| Age | Commit message (Collapse) | Author |
|---|
|
This fixes 3 CVES:
CVE-2016-5419
CVE-2016-5420
CVE-2016-5421
(From OE-Core rev: 62157e2b31c206be40f95574bb205dae5e8e4b68)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 638e648fdcba2f2a4fdf53747290a9a98ea0a86e)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 53761f4f2d4b8463bf9f996a87ee0dc61e21a2d0)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
krb5 is needed to enables GSS-Negotiate authentication
(From OE-Core rev: 78811b6e608452a3137df6ed2346c69d42d8fd27)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ac_cv_sizeof_off_t was previously in the site cache files, which was breaking
large file support and required a workaround in each recipe that actually wanted
to use large files.
Now that the entry has been removed from the site cache, we can remove the
workarounds.
(From OE-Core rev: 1485d7cae88adb3575c6eaa47784fe50820d2740)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Proxy support is a feature, so should not have been disabled in
the previous commit (which disabled support for legacy protocols):
http://git.openembedded.org/openembedded-core/commit/?id=b26634900d487a22eef41e9e077d35fb347d4c29
(From OE-Core rev: dfb0064fb16eba1446b8f3db13e0b8b3b4764481)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As a result of this commit, the following protocols will now be
disabled by default:
DICT GOPHER IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP
Also add a PACKAGECONFIG option for libidn (previously disabled
unconditionally).
(From OE-Core rev: b26634900d487a22eef41e9e077d35fb347d4c29)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch has been carried around in oe-core for a long time.
It contains two unrelated changes and neither seem to be required
any more. Drop the patch.
(From OE-Core rev: 27837df35db57f50b8fa7f7c6b3f2e400205deb9)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adjust LIC_FILES_CHKSUM beginline due to changes to the Copyright to
acknowledge additional contributors. No change to the license text.
(From OE-Core rev: 0ab2c3b105fe92efbc814a3985879996932878c6)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Full changelog: http://curl.haxx.se/changes.html#7_47_0
Security fixes: http://curl.haxx.se/docs/vulnerabilities.html
CVE-2016-0754 : remote file name path traversal in curl tool for Windows
CVE-2016-0755 : NTLM credentials not-checked for proxy connection re-use
(From OE-Core rev: 6600190d7efb69dd5121b9ca082ad4c0dbc5e17e)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: a7468f7a872f288577f4dc0146a931a4a179e2be)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 32076a55fec1f01f84fe84aefc9300fae25f2519)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
curl-config will be installed to target, cleanup buildpaths in it:
* remove ${STAGING_DIR_HOST} from CC, CFLAGS ...
(From OE-Core rev: 3e4978a534afc7fd4b82a044da8d9774cf09a4f0)
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bump to version 7.44
(From OE-Core rev: edea6df23692686c8401dea877234072ee117b36)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: eb54c29d0566e01c287bdccbdb26c188aac66033)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upgrade to include a security fixes for CVE-2015-3153
(From OE-Core rev: a99047605020ea76209279e98556687c61e1da0d)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This issue was reported on poky ml as well see
https://lists.yoctoproject.org/pipermail/poky/2013-December/009435.html
Change-Id: Iedf22467889893111fde0433e411fd0546a38546
(From OE-Core rev: 3c58712465494e441c4036a7cf21d2e6d343efab)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upgrade include these security fixes:
1. CVE-2015-3143
2. CVE-2015-3144
3. CVE-2015-3145
4. CVE-2015-3148
(From OE-Core rev: 9d2cb0e2183c24b4cf42c078d75c10ba1e4b6e56)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There should be only one dev and dbg package.
(From OE-Core rev: eb972e9b4b4210fa1c35fc0fae0ada27264b2e66)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: ab2ca0f4e0fc2e644bf248ede350d0c5eec326ed)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enabling support for the smb protocol does not create
a build time dependency on samba.
(From OE-Core rev: b4c7921001a30e0162cacbe12b1a5b888b36db57)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
curl 7.40.0 added support for the SMB/CIFS protocol. So provide
a PACKAGECONFIG option for smb.
Reported-by: Andre McCurdy <armccurdy@gmail.com>
(From OE-Core rev: c776fd463902594e77cf9a8199039714a078437c)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bump to version 7.40
(From OE-Core rev: d3704312252c1607883099063151c599cca81cbe)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove backported CVE patches
(From OE-Core rev: 257ca2054c907c9c9868ccae57c6e0d750fb1164)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus
making them apply broader than cookies are allowed. This can allow arbitrary
sites to set cookies that then would get sent to a different and unrelated site
or domain.
(From OE-Core rev: ddbaade8afbc9767583728bfdc220639203d6853)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By not detecting and rejecting domain names for partial literal IP addresses
properly when parsing received HTTP cookies, libcurl can be fooled to both
sending cookies to wrong sites and into allowing arbitrary sites to set cookies
for others.
(From OE-Core rev: 985ef933208da1dd1f17645613ce08e6ad27e2c1)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The user can enable libssh2 via conf/local.conf or custom distro
configuration, this will pull in libssh2, which is not used by default.
For example, a curl_x.y.z.bbappend file containing the following line:
PACKAGECONFIG += "libssh2"
(From OE-Core rev: d425e005d274cac0ef7160f53c41bda175444f69)
Signed-off-by: Fabrice Coulon <fabrice.coulon@axis.com>
Signed-off-by: Olof Johansson <olof.johansson@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise this is a non-deterministic build dependency.
(From OE-Core rev: 8521d4d6b73c93ae60cca3d04673cdd02c27446c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 482493b54d97c455bf4849efed3e543340412d7b)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 3682d661f3b3a6fa7d9ef37968746cbaf1ede078)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a zlib PACKAGECONFIG control and update PACKAGECONFIG[ssl] to
include the openssl dependency. Older hardcoded DEPENDS can then
be removed.
(From OE-Core rev: e668c79de927eff635f29fb5ff001f6b106ccc81)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This will allow curl run as nativesdk and fixes the following:
fatal: unable to access 'https://...': Protocol https not supported or disabled in libcurl
(From OE-Core rev: 76a702f4cde7ca8dd2946633f489386e43b6be26)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove unused "remove_inappropriate_file_from_rel.patch"
(From OE-Core rev: ad1b9480f2ef5a4450f8b31ef7b3141ee7462b4f)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 2cd9141c8a8b9639c95cb68496f0392ba26595dc)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This will allow for easier configuration of curl for SSL vs gnutls
[YOCTO #6329]
(From OE-Core rev: 6a8144390eb2dee6e1baf7be75cffcacbb247002)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove patches that are fixed upstream
(From OE-Core rev: d5d169af2b34596deb3997c2bfa7398c447c4fac)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default ipv6 is auto detected for native builds but disabled when
cross compiling.
This commit adds a PACKAGECONFIG option, unconditionally enabled for
native and nativesdk builds and controlled by the ipv6 DISTRO feature
for target builds.
(From OE-Core rev: f8377e96b353f8cf4a5812fa14c1c0405f769096)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the adaptation for the a bugfix upstream
The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release
interfered with the upstream fix for
https://sourceforge.net/p/curl/bugs/1350/
(From OE-Core rev: c5a52f5b5ae7c5528bc59ee7fb69a2f460a89b81)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Mostly cosmetic, but entries in PACKAGES should be specified the exact same way as FILES/RRECOMMENDS entries to avoid problems.
(From OE-Core rev: 4d2a7f47a9830788455afe00a7c6a857cebbcb81)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
mkhelp: generate code for --disable-manual as well
This allows configure --disable-manual to run and build without having
to regenerate the src/tool_hugehelp.c file which otherwise is necessary
since we ship tarballs with that file present.
(From OE-Core rev: 544a96255203a6779d1f0022d003c6680f330511)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: a4b5173dcba0384589debceebf90e98a2cbadd63)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 5223646626693a5783919a600fb080a4c6dff06d)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
point CA bundle to /etc/ssl/certs/ca-certificates.crt instead of using the buildhost location, Configure would look at the buildhost and hardcode the bundle location for there into the target. This leads to non-working https support.
Also remove the empty and now useless curl-certs packages since it's empty and no ALLOW_EMPTY has been set.
Apart from making https work again with curl cmdline this also fixes libcurl which means git can fetch https repos as well instead of erroring out.
(From OE-Core rev: 2325c1ee13bc3a8474238e8a6c20b6a3c671bf07)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
curl/curlbuild.h conflicts between 32-bit and 64-bit versions.
(From OE-Core rev: 8b2e163338331fde05e47a4843f6bd1c9b4f9333)
Signed-off-by: Baogen Shang <baogen.shang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 6c91bbe8d7c03c9f67715c7648d9a83781fcfad3)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
(From OE-Core rev: b8feee3cf21f70ba4ec3b822d2f596d4fc02a292)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 5b7ae85d1de82de0e78f7aaec01c5510445ceb21)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4ec7eeea49be0bddb688b5bda5d423c4c7f4695d)
Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: f4a1257c20d3de9969d4cfe2d5240791d0d22d37)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add upstream-status to configure_ac.patch.
(From OE-Core rev: 8fc6904fe97438478119db6cd23b7b4eb33b50aa)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Ross Burton
Fan Xin
Chen Qi
Roy Li
Andre McCurdy
Wenzong Fan
Maxin B. John
Khem Raj
Robert Yang
Saul Wold
Chong Lu
Fabrice Coulon
João Henrique Ferreira de Freitas
Tudor Florea
Koen Kooi
Cristiana Voicu
Baogen Shang
Paul Eggleton
Marko Lindqvist
Joe Slater