aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-gnome/recipes-gnome/gvfs/gvfs_1.42.2.bb2
-rw-r--r--meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb2
-rw-r--r--meta-multimedia/README2
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch59
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch79
-rw-r--r--meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch50
-rw-r--r--meta-networking/recipes-connectivity/samba/samba_4.10.18.bb (renamed from meta-networking/recipes-connectivity/samba/samba_4.10.17.bb)7
-rw-r--r--meta-networking/recipes-support/chrony/chrony/CVE-2020-14367.patch204
-rw-r--r--meta-networking/recipes-support/chrony/chrony_3.5.bb1
-rw-r--r--meta-networking/recipes-support/wireshark/wireshark_3.2.7.bb (renamed from meta-networking/recipes-support/wireshark/wireshark_3.2.5.bb)2
-rw-r--r--meta-oe/README4
-rw-r--r--meta-oe/recipes-extended/hplip/hplip_3.19.12.bb14
-rw-r--r--meta-oe/recipes-graphics/gphoto2/libgphoto2_2.5.25.bb6
-rw-r--r--meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb12
-rw-r--r--meta-oe/recipes-support/glog/glog_0.3.5.bb7
-rw-r--r--meta-oe/recipes-support/libeigen/libeigen_3.3.7.bb8
-rw-r--r--meta-oe/recipes-support/remmina/remmina_1.3.6.bb7
-rw-r--r--meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb2
-rw-r--r--meta-oe/recipes-support/usb-modeswitch/usb-modeswitch-data_20191128.bb4
-rw-r--r--meta-oe/recipes-support/usb-modeswitch/usb-modeswitch_2.6.0.bb2
-rw-r--r--meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb3
-rw-r--r--meta-python/recipes-devtools/python/python3-pykwalify/0001-rule.py-fix-missing-comma.patch34
-rw-r--r--meta-python/recipes-devtools/python/python3-pykwalify_1.7.0.bb2
23 files changed, 288 insertions, 225 deletions
diff --git a/meta-gnome/recipes-gnome/gvfs/gvfs_1.42.2.bb b/meta-gnome/recipes-gnome/gvfs/gvfs_1.42.2.bb
index f04246f168..4f5784f26d 100644
--- a/meta-gnome/recipes-gnome/gvfs/gvfs_1.42.2.bb
+++ b/meta-gnome/recipes-gnome/gvfs/gvfs_1.42.2.bb
@@ -62,7 +62,7 @@ PACKAGECONFIG[samba] = "-Dsmb=true, -Dsmb=false, samba"
PACKAGECONFIG[systemd] = "-Dsystemduserunitdir=${systemd_user_unitdir} -Dtmpfilesdir=${libdir}/tmpfiles.d, -Dsystemduserunitdir=no -Dtmpfilesdir=no, systemd"
# needs meta-filesystems
-PACKAGECONFIG[fuse] = "-Dfuse=true, -Dfuse=false, fuse"
+PACKAGECONFIG[fuse] = "-Dfuse=true, -Dfuse=false, fuse3"
# libcdio-paranoia recipe doesn't exist yet
PACKAGECONFIG[cdda] = "-Dcdda=true, -Dcdda=false, libcdio-paranoia"
diff --git a/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb b/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb
index 0475cbeaee..d322381621 100644
--- a/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb
+++ b/meta-initramfs/recipes-devtools/mtd/ubi-utils-klibc_2.0.2.bb
@@ -18,7 +18,7 @@ SRC_URI = "git://git.infradead.org/mtd-utils.git \
file://0005-common.h-replace-getline-with-fgets.patch \
"
-S = "${WORKDIR}/git/"
+S = "${WORKDIR}/git"
EXTRA_OECONF += "--disable-tests --without-jffs --without-ubifs"
diff --git a/meta-multimedia/README b/meta-multimedia/README
index 1c08f9d9ff..96910a94de 100644
--- a/meta-multimedia/README
+++ b/meta-multimedia/README
@@ -14,6 +14,6 @@ Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-mult
When sending single patches, please use something like:
'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix=meta-multimedia][dunfell][PATCH
-You are encouraged to fork the mirror on github https://github.com/openembedded/meta-oe/ to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like gitorious, repo.or.cz or self hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend github because it is free, easy to use, has been proven to be reliable and has a really good web GUI.
+You are encouraged to fork the mirror on github https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like GitLab, repo.or.cz or self hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend github because it is free, easy to use, has been proven to be reliable and has a really good web GUI.
dunfell maintainer: Armin Kuster <akuster808@gmail.com>
diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch b/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch
deleted file mode 100644
index e724c04bcd..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From f9d9ba6cd06aca053c747c399ba700db80b1623c Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Tue, 9 Jun 2020 11:52:50 +1000
-Subject: [PATCH 1/3] util: Simplify input validation
-
-It appears that snprintf(3) is being used for input validation.
-However, this seems like overkill because it causes szPath to be
-copied an extra time. The mostly likely protections being sought
-here, according to https://cwe.mitre.org/data/definitions/20.html,
-look to be DoS attacks involving CPU and memory usage. A simpler
-check that uses strnlen(3) can mitigate against both of these and is
-simpler.
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-(cherry picked from commit 922bce2668994dd2a5988c17060f977e9bb0c229)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/f9d9ba6cd06aca053c747c399ba700db80b1623c]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index c0ee5c32c30..dec91772d9e 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -69,21 +69,20 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- struct passwd pwd = {0};
- struct passwd *pwdbuf = NULL;
- char buf[NSS_BUFLEN_PASSWD] = {0};
-+ size_t len;
- int rc;
-
- rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
- if (rc != 0 || pwdbuf == NULL ) {
-- int len_written;
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
- return NULL;
- }
-- len_written = snprintf(buf, sizeof(buf), "%s", szPath);
-- if (len_written >= sizeof(buf) || len_written < 0) {
-- /* Output was truncated or an error. */
-+ len = strnlen(szPath, PATH_MAX);
-+ if (len >= PATH_MAX) {
- return NULL;
- }
-- return talloc_strdup(mem_ctx, buf);
-+ return talloc_strdup(mem_ctx, szPath);
- }
-
- return talloc_strdup(mem_ctx, pwd.pw_dir);
---
-2.17.1
-
diff --git a/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch b/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch
deleted file mode 100644
index dcd79044ae..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 57bd719af1f138f44f71b2078995452582da0da6 Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Fri, 5 Jun 2020 21:52:23 +1000
-Subject: [PATCH 2/3] util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD
-
-NSS_BUFLEN_PASSWD is not defined on FreeBSD. Use
-sysconf(_SC_GETPW_R_SIZE_MAX) instead, as per POSIX.
-
-Use a dynamically allocated buffer instead of trying to cram all of
-the logic into the declarations. This will come in useful later
-anyway.
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-(cherry picked from commit 847208cd8ac68c4c7d1dae63767820db1c69292b)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/57bd719af1f138f44f71b2078995452582da0da6]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 27 ++++++++++++++++++++++-----
- 1 file changed, 22 insertions(+), 5 deletions(-)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index dec91772d9e..9bc6df37e5d 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -68,24 +68,41 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- {
- struct passwd pwd = {0};
- struct passwd *pwdbuf = NULL;
-- char buf[NSS_BUFLEN_PASSWD] = {0};
-+ char *buf = NULL;
-+ char *out = NULL;
-+ long int initlen;
- size_t len;
- int rc;
-
-- rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
-+ initlen = sysconf(_SC_GETPW_R_SIZE_MAX);
-+ if (initlen == -1) {
-+ len = 1024;
-+ } else {
-+ len = (size_t)initlen;
-+ }
-+ buf = talloc_size(mem_ctx, len);
-+ if (buf == NULL) {
-+ return NULL;
-+ }
-+
-+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
- if (rc != 0 || pwdbuf == NULL ) {
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
-- return NULL;
-+ goto done;
- }
- len = strnlen(szPath, PATH_MAX);
- if (len >= PATH_MAX) {
- return NULL;
- }
-- return talloc_strdup(mem_ctx, szPath);
-+ out = talloc_strdup(mem_ctx, szPath);
-+ goto done;
- }
-
-- return talloc_strdup(mem_ctx, pwd.pw_dir);
-+ out = talloc_strdup(mem_ctx, pwd.pw_dir);
-+done:
-+ TALLOC_FREE(buf);
-+ return out;
- }
-
- char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d)
---
-2.17.1
-
diff --git a/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch b/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch
deleted file mode 100644
index 53a3f67814..0000000000
--- a/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 016e08ca07f86af9e0131a908a2df116bcb9a48e Mon Sep 17 00:00:00 2001
-From: Martin Schwenke <martin@meltin.net>
-Date: Fri, 5 Jun 2020 22:05:42 +1000
-Subject: [PATCH 3/3] util: Reallocate larger buffer if getpwuid_r() returns
- ERANGE
-
-Signed-off-by: Martin Schwenke <martin@meltin.net>
-Reviewed-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Bjoern Jacke <bjacke@samba.org>
-
-Autobuild-User(master): Martin Schwenke <martins@samba.org>
-Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184
-
-(cherry picked from commit ddac6b2eb4adaec8fc5e25ca07387d2b9417764c)
-
-Upstream-Status:Backport
-[https://gitlab.com/samba-team/samba/-/commit/016e08ca07f86af9e0131a908a2df116bcb9a48e]
-
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- lib/util/util_paths.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
-index 9bc6df37e5d..72cc0aab8de 100644
---- a/lib/util/util_paths.c
-+++ b/lib/util/util_paths.c
-@@ -86,6 +86,19 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
- }
-
- rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
-+ while (rc == ERANGE) {
-+ size_t newlen = 2 * len;
-+ if (newlen < len) {
-+ /* Overflow */
-+ goto done;
-+ }
-+ len = newlen;
-+ buf = talloc_realloc_size(mem_ctx, buf, len);
-+ if (buf == NULL) {
-+ goto done;
-+ }
-+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf);
-+ }
- if (rc != 0 || pwdbuf == NULL ) {
- const char *szPath = getenv("HOME");
- if (szPath == NULL) {
---
-2.17.1
-
diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb
index 3ae5afbe95..b5085c913b 100644
--- a/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb
+++ b/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb
@@ -28,9 +28,6 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \
file://0002-util_sec.c-Move-__thread-variable-to-global-scope.patch \
file://0001-Add-options-to-configure-the-use-of-libbsd.patch \
file://0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch \
- file://0001-util-Simplify-input-validation.patch \
- file://0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch \
- file://0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch \
"
SRC_URI_append_libc-musl = " \
file://samba-pam.patch \
@@ -39,8 +36,8 @@ SRC_URI_append_libc-musl = " \
file://0001-samba-fix-musl-lib-without-innetgr.patch \
"
-SRC_URI[md5sum] = "f69cac9ba5035ee60257520a209a0a83"
-SRC_URI[sha256sum] = "03dc9758e7bfa2faf7cdeb45b4d40997e2ee16a41e71996aa666bc069e70ba3e"
+SRC_URI[md5sum] = "f006a3d1876113e4a049015969d20fe6"
+SRC_URI[sha256sum] = "7dcfc2aaaac565b959068788e6a43fc79ce2a03e7d523f5843f7a9fddffc7c2c"
UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz"
diff --git a/meta-networking/recipes-support/chrony/chrony/CVE-2020-14367.patch b/meta-networking/recipes-support/chrony/chrony/CVE-2020-14367.patch
new file mode 100644
index 0000000000..79df1007e0
--- /dev/null
+++ b/meta-networking/recipes-support/chrony/chrony/CVE-2020-14367.patch
@@ -0,0 +1,204 @@
+From f00fed20092b6a42283f29c6ee1f58244d74b545 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Thu, 6 Aug 2020 09:31:11 +0200
+Subject: main: create new file when writing pidfile
+
+When writing the pidfile, open the file with the O_CREAT|O_EXCL flags
+to avoid following a symlink and writing the PID to an unexpected file,
+when chronyd still has the root privileges.
+
+The Linux open(2) man page warns about O_EXCL not working as expected on
+NFS versions before 3 and Linux versions before 2.6. Saving pidfiles on
+a distributed filesystem like NFS is not generally expected, but if
+there is a reason to do that, these old kernel and NFS versions are not
+considered to be supported for saving files by chronyd.
+
+This is a minimal backport specific to this issue of the following
+commits:
+- commit 2fc8edacb810 ("use PATH_MAX")
+- commit f4c6a00b2a11 ("logging: call exit() in LOG_Message()")
+- commit 7a4c396bba8f ("util: add functions for common file operations")
+- commit e18903a6b563 ("switch to new util file functions")
+
+Reported-by: Matthias Gerstner <mgerstner@suse.de>
+
+Upstream-Status: Backport [https://git.tuxfamily.org/chrony/chrony.git/commit/?id=f00fed20092b6a42283f29c6ee1f58244d74b545]
+CVE: CVE-2020-14367
+Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
+
+diff --git a/logging.c b/logging.c
+index d2296e0..fd7f900 100644
+--- a/logging.c
++++ b/logging.c
+@@ -171,6 +171,7 @@ void LOG_Message(LOG_Severity severity,
+ system_log = 0;
+ log_message(1, severity, buf);
+ }
++ exit(1);
+ break;
+ default:
+ assert(0);
+diff --git a/main.c b/main.c
+index 6ccf32e..8edb2e1 100644
+--- a/main.c
++++ b/main.c
+@@ -281,13 +281,9 @@ write_pidfile(void)
+ if (!pidfile[0])
+ return;
+
+- out = fopen(pidfile, "w");
+- if (!out) {
+- LOG_FATAL("Could not open %s : %s", pidfile, strerror(errno));
+- } else {
+- fprintf(out, "%d\n", (int)getpid());
+- fclose(out);
+- }
++ out = UTI_OpenFile(NULL, pidfile, NULL, 'W', 0644);
++ fprintf(out, "%d\n", (int)getpid());
++ fclose(out);
+ }
+
+ /* ================================================== */
+diff --git a/sysincl.h b/sysincl.h
+index 296c5e6..873a3bd 100644
+--- a/sysincl.h
++++ b/sysincl.h
+@@ -37,6 +37,7 @@
+ #include <glob.h>
+ #include <grp.h>
+ #include <inttypes.h>
++#include <limits.h>
+ #include <math.h>
+ #include <netinet/in.h>
+ #include <pwd.h>
+diff --git a/util.c b/util.c
+index e7e3442..83b3b20 100644
+--- a/util.c
++++ b/util.c
+@@ -1179,6 +1179,101 @@ UTI_CheckDirPermissions(const char *path, mode_t perm, uid_t uid, gid_t gid)
+
+ /* ================================================== */
+
++static int
++join_path(const char *basedir, const char *name, const char *suffix,
++ char *buffer, size_t length, LOG_Severity severity)
++{
++ const char *sep;
++
++ if (!basedir) {
++ basedir = "";
++ sep = "";
++ } else {
++ sep = "/";
++ }
++
++ if (!suffix)
++ suffix = "";
++
++ if (snprintf(buffer, length, "%s%s%s%s", basedir, sep, name, suffix) >= length) {
++ LOG(severity, "File path %s%s%s%s too long", basedir, sep, name, suffix);
++ return 0;
++ }
++
++ return 1;
++}
++
++/* ================================================== */
++
++FILE *
++UTI_OpenFile(const char *basedir, const char *name, const char *suffix,
++ char mode, mode_t perm)
++{
++ const char *file_mode;
++ char path[PATH_MAX];
++ LOG_Severity severity;
++ int fd, flags;
++ FILE *file;
++
++ severity = mode >= 'A' && mode <= 'Z' ? LOGS_FATAL : LOGS_ERR;
++
++ if (!join_path(basedir, name, suffix, path, sizeof (path), severity))
++ return NULL;
++
++ switch (mode) {
++ case 'r':
++ case 'R':
++ flags = O_RDONLY;
++ file_mode = "r";
++ if (severity != LOGS_FATAL)
++ severity = LOGS_DEBUG;
++ break;
++ case 'w':
++ case 'W':
++ flags = O_WRONLY | O_CREAT | O_EXCL;
++ file_mode = "w";
++ break;
++ case 'a':
++ case 'A':
++ flags = O_WRONLY | O_CREAT | O_APPEND;
++ file_mode = "a";
++ break;
++ default:
++ assert(0);
++ return NULL;
++ }
++
++try_again:
++ fd = open(path, flags, perm);
++ if (fd < 0) {
++ if (errno == EEXIST) {
++ if (unlink(path) < 0) {
++ LOG(severity, "Could not remove %s : %s", path, strerror(errno));
++ return NULL;
++ }
++ DEBUG_LOG("Removed %s", path);
++ goto try_again;
++ }
++ LOG(severity, "Could not open %s : %s", path, strerror(errno));
++ return NULL;
++ }
++
++ UTI_FdSetCloexec(fd);
++
++ file = fdopen(fd, file_mode);
++ if (!file) {
++ LOG(severity, "Could not open %s : %s", path, strerror(errno));
++ close(fd);
++ return NULL;
++ }
++
++ DEBUG_LOG("Opened %s fd=%d mode=%c", path, fd, mode);
++
++ return file;
++}
++
++/* ================================================== */
++
+ void
+ UTI_DropRoot(uid_t uid, gid_t gid)
+ {
+diff --git a/util.h b/util.h
+index e3d6767..a2481cc 100644
+--- a/util.h
++++ b/util.h
+@@ -176,6 +176,17 @@ extern int UTI_CreateDirAndParents(const char *path, mode_t mode, uid_t uid, gid
+ permissions and its uid/gid must match the specified values. */
+ extern int UTI_CheckDirPermissions(const char *path, mode_t perm, uid_t uid, gid_t gid);
+
++/* Open a file. The full path of the file is constructed from the basedir
++ (may be NULL), '/' (if basedir is not NULL), name, and suffix (may be NULL).
++ Created files have specified permissions (umasked). Returns NULL on error.
++ The following modes are supported (if the mode is an uppercase character,
++ errors are fatal):
++ r/R - open an existing file for reading
++ w/W - open a new file for writing (remove existing file)
++ a/A - open an existing file for appending (create if does not exist) */
++extern FILE *UTI_OpenFile(const char *basedir, const char *name, const char *suffix,
++ char mode, mode_t perm);
++
+ /* Set process user/group IDs and drop supplementary groups */
+ extern void UTI_DropRoot(uid_t uid, gid_t gid);
+
+--
+cgit v0.10.2
+
diff --git a/meta-networking/recipes-support/chrony/chrony_3.5.bb b/meta-networking/recipes-support/chrony/chrony_3.5.bb
index 7c6356d264..182ce13ccf 100644
--- a/meta-networking/recipes-support/chrony/chrony_3.5.bb
+++ b/meta-networking/recipes-support/chrony/chrony_3.5.bb
@@ -34,6 +34,7 @@ SRC_URI = "https://download.tuxfamily.org/chrony/chrony-${PV}.tar.gz \
file://chrony.conf \
file://chronyd \
file://arm_eabi.patch \
+ file://CVE-2020-14367.patch \
"
SRC_URI_append_libc-musl = " \
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.2.5.bb b/meta-networking/recipes-support/wireshark/wireshark_3.2.7.bb
index a6c09d47ba..65f925ce1f 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.2.5.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.2.7.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "bd89052a5766cce08b1090df49628567e48cdd24bbaa47667c851bac6aaac940"
+SRC_URI[sha256sum] = "be832fb86d9c455c5be8b225a755cdc77cb0e92356bdfc1fe4b000d93f7d70da"
PE = "1"
diff --git a/meta-oe/README b/meta-oe/README
index 10583aef27..f5a4bda065 100644
--- a/meta-oe/README
+++ b/meta-oe/README
@@ -19,10 +19,10 @@ Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][
When sending single patches, please use something like:
'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix=meta-oe][dunfell][PATCH'
-You are encouraged to fork the mirror on GitHub https://github.com/openembedded/openembedded-core
+You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded
to share your patches, this is preferred for patch sets consisting of more than one patch.
-Other services like gitorious, repo.or.cz or self-hosted setups are of course accepted as well,
+Other services like GitLab, repo.or.cz or self-hosted setups are of course accepted as well,
'git fetch <remote>' works the same on all of them. We recommend GitHub because it is free, easy
to use, has been proven to be reliable and has a really good web GUI.
diff --git a/meta-oe/recipes-extended/hplip/hplip_3.19.12.bb b/meta-oe/recipes-extended/hplip/hplip_3.19.12.bb
index 883a6ffe95..457a974534 100644
--- a/meta-oe/recipes-extended/hplip/hplip_3.19.12.bb
+++ b/meta-oe/recipes-extended/hplip/hplip_3.19.12.bb
@@ -39,8 +39,8 @@ EXTRA_OECONF += "\
--enable-foomatic-drv-install \
--disable-foomatic-ppd-install \
--disable-foomatic-rip-hplip-install \
- --with-cupsbackenddir=${libdir}/cups/backend \
- --with-cupsfilterdir=${libdir}/cups/filter \
+ --with-cupsbackenddir=${libexecdir}/cups/backend \
+ --with-cupsfilterdir=${libexecdir}/cups/filter \
"
EXTRA_OEMAKE = "rulessystemdir=${systemd_unitdir}/system/"
@@ -52,7 +52,7 @@ do_install_append() {
sed -i -e "s|/usr/bin/python|/usr/bin/env python3|g" ${D}${datadir}/hplip/*.py
}
-PACKAGES += "${PN}-ppd ${PN}-cups ${PN}-backend ${PN}-filter ${PN}-hal"
+PACKAGE_BEFORE_PN += "${PN}-ppd ${PN}-cups ${PN}-backend ${PN}-filter ${PN}-hal"
RDEPENDS_${PN} += " \
python3\
@@ -70,15 +70,15 @@ RDEPENDS_${PN}-filter += "perl"
# need to snag the debug file or OE will fail on backend package
FILES_${PN}-dbg += "\
- ${libdir}/cups/backend/.debug \
+ ${libexecdir}/cups/backend/.debug \
${PYTHON_SITEPACKAGES_DIR}/.debug \
- ${libdir}/cups/filter/.debug "
+ ${libexecdir}/cups/filter/.debug "
FILES_${PN}-dev += "${PYTHON_SITEPACKAGES_DIR}/*.la"
FILES_${PN}-ppd = "${datadir}/ppd"
FILES_${PN}-cups = "${datadir}/cups"
-FILES_${PN}-backend = "${libdir}/cups/backend"
-FILES_${PN}-filter = "${libdir}/cups/filter"
+FILES_${PN}-backend = "${libexecdir}/cups/backend"
+FILES_${PN}-filter = "${libexecdir}/cups/filter"
FILES_${PN}-hal = "${datadir}/hal"
FILES_${PN} += "${PYTHON_SITEPACKAGES_DIR}/*.so"
diff --git a/meta-oe/recipes-graphics/gphoto2/libgphoto2_2.5.25.bb b/meta-oe/recipes-graphics/gphoto2/libgphoto2_2.5.25.bb
index 8daf737a5e..fe7657f54c 100644
--- a/meta-oe/recipes-graphics/gphoto2/libgphoto2_2.5.25.bb
+++ b/meta-oe/recipes-graphics/gphoto2/libgphoto2_2.5.25.bb
@@ -29,6 +29,12 @@ do_configure_append() {
cp ${STAGING_DATADIR_NATIVE}/gettext/po/Makefile.in.in ${S}/libgphoto2_port/po/
cd ${S}/libgphoto2_port/
autoreconf -Wcross --verbose --install --force ${EXTRA_AUTORECONF} $acpaths
+
+ # remove WORKDIR information from config to improve reproducibility
+ # libgphoto2_port recheck config will set the WORKDIR info again, so dont do that
+ sed -i 's/'$(echo ${WORKDIR} | sed 's_/_\\/_g')'/../g' ${B}/config.h
+ sed -i 's/'$(echo ${WORKDIR} | sed 's_/_\\/_g')'/../g' ${B}/libgphoto2_port/config.status
+ sed -i '/config\.status/ s/\-\-recheck//' ${B}/libgphoto2_port/Makefile
cd ${S}
}
diff --git a/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb b/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb
index f7b0f30fb9..70a39c7b60 100644
--- a/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb
+++ b/meta-oe/recipes-multimedia/mplayer/mpv_0.32.0.bb
@@ -18,7 +18,9 @@ LICENSE_FLAGS = "commercial"
SRCREV_mpv = "70b991749df389bcc0a4e145b5687233a03b4ed7"
SRC_URI = " \
git://github.com/mpv-player/mpv;name=mpv \
+ https://waf.io/waf-2.0.20;name=waf;subdir=git \
"
+SRC_URI[waf.sha256sum] = "bf971e98edc2414968a262c6aa6b88541a26c3cd248689c89f4c57370955ee7f"
S = "${WORKDIR}/git"
@@ -101,14 +103,10 @@ EXTRA_OECONF = " \
${PACKAGECONFIG_CONFARGS} \
"
-do_patch[postfuncs] += "get_waf"
-
-get_waf() {
- cd ${S}
- ./bootstrap.py
- sed -i -e 's|/usr/bin/env python|/usr/bin/env python3|g' ${S}/waf
- cd -
+link_waf() {
+ ln -s waf-2.0.20 ${S}/waf
}
+do_unpack[postfuncs] += "link_waf"
FILES_${PN} += " \
${datadir}/icons \
diff --git a/meta-oe/recipes-support/glog/glog_0.3.5.bb b/meta-oe/recipes-support/glog/glog_0.3.5.bb
index 9a8332836b..56bf515544 100644
--- a/meta-oe/recipes-support/glog/glog_0.3.5.bb
+++ b/meta-oe/recipes-support/glog/glog_0.3.5.bb
@@ -25,3 +25,10 @@ PACKAGECONFIG_remove_riscv32 = "unwind"
PACKAGECONFIG[unwind] = "-DWITH_UNWIND=ON,-DWITH_UNWIND=OFF,libunwind,libunwind"
PACKAGECONFIG[shared] = "-DBUILD_SHARED_LIBS=ON,-DBUILD_SHARED_LIBS=OFF,,"
+
+do_configure_append() {
+ # remove WORKDIR info to improve reproducibility
+ if [ -f "${B}/config.h" ] ; then
+ sed -i 's/'$(echo ${WORKDIR} | sed 's_/_\\/_g')'/../g' ${B}/config.h
+ fi
+}
diff --git a/meta-oe/recipes-support/libeigen/libeigen_3.3.7.bb b/meta-oe/recipes-support/libeigen/libeigen_3.3.7.bb
index f638848d15..6ce318d0b5 100644
--- a/meta-oe/recipes-support/libeigen/libeigen_3.3.7.bb
+++ b/meta-oe/recipes-support/libeigen/libeigen_3.3.7.bb
@@ -4,11 +4,11 @@ HOMEPAGE = "http://eigen.tuxfamily.org/"
LICENSE = "MPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING.MPL2;md5=815ca599c9df247a0c7f619bab123dad"
-SRC_URI = "https://bitbucket.org/eigen/eigen/get/${PV}.tar.bz2;downloadfilename=${BP}.tar.bz2"
-SRC_URI[md5sum] = "05b1f7511c93980c385ebe11bd3c93fa"
-SRC_URI[sha256sum] = "9f13cf90dedbe3e52a19f43000d71fdf72e986beb9a5436dddcd61ff9d77a3ce"
+SRC_URI = "git://gitlab.com/libeigen/eigen.git;protocol=http;nobranch=1"
-S = "${WORKDIR}/eigen-eigen-323c052e1731"
+SRCREV = "21ae2afd4edaa1b69782c67a54182d34efe43f9c"
+
+S = "${WORKDIR}/git"
inherit cmake
diff --git a/meta-oe/recipes-support/remmina/remmina_1.3.6.bb b/meta-oe/recipes-support/remmina/remmina_1.3.6.bb
index 5b663489f8..1c2f270e32 100644
--- a/meta-oe/recipes-support/remmina/remmina_1.3.6.bb
+++ b/meta-oe/recipes-support/remmina/remmina_1.3.6.bb
@@ -9,12 +9,11 @@ DEPENDS += "openssl freerdp gtk+3 gdk-pixbuf atk libgcrypt avahi-ui libsodium li
DEPENDS_append_libc-musl = " libexecinfo"
LDFLAGS_append_libc-musl = " -lexecinfo"
-SRC_URI = "https://gitlab.com/Remmina/Remmina/-/archive/v${PV}/Remmina-v${PV}.tar.bz2 \
+SRCREV = "cc391370d8b4c07597617e0a771a9732f0802411"
+SRC_URI = "git://gitlab.com/Remmina/Remmina;protocol=https \
"
-SRC_URI[md5sum] = "6da599c3a5cab2df37a70f8fba2f5438"
-SRC_URI[sha256sum] = "fbed745438bb0c21467b60cbd67c8148a9289b5ebc7482d06db443bea556af1a"
-S = "${WORKDIR}/Remmina-v${PV}"
+S = "${WORKDIR}/git"
inherit cmake features_check mime-xdg
REQUIRED_DISTRO_FEATURES = "x11"
diff --git a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
index dcadede0ed..33f5dccca2 100644
--- a/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
+++ b/meta-oe/recipes-support/rsnapshot/rsnapshot_git.bb
@@ -13,11 +13,13 @@ RDEPENDS_${PN} = "rsync \
perl-module-getopt-std \
perl-module-file-path \
perl-module-file-stat \
+ perl-module-file-spec \
perl-module-posix \
perl-module-fcntl \
perl-module-io-file \
perl-module-constant \
perl-module-overloading \
+ perl-module-ipc-open3 \
"
SRCREV = "a9e29850fc33c503c289e245c7bad350eed746d9"
diff --git a/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch-data_20191128.bb b/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch-data_20191128.bb
index 938c0f9c26..ca970e59bb 100644
--- a/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch-data_20191128.bb
+++ b/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch-data_20191128.bb
@@ -11,9 +11,9 @@ SRC_URI[md5sum] = "e8fce7eb949cbe16c61fb71bade4cc17"
SRC_URI[sha256sum] = "3f039b60791c21c7cb15c7986cac89650f076dc274798fa242231b910785eaf9"
do_install() {
- oe_runmake install DESTDIR=${D}
+ oe_runmake install DESTDIR=${D} RULESDIR=${D}/${nonarch_base_libdir}/udev/rules.d
}
RDEPENDS_${PN} = "usb-modeswitch (>= 2.4.0)"
-FILES_${PN} += "${base_libdir}/udev/rules.d/ \
+FILES_${PN} += "${nonarch_base_libdir}/udev/rules.d/ \
${datadir}/usb_modeswitch"
diff --git a/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch_2.6.0.bb b/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch_2.6.0.bb
index baad340908..6a5287af49 100644
--- a/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch_2.6.0.bb
+++ b/meta-oe/recipes-support/usb-modeswitch/usb-modeswitch_2.6.0.bb
@@ -19,7 +19,7 @@ RDEPENDS_${PN} = "tcl"
RRECOMMENDS_${PN} = "usb-modeswitch-data"
do_install() {
- oe_runmake DESTDIR=${D} install
+ oe_runmake DESTDIR=${D} UDEVDIR=${D}/${nonarch_base_libdir}/udev install
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
install -d ${D}/${systemd_unitdir}/system
install -m 644 ${S}/usb_modeswitch@.service ${D}/${systemd_unitdir}/system
diff --git a/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb b/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb
index ab33953174..049c3c3cf7 100644
--- a/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb
+++ b/meta-python/recipes-devtools/python/python3-pyinotify_0.9.6.bb
@@ -3,11 +3,12 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=ab173cade7965b411528464589a08382"
RDEPENDS_${PN} += "\
- ${PYTHON_PN}-threading \
+ ${PYTHON_PN}-ctypes \
${PYTHON_PN}-io \
${PYTHON_PN}-misc \
${PYTHON_PN}-shell \
${PYTHON_PN}-smtpd \
+ ${PYTHON_PN}-threading \
"
SRC_URI[md5sum] = "8e580fa1ff3971f94a6f81672b76c406"
diff --git a/meta-python/recipes-devtools/python/python3-pykwalify/0001-rule.py-fix-missing-comma.patch b/meta-python/recipes-devtools/python/python3-pykwalify/0001-rule.py-fix-missing-comma.patch
new file mode 100644
index 0000000000..689355eeaf
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-pykwalify/0001-rule.py-fix-missing-comma.patch
@@ -0,0 +1,34 @@
+From f96b76efb810d7d559254d0ec58de628e09f525a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mart=C3=AD=20Bol=C3=ADvar?= <marti.f.bolivar@gmail.com>
+Date: Mon, 13 Jan 2020 08:42:05 -0800
+Subject: [PATCH] rule.py: fix missing comma
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+A line in the defined_keywords list is missing a comma. Add it.
+
+Signed-off-by: Martí Bolívar <marti.f.bolivar@gmail.com>
+
+Upstream-Status: Backport [https://github.com/Grokzen/pykwalify.git]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ pykwalify/rule.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/pykwalify/rule.py b/pykwalify/rule.py
+index 7ac2c9e..f044b69 100644
+--- a/pykwalify/rule.py
++++ b/pykwalify/rule.py
+@@ -340,7 +340,7 @@ class Rule(object):
+ ('matching', 'matching'),
+ ('matching_rule', 'matching_rule'),
+ ('name', 'name'),
+- ('nullable', 'nullable')
++ ('nullable', 'nullable'),
+ ('parent', 'parent'),
+ ('pattern', 'pattern'),
+ ('pattern_regexp', 'pattern_regexp'),
+--
+2.18.2
+
diff --git a/meta-python/recipes-devtools/python/python3-pykwalify_1.7.0.bb b/meta-python/recipes-devtools/python/python3-pykwalify_1.7.0.bb
index 5d029bd761..1bbde6986a 100644
--- a/meta-python/recipes-devtools/python/python3-pykwalify_1.7.0.bb
+++ b/meta-python/recipes-devtools/python/python3-pykwalify_1.7.0.bb
@@ -7,6 +7,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a72ea5159364a2cd7f45c6dcbee37872"
SRC_URI[md5sum] = "58357f1d0f77de976e73dbd3660af75b"
SRC_URI[sha256sum] = "7e8b39c5a3a10bc176682b3bd9a7422c39ca247482df198b402e8015defcceb2"
+SRC_URI += "file://0001-rule.py-fix-missing-comma.patch"
+
PYPI_PACKAGE = "pykwalify"
inherit setuptools3 pypi
unset _PYTHON_SYSCONFIGDATA_NAME