Age | Commit message (Collapse) | Author |
|
If you want to be able to use -fstack-protector then you need the
runtime support - you can either write this yourself or use libssp
supplied with GCC. If you're using GCC then it seems likely that you'd
just be using libssp, so include in the SDK by default; however use
RRECOMMENDS just in case it's been disabled or you aren't using GCC.
(From OE-Core rev: 6c990655e35bb3a14d59555662ec5802c9980028)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This reverts commit 87c17b352daa63bc4f62e8802982288ab1839f1b.
Upstream restored the original hashes.
|
|
Machines that cloned a while ago will have the commit, but new
deployments won't because it seems the upstream changed/rebased
and the old commit ID has been garbage-collected away. Hence
the fetch fails to check out the named commit ID.
Both the old (gone) commit, and the "new" commit show the same
dates and commit log and point at 5.28, so hopefully this is
the right thing to do. A git diff of the two seems to only show
a blanket uprev of CVS tags and deletion of a couple autogen'd
files, and no real source changes.
(From OE-Core rev: adb71e06768adadda7b69c3b5e81ca3ad67237f4)
Cc: Christos Zoulas <christos@zoulas.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to check the gpg version and alter its command line options
accordingly.
[YOCTO #11054]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 44a44b7e582a5a654baf21829d168568481c13d9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit a00a362e3dc18ba04230cbbd6f91264e5d76f40d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a new %_gpg_sign_cmd_extra_args macro that allows customizing the
gpg options used when signing rpm packages. This is needed to be able to
sign packages with gpg 2.1 which requires "--pinentry-mode loopback" to
allow non-interactive signing.
[YOCTO #11054]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 373a7146d596d27376a003014df0d06f3df5348d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Split the file list into chunks in order to avoid
"OSError: [Errno 7] Argument list too long"
This would happend when a package has huge amount of subpackages, e.g.
glibc-locale.
[YOCTO #11069]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 874f5016fd4dc76bc867b68470297fe59e78a9e6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without doing this, locale data is not written
into usr/src/locale.
We could also just use MKDIR_P instead of mkdir_p.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The imp python module is the forerunner of importlib. Include imp in
the importlib subpackage instead of the misc subpackage so that it can
be depended on without bringing in a bunch of unrelated, unused modules.
(Slightly modified backport of afd9de380dc04780da1eeb94a4c8c46529254231
by George McCollister <george.mccollister@gmail.com>)
[YOCTO#11134]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add missing dependency on nativesdk-python3-importlib so the imp Python
module is installed.
Before this patch, running gdb from the sdk would give the following
error:
Python Exception <class 'ImportError'> No module named 'imp':
(From OE-Core rev: ad00a31fbe93e073a2d83616efcd08c5a7ef37c9)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If an SSL/TLS server or client is running on a 32-bit host, and a
specific cipher is being used, then a truncated packet can cause that
server or client to perform an out-of-bounds read, usually resulting
in a crash.
Backported from:
https://github.com/openssl/openssl/commit/8e20499629b6bcf868d0072c7011e590b5c2294d
https://github.com/openssl/openssl/commit/2198b3a55de681e1f3c23edb0586afe13f438051
* CVE: CVE-2017-3731
Upstream-status: Backport
Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
|
|
The XListFonts function in X.org libX11 before 1.6.4 might allow
remote X servers to gain privileges via vectors involving length
fields, which trigger out-of-bounds write operations.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7943
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
Upstream patch:
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8c29f1607a31dac0911e45a0dd3d74173822b3c9
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X
servers to gain privileges via vectors involving image type and geometry,
which triggers out-of-bounds read operations.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7942
Upstream patch
https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=8ea762f94f4c942d898fdeb590a1630c83235c17
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
CVE-2016-7947
Insufficient validation of server responses result in Integer overflows
CVE-2016-7948
Insufficient validation of server responses result in various data mishandlings
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
Upstream patch for both CVEs:
https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Insufficient validation of server responses results
in overflow of previously reserved memory
Upstream patch:
https://cgit.freedesktop.org/xorg/lib/libXrender/commit/?id=9362c7ddd1af3b168953d0737877bc52d79c94f4
External References:
https://lists.x.org/archives/xorg-announce/2016-October/002720.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7949
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
When using an alternative as an initscript, the ordering between
update-rc.d and update-alternatives tasks during prerm and postinst
tasks must always be the following in order to work:
* prerm:
- stop daemon
- remove alternative
* postinst:
- add alternative
- start daemon
This patchset adds comments to the scripts generated by both classes and
organize the generated sections based on those comments.
[YOCTO #10433]
Signed-off-by: David Vincent <freesilicon@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit aa87b1a4dcc14e4dfe719b6c55045c5662bc59c2)
|
|
while we are at it clean up sed
(From OE-Core rev: 69e9f7ec8ba8649784a27e9c7dc7a6987a53c22e)
(From OE-Core rev: cb4f5ecf32006192baaf41218a3d7b43ca1c2951)
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes following error in configure:
FATAL ERROR: msgfmt does not seem to be installed.
attr cannot be built without a working gettext installation.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core rev: d044fad8a0ac5d57deb88b25106f3a39cb7c1636)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The use of awk -F "." in do_install/do_deploy to strip filename extension
was deprecated long time ago in 72980d5bb465f0640ed451d1ebb9c5d2a210ad0c.
Make a similar change in postinst/postrm to properly use basename command.
Otherwise DTB files that contain dots in the name result in broken symlinks
that point to non-existent truncated files.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core rev: 40c2addf0f0ee16b1c1334cf00f1490ffeaac475)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade libxtst from 1.2.2 to 1.2.3 to address:
Out of Bounds Write Denial of Service Vulnerability, CVE-2016-7951
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7951
https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There was bug with alignment frags for aarch64 in binutils. This is fixed in
master of binutils. This patch backports the fix to binutils 2.27 version.
(From OE-Core rev: f6f87019073d4f3caa7766aca89faa6781690fba)
Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com>
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
With enabled SSTATE_MIRRORS sstate code expects mirrors to
contain entries for all tasks, which is not the case for ext
installer as it uses reduced sstate cache.
Added do_package tasks to BB_SETSCENE_ENFORCE_WHITELIST to prevent
installer failing with ERROR: Sstate artifact unavailable
[YOCTO #10832]
(From OE-Core rev: 2ed46ada4b8e496493835e84b36f7e9c367f59d2)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Mapped uninative sstate directories to make ext SDK installer to
use them when it's run on systems with gcc version different from
gcc version used to build installer.
[YOCTO #10832]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream have removed the file from zlib.net as a new version has
been released, switch to fetching from the official sourceforge
mirror.
[YOCTO #10879]
(From OE-Core rev: bb99e4a620efd59556539c156cd98ea23aae74c8)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
nativesdk-libgcc doesn't need a symlink into the target space and if we do this
sstate installation of the recipe can fail depending on whether it races with
the cross-canadian toolchains.
(From OE-Core rev: b2c1e1fe4221862e0dbf5d08960f0d0228e47c72)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
People are strugling with multiconfig as the up front inclusion of the
configuration file doesn't do what people expect. The only way to meet
user expectations is to include the file immediately after local.conf.
We add BB_CURRENT_MC to bitbake so that the metadata can determine when
to include the extra configuration.
(From OE-Core rev: a6a3894fb2cb2097d2404b8b8cb2b85df595cfa9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This means that a user can change TMPDIR in a multiconfig situation
and still only have one path to the uninative setup. Without this change
its not possile to make such a setup work.
(From OE-Core rev: 779422c5458f5f643b3a4a0dedaa4d9ad709367a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Setting WKS_FILE variable in qemux86-64 made wic test to
use wrong wks file to produce an image and resulted in
test_qemu failure.
Used conditional assignment in qemux86-64 and explicitly
set WKS_FILE in wic testing suite to make the suite to use
wic-image-minimal.wsk. This should fix test_qemu failure.
(From OE-Core rev: 3bca4d18c2712e3b154bacfb917f0a749ebaddeb)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
BUILD_CC may reference something like ccache and expect this to come from
ccache-native, we at least have some selftests which assume this. Modify the
code to use PATH when runnig BUILD_CC to ensure the tests continue to work
as expected.
(From OE-Core rev: f3e753372baac43d0921186340cf260df056de20)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied and used d.getVar(True)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Hack: Depending on how glibc was compiled (e.g. optimised
for size or built with _FORTIFY_SOURCE enabled) the strlen
symbol might not be found in ld-XXX.so. Therefore although
we should still try to intercept it, don't make it mandatory
to do so.
(From OE-Core rev: 84ec50e587e7464b260b1b189659b93b6dab0ef6)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Some c++ libraries fail to build if uninative is built
with gcc 5.x and host gcc version is either 4.8 or 4.9.
The issue should be solved by making separate uninative sstate
directory structure sstate-cache/universal-<gcc version> for host gcc
versions 4.8 and 4.9. This causes rebuilds of uninative if host gcc
is either 4.8 or 4.9 and it doesn't match gcc version used to build
uninative.
[YOCTO #10441]
(From OE-Core rev: d36f41e5658bbbb6080ee833027879c119edf3e0)
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.
(From OE-Core rev: 8f3008114d5000a0865f50833db7c3a3f9808601)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ranges
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.
(From OE-Core rev: 00e928bd1c2aed9caeaf9e411743805d2139a023)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
xpath:
- Check for errors after evaluating first operand.
- Add sanity check for empty stack.
- Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes
(From OE-Core rev: 96ef568f75dded56a2123b63dcc8b443f796afe0)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
We were calling _log_check() in the RPM-specific rootfs class as well as
in the base class; this is unnecessary and resulted in any errors/warnings
generated during the actual package installation time triggering two warnings
instead of one. Drop the call from RpmRootfs._create() to fix this.
(From OE-Core rev: 541c56d755ba0354297673e857628026ad9e4df2)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Major changes:
The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution, used for demos.
CVEs fixed:
CVE-2016-9297
CVE-2016-9448
CVE-2016-9273
CVE-2014-8127
CVE-2016-3658
CVE-2016-5875
CVE-2016-5652
CVE-2016-3632
plus more that are not identified in the changelog.
removed patches integrated into update.
more info: http://libtiff.maptools.org/v4.0.7.html
(From OE-Core rev: 9945cbccc4c737c84ad441773061acbf90c7baed)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
To trap errors and halt processing, do_kernel_metadata was recently
switched to exit on any non zero return code. While the concept is
sound, there are subcommands that have legitimate non-zero return
codes.
Instead of removing set +e, we'll explicitly check the return code
of the commands that can error, and throw a bbfatal to alert the
user.
(From OE-Core rev: a4705e62d0973c290011fc0d250501d358b659e8)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Updating to the latest 4.8-rt
(From OE-Core rev: 9f4565a308be55c1bf11706041c0565d48bda4f4)
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ARM stack frames for abort and raise were limited to the the actual
abort and raise call, such as:
Obtained 4 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4adae1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4adacf74]
This is not terribly useful when trying to figure out what function
may have called called the abort, especially when using pthreads.
After the change the trace would now look like:
Obtained 8 stack frames.
./test-app(print_trace+0x1c) [0x10a08]
./test-app() [0x10b3c]
/lib/libc.so.6(__default_sa_restorer+0) [0x4befe1e0]
/lib/libc.so.6(gsignal+0xa0) [0x4befcf74]
/lib/libc.so.6(abort+0x134) [0x4befe358]
./test-app(dummy_function+0x50) [0x10adc]
./test-app(main+0xd4) [0x10c24]
/lib/libc.so.6(__libc_start_main+0x114) [0x4bee7a58]
(From OE-Core rev: 93bf8713d8e13c278543baea94fb8dad0cb80e49)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Use weak assignment for SERIAL_CONSOLES in qemu configuration files so that
the value could serve as a default value and could be easily overridden in
configuration files like local.conf.
When using the default value for SERIAL_CONSOLES in qemux86-64,we would have
annoying messages on console complaining about respawning getty on ttyS1.
Although the value is set by purpose, at least we need to provide an easy way
to override it.
(From OE-Core rev: 5f060b66162c41a295995947b918253450870117)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There's no need to chdir() as tarfile.add() can be told what name to use in the
archive.
(From OE-Core rev: d0b282bce34db44dde4dd7f53a64dfaafe6789de)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Rather than erroring out on a single attempt while
terminating EFI services, make a few retries because
such quirks are found in a few implementations.
Also fix a div by zero issue in the same framework
which causes an infinite reboot on the target.
Both patches included here are backports.
(From OE-Core rev: 5e6ac806bd9b8bf885ef1e88484e91e4cdaaa69a)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
'tar' utility from tar and bsdtar has the same alternative priority.
'cpio' utility from cpio and bsdcpio has the same alternative priority.
Lower the ALTERNATIVE_PRIORITY to avoid conflict.
(From OE-Core rev: 9a59ff628771b586666999d44923968a6bc58956)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add a new variable CVE_PRODUCT for the product name to look up in the NVD
database. Default this to BPN, but allow recipes such as tiff (which is libtiff
in NVD) to override it.
(From OE-Core rev: ba330051570a4c991885ee726cb187e0c911bd4f)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is 'libcurl' in NVD.
(From OE-Core rev: f5381da49ac781ef017a1b9816c00b512ca9c7c2)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is 'libtiff' in NVD.
(From OE-Core rev: 0c8d1523f3ad0ada2d1b8f9abffbc2b898a744ca)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ClassType was removed from python3.
The code testing for ClassType kept throwing AttributeError exceptions:
module 'types' has no attribute 'ClassType'
The exceptions prevented loading of any dynamically resolved target
controllers.
(From OE-Core rev: d62f18c39bc0ed3b0f5ac8465b393c15f2143ecf)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backporting upstream commit 84ac726023 [packet: fix race condition in
packet_set_ring] to address CVE-2016-8655
(From OE-Core rev: db7799747b263507427e325638353142ae79403c)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|