| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
includes:
CVE-2015-7941-1
CVE-2015-7941-2
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Drop a couple of CVE fixes for easy cherry-picking from jethro.
The same fixes will be pack-ported from jethro in a following
patch.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
* we don't want the do_package signature depending on INHERIT variable
* e.g. just adding the own-mirrors causes texinfo to rebuild:
# bitbake-diffsigs BUILD/sstate-diff/*/*/texinfo/*do_package.sig*
basehash changed from 015df2fd8e396cc1e15622dbac843301 to 9f1d06c4f238c70a99ccb6d8da348b6a
Variable INHERIT value changed from
' rm_work blacklist blacklist report-error ${PACKAGE_CLASSES} ${USER_CLASSES} ${INHERIT_DISTRO} ${INHERIT_BLACKLIST} sanity'
to
' rm_work own-mirrors blacklist blacklist report-error ${PACKAGE_CLASSES} ${USER_CLASSES} ${INHERIT_DISTRO} ${INHERIT_BLACKLIST} sanity'
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Corrects the URI of the openssl's recipe from fido. The sources were moved
to a new subdirectory.
Signed-off-by: Thomas Perrot <thomas.perrot@tupi.fr>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
|
|
Fixes a denial of service in BIND.
An error in the parsing of incoming responses allows some
records with an incorrect class to be accepted by BIND
instead of being rejected as malformed. This can trigger
a REQUIRE assertion failure when those records are subsequently
cached.
[YOCTO #8838]
References:
http://www.openwall.com/lists/oss-security/2015/12/15/14
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
https://bugzilla.redhat.com/attachment.cgi?id=1105581
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
When compiling meta-toolchain-qt5 on cortexa8, the compiler throws an
internal compiler error:
...
qttools-opensource-src-5.3.2/src/linguist/shared/po.cpp:
In function 'bool loadPO(Translator&, QIODevice&, ConversionData&)':
qttools-opensource-src-5.3.2/src/linguist/shared/po.cpp:717:1:
internal compiler error: in add_stores, at var-tracking.c:6000
...
Tracking this down led to https://bugs.linaro.org/show_bug.cgi?id=534
It seems the bug is well know and fixed upstream. So backporting from
trunk seems to be the right solution. This fixes the compiler problem
on cortexa8 and does not seem to be very invasive. The original commit
can be found at:
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@212178 138bc75d-0d04-0410-961f-82ee72b054a4
(From OE-Core master rev: 6751ef78694783fb86e55c77afefae750ab1b610)
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
* my previous thumb related commit:
commit 3e760031f91fb87c3e2f62b77a117eb41164f259
Author: Martin Jansa <martin.jansa@gmail.com>
Date: Wed Feb 18 15:40:35 2015 +0100
feature-arm-thumb.inc: respect ARM_INSTRUCTION_SET when adding thumb
suffix
unfortunately removed conditional on "thumb" in TUNE_FEATURES, when
setting ARMPKGSFX_THUMB
* in case we have MACHINE without "thumb" in TUNE_FEATURES and distro
setting ARM_INSTRUCTION_SET to "thumb" we end with:
ARM_INSTRUCTION_SET="thumb"
ARM_THUMB_OPT="thumb"
ARM_M_OPT="thumb"
# TUNE_CCARGS correctly not adding -mthumb
TUNE_CCARGS=" -march=armv7-a -mthumb-interwork -mfloat-abi=softfp -mfpu=neon"
# but ARMPKGSFX_THUMB and TUNE_PKGARCH including "t2":
ARMPKGSFX_THUMB="t2"
TUNE_PKGARCH="armv7at2-vfp-neon"
# causing following error:
Error, the PACKAGE_ARCHS variable does not contain TUNE_PKGARCH (armv7at2-vfp-neon).
(From OE-Core master rev: 951200673af27538beaef647a33308b4f15d1fb0)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
TARGET_CPPFLAGS, TARGET_CFLAGS, TARGET_CPPFLAGS and TARGET_LDFLAGS may
differ between MACHINEs. Since they are exported they affect task hashes
even if unused which leads to multiple variants of allarch packages
existing in sstate and bouncing in the sysroot when switching between
MACHINEs.
allarch packages shouldn't be using these variables anyway, so let's
ensure they have a fixed value in order to avoid this problem.
(Compare with 05a70ac30b37cab0952f1b9df501993a9dec70da and
14f4d016fef9d660da1e7e91aec4a0e807de59ab.)
(From OE-Core master rev: d08fda21bfb7d264c238af0232a22cdd751f5150)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Similiarly to the other previous changes, add a missing allarch package dependency
for initramfs-framework on udev.
(From OE-Core master rev: 00524d0c4449eb358dcf6c5a049a8f5371ddadee)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
These are dependencies that our allarch packages have in OE-Core that cause
those allarch packages to rebuild every time MACHINE changes.
With these changes, OE-Core allarch packages all have a common sstate
signatures and no longer rebuild.
(From OE-Core rev: 63bff90fa4fb4a95e8c79f9f8e5dd90ae1dfc69d)
(From OE-Core master rev: 0b5e868d160faca041cda42b670066facd4db531)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
* this is causing do_install to depend on KERNEL_IMAGE_BASE_NAME which
in some cases contains something like BUILD_NUMBER from CI, that
caused do_install to be reexecuted every single time, which is very
sad to be caused by unused variable.
* jethro and newer don't need this change, because it's also fixed in
commit 86b3f29f93e3f87903668ea317c6bd97be4cdf62
Author: Marek Vasut <marex@denx.de>
Date: Thu May 14 14:31:11 2015 +0200
Subject: kernel: Build DTBs early
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Add latest available firmware binaries for RTL8192CX chipsets.
These new firmwares have been released in 2012, have been used
by the mainline kernel as preferred firmware since 3.13 and
even backported to stable branches.
(From OE-Core master rev: 2dc67b53d1b7c056bbbff2f90ad16ed214b57609)
Signed-off-by: Bhuvanchandra DV <bhuvanchandra.dv@toradex.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
CVE-2015-7942 libxml2: heap-based buffer overflow in xmlParseConditionalSections()
CVE-2015-8035 libxml2: DoS when parsing specially crafted XML document if XZ support is enabled
[YOCTO #8641]
(From OE-Core master rev: 27de51f4ad21d9b896e7d48041e7cdf20c564a38)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Bash is failing trying to allocate memory [1] using the custom
memory allocator if we disable it the issue is fixed.
The major distributions also disabled by default [2], so we
don't have a good reason to use it.
The underlying issue is due to bash’s malloc using brk() calls
to allocate memory, which fail when address randomization is
enabled in kernel. sbrk() based custom allocators are obsolete.
There may be some performance impact of this however correctness
is more important.
[YOCTO #8452]
[1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=8452#c0
[2] https://bugzilla.yoctoproject.org/show_bug.cgi?id=8452#c5
(From OE-Core master rev: e42d8eff9eed7d1454b4f331d96dcee6dea232df)
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
OE-Core commit 57af3fb9662106f0a65a1b4edf83e2398be0a8f1 upgraded tzdata
but also reverted a couple of changes to SUMMARY and LIC_FILES_CHKSUM.
Reinstate these (with an update to the README md5 value since that has
changed slightly, without any change to the licensing statements
within).
(From OE-Core master rev: cea4f6b86129f84a99700207777929bf7e811ed6)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Resend: typo in version in subject.
Changes affecting future time stamps
Turkey's 2015 fall-back transition is scheduled for Nov. 8, not Oct. 25.
(Thanks to Fatih.)
Norfolk moves from +1130 to +1100 on 2015-10-04 at 02:00 local time.
(Thanks to Alexander Krivenyshev.)
Fiji's 2016 fall-back transition is scheduled for January 17, not 24.
(Thanks to Ken Rylander.)
Fort Nelson, British Columbia will not fall back on 2015-11-01. It has
effectively been on MST (-0700) since it advanced its clocks on 2015-03-08.
New zone America/Fort_Nelson. (Thanks to Matt Johnson.)
(From OE-Core master rev: fce47d3bd51ede32a392b53b046a4583ef1847c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Changes affecting code
localtime no longer mishandles America/Anchorage after 2037.
(Thanks to Bradley White for reporting the bug.)
On hosts with signed 32-bit time_t, localtime no longer mishandles
Pacific/Fiji after 2038-01-16 14:00 UTC.
The localtime module allows the variables 'timezone', 'daylight',
and 'altzone' to be in common storage shared with other modules,
and declares them in case the system <time.h> does not.
(Problems reported by Kees Dekker.)
On platforms with tm_zone, strftime.c now assumes it is not NULL.
This simplifies the code and is consistent with zdump.c.
(Problem reported by Christos Zoulas.)
Changes affecting documentation
The tzfile man page now documents that transition times denote the
starts (not the ends) of the corresponding time periods.
(Ambiguity reported by Bill Seymour.)
(From OE-Core master rev: 7c9082ab1ae6f7810c7cffe137d7d232b03852f8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Apply a patch backported from glibc 2.22 (master) to fix
the loader name on AArch64.
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
* this can be useful for passing extra parameters, pass
-v by default to see what's going on in do_rootfs
* we need to use this for extra parameter we implemented
in fontconfig:
--ignore-mtime always use cache file regardless of font directory mtime
because the checksum of fontcache generated in do_rootfs
doesn't match with /usr/share/fonts directory as seen on
target device causing fontconfig to re-create the cache
when fontconfig is used for first time or worse create
new cache in every user's home directory when /usr/
filesystem is read only and cache cannot be updated.
Running FC_DEBUG=16 fc-cache -v on such device shows:
FcCacheTimeValid dir "/usr/share/fonts" cache checksum 1441207803 dir checksum 1441206149
* my guess is that the checksum is different, because pseudo
(which is unloaded when running qemuwrapper) or because some
influence of running the rootfs under qemu.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
This file wasn't named as a patch, nor told to apply explicity, so it was just
unpacked to the work directory and not applied. Rename the file so the patch is
applied correctly.
(thanks to Petter Mabäcker <petter@technux.se> for spotting this)
(From OE-Core master rev: 02be728762c77962f9c3034cd7995ad51afaee95)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Fix linker errors due to posix_spawnp etc being in librt for uclibc.
| sh4-rdk-linux-uclibc-libtool: link: sh4-rdk-linux-uclibc-gcc -ml -m4 --sysroot=/build-foo/tmp/sysroots/foo -O2 -pipe -g -feliminate-unused-debug-types -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -o .libs/test-names test-names.o libuniname.a ../gnulib-lib/.libs/libgettextlib.so /build-foo/tmp/work/sh4-rdk-linux-uclibc/gettext/0.16.1-r6/build/gettext-tools/intl/.libs/libintl.so -lc /build-foo/tmp/sysroots/foo/usr/lib/libiconv.so
| ../gnulib-lib/.libs/libgettextlib.so: undefined reference to `posix_spawnp'
| ../gnulib-lib/.libs/libgettextlib.so: undefined reference to `posix_spawn_file_actions_adddup2'
| ../gnulib-lib/.libs/libgettextlib.so: undefined reference to `posix_spawn_file_actions_addopen'
| ../gnulib-lib/.libs/libgettextlib.so: undefined reference to `posix_spawn_file_actions_addclose'
| collect2: error: ld returned 1 exit status
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core master rev: d46333d)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
gettext-error_print_progname.patch was originally created for gettext
v0.14.6 and does not apply cleanly to gettext v0.16.1.
Since the original issue addressed by the patch isn't documented and
because gettext v0.16.1 seems to be build OK for uclibc without the
patch, assume the patch is obsolete and no longer required.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core master rev: d95d92a)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core master rev: 7d2da0e)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
054151c libiconv: Fix B != S with uclibc builds
273c437 libiconv: Remove RPATH from binaries
fcb8d6f libiconv_1.14.bb: Fix build failure [partial-merge]
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core master rev: 898e9d7)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Backport upstream fix for building uclibc for SH4 with recent gcc:
http://git.uclibc.org/uClibc/commit/?id=2c8a7766681b704e710f51c0817534e3f9a952d1
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core master rev: aa20c3d)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
only query each keyboard-interactive device once per
authentication request regardless of how many times it is listed
Source:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c?f=h#rev1.43
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r2=1.43&r1=1.42&f=u
Bug report:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5600
https://bugzilla.redhat.com/show_bug.cgi?id=1245969
Testing:
Built in Fido and installed to x86_64 test system.
Verified both 'keyboard-interactive' and 'publickey' logon works with
root and a regular user from an openssh 7.1p1-1 client on Arch.
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Reviewed-by: Rich Tollerton <rich.tollerton@ni.com>
Reviewed-by: Ken Sharp <ken.sharp@ni.com>
Natinst-ReviewBoard-ID: 115602
Natinst-CAR-ID: 541263
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
CVE-2015-7696: Fixes a heap overflow triggered by unzipping a file with password
CVE-2015-7697: Fixes a denial of service with a file that never finishes unzipping
References:
http://www.openwall.com/lists/oss-security/2015/10/11/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
This is a is being give a High rating so please consider it for
all 1.1.28 versions.
A type confusion error within the libxslt "xsltStylePreCompute()"
function in preproc.c can lead to a DoS. Confirmed in version 1.1.28,
other versions may also be affected.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Update --with-kernel=${STAGING_DIR_HOST}/${prefix} to find kernel
headers (linux/*.h) to fix the error:
| checking kernel supports perf_events... unknown -- perf_event.h not found
| ERROR: You requested to build oprofile with '--with-kernel=/buildarea/lyang1/test_f2/tmp/work-shared/qemux86/kernel-source',
| but headers were not accessible at the given location.
| Be sure you have run the following command from within your kernel source tree:
| make headers_install INSTALL_HDR_PATH=<kernel-hdrs-install-dir>
| Then pass <kernel-hdrs-install-dir> to oprofile's '--with-kernel' configure option.
| configure: error: Unable to build oprofile. Exiting.
This is part of the commit b5b3085d9d6a351a1de86f95d5c8ba28dbfbddbb which
already applied in poky master branch.
Signed-off-by: Ting Liu <ting.liu@freescale.com>
|
|
The base-files recipe installs /mnt/mtab (it is a softlink of /proc/mounts),
so if an image includes the latter, there is no new to created it again inside
the install-efi.sh script, otherwise an error may occur as indicated on the
bug's site.
[YOCTO #7971]
(From OE-Core master rev: 6c6c6528954952e1e323f5a26afd93b99913e6f2)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
If the ipv6 kernel modules are missing, e.g. /lib/modules/<version>
doesn't match the runnig kernel, networkd doesn't bring up the
interfaces correctly. Backport fix from systemd version v220.
Signed-off-by: Stefan Christ <s.christ@phytec.de>
|
|
(From OE-Core master rev: 5c0dc3e8f49621827e20f79fb6bc945c3f17315e)
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Systemd's configuration files for creation, deletion and cleaning
of volatile and temporary files are installed in /usr/lib even when
multilib is in use (when /usr/lib64 is available). In this check the
systemd.conf file will not be found if libdir is /usr/lib64 so we fix the
path to match this file's installation path to look for it in
${exec_prefix}/lib
(From OE-Core master rev: c1ef36c2b3e3876cc166a9a5e153fc6f23b42b92)
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To avoid races between the sstate tasks/hooks using ${B} as the cwd, and other
tasks such as cmake_do_configure which deletes and re-creates ${B}, ensure that
all sstate hooks are run in the right directory, and run the prefunc/postfunc in WORKDIR.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
${B} is the default cwd of tasks, so there might be race issues such as:
| mkdir: cannot create directory `${B}': File exists
[snip]
NOTE: recipe perf-1.0-r9: task do_configure: Failed
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
${B} is the default cwd of tasks, so there might be race issues such as:
| mkdir: cannot create directory `/path/to/work/qemux86-poky-linux/perf/1.0-r9/perf-1.0/': File exists
[snip]
NOTE: recipe perf-1.0-r9: task do_configure: Failed
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libunwind: Invalid dwarf opcodes can cause references beyond the end of
the array
Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h
in libunwind 1.1 allows local users to have unspecified impact via
invalid dwarf opcodes.
(From OE-Core master rev: 9c4e7f5c009b076b0bc638a02fcf3d96c362e7eb)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* without this the output wasn't shown anywhere even when the bb.warn
says:
"See log for details!"
(From OE-Core master rev: a3c322b42c7a14584a80e04519c34689ec813210)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* useful when we need to overlay/extend intercept scripts from oe-core
(From OE-Core master rev: 7d08d2d5c0ae686e3bb8732ea82f30fd189b1cd8)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
_asn1_extract_der_octet: prevent past of boundary access
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3622
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=patch;
h=f979435823a02f842c41d49cd41cc81f25b5d677
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
three security fixes.
CVE-2015-6563 (Low) openssh: Privilege separation weakness related to PAM support
CVE-2015-6564 (medium) openssh: Use-after-free bug related to PAM support
CVE-2015-6565 (High) openssh: Incorrectly set TTYs to be world-writable
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
three security fixes.
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
oprofileui uses gettext during the configuration task so should be inherit
gettext. This issue appears when an older version of gettext is used do to
pinning to the older non-gplv3 version.
[YOCTO #7795]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Fixes use-after-free flaw in CRL distribution points parsing
Reference:
https://gitlab.com/gnutls/gnutls/commit/d6972be33264ecc49a86cd0958209cd7363af1e9
https://gitlab.com/gnutls/gnutls/commit/053ae65403216acdb0a4e78b25ad66ee9f444f02
http://www.openwall.com/lists/oss-security/2015/04/15/6
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
Armin Kuster
Joshua Lock
Martin Jansa
Belal, Awais
Thomas PERROT
Sona Sarmadi
Stefan Müller-Klieser
Mike Crowe
Richard Purdie
Bhuvanchandra DV
Aníbal Limón
Paul Eggleton
Armin Kuster
Adrian Calianu
Ross Burton
Andre McCurdy
Haris Okanovic
Tudor Florea
Ting Liu
Leonardo Sandoval
Stefan Christ
Jonathan Liu
Reinette Chatre
Robert Yang
Li Zhou
Saul Wold