Age | Commit message (Collapse) | Author |
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
This sets up the perl interpreter correctly on target package
Also fixes
QA Issue: /usr/bin/sliceprint contained in package enscript requires /mnt/a/oe
/build/tmp/hosttools/perl, but no providers found in RDEPENDS_enscript? [file-rdeps]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixes
QA Issue: /usr/bin/parkill contained in package mpich requires /mnt/a/oe/build/tmp/
hosttools/perl, but no providers found in RDEPENDS_mpich
also move BASH_SHELL in same realm
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
License is LGPL-2.1, not simply LGPL
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fix file-rdeps error about "#!/usr/bin/python" in python3-pylint
by inheriting python*-dir so we can change to "#!/usr/bin/env ${PYTHON_PN}"
in ${PYTHON_SITEPACKAGES_DIR}.
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
All dependencies have been fixed by the following commits:
b3d7a464c font-adobe-100dpi: update depends to fix builds with RSS
8de29d274 font-bh-100dpi: update depends to fix builds with RSS
bac94456a font-adobe-utopia-100dpi: update depends to fix builds with RSS
5fecd31c6 font-bh-lucidatypewriter-100dpi: update depends to fix builds with RSS
Unblacklist it so it won't get auto-deleted in about a week when the
2.4 dev cycle starts.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
LDFLAGS += "-pthread" adds the flag both for native and target builds,
however the openldap-native build overwrites the variable inside
native.bbclass causing "undefined reference to `pthread_getspecific'"
and other linker errors.
Change the append to happen after parsing by using the override
syntax and thus make sure it executes after native.bbclass (bitbake -e
reports pre-expansion value "${BUILD_LDFLAGS} -pthread").
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Set correct paths for programs (bash, cat, rm and sed)
to avoid QA issue:
| ERROR: logwarn-1.0.14-r0 do_package_qa: QA Issue:
| /usr/lib/nagios/plugins/check_logwarn contained in package
| logwarn-nagios requires /builddir/tmp/hosttools/bash,
| but no providers found in RDEPENDS_logwarn-nagios? [file-rdeps]
* Add missing dependency on coreutils and sed.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
CVE-2013-7459: Heap-based buffer overflow in the ALGnew function in
block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows
remote attackers to execute arbitrary code as demonstrated by a crafted
iv parameter to cryptmsg.py.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2013-7459
Patch from:
https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
- logcheck depends on mime-construct which is in meta-perl,
so move it to meta-perl to avoid that meta-oe depends on
meta-perl.
- logcheck should not be run as root, so inherit useradd
and add proper user and group.
- Add missing runtime dependencies according to the file
debian/control and simple test by running "logcheck -ot".
- For syslog, debian directly depends on rsyslog, but logcheck
works with any syslog and we have busybox-syslog, sysklogd,
syslog-ng and rsyslog, so use VIRTUAL-RUNTIME_syslog for the
syslog dependency and set rsyslog as the default, which can be
easily overridden in distro conf file or local.conf.
- Don't install /var/lock when populating rootfs. Do it
through volatile.
- install header.txt for generated mails
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* add runtime dependency on bash to fix QA issue:
| ERROR: gflags-2.2.0-r0 do_package_qa: QA Issue:
| /usr/bin/gflags_completions.sh contained in package
| gflags-bash-completion requires /bin/bash, but
| no providers found in RDEPENDS_gflags-bash-completion? [file-rdeps]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The old URL for HOMEPAGE is obsolete, use the valid one.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The 5.7.2 fixed CVE-2017-7401.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Get version number by invoking:
...
$ ${S}/build-aux/git-version-gen --version
git-version-gen 2017-08-20.18
...
The gnulib 2017-08-20.18 fixed CVE-2017-7476.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed CVE-2017-11109 since 8.0.0707
See:
http://www.cvedetails.com/vulnerability-list/vendor_id-8218/product_id-14270/year-2017/opdos-1/VIM-VIM.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
chromium-60+ will need it
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Add systemd service file for webmin.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Upgrade iperf3 from 3.1.3 to 3.2.
* update md5 checksum of license file which update year info and add
same bsd license for src/net.c
* add dependency openssl
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Immediate expansion for PERLVERSION(in perl-version.bbclass)
is too early, it will result in 'None' before perl is built,
then the module file is installed incorrectly:
$ rpm -ql adduser|grep Common
/usr/lib/perl/None/Debian/AdduserCommon.pm
So use get_perl_version directly instead of PERLVERSION.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Customize HOST_CFLAGS, HOST_CXXFLAGS and HOST_LDFLAGS
to fix do_configure error as previously use the common
CFLAGS and CXXFLAGS in both cross-compile env and host env,
and the option -fstack-protector-strong which not
recognized in host env can result in do_configure
error as below.
| checking whether the host c compiler (gcc -O2 -pipe -g -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -fstack-protector-strong -Wl,-z,relro,-z,now) works... configure: error: installation or configuration problem: host compiler gcc cannot create executables.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Remove add-proper-format-string-to-print-a-str.patch since it had been
merged in upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Dhrystone is a synthetic computing benchmark program developed
in 1984 by Reinhold P. Weicker intended to be representative of
system (integer) programming.
https://en.wikipedia.org/wiki/Dhrystone
Signed-off-by: Jose Alarcon <jose.alarcon@ge.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed three security vulnerabilities:
CVE-2017-7546: Empty password accepted in some authentication methods
CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords
to users lacking server privileges
CVE-2017-7548: lo_put() function ignores ACLs
See release note:
https://www.postgresql.org/docs/9.4/static/release-9-4-13.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed:
ERROR: QA Issue: /usr/lib/glibmm-2.4/proc/gmmproc contained in package glibmm-dev requires /path/to/tmp/hosttools/perl, but no providers found in RDEPENDS_glibmm-dev? [file-rdeps]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Fix CVE-2017-10671: Heap-based buffer overflow in the de_dotdot
function in libhttpd.c
* Update SRC_URI because the original site can not access.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
1) Upgrade pcsc-lite from 1.8.13 to 1.8.22.
2) License information has changed in pcsc-lite-1.8.22/COPYING for src/strlcpy.3, src/strlcat.c and src/strlcpy.c have been removed in pcsc-lite-1.8.22, so modify the LIC_FILES_CHKSUM.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The license files and md5 are updated.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fix the following file-rdeps QA issue:
...
|ERROR: xmlrpc-c-1.31.0-r0 do_package_qa: QA Issue:
/usr/bin/xml-rpc-api2txt contained in package xmlrpc-c requires
/usr/bin/perl, but no providers found in RDEPENDS_xmlrpc-c? [file-rdeps]
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fix the following file-rdeps QA issue:
...
|ERROR: python3-pykickstart-2.35-r0 do_package_qa: QA Issue:
/usr/bin/ksvalidator contained in package python3-pykickstart requires
/usr/bin/python, but no providers found in RDEPENDS_python3-pykickstart?
[file-rdeps]
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fix the following file-rdeps QA issue:
...
|ERROR: multipath-tools-0.7.1-r0 do_package_qa: QA Issue: /sbin/mpathconf
contained in package multipath-tools requires /bin/bash, but no
providers found in RDEPENDS_multipath-tools? [file-rdeps]
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The python2 version was dropped from oe-core.
Also add support for python3.
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The python2 version was dropped from oe-core.
Also add support for python3.
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Remove the following patches which already merged in upstream:
fix-gcc-unused-functions.patch
.gitignore-the-new-test-case.patch
CVE-2016-10166.patch
CVE-2016-10167.patch
CVE-2016-10168.patch
CVE-2016-6906-1.patch
CVE-2016-6906-2.patch
Fix-290-TGA-RLE-decoding-is-broken.patch
* Update LICENSE's MD5 check sum.
The COPYING file has been update with the following commits in
upstream:
commit f863b3c2d300ff5344f6752e5813b0d6985e79c4
Resolve #282: COPYING vs. docs/naturaldocs/license.txt
commit 9ccdaedbd9a2cfd1c8a9a258c09af161e796bd41
Sync COPYING and docs/naturaldocs/license.txt
These two commits updated the copyright statement regarding the
authorship of gd and adjust the format.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Previously we used update-alternatives to manage this configuration file,
creating link under /etc/logrotate.d/ directory.
However, we later dropped the update-alternatives approach and explicitly
setting rsyslog to conflict with other syslog providers.
So we need to install the logrotate configuration file under /etc/logrotate.d
to make things right.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Backport a patch to fix CVE-2017-12588.
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted
description fields as format strings, possibly allowing a format string
attack with unspecified impact.
Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12588
CVE: CVE-2017-12588
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The tipcutils 2.2 removed the tipc-config tool and recommended to use
the new configuration tool named "tipc" in iproute2 package for
configuring the tipc, which utilizes the new tipc netlink kernel API.
Add iproute2-tipc as a runtime dependency.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The tipcutils 2.2 removed the tipc-config tool and recommended to use
the new configuration tool named "tipc" in iproute2 package for
configuring the tipc, which utilizes the new tipc netlink kernel API.
We supported tipc in iproute2 with PACKAGECONFIG in oe-core commit
944ef0de241de77429ab0e5cb1dd4a7f355cf3fd
Add iproute2 bbappend to enable tipc for tipcutils.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
As openwsman has been upgrdaed to v2.6.3, but the name of recipe file still v2.6.2, so rename it.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
When building openobex on a host without any connection to outside,
the configure fails as it tries to get some url from outside to build
the documentation.
Fix this problem by disabling building documentation.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
If usrmerge is enabled in DISTRO_FEATURES, then ${base_sbindir} and
${sbindir} are set to the same path and the symbolic link from
${base_sbindir}/start-stop-daemon to ${sbindir}/start-stop-daemon can
(and should) not be created.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixed CVEs & Issues:
CVE-2017-11577: #3088
CVE-2017-11576: #3091
CVE-2017-11575: #3096
CVE-2017-11574: #3090
CVE-2017-11572: #3092
CVE-2017-11571: #3087
CVE-2017-11569: #3093
CVE-2017-11568: #3089
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
vlock is a program to lock one or more
sessions on the Linux console.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
There are many unaddressed CVEs which are fixed in 7.1.7
and later versions. Allow the user to define php_5.6.26
to enable building the recipe.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The latest changes in oe-core switch to using openssl 1.1. The
SSLv3_client_method and RAND_egd functions are removed in the openssl
1.1. This causes mailx to fail to compile.
For now we can use openssl10 in the same manner that openssh is doing.
At the point in time that openssl10 goes away the code for openssl in
mailx will have to be altered.
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Upgrade mailcap from 2.1.46 to 2.1.48.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
This is to ensure that if ARCH is set in Makefiles then
its not used. This variable is generated using uname which
is wrong for cross compile. So we dont want to set it accidently
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Fixes build with openssl 1.1
Add patch to fix out of tree build
License changes are due to restructing of license files
see https://sourceforge.net/p/gsoap2/code/123/
Add OpenSSL exception to LICENSE field which was
missing thus far.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|