| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Kevin Weng <t-keweng@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: 480f15850820746cecdfe0b8450b2be484c1f8f9)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: CUrl.org
MR: 98455
Type: Security Fix
Disposition: Backport from https://curl.haxx.se/
ChangeID: 86b094a440ea473b114764e8d64df8142d561609
Description:
Fixes CVE-2019-5435 CVE-2019-5436
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Source: sqlite.org
MR: 97484, 97490
Type: Security Fix
Disposition: Backport from sqilte.org
ChangeID: c6105b5d3ce4fb2c0f38c3cab745b769d2df38f5
Description:
Affects < 3.26.0
fixes:
CVE-2018-20505
CVE-2018-20506
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This reverts commit a384248938ea9db096866bf4ec8678d35ca62a12.
This package update slipped in doing the maint process. Removing it.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
(From OE-Core rev: 73ebdcaedde460108f98971f037e50e9b15c9f0c)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Since commit [f1dc9ac rng-tools: Fix crazy defaults] fixed
init based on sysvinit, this fix rngd.service based on systemd.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop upstreamed reproducibility-add-file-directive-to-assembler.patch
Drop signals library as upstream has removed it:
https://www.boost.org/users/history/version_1_69_0.html
(From OE-Core rev: 894d2867275e72caac9181ea3b859d7595268f7f)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: af3e1bbcc615adfc1f915448afe9c794ad938522)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
For changes, see:
https://github.com/ivmai/libatomic_ops/compare/v7.6.6...v7.6.8
Also switch to using tarball release instead.
(From OE-Core rev: a33170ff9a7abc5689e266e093069fd716c62622)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Rpm use nss as digest crypto library and which will cause an error as follows:
error: test-manual-1.2.3-20181012.noarch.rpm: Header SHA1 digest: BAD (Expected
f1deb7dc4a10742d88ccd1e967dbc62ae45095a5 !=4ad9d7dad6d70d6086eefec62612ad5d77f2fe81) => this value is wrong
error: test-manual-1.2.3-20181012.noarch.rpm: not an rpm package (or package manifest)
The error is caused by SHA_HTONL in nss, for there is no need to reverse the host value for arm 32be, so fix it.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This recipe doesn't ship a *-config binary, so don't inherit binconfig.
(From OE-Core rev: 8b7d74aa7bb73daf84593fafde3eef4595918b63)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove _BUILD_STRING and _BUILD_TIME in _pl_bld.h
to avoid introducing timestamp in the .so library
such as libnspr4.so as below:
$ readelf --wide --decompress --hex-dump=.rodata libnspr4.so
[snip]
0x00004000 32303138 2d31312d 31352030 353a3439 2018-11-15 05:49
[snip]
[YOCTO #12639]
(From OE-Core rev: a3ca6272845c33f48430210470f133034ad8399d)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: 1100e7f1519be91c90b139c337799c7ea635a8b3)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: 4a373ce7d718ee3299bcf7f9fa62e7337d41e40a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
(From OE-Core rev: 5efe9eb79ac325f55fc52f67b522afaf7ebb847a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Notable change:
libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
see: https://lists.gnupg.org/pipermail/gnutls-help/2018-September/004457.html
(From OE-Core rev: 0697141e7be0b755db600aa0d5a975eac62cc7b8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
[v2]
Fix typo in version in subject
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add a .file directive explicitly for all *_elf_gas.S files to prevent the linker
adding a host build-system path as a FILE symbol to the object file.
This replaces the existing patch that added the .file directive to a small
subset of these files.
Upstream-Status: Submitted [https://github.com/boostorg/context/issues/91]
(From OE-Core rev: 5ff5f89f2db079a6baf0275ebf1333b4b9642504)
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Both RHEL and SLES uses ppc64/ppc64le for powerpc 64 bit big/little
endian targets instead of powerpc64/powerpc64le in libgpg-error.
Also libgpg-error provides common target system names in form like
<arch>-unknown-linux-gnu.
Add mapping for ppc64/ppc64le targets to their libgpg-error equivalents
to fix native builds.
Cross build for arm64 tested on IBM Power 8 machine with RHEL7 for
ppc64le variant only, but should work for ppc64 as well.
Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some of gdbm's ptest cases require gdbmtool, which is packaged into
${PN}-bin. So extend the RDEPENDS_${PN}-ptest to include the package.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: Only extract relevant parts from init.c & gpg-error.h.in
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Two unrelated lines were extracted from apu_version.h for the license
information.
License-Update: Only extract the relevant part from apu_version.h
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Two unrelated lines were extracted from apr_lib.h for the license
information.
License-Update: Only extract the relevant part from apr_lib.h
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
There are both "curl" and "libcurl" CPEs in NVD.
All "curl" CVEs are now missed in the reports.
Hence, switch "CVE_PRODUCT" to a space separated list
of the items.
Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
MPFR has a couple of things implemented in assembly and in case of
ARC those parts were written long ago when ARC GCC port was not yet
upstreamed. On upstreaming of GCC some constraints were changed and
so we can no longer build MPFR for ARC with up-to-date tools seeing
something like that:
| In file included from ../../mpfr-4.0.1/src/mpfr-impl.h:112,
| from ../../mpfr-4.0.1/src/mul.c:24:
| ../../mpfr-4.0.1/src/mul.c: In function 'mpfr_mul':
| ../../mpfr-4.0.1/src/mpfr-longlong.h:415:3: error: impossible constraint in 'asm'
| __asm__ ("add.f\t%1, %4, %5\n\tadc\t%0, %2, %3" \
| ^~~~~~~
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It uses certutil from nss to create a blank certificate. But the
checksum of database file key4.db changes every time:
$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
b892c5ff7c1977d4728240b0cf628377 key4.db
7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
$ rm *
$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
405d55178e866a115c1aa975fccfa764 key4.db
7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
Provide pre-created databases with a blank certificate to fix
non-determinism issue. And these database files are from nss qemux86-64
build.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The configuration option is WITH_KDE now, as it supports both KDE4 and KDE5.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The option WITH_PYTHON got replaced by
WITH_PYTHON2 and WITH_PYTHON3.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Make the subdir fetch path for configure.ac relative. This avoids the
following error after having done `devtool modify acl`:
ERROR: acl-2.2.52-r0 do_unpack: Unpack failure for URL:
'file://configure.ac;subdir=.../builds/qemux86-64/workspace/sources/acl'.
subdir argument isn't a subdirectory of unpack root
.../builds/qemux86-64/tmp/work/core2-64-poky-linux/acl/2.2.52-r0
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The LICENSES file contains references to source files with other
licenses than GPL/LGPL that stipulate that they shall be mentioned in
any documentation accompanying a product including this library.
License-Update: Add missing LICENSES file
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For some reason, the copyright part was left out of the license
information included in LIC_FILES_CHKSUM, preventing it from being
used in, e.g., documentation to satisfy the requirements of the
license.
License-Update: Include the complete license information
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Freeze-breaking upgrade for a security bug fix involving cookie URLs, and a
number of static analysis fixes.
Drop CVE-2018-12910.patch as this is merged in 2.62.3.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Current run-ptest script prints nothing, when stress tests fail.
Fix it in new implementation, discarding external dependency on sed.
Also leave in place all stress output, just add standard ptest result.
Fixes: 3f0106bf2e41 ("libusb: Add ptest")
Signed-off-by: Maksym Kokhan <maksym.kokhan@globallogic.com>
Reviewed-by: Andrii Bordunov <andrii.bordunov@globallogic.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The first line of output of '$CC --version' is written to check_stdint.h
as a comment line. It causes multilib install file conflict.
Do not echo compiler version info to check_stdint.h to fix the issue.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When cross-compiling for arm architecture, bjam fails to properly
detect the abi, which causes a failed conditional to omit the
assembly code that supports the platform.
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
[Alexey: Rebased on top of other patches like RiscV, NIOS2 etc]
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add trust-paths PACKAGECONFIG item which enables support for default
trust-paths in /etc/ssl/certs/ca-certificates.crt
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
p11-kit is no longer doing odd/even for development/stable releases, so
drop the custom UPSTREAM_CHECK_GITTAGREGEX.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Inherit from distutils-common-base and pythonnative/python3native to
avoid runtime dependency on Python, whilst still fixing clang builds.
Fixes: 8bfb54edc6fa ("gpgme: Inherit distutils3-base")
Suggested-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upstream is moving to Meson, so backport a patch to use that instead of
autotools.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport the CVE patch from the upstream
https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch
https://curl.haxx.se/docs/CVE-2018-14618.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14618
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as
gpg-agent. This breaks if gnupg-native is reused from sstate for a different
build directory and GPG signing of packages is required.
Patch in getenv() checks for gnupg-native when returning the hardcoded paths,
and create a wrapper script which overrides GNUPG_BINDIR. There are more paths
that can be overridden, but this one is sufficient to make GnuPG work.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Test suite test_dbm failed after gdbm upgrtade to 13.1,
from 13.1, return value of some function are changed.
* gdbm_fetch, gdbm_firstkey, and gdbm_nextkey behavior
If the requested key was not found, these functions return datum with
dptr pointing to NULL and set gdbm_errno to GDBM_ITEM_NOT_FOUND (in
prior releases, gdbm_errno was set to GDBM_NO_ERROR),
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Andrii Bordunov via Openembedded-core
Ross Burton
Armin Kuster
Armin Kuster
Alexander Kanavin
Hongxu Jia
Khem Raj
Anuj Mittal
Zheng Ruoqin
Mingli Yu
Douglas Royds
Serhey Popovych
Chen Qi
Peter Kjellerstedt
Changqing Li
Grygorii Tertychnyi
Alexey Brodkin
Kai Kang
Pascal Bach
Vernon Mauery
Antoine Tenart
Alex Kiernan
Zhixiong Chi