| Age | Commit message (Collapse) | Author |
|---|
|
It was only added because samba was a dependency, but was not removed
again when the dependency on samba was removed in commit 6207331f.
This effectively reverts commit a190c2e3.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d2b80bd783fb2190c28caa2ebf3a13d4491d7c7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade on the 3.0 stable branch,
including fixes for CVE-2019-19553 and CVE-2020-7045.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2b3fd534874aee125a6c79c70c93b1aa498fda3f)
[Samba's update via ee5aa6911b2e93b89e67ae6167ee7d9a029b9262 required
libldb upgrade to 1.5.6 Yocto # 13750]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport the CVE patch from the upstream to fix the memory leak.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8ca82feb5d6ceb843aad33dada947b456f7fcac)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
do_install never executed as a result it was empty install
Create ruli-bin package for utilities, so libraries can be packages
granularily
Drop the makefile patch which is no longer needed, set the make
variables to get the needed bits set
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f4e6224b340fba198639bdd4585a81efdf15303e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
[Bug fix only update
includes:
CVE-2019-16319
]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Delete patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since it is not used in the tcpdump recipe anymore.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
-License-Update: Copyright year updated to 2019.
-fetchmail/02_remove_SSLv3.patch
Removed since this is included in 6.4.1.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This upgrade adds some new features and fixes numerous bugs including
the following CVEs:
CVE: CVE-2017-16808 (AoE)
CVE: CVE-2018-14468 (FrameRelay)
CVE: CVE-2018-14469 (IKEv1)
CVE: CVE-2018-14470 (BABEL)
CVE: CVE-2018-14466 (AFS/RX)
CVE: CVE-2018-14461 (LDP)
CVE: CVE-2018-14462 (ICMP)
CVE: CVE-2018-14465 (RSVP)
CVE: CVE-2018-14881 (BGP)
CVE: CVE-2018-14464 (LMP)
CVE: CVE-2018-14463 (VRRP)
CVE: CVE-2018-14467 (BGP)
CVE: CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE: CVE-2018-10105 (SMB - too unreliably reproduced,
SMB printing disabled)
CVE: CVE-2018-14880 (OSPF6)
CVE: CVE-2018-16451 (SMB)
CVE: CVE-2018-14882 (RPL)
CVE: CVE-2018-16227 (802.11)
CVE: CVE-2018-16229 (DCCP)
CVE: CVE-2018-16301 (was fixed in libpcap)
CVE: CVE-2018-16230 (BGP)
CVE: CVE-2018-16452 (SMB)
CVE: CVE-2018-16300 (BGP)
CVE: CVE-2018-16228 (HNCP)
CVE: CVE-2019-15166 (LMP)
CVE: CVE-2019-15167 (VRRP)
CVE: CVE-2018-14879 (tcpdump -V)
Deleted patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since the fix is included in the upgrade.
Modified patches "avoid-absolute-path-when-searching-for-libdlpi.patch",
"unnecessary-to-check-libpcap.patch", and "add-ptest.path" since
the upgrade renamed configure.in to configure.ac and made changes
to the file.
Added PACKAGECONFIG for smb. It is disabled by default in
the upgraded version in both the package's configure script and this
bitbake recipe since it is insecure.
Modified the parsing of ptest result to align with the new output
format.
With core-image-minimal on qemux86-64/kvm:
Recipe | Passed | Failed | Skipped | Time(s)
Before | 408 | 0 | 2 | 4
After | 431 | 11 | 2 | 10
11 test failed after the upgrade since libpcap is not upgraded
alongside with tcpdump.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
These are needed for other packages which want to link against
libstrongswan or other libraries included with Strongswan.
By default, no headers are installed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add qttools-native to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5LinguistTools build error.
Add qtmultimedia to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5Multimedia build error.
Add qtsvg to PACKAGECONFIG[qt5] DEPENDS to resolve missing Qt5Svg build
error.
Inherit cmake_qt5 when qt5 is in PACKAGECONFIG to resolve
get_target_property() called with non-existent target "Qt5::qmake"
build error.
Automatically add qt5 to PACKAGECONFIG when meta-qt5 is in the build
since adding qt5 via a .bbappend won't satisfy the conditional inherit
cmake_qt5. The poppler recipe does exactly this.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This reverts commit 5f32fd6b08d79b9a4d1bffb9b2bcbc535a5b27d2.
* fixed by restricting -Wno-error=address-of-packed-member only for
target, spice-native is still useful for qemu-native when spice
PACKAGECONFIG is enabled
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
* with older native gcc on host this will break spice-native with:
cc1: error: -Werror=address-of-packed-member: no option -Waddress-of-packed-member
because older gcc doesn't recognize address-of-packed-member warning
to work around this ignore them all
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libOpenIPMI.so.0 is SONAME for openIPMI.so in openipmi-perl package
which means the shlibs code will automatically add it as a provider for
this shared library but actual public library is provided by openipmi
package, and it results in
ERROR: openipmi-2.0.27-r0 do_package: openipmi: Multiple shlib providers for libOpenIPMI.so.0: openipmi-perl, openipmi (used by files: /mnt/jenkins/workspace/Yocto-world-musl/build/tmp/work/aarch64-yoe-linux/openipmi/2.0.27-r0/packages-split/openipmi/usr/bin/openipmi_eventd)
The library in perl package is actually not required to compete to
provide for public interfaces
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
$ bitbake spice-native
checking whether the C compiler works... no
configure: error: in `/path/to/spice-native/0.14.2+gitAUTOINC+7cbd70b931_4fc4c2db36-r0/build':
configure: error: C compiler cannot create executables
It's a broken native recipe which means no ones need it any more, so remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The restriction to ARM instruction set came in the original
wireshark recipe, which was 2 major versions ago (and also
a few toolchains ago). Wireshark 3.x seems to be building
fine allowing thumb instructions, at least on cortexa9t2hf.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
* when usrmerge is enabled, ${libdir} is /usr/lib, and
${systemd_unitdir} is /usr/lib/systemd, sine PACKAGE
ntpdate is after ntp in variable PACKAGES, so file
${systemd_unitdir}/system/ntpdate.service will be populated
into PACKAGE ntp, but actually we have add it into FILES_ntpdate
when usrmerge is disabled, ${libdir} is empty, and usrmerge is
enabled, files under ${libdir} have been covered by other FILES
config, so fix by remove ${libdir}
* libexecdir is empty, so remove it FILES_${PN}
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Backport selected parts of three upstream commits to fix
CVE-2017-16808 where tcpdump 4.9.2 has a heap-based buffer over-read.
Upstream-Status: Backport
[ several ]
Upstream commits fully backported:
46aead6 [CVE-2017-16808/AoE: Add a missing bounds check]
Upstream commits partially backported:
7068209 [Use nd_ types in 802.x and FDDI headers.]
84ef17a [Replace ND_TTEST2()/ND_TCHECK2() macros by macros using
pointers (1/n)]
46aead6 fixes the vulnerability and requires two macros defined in
7068209 and 84ef17a, which are committed after the release of 4.9.2.
Only the definition of the macros are taken from the two commits
as they impact a wide range of code and are difficult to integrate.
CVE: CVE-2017-16808
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Refresh the patch to apply cleanly
Fixes
Applying patch 0001-memory.h-Include-stdint.h-for-uintptr_t.patch
patching file src/libstrongswan/utils/utils/memory.h
Hunk #1 succeeded at 26 with fuzz 2 (offset 4 lines).
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
These fail to build always
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
it is not proper change source in do_configure, it will make
source not updated even local.conf have change the DISTRO_FEATURES
[YOCTO: #13493]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixed do_configure failed:
$ bitbake lib32-netcf
cp: cannot stat '/path/to/lib32-recipe-sysroot/usr/share/gnulib': No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixed:
$ bitbake netcf
WARNING: netcf-0.2.8+gitAUTOINC+2c5d425585-r0 do_package: Manifest /path/sstate-control/manifest-x86_64_x86_64-nativesdk-gnulib.packagedata not found in intel_x86_64 corei7-64 core2-64 x86_64 allarch x86_64_x86_64-nativesdk (variant '')?
This is because gnulib has no related tasks:
do_package[noexec] = "1"
do_packagedata[noexec] = "1"
deltask package_write_ipk
deltask package_write_deb
deltask package_write_rpm
deltask do_deploy_archives
Depends on gnulib:do_populate_sysroot explicitly to fix the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upstream linux y2038 work has moved some definitions SIOCGSTAMP is
defined in linux/sockios.h, not asm/sockios.h now. So we need to
add that include to fix the build.
Upstream-status: backport of http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3052ce208acf602f0163166dcefb7330d537cedb
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
openvpn only provides options to update a pid file but not to check it
for running processes. Consecutive issued start commands therefore lead
to multiple running processes with the same configurations, which is the
origin of all kinds of problems of which unnecessary resource usage is the least.
Using start-stop-daemon the pid file is inspected for running processes
before start.
Signed-off-by: Fabian Klemp <fabian.klemp@axino-group.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Also updated arm_eabi patch.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
fix below error:
QA Issue: non dev/-dbg/nativesdk package contains symlink .so: lib32-python3-tdb path '
packages-split/lib32-python3-tdb/usr/lib/python3.7/site-packages/tdb.so' [dev-so]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
fix below error:
ERROR: lib32-libtevent-0.10.0-r0 do_package_qa: QA Issue: non -dev/-dbg/nativesdk- package contains symlink .so: lib32-python3-tevent path '/work/core2-32-wrsmllib32-linux/lib32-libtevent/0.10.0-r0/packages-split/lib32-python3-tevent/usr/lib/python3.7/site-packages/_tevent.so' [dev-so]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
There are several packages which all provide /usr/lib/sendmail
when lsb is enabled. So use alternative to manage it.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Bump up SRCREV_drbd-utils to includes two more commits to fix the following
netlink failure with nested attributes.
$ drbdsetup new-resource r0
Invalid argument
92ade5989027 ("netlink: prepare for kernel v5.2")
859151b228d3 ("netlink: Add NLA_F_NESTED flag to nested attribute")
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Enable use of SOURCE_DATE_EPOCH from the reproducible_build bbclass.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
1. switch to python3
2. add cross-answer for lmdb check, so remove patch 0001-libldb-fix-config-error
3. fix cross-compile problem caused by waf
4. refresh patch
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
Peter Kjellerstedt
Adrian Bunk
Yi Zhao
Zhixiong Chi
Khem Raj
Zheng Ruoqin
Peiran Hong
Zang Ruochen
Callaghan, Dan
George McCollister
Martin Jansa
Robert Yang
S. Lockwood-Childs
Yuan Chao
Changqing Li
Bruce Ashfield
Gianfranco Costamagna
Fabian Klemp
Oleksandr Kravchuk
Beniamin Sandu
Qi.Chen@windriver.com
He Zhe
Slater, Joseph