summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
AgeCommit message (Collapse)Author
2017-11-29libxslt: update to 1.1.32Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-29icu: update to 60.1Alexander Kanavin
Rebase a couple of patches. LICENSE checksum change due to typo fix. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-29libcheck: fix upstream version checkAlexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-29nss: pay attention to CFLAGSJoe Slater
nss ignores CFLAGS so we suggest them via CC. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-29ca-certificates: Add /etc to SYSROOT_DIRSPatrick Vacek
For recipes that depend on native ca-certificates.crt, /etc should be added to the list of directories that automatically populate the sysroot, otherwise the file may not be there. Signed-off-by: Patrick Vacek <patrick@advancedtelematic.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-29libsoup-2.4: upgrade to 2.60.2Maxin B. John
2.60.1 -> 2.60.2 Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-21icu: CVE-2017-14952Ovidiu Panait
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-14952 Upstream patches: http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-21sqlite3: upgrade to 3.21.0Maxin B. John
Remove upstreamed patch: 1. sqlite3-fix-CVE-2017-13685.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-21libproxy: upgrade to 0.4.15Maxin B. John
0.4.14 -> 0.4.15 Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-10at-spi2-core: remove redundant intltool dependencyRoss Burton
Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-10db: don't provide virtual/dbRoss Burton
As there are no alternative providers for virtual/db remove the PROVIDES and recipes can just depend on db. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-09atk: update to 2.26.0Alexander Kanavin
Remove --disable-glibtest as ./configure no longer has it. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09at-spi2-atk: update to 2.26.0Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09at-spi2-core: update to 2.26.0Alexander Kanavin
Drop 0001-nls.m4-Take-it-from-gettext-0.15.patch as it's now upstreamed. Remove --disable-xevie option: https://github.com/GNOME/at-spi2-core/commit/644096a28a47bdf5c6e0c34c9cd5b944df059925 Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09vte: update to 0.50.1Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09shared-mime-info: update to 1.9Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09libsoup-2.4: update to 2.60.1Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09iso-codes: update to 3.76Alexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09boost: update to 1.65.1Alexander Kanavin
Add a patch to fix bjam-native compile error (due to mistyped variable name). Drop upstreamed patch. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09libxslt: update to 1.1.31Alexander Kanavin
Drop upstreamed patches, including pkg-config support patch, as upstream now does use pkg-config. configure.in is now configure.ac, adjust recipe accordingly. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-09lz4: fix upstream version checkAlexander Kanavin
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
2017-11-08curl_7.54.1.bb: improve reproducibilityJuro Bystricky
Improve reproducible build of curl-dev and curl-dbg packages. curl-dev: Correctly remove build host references from curl-config curl-dbg: Do not generate time stamps in files generated by mkhelp.pl Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-08db: change types to avoid headers changing between architecturesRoss Burton
Triggered by looking at why Python doesn't find db.h (because it greps db.h for a regex, and db.h is actually a oe_multilib_header wrapper) I realised that the only reason we have to oe_multilib_header db.h is because one typedef is different between 32-bit and 64-bit architectures. However, the typedef is for a 64-bit integer so instead of using long (64-bit) or long long (32-bit), just use int64_t. Some of the overly complicated configure tests need to be deleted after this change but that is safe as we're building in a controlled environment and can assume int64_t exists. With this done the header doesn't change between architectures, and it doesn't need to be wrapped by oe_multilib_header. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-08bash-completion: remove rfkill file that util-linux providesChen Qi
Remove the rfkill bash completion file that util-linux provides to avoid conflicts. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05gnutls: update to 3.5.16Armin Kuster
This is a bug fix release on the current stable branch. Note that, I've also switched the release cadence to bi-monthly as less and less bug fixes/updates accumulate each month on this branch. ** API and ABI modifications: No changes since last version. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-05libpcre2: update to 10.30Armin Kuster
LICENSE files changed: Amend licence to relax its conditions for chains of binary distributions. removed included patches includes CVE-2017-8399 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-05nss: update to 3.33.0Armin Kuster
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.33_release_notes * TLS compression is no longer supported. API calls that attempt to enable compression are accepted without failure. However, TLS compression will remain disabled. * This version of NSS uses a formally verified implementation of Curve25519 on 64-bit systems. * The compile time flag DISABLE_ECC has been removed. * When NSS is compiled without NSS_FORCE_FIPS=1 startup checks are not performed anymore. * Fixes CVE-2017-7805, a potential use-after-free in TLS 1.2 server when verifying client authentication https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.32_release_notes The Websites (TLS/SSL) trust bit was turned off for the following root certificates. * CN = AddTrust Class 1 CA Root SHA-256 Fingerprint: 8C:72:09:27:9A:C0:4E:27:5E:16:D0:7F:D3:B7:75:E8:01:54:B5:96:80:46:E3:1F:52:DD:25:76:63:24:E9:A7 * CN = Swisscom Root CA 2 SHA-256 Fingerprint: F0:9B:12:2C:71:14:F4:A0:9B:D4:EA:4F:4A:99:D5:58:B4:6E:4C:25:CD:81:14:0D:29:C0:56:13:91:4C:38:41 The following CA certificates were Removed: * CN = AddTrust Public CA Root SHA-256 Fingerprint: 07:91:CA:07:49:B2:07:82:AA:D3:C7:D7:BD:0C:DF:C9:48:58:35:84:3E:B2:D7:99:60:09:CE:43:AB:6C:69:27 * CN = AddTrust Qualified CA Root SHA-256 Fingerprint: 80:95:21:08:05:DB:4B:BC:35:5E:44:28:D8:FD:6E:C2:CD:E3:AB:5F:B9:7A:99:42:98:8E:B8:F4:DC:D0:60:16 * CN = China Internet Network Information Center EV Certificates Root SHA-256 Fingerprint: 1C:01:C6:F4:DB:B2:FE:FC:22:55:8B:2B:CA:32:56:3F:49:84:4A:CF:C3:2B:7B:E4:B0:FF:59:9F:9E:8C:7A:F7 * CN = CNNIC ROOT SHA-256 Fingerprint: E2:83:93:77:3D:A8:45:A6:79:F2:08:0C:C7:FB:44:A3:B7:A1:C3:79:2C:B7:EB:77:29:FD:CB:6A:8D:99:AE:A7 * CN = ComSign Secured CA SHA-256 Fingerprint: 50:79:41:C7:44:60:A0:B4:70:86:22:0D:4E:99:32:57:2A:B5:D1:B5:BB:CB:89:80:AB:1C:B1:76:51:A8:44:D2 * CN = GeoTrust Global CA 2 SHA-256 Fingerprint: CA:2D:82:A0:86:77:07:2F:8A:B6:76:4F:F0:35:67:6C:FE:3E:5E:32:5E:01:21:72:DF:3F:92:09:6D:B7:9B:85 * CN = Secure Certificate Services SHA-256 Fingerprint: BD:81:CE:3B:4F:65:91:D1:1A:67:B5:FC:7A:47:FD:EF:25:52:1B:F9:AA:4E:18:B9:E3:DF:2E:34:A7:80:3B:E8 * CN = Swisscom Root CA 1 SHA-256 Fingerprint: 21:DB:20:12:36:60:BB:2E:D4:18:20:5D:A1:1E:E7:A8:5A:65:E2:BC:6E:55:B5:AF:7E:78:99:C8:A2:66:D9:2E * CN = Swisscom Root EV CA 2 SHA-256 Fingerprint: D9:5F:EA:3C:A4:EE:DC:E7:4C:D7:6E:75:FC:6D:1F:F6:2C:44:1F:0F:A8:BC:77:F0:34:B1:9E:5D:B2:58:01:5D * CN = Trusted Certificate Services SHA-256 Fingerprint: 3F:06:E5:56:81:D4:96:F5:BE:16:9E:B5:38:9F:9F:2B:8F:F6:1E:17:08:DF:68:81:72:48:49:CD:5D:27:CB:69 * CN = UTN-USERFirst-Hardware SHA-256 Fingerprint: 6E:A5:47:41:D0:04:66:7E:ED:1B:48:16:63:4A:A3:A7:9E:6E:4B:96:95:0F:82:79:DA:FC:8D:9B:D8:81:21:37 * CN = UTN-USERFirst-Object SHA-256 Fingerprint: 6F:FF:78:E4:00:A7:0C:11:01:1C:D8:59:77:C4:59:FB:5A:F9:6A:3D:F0:54:08:20:D0:F4:B8:60:78:75:E5:8F Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-05nspr: update to 4.17Armin Kuster
Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-11-05libcheck: Upgrade to 0.12.0Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05curl: Security Advisory - curl - CVE-2017-1000254Li Zhou
Porting patch from <https://github.com/curl/curl/commit/ 5ff2c5ff25750aba1a8f64fbcad8e5b891512584> to solve CVE-2017-1000254. Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05nettle-ptest: fix a failing testJuro Bystricky
This patch changes the result of the nettle dlopen-test from FAIL to PASS. The test used to fail because the test could not find and load libnettle.so. This patch fixes this by using absolute path instead of relative. This was the only test out of 88 that used to fail. Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05curl: add 'enable-ares' packageconfig optionJavier Viguera
This build time option is needed to use the '--dns-interface' runtime parameter to instruct 'curl' to use a specific interface for DNS resolution. Not enabled by default, as it depends on 'c-ares' package from meta-openembedded (meta-networking). Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-05libgcrypt: update from version 1.8.0 to 1.8.1Jussi Laako
Update libgcrypt version from 1.8.0 to 1.8.1. Signed-off-by: Jussi Laako <jussi.laako@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-11-03rng-tools: Fix crazy defaultsRichard Purdie
Feeding the output of /dev/urandom into /dev/random is pretty much insane and not something we should encourage. I can't really imagine a scenario where this would be a sensible idea since /dev/urandom if effectively derived from /dev/random. This changes the tool to default to /dev/hwrng which makes much more sense, feeding hardware entropy into the random pool. In the QEMU case, this will feed entropy from the host into the guests which is also what we want. Yes, this change will cause rngd not to start if /dev/hwrng isn't present, but it isn't needed if that isn't so I don't see this as a bad thing. (https://wiki.archlinux.org/index.php/Rng-tools has a section in red which agrees with the above, "this is a really bad idea, since you are simple filling the kernel entropy pool with entropy coming from the kernel itself!") Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-10-16sqlite3: fix CVE-2017-13685Wenzong Fan
The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. Backport patch to fix the issue. Some references: https://sqlite.org/src/info/02f0f4c54f2819b3 http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-10-16libgcrypt: Fix building on armv6Paul Barker
This patch is backported from the upstream git repository to fix building libgcrypt on armv6 platforms such as raspberrypi. Signed-off-by: Paul Barker <pbarker@toganlabs.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-10-06argp-standalone: drop RDEPENDS dev/staticdev packages on main packageMing Liu
This ensures argp-standalone-staticdev package could be installed correctly(without depending on the empty argp-standalone package) if it's being required during SDK population. Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-10-06nspr, nss: Use BUILD_CC instead of hardcoded "gcc"Nikolay Merinov
Recipes nspr_4.16.bb and nss_3.31.1.bb ignored BUILD_CC and it's BUILD_CFLAGS and tried to compile with hardcoded "gcc" instead. As result build for this recipes will fail if host use different name for compiler or require any flags. Signed-off-by: Nikolay Merinov <n.merinov@inango-systems.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-26curl: Added option to enable http2 protocol.baali
With default --without-nghttp2 flag set there was no way to get http2 protocol support using nghttp2 library. Instead moved it to PACKAGECONFIG options Signed-off-by: baali <shantanu@senic.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-25libgcrypt: fix CVE-2017-0379Hongxu Jia
Backport the fix from https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git; a=commit;h=bf76acbf0da6b0f245e491bec12c0f0a1b5be7c9 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-22ptest-runner: fix segfault with -t optionYi Zhao
The ptest-runner would segfault with -t option: root@qemux86-64:~# ptest-runner -d /usr/lib test_pkg -t 5 [ 237.234112] ptest-runner[810]: segfault at 0 ip 000000382e638060 sp 00007fff9130f400 error 4 in libc-2.26.so[382e600000+1a7000] It is safe to bump SRCREV to latest upstream commit to fix this issue because there is only one commit since the last update: commit 8a93832dad621535e90aa8e1fb74ae5ba743fc3e Author: Anders Wallin <wallinux@gmail.com> Date: Sun May 28 11:47:00 2017 +0200 timeout option missing the argument option ":" to getopt ptest-runner -t xx gives segfault Signed-off-by: Anders Wallin <wallinux@gmail.com> Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-22libffi: Add HOMEPAGE info into recipe file.Huang Qiyu
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-21nspr: Fix build with musl/mipsKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-18attr: Backports to fix exported headersKhem Raj
Packages which depends on attr headers fail due to uint32_t not being defined, this needed header to include sys/types.h Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-18libproxy: use stable download URLRoss Burton
GitHub automatically-generated tarballs from tags can and do change over time, so change libproxy to use the uploaded tarball. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-13at-spi2-core: Add HOMEPAGE info into recipe file.Huang Qiyu
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-13at-spi2-atk: Add HOMEPAGE info into recipe file.Huang Qiyu
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-11libfm: remove file which conflicts with libfm-extraRoss Burton
Both libfm and libfm-extra provide /usr/include/libfm, so remove it from libfm to avoid sysroot conflicts. Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-11bmap-tools: switch to Python 3Ed Bartosh
bmap-tools is the only recipe in oe-core that still uses Python 2. Switching it to Python 3 should help to get rid of building native Python 2 and its dependencies. [YOCTO #11891] Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2017-09-11bmap-tools: upgrade to v3.4Ed Bartosh
Upgraded to the latest upstream release. Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>