| Age | Commit message (Collapse) | Author |
|---|
|
CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure
CVE-2016-1286 bind: malformed signature records for DNAME records can
trigger assertion failure
[YOCTO #9400]
External References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286
References to the Upstream commits and Security Advisories:
CVE-2016-1285: https://kb.isc.org/article/AA-01352
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=e7e15d1302b26a96fa0a5307d6f2cb0d8ad4ea63
CVE-2016-1286: https://kb.isc.org/article/AA-01353
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=456e1eadd2a3a2fb9617e60d4db90ef4ba7c6ba3
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;
h=499952eb459c9a41d2092f1d98899c131f9103b2
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
An unprivileged "container" environment like this[1] doesn't have root
account (uid 0) which causes tons of "Invalid argument" warnings:
$ bitbake ...
...
WARNING: Could not copy license file [src] to [dest]: [Errno 22] Invalid argument: '[src]'
WARNING: Could not copy license file [src] to [dest]: [Errno 22] Invalid argument: '[src]'
WARNING: Could not copy license file [src] to [dest]: [Errno 22] Invalid argument: '[src]'
...
Fix it by handling EINVAL similar to existing handling of EPERM (which
was added for when not running under pseudo).
[1]: The real environemnt is buildFHSUserEnv from NixOS/nixpkgs, but a
demonstration of the issue can be done like this:
$ touch f
$ unshare --user --mount chown 0:0 f
chown: changing ownership of ‘f’: Invalid argument
(From OE-Core master rev: d00b2250a6afebd7d1373c04b4006290f0cd4043)
Signed-off-by: Bjørn Forsman <bjorn.forsman@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes affecting future time stamps
America/Caracas switches from -0430 to -04 on 2016-05-01 at 02:30.
(Thanks to Alexander Krivenyshev for the heads-up.)
Asia/Magadan switches from +10 to +11 on 2016-04-24 at 02:00.
(Thanks to Alexander Krivenyshev and Matt Johnson.)
New zone Asia/Tomsk, split off from Asia/Novosibirsk. It covers
Tomsk Oblast, Russia, which switches from +06 to +07 on 2016-05-29
at 02:00. (Thanks to Stepan Golosunov.)
Changes affecting past time stamps
New zone Europe/Kirov, split off from Europe/Volgograd. It covers
Kirov Oblast, Russia, which switched from +04/+05 to +03/+04 on
1989-03-26 at 02:00, roughly a year after Europe/Volgograd made
the same change. (Thanks to Stepan Golosunov.)
Russia and nearby locations had daylight-saving transitions on
1992-03-29 at 02:00 and 1992-09-27 at 03:00, instead of on
1992-03-28 at 23:00 and 1992-09-26 at 23:00. (Thanks to Stepan
Golosunov.)
Many corrections to historical time in Kazakhstan from 1991
through 2005. (Thanks to Stepan Golosunov.) Replace Kazakhstan's
invented time zone abbreviations with numeric abbreviations.
(From OE-Core master rev: 10194ca3d8c2f4d8648a685c5c239a33d944b6fe)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
they keep the versions in-sync. changes are all in data.
Changes affecting future time stamps
America/Caracas switches from -0430 to -04 on 2016-05-01 at 02:30.
(Thanks to Alexander Krivenyshev for the heads-up.)
Asia/Magadan switches from +10 to +11 on 2016-04-24 at 02:00.
(Thanks to Alexander Krivenyshev and Matt Johnson.)
New zone Asia/Tomsk, split off from Asia/Novosibirsk. It covers
Tomsk Oblast, Russia, which switches from +06 to +07 on 2016-05-29
at 02:00. (Thanks to Stepan Golosunov.)
Changes affecting past time stamps
New zone Europe/Kirov, split off from Europe/Volgograd. It covers
Kirov Oblast, Russia, which switched from +04/+05 to +03/+04 on
1989-03-26 at 02:00, roughly a year after Europe/Volgograd made
the same change. (Thanks to Stepan Golosunov.)
Russia and nearby locations had daylight-saving transitions on
1992-03-29 at 02:00 and 1992-09-27 at 03:00, instead of on
1992-03-28 at 23:00 and 1992-09-26 at 23:00. (Thanks to Stepan
Golosunov.)
Many corrections to historical time in Kazakhstan from 1991
through 2005. (Thanks to Stepan Golosunov.) Replace Kazakhstan's
invented time zone abbreviations with numeric abbreviations.
(From OE-Core master rev: db8223e4dd2e513a656aedfae217d94e053c2366)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The 2016c release of the tz code and data is available. Its most urgent change is for Asia/Baku, where the update takes effect this weekend.
This release reflects the following changes, which were either circulated on the tz mailing list or are relatively minor technical or administrative changes:
Changes affecting future time stamps
Azerbaijan no longer observes DST. (Thanks to Steffen Thorsen.)
Chile reverts from permanent to seasonal DST. (Thanks to Juan
Correa for the heads-up, and to Tim Parenti for corrections.)
Guess that future transitions are August's and May's second
Saturdays at 24:00 mainland time. Also, call the period from
2014-09-07 through 2016-05-14 daylight saving time instead of
standard time, as that seems more appropriate now.
Changes affecting past time stamps
Europe/Kaliningrad and Europe/Vilnius changed from +03/+04 to
+02/+03 on 1989-03-26, not 1991-03-31. Europe/Volgograd changed
from +04/+05 to +03/+04 on 1988-03-27, not 1989-03-26.
(Thanks to Stepan Golosunov.)
Changes to commentary
Several updates and URLs for historical and proposed Russian changes.
(Thanks to Stepan Golosunov, Matt Johnson, and Alexander Krivenyshev.)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
change SRC_URI http seems more reliable
Changes to code
tzselect's diagnostics and checking, and checktab.awk's checking,
have been improved. (Thanks to J William Piggott.)
tzcode now builds under MinGW. (Thanks to Ian Abbott and Esben Haabendal.)
tzselect now tests Julian-date TZ settings more accurately.
(Thanks to J William Piggott.)
Changes to commentary
Comments in zone tables have been improved. (Thanks to J William Piggott.)
tzselect again limits its menu comments so that menus fit on a
24x80 alphanumeric display.
A new web page tz-how-to.html. (Thanks to Bill Seymour.)
In the Theory file, the description of possible time zone abbreviations in
tzdata has been cleaned up, as the old description was unclear and
inconsistent. (Thanks to Alain Mouette for reporting the problem.)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
updated SRC_URI to http as it seems more stable.
Changes affecting future time stamps
New zones Europe/Astrakhan and Europe/Ulyanovsk for Astrakhan and
Ulyanovsk Oblasts, Russia, both of which will switch from +03 to +04 on
2016-03-27 at 02:00 local time. They need distinct zones since their
post-1970 histories disagree. New zone Asia/Barnaul for Altai Krai and
Altai Republic, Russia, which will switch from +06 to +07 on the same date
and local time. Also, Asia/Sakhalin moves from +10 to +11 on 2016-03-27
at 02:00. (Thanks to Alexander Krivenyshev for the heads-up, and to
Matt Johnson and Stepan Golosunov for followup.)
As a trial of a new system that needs less information to be made up,
the new zones use numeric time zone abbreviations like "+04"
instead of invented abbreviations like "ASTT".
Haiti will not observe DST in 2016. (Thanks to Jean Antoine via
Steffen Thorsen.)
Palestine's spring-forward transition on 2016-03-26 is at 01:00, not 00:00.
(Thanks to Hannah Kreitem.) Guess future transitions will be March's last
Saturday at 01:00, not March's last Friday at 24:00.
Changes affecting past time stamps
Europe/Chisinau observed DST during 1990, and switched from +04 to
+03 at 1990-05-06 02:00, instead of switching from +03 to +02.
(Thanks to Stepan Golosunov.)
1991 abbreviations in Europe/Samara should be SAMT/SAMST, not
KUYT/KUYST. (Thanks to Stepan Golosunov.)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some of the lttng fast_regression ptests have race
conditions which end up in a deadlock so the test
case never returns and the only way around is to
kill the process.
This is fixed by picking up relevant patches from
lttng-tools mainstream that fix up the behavior
of these tests.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream re-arranged their FTP server and deleted the tarball that we were
downloading. This tarball is mirrors on downloads.yoctoproject.org but not
everyone uses that, so Work around this by pointing the SRC_URI at the Yocto
Project source mirror directly.
[ YOCTO #9379 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the class nativesdk.bbclass is inherited, it redefines TARGET_CC_ARCH,
in the case of python3, this enables debug, causing an error while linking.
Since we don't enable debug during configure some functions are not declared.
This patch makes sure we keep debug disabled, fixing the linking errors.
[YOCTO #9357]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In case a getty is required on a UART which is not being
used as the kernel console, the current agetty invocation
fails to obey the baud rate configured through the
SERIAL_CONSOLES variable because it uses --keep-baud.
(From OE-Core master rev: b54b73834e73d55de1038b55d0a4d7f49cda52d0)
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To ensure that boost remains an empty metapackage after version
updates, we explicitly require boost files to be empty. If new
libraries exist after a version update of the boost recipe,
bitbake will emit a warning at the do_package task. For example,
at the version update from 1.58.0 to 1.59.0, the new timer
library is indicated with:
WARNING: QA Issue: boost: Files/directories were installed but not shipped in any package:
/usr/lib/libboost_timer.so.1.59.0
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
boost: 1 installed and not shipped files. [installed-vs-shipped]
Ross Burton suggested this improvement on the openembedded-core
mailing list during review of the boost recipe version update [1].
[1] http://lists.openembedded.org/pipermail/openembedded-core/2015-December/114314.html
(From OE-Core master rev: c4e33232db2da3594cc4ba38eea56ee1acb54d3a)
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@oss.bmw-carit.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is created by qemu for the do_rootfs case, which bypasses pseudo, so we
need to correct the ownership. This fixes a warning issued by
rootfs_check_host_user_contaminated.
(From OE-Core master rev: 4ff6b8cadec10e17dbf884a873a227e29944f5d1)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream released their 3.01 so the alpha releases we were downloading have
moved. Update the SRC_URI so it continues to download.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
WARNING: QA Issue: gcc-cross-canadian-i586-dbg: found library in wrong location:
/PATH/sysroots/x86_64-oesdk-linux/usr/libexec/i586-oe-linux/gcc/
i586-oe-linux/5.2.0/.debug/libcc1.so.0.0.0
This warning is introduced by commit f6e47aa(gcc-target 5.1: fix for libcc1)
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This applies upstream fixes to fix a segfault in systemd-logind on
shutdown.
[Fixes YOCTO #9265]
Signed-off-by: Bill Randle <william.c.randle@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream nfs-utils use 'rpc-statd.service' and Yocto introduced
'nfs-statd.service' instead but forgot to update the mount.nfs helper
'start-statd' accordingly.
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The SRCREV in the busybox git recipe did not point to a commit ID
on the master branch. Point the variable to something reachable from
the master branch (which fixes this recipe's fetch()).
Suggested-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Brad Mouring <brad.mouring@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Busybox upstream fixed the issue where an incorrect comparison of
addresses led to bogus renegotiation of a new ll ip in 1.24. Backport
this change to 1.23.2.
Signed-off-by: Brad Mouring <brad.mouring@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This includes a proper D-Bus service file for obexd in systems that do
not support systemd.
(From OE-Core rev: 75c5dc8d4a5506bf5b89292a96c7b9f91e9d71c8)
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This dependency is floating otherwise, It races against openssl-native
and when openssl config does not match with openssl on build host the
build fails occasionally
x86_64-linux/usr/include/openssl/ripemd.h:70:4: error: #error RIPEMD is
disabled.
# error RIPEMD is disabled.
Change-Id: I5ff6d8f058ff99c64ad4dc7c0377724071003ae6
(From OE-Core master rev: d0c8d98077622a700d92384f676770cb4d6d4f46)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add 'do_kernel_configme' and 'do_kernel_configcheck' to
SRCTREECOVEREDTASKS of kernel packages. These tasks should not be run
because kernel meta in the srctree is not necessarily up-to-date or
even present which causes build failures and/or invalid kernel config.
Especially so because 'do_patch' which is a dependency of
'do_kernel_configme' is not being run.
We now store .config in the srctree and 'do_configure' task is able to
run successfully.
(From OE-Core master rev: 7ce4c18a4ba1ebcb9f46e652a881ace1f21d2292)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This makes the correct kernel config to be used when building kernel
from srctree (extrernalsrc). If no kernel config is present in the
builddir 'do_configure' task copies .config from the srctree.
(From OE-Core master rev: 3b516332e038a587685f6e0c14a7f04990bdd6cc)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rather than modifying files in .git/hooks, which can be read-only
(e.g., if it is a link to a directory in /usr/share), move away the
entire .git/hooks directory temporarily.
(From OE-Core master rev: a88d603b51a9ebb39210d54b667519acfbe465c3)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Change the name to core2-32 from core2.
There's no AVAILTUNES with the name core2. Make sure that we specify
the correct TUNE name so PACKAGE_EXTRA_ARCHS is expanded correctly.
[ YOCTO #9197 ]
(From OE-Core rev: 0903d6f0098f112d4263812df109e0c44c166db8)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Anuj Mittal <anujx.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
We get below host contamination warnings of license files for
each recipe, when we try to create a separate ${PN}-lic package (which
contains license files), by setting LICENSE_CREATE_PACKAGE equal to "1"
in local.conf.
-- snip --
WARNING: QA Issue: libcgroup: /libcgroup-lic/usr/share/licenses/libcgroup/generic_LGPLv2.1 is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: attr: /attr-lic/usr/share/licenses/attr/libattr.c is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
WARNING: QA Issue: bash: /bash-lic/usr/share/licenses/bash/COPYING is owned by uid 5001, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
-- CUT --
Since the license files from source and OE-core, are populated in a normal
shell environment rather in pseudo environment (fakeroot); the ownership of
these files will be same as host user running bitbake. During the do_package
task (which runs in pseudo environment (fakeroot)), os.link preserves the
ownership of these license files as host user instead of root user.
This causes license files to have UID same as host user id and resulting in
above warnings during do_package_qa task.
Changing ownership of license files to root user (which has UID and GID as 0)
under pseudo environment will solve above warnings, and on exiting pseudo
environment the license files will continue to be owned by host user. Perform
this manipulation within try/except statements, as tasks which are not exected
under pseudo (such as do_populate_lic) result in OSError when trying to
change ownership of license files.
(From OE-Core master rev: a411e96c3989bc9ffbd870b54cd6a7ad2e9f2c61)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
ISC DHCP allows remote attackers to cause a denial of
service (application crash) via an invalid length field
in a UDP IPv4 packet.
(From OE-Core master rev: f9739b7fa8d08521dc5e42a169753d4c75074ec7)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
GNU make segfaults when run in a chroot environment because
of a known bug in GNU make 4.1. See [1] for details.
Works if /dev/pts is mounted before chroot.
[1] http://savannah.gnu.org/bugs/?43434
[YOCTO #9067]
Reported-by: Alexander Larsson <alexl@redhat.com>
(From OE-Core master rev: 0fe2a4b428b1b9a937914d87ec089b5a64f641eb)
Signed-off-by: Anuj Mittal <anujx.mittal@intel.com>
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
The Xorg libraries use REQUIRED_DISTRO_FEATURES to stop building on
distributions without the x11 feature but this stops people building native
tooling that uses libX11, such as libsdl-native.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the DEPENDS are added as part of the PACKAGECONFIG logic the list of
packages are expanded so that any required nativesdk-/-native/multilib prefixes
and suffixes are added.
However the special handling of virtual/foo names doesn't check that the prefix
already exists, which breaks under nativesdk as in that situation there's an
explicit nativesdk- prefix *and* MLPREFIX is set to nativesdk-. This results in
the same prefix being applied twice, and virtual packages such as virtual/libx11
ending up as virtual/nativesdk-nativesdk-libx11.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This makes the resulting /etc/os-release file have valid shell
assignment syntax. This makes it loadable by a shell script, using the
'source' command:
source /etc/os-release
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: f6e0ea000fa3b9a726ab56500f643f9902371618)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
U-Boot needs the U-Boot header in a ramdisk image to boot it.
Add this header to the cpio.gz image, so that it can be booted
with U-Boot.
Signed-off-by: Arnold Csorvasi <arnold.csorvasi@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 8376fa3d4ef6175b83ab7f1ec8e4e20ec14964f4)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Ubuntu 15.10 and Debian testing can't build qemu-native against the host libsdl.
Now that libsdl-native is buildable, comment out the ASSUME_PROVIDED which meant
it wouldn't be used.
[ YOCTO #8553 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 81f009d173f24501ab0e04d845db74ecb5f8e332)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Use PACKAGECONFIG instead of using logic in DEPENDS and EXTRA_OECONF, adding new
options for PulseAudio, tslib, DirectFB, OpenGL and X11. Pass
--disable-x11-shared so that it links to the X libraries instead of using
dlopen().
Disable tslib by default as the kernel event input subsystem is generally used.
SDL's OpenGL support requires X11 so check for both x11 and opengl, and merge
the dependencies.
Finally enable native builds, with a minimal PACKAGECONFIG that will build from
oe-core for native and nativesdk.
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 3d6c31c3a4ff34376e17005a981bb55fc6f7a38f)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
The procces to do a wic image is to save a file with
variables required by wic and then call wic using this
file. Because this is external to bitbake if the vars
change, the image won't be rebuild; an example of such
is IMAGE_BOOT_FILES.
This patch adds these variables to vardeps of do_rootfs
when a wic image is build. This will rebuild the image
if a variable needed by wic changes.
[YOCTO #8693]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 12c54d50ed4c321dc272beb3c6cb770965c979f1)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Hardcoding a full input path with zero flexibility goes against everything the
Yocto Project is about. Rework it to let the user specify the wks base
filename with WKS_FILE and it'll search the layers for the wks file and use
it.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 8cc7f5229f5447c2183ac319dd52c7ed737ec89b)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
When a file is given using --sourceparams then wic directly use that file
instead of copying them to build folder. At time of assembling it os.rename
is called which renames all the files to name. In that process the original
file is renamed. When image recipe is rebuilt then wic complains about
missing file which was renamed in previous build.
[YOCTO #8854]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(From OE-Core master rev: 33c52b1f2d39feb641465bf42e8b16d0ab22a316)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)
https://www.openssl.org/news/secadv/20160301.txt
Signed-off-by: Armin Kuster <akuster@mvista.com>
Not required for master, an update to 1.0.2g has been submitted.
Backport to fido is required.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch from http://w1.fi/security/2015-5/
and rebase for wpa-supplicant 2.4
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Not needed in master since the upgrade to 2.5
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE-2015-7511 libgcrypt: side-channel attack on ECDH with Weierstrass curves
affects libgcrypt < 1.6.5
Patch 1 is a dependancy patch. simple macro name change.
Patch 2 is the cve fix.
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE-2016-2225 Make sure to always terminate decoded string
This change is being provide to comply to Yocto compatiblility.
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE-2016-2224 Do not follow compressed items forever.
This change is being provide to comply to Yocto compatiblity.
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd
affects libbsd <= 0.8.1 (and therefore not needed in master)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2015-7547: getaddrinfo() stack-based buffer overflow
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
Sona Sarmadi
Bjørn Forsman
Armin Kuster
Armin Kuster
Awais Belal
Ross Burton
Juro Bystricky
Lukas Bulwahn
Christopher Larson
Li Xin
Bill Randle
Ulrich Ölmann
Brad Mouring
Javier Viguera
Khem Raj
Markus Lehtonen
Peter Kjellerstedt
Chang Rebecca Swee Fun
Jagadeesh Krishnanjanappa
Mariano Lopez
Craig McQueen
Arnold Csorvasi
Noor Ahsan
Hongxu Jia
Richard Purdie