| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Kevin Weng <t-keweng@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Kevin Weng <t-keweng@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: gnome.org
MR: 98802
Type: Security Fix
Disposition: Backport from https://gitlab.gnome.org/GNOME/glib/commit/d553d92d6e9f53cbe5a34166fcb919ba652c6a8e
ChangeID: b73c332f27f47ddc1b1cfd7424f24778acc0c318
Description:
includes supporting patch.
Fixes CVE-2019-9633
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport the fixes for several CVEs from the 2.28 stable branch:
- CVE-2016-10739
- CVE-2018-19591
Signed-off-by: Ross Burton <ross.burton@intel.com>
[Dropped CVE-2019-9169 as its in my contrib already]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: glib-2.0
MR: 98443
Type: Security Fix
Disposition: Backport from https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
ChangeID: 880b9b349cb8d82c7c1314a3657ec9094baba741
Description:
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Source: busybox.git
MR: 97332
Type: Security Fix
Disposition: Backport from busybox.git
ChangeID: ec203c79e7322de1ed5721d08b6f59b1eca67c7d
Description:
Affects < 1.30.0
Fixes:
CVE-2018-20679
CVE-2019-5747
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Error handling in shell scripts is too easy to forget and
get wrong. It is possible to check every external command
for return values but it is better to use a generic setting
which halts execution of the script on any failures.
Upstream-Status: Pending
Signed-off-by: Aditya Tayade <Aditya.Tayade@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Instead of patching and sedding the makefile, just install test/example and
execute it in run-ptest. example is the bulk of the test suite, as minimal as
it is.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop remove.ldconfig.call.patch, as it's easier to just set LDCONFIG=true.
Pass uname=GNU via the documented configure option instead of undocumented
environment variable.
Rename zlib-1.2.11/ to just zlib/ as we don't ship multiple versions.
Send ldflags-tests.patch upstream and update Upstream-Status.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
These patches were applied, hoping that they will eventually be accepted
upstream but they have been rejected, I think its best that they are
dropped so we can avoid novel unintended behaviours that no other
distros will be seeing
(From OE-Core rev:54550aa42378ce4b215bccbfd95e5e650b0d2efa)
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When 'adduser' package, which is from meta-perl layer, is added to rootfs,
we will get do_populate_sdk failure like below.
Error:
Problem: package perl-module-cwd-5.24.4-r0.core2_64 requires perl-module-dynaloader, but none of the providers can be installed
- package perl-module-file-temp-5.24.4-r0.core2_64 requires perl-module-cwd, but none of the providers can be installed
- package perl-module-dynaloader-5.24.4-r0.core2_64 requires perl-module-config, but none of the providers can be installed
- package adduser-3.118-r0.core2_64 requires perl-module-file-temp, but none of the providers can be installed
- package target-sdk-provides-dummy-1.0-r0.sdk_provides_dummy_target conflicts with perl provided by perl-5.24.4-r0.core2_64
This is because adduser depends on some perl modules which are not
listed in target-sdk-provides-dummy.
So add these perl modules to avoid such failure.
(From OE-Core rev: 1b12c176827c2d0cbb7867da73efac56826036ed)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Apply patches from systemd_239-7ubuntu10.8 to fix CVE-2019-6454.
CVE-2019-6454 is an issue in which systemd (PID1) can be crashed with a
specially formed D-Bus message.
For information see:
https://usn.ubuntu.com/3891-1/
https://git.launchpad.net/ubuntu/+source/systemd/commit/?id=f8e75d5634904c8e672658856508c3a02f349adb
(From OE-Core rev: 9d2ec5970adfc906fcc4581528321a879953fd55)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* Added CVE tag, Upstream-Status tag and Sign-off-by tags.
* Removed the verification of the entry length in the header
* Squashed CVE-2018-16865 patches into one
* CVE-2018-16866 patch now taken from systemd-stable and includes
an additional heap buffer overflow fix.
(From OE-Core rev: bc79395e2fcb886f224a4ad837fd93c779d2c53d)
Signed-off-by: Marcus Cooper <marcusc@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This avoids errors when running populate_sdk under opkg:
* Problem 1/1:
* - package busybox-dev-1.30.1-r0.core2-64 requires busybox = 1.30.1-r0, but none of the providers can be installed
*
* Solution 1:
* - allow deinstallation of target-sdk-provides-dummy-1.0-r0.sdk-provides-dummy-target
* Solution 2:
* - do not ask to install a package providing busybox-dev
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 33d2cde3be4d25389cbea07064ffbc7b2f74273e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It looks like there is an implicit dependency on util-linux'
umount - as otherwise when using busybox' umount we see a
long delay on shutdown / reboot.
[YOCTO #13058]
(From OE-Core rev: 39a3d2c603429865af632fe41b2cf32c3dfdfb1d)
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Updates busybox to version 1.29.3 to fix a bug related to parsing of
config files: 2993551ef ("Revert "libbb: remove unnecessary variable in
xmalloc_fgets"")
Upgrading the recipe was chosen instead of backporting the fix as a
patch because the only difference between version 1.29.2 and 1.29.3 is
this revert.
(From OE-Core rev: 11d4fd16c3d7dad5d7e3b4d44a96724075be7126)
Signed-off-by: Dustin Bain <dustin.bain@garmin.com>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Affects < v240
(From OE-Core rev: bdee9122fe67467d1ec17012902a441fecb0cb9b)
Signed-off-by: Marcus Cooper <marcusc@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Affects < v240
(From OE-Core rev: 314887a475ae1ac638eb80d973ffee1bd2a31a35)
Signed-off-by: Marcus Cooper <marcusc@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Affects < v240
(From OE-Core rev: 6900b9cc2cd3e66469a9561bb478b87c0903b0ea)
Signed-off-by: Marcus Cooper <marcusc@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The code conditionally adding ${PN}-journal-remote to SYSTEMD_PACKAGE
checked PACKAGECONFIG for an empty string rather than 'microhttpd'...
(From OE-Core rev: 42d52a279a75c94c4deba50b448dd3b6b2ac75df)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This makes sure that packages are only added to USERADD_PACKAGES if
they will create users/groups. This avoids the following error:
ERROR: systemd_239.bb: meta/recipes-core/systemd/systemd_239.bb
inherits useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or
GROUPMEMS_PARAM for package systemd-journal-gateway
Normally this problem is not triggered even if the conditional code that
expands in, e.g., USERADD_PARAM_${PN}-journal-gateway is empty because
it is assigned with += and thus ends up as " ", which fools the check in
useradd.bbclass.
However, if USERADDEXTENSION += "useradd-staticids" and
INHERIT += "extrausers" are used, they cause the problem to occur. The
reason for this is because when useradd-staticids is used, it rewrites
USERADD_PARAM_${PN}-journal-gateway, which strips unnecessary whitespace
and thus USERADD_PARAM_${PN}-journal-gateway becomes empty. And
extrausers is needed, because otherwise the test in useradd.bbclass is
triggered before useradd-staticids has rewritten the variables...
(From OE-Core rev: 63ae444b1dba65ccb1693648914becabd65ac30d)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
A couple have still been missed in the past despite multiple
attempts at doing so (or simply have re-appeared?).
Search & replace made using the following command:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \
-i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \
| cut -d':' -f1 \
| sort -u)
(From OE-Core rev: 9f551d588693328e4d99d33be94f26684eafcaba)
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: da0c196cdc4eb74c7517089dc192d6a77227b6e2)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: 81ecfbb19ccb5b5241cfdd871d41459bda3dba4d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Found with gcc trunk
(From OE-Core rev: 381c63ad2a6e004658b0232b6e6763f49f412b2b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport patch to fix systemd compile error for x32:
| ../git/src/timesync/timesyncd-manager.c:607:19: error: format '%lli'
| expects argument of type 'long long int', but argument 11 has type
| 'long int' [-Werror=format=]
[YOCTO #13074]
(From OE-Core rev: 7201df413616cab8d7f3257f86dd7a0a5c7719ee)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
>From upstream:
Turning on ECN still causes slow or broken network on linux. Our tcp
is not yet ready for wide spread use of ECN.
https://github.com/systemd/systemd/issues/9748
(From OE-Core rev: f951aa6f9fcf318f108ecdc3371498ee2e919e68)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Handle the %i wildcard appearing in a dependency in the Install section
of a template unit, e.g.
$ cat foo@.service
[Install]
WantedBy=bar@%i.target
Using the real systemctl something like:
$ systemctl enable foo@baz.service
will create a symlink in /etc/systemd/system/bar@baz.target.wants.
Detect wildcards in templates and make the appropriate substitution.
(From OE-Core rev: 22ed19292d160461042d4a2294fe2ec0b953873e)
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
opkg needs the replaces/conflicts/provides in order for this package
to function as intended. When enabled, this code caused failures for
core-image-sato -c populate_sdk.
The reason is that nativesdk-autoconf has several perl dependencies. We
need to list more of the things which this package provides/conflicts
with in order for it to function correctly. Therefore add the missing
entries.
(From OE-Core rev: 27412b377dda47daa87bfcb3a41babe53ff8b0a3)
(From OE-Core rev: e0db1beb6db624b3b743e780c298c63a1e177cfb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
For changes, see:
https://github.com/gentoo/eudev/compare/v3.2.5...v3.2.7
(From OE-Core rev: dd2c4d9d85e70abacfa70fbe9281f393452875ea)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Fix package splitting for services installed with
systemd-container. Some files have been installed with systemd
package instead of systemd-container package. (*.service,
*.socket, *.html...)
- Split journal-upload, journal-remote, journal-gatewayd into
separate packages. These services are not strictly related to
nspawn containers. Remote logging is now possible without
installing all the container stuff.
- systemd-container package rrecommends journal-upload, journal-
remote, journal-gatewayd packages.
(From OE-Core rev: d31ff84a5f4723700ed48fd14ace81d3c707065e)
Signed-off-by: Adrian Freihofer <adrian.freihofer@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Use 4 spaces to replace a tab.
(From OE-Core rev: cbb6743d46752481782789fa1a0dfade11057114)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The busybox.link.* files are generated from autoconf.h and applets.h,
which are both auto-generated by the build system. The contents of the
two files might be in different order, and so the link files are not
reproducble as is.
Fix this by sorting the lists using `sort`.
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
valgrind for qemumips64 multilib builds fails to configure
for libn32 with the error:
configure:6190: checking for 32 bit build support
...
fatal error: bits/long-double-32.h: No such file or directory
It seems that the toolchain is producing:
tmp-glibc/sysroots-components/mips64-n32/libn32-glibc/usr/include/bits/long-double-n32.h
Until the toolchain problem is resolved, skip valgrind for libn32.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Play the whack-a-mole game and add the .file directive to another
assembly file that otherwise shows itself in ld-2.28.so debug file,
which in turns alters the build-id of ld-2.28.so on target.
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rationale - excerp from `info chown`
====================================
OWNER‘:’GROUP
If the OWNER is followed by a colon and a GROUP (a group name or
numeric group ID), with no spaces between them, the group ownership
of the files is changed as well (to GROUP).
Some older scripts may still use ‘.’ in place of the ‘:’ separator.
POSIX 1003.1-2001 (*note Standards conformance::) does not require
support for that, but for backward compatibility GNU ‘chown’ supports
‘.’ so long as no ambiguity results. New scripts should avoid the use
of ‘.’ because it is not portable, and because it has undesirable
results if the entire OWNER‘.’GROUP happens to identify a user whose
name contains ‘.’.
Signed-off-by: Kosta Zertsekel <zertsekel@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix the following CVE.
CVE: CVE-2018-15688
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix the following CVE.
CVE: CVE-2018-15687
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix the following CVE.
CVE: CVE-2018-15686
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The master branch does not exist any more, use develop to replace.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add back alternatives for init utilities to avoid regression.
These alternatives were removed when upgradeing systemd to 239.
They were removed out of the logic that init utitilies should be
bound to init manager. However, it turned out that two use cases
were not covered.
1) initramfs using commands like 'reboot' from busybox.
2) Users use customized busybox defconfig which enables init utilities.
The first use case caused a regression bug in yocto.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=12914
Patches were sent to fix the reboot problem.
But this is not enough. As we may have the second use case. In such
situation, users will find themselves having regression error when
using 'busybox + systemd' (and busybox is installed after systemd,
overriding the systemd symlinks).
So in order to avoid regression, add back these alternatives.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Andrii Bordunov via Openembedded-core
Richard Purdie
Anuj Mittal
Armin Kuster
Ross Burton
Armin Kuster
Aditya Tayade
Khem Raj
Chen Qi
George McCollister
André Draszik
Oleksandr Kravchuk
Dustin Bain
Marcus Cooper
Peter Kjellerstedt
Alex Kiernan
Alexander Kanavin
Kai Kang
Brad Bishop
Adrian Freihofer
Robert Yang
Martin Hundebøll
Randy MacLeod
Kosta Zertsekel
Hongxu Jia