| Age | Commit message (Collapse) | Author |
|---|
|
It is a small version of gpg which can only verify signatures. It
should be installable on its own. This matches the behaviour of
the gnupg 1.4 recipe, which was removed recently.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Used by nfs-utils for nfsidmap, if available. Includes a backported patch for
musl and a description text from meta-ivi.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
New releases of ICU are published on github.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 5cc0f0dcf1f41bc148b034b3f7abef756a328cd3)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ includes the fix for CVE-2020-11501 ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 8652c95ceb505dd7386166842486c833ea5a7ee7)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Drop patch from 81485be19b18 ("gnutls: don't use HOSTTOOLS_DIR/bash as a
shell on target") as upstream now honours POSIX_SHELL when set as the
primary target shell.
(From OE-Core rev: bc487ced3be40569157fb40c99bfa68871f74744)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 287de363f80a2f9919b942a1349f58575e8b91d8)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ includes the fix for CVE-2019-14855 ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string
ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4
outside of the application, as demonstrated by the ASPELL_CONF environment
variable.
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-20433
Upstream patches:
https://github.com/GNUAspell/aspell/commit/de29341638833ba7717bd6b5e6850998454b044b
https://github.com/GNUAspell/aspell/commit/cefd447e5528b08bb0cd6656bc52b4255692cefc
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Fix the following CVEs:
- CVE-2019-19244
- CVE-2019-19923
- CVE-2019-19924
- CVE-2019-19925
- CVE-2019-19926
- CVE-2019-19959
- CVE-2019-20218
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ removed the CVE-2019-19880 fix that did not apply cleanly ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
We need to sort python dict output to be deterministic and generate consistent
header files.
(From OE-Core rev: 75e4cedb986379db2e8a897df52ee1363f9a9a80)
(From OE-Core rev: fc6e8e527698a82bf8047d02e0e792c4a1a64449)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The build was injection git information from the wrong git tree, stop this
to allow reproducible builds.
(From OE-Core rev: 506b36b6d86b3454fcc3cb85f6229cbe8d14f5b5)
(From OE-Core rev: 2b68ffc6d7c45541958f1b0c0b9ca9e39064e096)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 35bbb1deb4ddab3861dce7ca2ada778094fb353e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Change all recipes to https where we get an http 301 permanent redirect.
(From OE-Core rev: e514acda9e12bccde6d3974e0fd1a37b3837191a)
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes CVE-2019-17266.
(From OE-Core rev: ffdbcd78955d43d34988991f1d217036f044167d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Bug fix release:
https://gitlab.gnome.org/GNOME/libsoup/compare/2.66.2...2.66.4]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Commit: d336110b94 boost: update to 1.67.0
dropped the patch that ensured boost doesn't over-ride the architecture flags
set by us resulting in errors:
| build/tmp/work/x86_64_x32-poky-linux-gnux32/boost/1.69.0-r0/recipe-sysroot/usr/include/bits/long-double.h:44:10: fatal error: bits/long-double-64.h: No such file or directory
| #include <bits/long-double-64.h>
| ^~~~~~~~~~~~~~~~~~~~~~~
| compilation terminated.
Remove the relevant part from gcc.jam again to ensure we are passing
them correctly again.
Fixes [YOCTO #13598]
(From OE-Core rev: aad28f42b1c8aa1335c040630ebff4a69be07e35)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport two fixes for CVE-2019-13627 from upstream
to zeus.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Use patch from upstream after 1.1.33 release.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-12904
Patches from:
https://github.com/gpg/libgcrypt/commit/1374254c2904ab5b18ba4a890856824a102d4705
https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 37e390ff05b6a4509019db358ed496731d80cc51)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport CVE-2019-17544 fix to zeus.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The default URI returns a gzip-compressed index page
which browsers can auto-detect, but we can't.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch from debian to make it check libtoolize rather than libtool.
https://sources.debian.org/data/main/a/apr/1.6.5-1/debian/patches/libtoolize_check.patch
This can also fix:
$ bitbake nativesdk-apr
buildconf: libtool not found.
You need libtool version 1.4 or newer installed
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enable libsoup build as a native package, for it may invoked by
other native package, such as ostree.
Signed-off-by: Jiang Lu <lu.jiang@windriver.com>
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The gpg commit signing in ostree-native doesn't work properly when
running from sstate. The ostree-native is linked with gpgme-native's
libraries, which have calls into gpg.
Ultimately it turned out the problem was that gpgme calls gpgconf and
some of the other gnupg-native binaries directly. Not all the
binaries have a wrapper which sets the environment variable GNUPG_BIN.
Without this wrapper these binaries it gets the path assignment from
the original compilation which causes a fault when running from sstate
in a new tmp directory because these paths will not exist.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Supplemental to commit fb17b46e2. The libevent "regress" test
outputs its own pass/fail results, e.g.
"2/300 TESTS FAILED. (31 skipped)", which will be miscounted
as an extra test fail in the ptest log. Fixed this to ignore
the libevent results line when counting actual pass/fail
results.
Also removed the for loop in run-ptest and targeted only the
libevent "regress" test, as the other tests being run were
related to performance and did not provide a relevant pass/fail
output.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The libevent ptest used to report only a global pass or a fail result.
Count individual PASS, FAIL, SKIP results. The SKIP results now
include tests that are disabled in the libevent code.
libevent's ptest output did not comply with the automake-style output
"result: testname", and reported a FAIL status at the end of the test
run if any of the libevent tests failed. This patch makes the log
consistent with the automake style:
PASS: http/cancel_by_host_no_ns
PASS: http/cancel_inactive_server
PASS: http/cancel_by_host_no_ns_inactive_server
SKIPPED: http/cancel_by_host_server_timeout
SKIPPED: http/cancel_server_timeout
and provides a summary as follows:
=== Test Summary ===
TOTAL: 316
PASSED: 300
FAILED: 0
SKIPPED: 16
DURATION: 87
END: /usr/lib/libevent/ptest
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch originally came from oe-classic in 2010 with the comment "fix pc file
so that it actually links to the support libraries". If an application wants to
link to the support libraries then it should be using the relevant .pc files to
do so.
oe-core builds successfully with this patch removed and other distributions
don't carry it, so drop the patch.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop the musl workaround, as upstream has solved this correctly now.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: copyright years updated.
Drop the backport patch.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As there is no version newer than 3.3-rc0 yet, an exception
from the check is needed.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This command was dependent on the order of files on the disk and for multilib builds
could result in:
Error: Transaction check error:
file /etc/ca-certificates.conf conflicts between attempted installs of ca-certificates-20190110-r0.core2_32 and lib64-ca-certificates-20190110-r0.x86_64
Sorting the file makes things deterministic.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This solves the following errors:
src/mips/o32.S: Assembler messages:
src/mips/o32.S:286: Error: opcode not supported on this processor:
mips32r2 (mips32r2) `s.d $f12,((16*4)-10*4)($fp)'
src/mips/o32.S:287: Error: opcode not supported on this processor:
mips32r2 (mips32r2) `s.d $f14,((16*4)-8*4)($fp)'
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Unless SQLITE_BYTEORDER is predefined, the code falls back to build
time huristics - which are not always correct (e.g. in sqlite 3.28.0
big-endian ARM is mis-detected).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous simplification:
https://git.openembedded.org/openembedded-core/commit/?id=604777acfc54d285f315b622bd147ed02d55d6fd
looked OK but didn't actually work as expected. The native and
nativesdk classes re-set CFLAGS after the += has been applied and
so any modifications made via += are lost. Use _append instead.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some notes:
- bjam bootstrap scripts were changed, and the patch for that had to be
adjusted. tools/build/src/engine/build.sh now supports an --debug option
which the bjam-native recipe can use to get the debug build of b2.
- a related patch was added to address a speed regression with the debug
version of bjam
- gcc.jam patch had to be refreshed because boost added more "cpu-flags"
lines.
- since 1.70.0, boost includes new cmake config files which are packaged
in ${PN}-dev now so they make it into the SDK. (although 1.71.0 is needed
to fix some bugs in them)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Andreas Oberritter
Alexander Kanavin
Wang Mingyu
Alex Kiernan
Anuj Mittal
Stefan Ghinea
Ross Burton
Lee Chee Yang
Richard Purdie
Khem Raj
Stefan Müller-Klieser
Adrian Bunk
Trevor Gamblin
Joe Slater
Yi Zhao
Qi.Chen@windriver.com
Robert Yang
Andre McCurdy
Oleksandr Kravchuk
Jiang Lu
Jason Wessel
Peter Kjellerstedt