9bccabfb1c8cfa1401ca6785abc39713d3fdf0
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some tools were built with CC_FOR_BUILD which points to the target
compiler. The current patch avoided issues by deleting some of the
binaries during install.
This patch replaces the CC_FOR_BUILD with CC so the tools are built with
the target compiler. This means the binaries no longer need to be
deleted.
I stumbled upon this by trying to globally add "--ffile-prefix-map", which
is not supported by my host GCC, to get rid of some "buildpaths" QA Warnings.
Cc: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Gcc option '-fmacro-prefix-map' is added to DEBUG_PREFIX_MAP. It has a
patch to deal option '-fdebug-prefix-map' already. Update the patch
0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch to fix
buildpaths qa issue for '-fmacro-prefix-map' too.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a client tool that is usually not used one the same
machine as the DNS server.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE patches is already applied in v2.7
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
I goofed up the scissor line on the last attempt. Not sure how much it matters,
but here it is correct this time.
Here it is, updated to work with wpa-supplicant_2.6.bb.
-- >8 --
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy=
When building root filesystems with any of the wpa_supplicant systemd
template service files enabled (current default is to have them disabled) the
systemd-native-fake script would not process the line:
Alias=multi-user.target.wants/wpa_supplicant@%i.service
appropriately due the the use of "%i."
According to the systemd documentation "WantedBy=foo.service in a service
bar.service is mostly equivalent to Alias=foo.service.wants/bar.service in
the same file." However, this is not really the intended purpose of install
Aliases.
All lines of the form:
Alias=multi-user.target.wants/*%i.service
Were replaced with the following lines:
WantedBy=multi-user.target
Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
After adding #pragma once to wrapper header ( opensslconf.h ) this
latent issue got to bite us, where it expect bn.h to be including
openssl.h to define BN_* defines, which is fragile. This patch removes
the contraints for nested includes for bn.h
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To avoid issue like below if run "bitbake lib32-core-image-minimal"
with series userspace packages(LAMP,krb5...) added.
Add multilib_script support for openssl's c_rehash which is a perl script.
Error: Transaction check error:
file /usr/bin/c_rehash conflicts between attempted installs of
lib32-openssl-bin-1.1.1-r0.armv7at2hf_neon and openssl-bin-1.1.1-r0.aarch64
Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 85b76e52d206 "connman: update to 1.36" dropped
0001-inet-Add-prefixlen-to-iproute_default_function.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.
Cc: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 7cb42ae87ef9 "dhcp: update 4.4.1" dropped
0008-tweak-to-support-external-bind.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.
Cc: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit "c37207d0aca5 bind: update to ESV version 9.11.3" dropped
0001-build-use-pkg-config-to-find-libxml2.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.
Cc: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix handling of escape characters in regexs and hence fix python
Deprecation warnings which will be problematic in python 3.8.
Note that some show up as:
"""
meta/classes/package.bbclass:1293: DeprecationWarning: invalid escape sequence \.
"""
where the problem isn't on 1293 in package.bbclass but in some _prepend to a
package.bbclass function in a different file like mesa.inc, often from
do_package_split() calls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update the bluez5 init script to resolve an issue where the status
subcommand would exit without printing any message if bluez was not
running. The early exit was caused by the fact that the init script has
"set -e". When "pidof ${DAEMON} >/dev/null" is executed, the script
terminates immediately if bluez isn't running because pidof returns a
non-zero result. The fixed version does not suffer from this issue and
makes use of the "status" function from the functions library.
Signed-off-by: David Frey <dpfrey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
They work well now.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
* Redefine the reference path of libnfs.a to
../support/nfs/.libs/libnfs.a to fix below
error when run "make -C tests statdb_dump".
| make: *** No rule to make target '../support/nfs/libnfs.a', needed by 'statdb_dump'. Stop.
| make: *** No rule to make target '../../support/nfs/libnfs.a', needed by 'nsm_client'. Stop.
* The function generic_make_pathname is introduced in
nfs-utils 2.3.1.
Add the source file which defines function generic_make_pathname to
libnsm_a_SOURCES of libnsm.a to fix the undefined reference
when run "make -C tests statdb_dump"
| ../support/nsm/libnsm.a(file.o): In function `nsm_make_pathname':
| /usr/src/debug/nfs-utils/2.3.1-r0/nfs-utils-2.3.1/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| /usr/src/debug/nfs-utils/2.3.1-r0/nfs-utils-2.3.1/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| /usr/src/debug/nfs-utils/2.3.1-r0/nfs-utils-2.3.1/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| ../support/nsm/libnsm.a(file.o): In function `nsm_setup_pathnames':
| /usr/src/debug/nfs-utils/2.3.1-r0/nfs-utils-2.3.1/support/nsm/file.c:280: undefined reference to `generic_setup_basedir'
| collect2: error: ld returned 1 exit status
* After the logic of commit[dbb643e Removed missing-prototypes warnings.]
introduced, there comes below error when run
"make -C tests/nsm_client nsm_client"
| nlm_sm_inter_svc.c:20:1: error: no previous prototype for 'nlm_sm_prog_3' [-Werror=missing-prototypes]
It is because rpcgen doesn't generate -Wmissing-prototypes
free code for nlm_sm_inter_svc.c with below logic
in tests/nsm_client/Makefile.am
[snip]
GENFILES_SVC = nlm_sm_inter_svc.c
[snip]
$(GENFILES_SVC): %_svc.c: %.x $(RPCGEN)
test -f $@ && rm -rf $@ || true
$(RPCGEN) -m -o $@ $<
So add the patch to not fatalize -Wmissing-prototypes.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This was change to git recently to obtain openssl 1.1 compatible pre-release code
(before 7.9 was out), however tarballs are preferred, and with them upstream version
checks work (openssh uses a weird git tag scheme).
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* For changes, see:
https://www.tcpdump.org/libpcap-changes.txt
* Merge inc and bb and remove unnecessary flags.
* Remove all patches, they have either been upstreamed or fixed
differently.
* Compilation with bluez5 works just fine, enable it and remove bluez4
config.
* Backport a commit to fix musl builds.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The current iw4.14 has a fatal bug that could casue a Segmentation fault
when parsing WEP keys. The issue has been fixed by upstream.
[https://git.kernel.org/pub/scm/linux/kernel/git/jberg/iw.git/commit/?id=0e39f109c4b8155697a12ef090b59cdb304c8c44]
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed:
cp ../bluez-5.50/tools/hid2hci.rules tools/97-hid2hci.rules
cp: cannot create regular file tools/97-hid2hci.rules: No such file or directory
make[1]: *** [tools/97-hid2hci.rules] Error 1
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Oleksandr Kravchuk
Adrian Bunk
Richard Purdie
Anuj Mittal
Martin Jansa
Changhyeok Bae
Kai Kang
Chen Qi
Ross Burton
Otavio Salvador
Lars Persson
Tom Rini
Khem Raj
Ovidiu Panait
Denys Dmytriyenko
Alexander Kanavin
Brad Bishop
Pascal Bach
Joshua DeWeese
Xulin Sun
Ruslan Bilovol
David Frey
Robert Yang
Mingli Yu
Liu Haitao