Age | Commit message (Collapse) | Author |
|
It was only added because samba was a dependency, but was not removed
again when the dependency on samba was removed in commit 6207331f.
This effectively reverts commit a190c2e3.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d2b80bd783fb2190c28caa2ebf3a13d4491d7c7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upgrade on the 3.0 stable branch,
including fixes for CVE-2019-19553 and CVE-2020-7045.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Config file specification is missing in start) case. It is present already in restart) case.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 257ea010b716073acbe6866f4c3968b4962fdc37)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e82f1802a60d451f978cdef0f2ff69feb1f12039)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2b8c1fa1cbfa21fc0044a172fffa5986a0fd4ad0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
clang does delegate the atomic<double> calls to libatomic on x86 where
as gcc tries to use intrinsics, its debatable who is right, but it does
seem that clang is safe in case pointer is unaligned
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f7a7a2aafe87437aefca21612dc156fde645ac89)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 626209aabb5684316eba0d4b762980924d783c93)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2b3fd534874aee125a6c79c70c93b1aa498fda3f)
[Samba's update via ee5aa6911b2e93b89e67ae6167ee7d9a029b9262 required
libldb upgrade to 1.5.6 Yocto # 13750]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport the CVE patch from the upstream to fix the memory leak.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8ca82feb5d6ceb843aad33dada947b456f7fcac)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
do_install never executed as a result it was empty install
Create ruli-bin package for utilities, so libraries can be packages
granularily
Drop the makefile patch which is no longer needed, set the make
variables to get the needed bits set
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f4e6224b340fba198639bdd4585a81efdf15303e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This helps in avoiding packaging errors seen with distros enabling
multilib
Fixes
ERROR: grpc-1.24.3-r0 do_package: QA Issue: grpc: Files/directories were installed but not shipped in any package:
/usr/lib/libgrpc++.so.1.24.3
...
/usr/lib/cmake
/usr/lib/cmake/grpc
/usr/lib/cmake/grpc/gRPCConfigVersion.cmake
/usr/lib/cmake/grpc/gRPCConfig.cmake
/usr/lib/cmake/grpc/gRPCTargets-noconfig.cmake
/usr/lib/cmake/grpc/gRPCTargets.cmake
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or de
lete them within do_install.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e18d8c957034908f27350e6ffcae2a3d05a4387b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The 84-nm-drivers.rules is not required for systemd-udevd versions
v210 and later. The file has been split into a separate file so
distributions with a new enough systemd version can drop it. See
also:
https://github.com/NetworkManager/NetworkManager/commit/1e0375826252abf9aab2aef273a2a24cd08c9f42
I noticed this while investigating into a warning show during
bootup:
/usr/lib/udev/rules.d/84-nm-drivers.rules:10 Invalid value "/bin/sh -c
'ethtool -i $1 | sed -n s/^driver:\ //p' -- $env{INTERFACE}" for PROGRAM
(char 24: invalid substitution type), ignoring, but please fix it.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 82ecc0e69fe3920360d1ba8bd1b5e6ede164de42)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1db745db41e31c61448743842104d92a61e7ddfb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch, and
provides bug fixes and minor enhancements.
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3
Most importantly, this fixes breakage on ARMv5TE platforms:
* Fix the build on ARMv5TE in ARM mode to not use assembly instructions that
are only available in Thumb mode.
https://github.com/ARMmbed/mbedtls/pull/2169
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-10143
Patch from:
https://github.com/FreeRADIUS/freeradius-server/commit/1f233773962bf1a9c2d228a180eacddb9db2d574
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Multiple quagga service files are causing the following type of message to
appear during boot:
/lib/systemd/system/zebra.service:10: PIDFile= references a path below legacy
directory /var/run/, updating /var/run/quagga/zebra.pid → /run/quagga/zebra.pid;
please update the unit file accordingly.
Update the service files included as part of the recipe to use /run instead of
/var/run as the PIDFile path.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
[Bug fix only update
includes:
CVE-2019-16319
]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security fixes:
CVE-2019-10218: Client code can return filenames containing path
separators.
CVE-2019-14833: Samba AD DC check password script does not receive the
full password.
CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP
server via dirsync.
See: https://www.samba.org/samba/history/samba-4.10.10.html
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
| chmod: cannot access '.../image/etc/sudoers.d': No such file or directory
| sed: can't read .../image/usr/bin/samba-tool: No such file or directory
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Use the systemd class to correctly plug the package into the systemd
infrastructure.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
We already depend on systemd in DISTRO_FEATURES so adding it to
RDEPENDS is redundant. We also rdepend on two python packages, so
there's no need to explicitly depend on python3.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Use distro_features_check to check for systemd in DISTRO_FEATURES
instead of a hand-crafted python function.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Bugfix release. For details, see:
https://mosquitto.org/blog/2019/09/version-1-6-7-released/
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Delete patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since it is not used in the tcpdump recipe anymore.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
-License-Update: Copyright year updated to 2019.
-fetchmail/02_remove_SSLv3.patch
Removed since this is included in 6.4.1.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
I have no idea if this is the right thing to do, but without the patch I
can't actually buil OE because none of these layers are compatible
with the change in openembedded-core to move to zeus.
Fixes: a5c9709b8d ("layer.conf: Update for zeus series") # openembedded-core
Signed-off-by: Palmer Dabbelt <palmer@dabbelt.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
freeradius fails to build for armv5:
| *** Warning: Linking the executable build/bin/local/radeapclient against the loadable module
| *** libfreeradius-server.so is not portable!
|
| *** Warning: Linking the executable build/bin/local/radeapclient against the loadable module
| *** libfreeradius-eap.so is not portable!
path -Wl,/yow-lpggp31/tgamblin/freeradius.build/tmp-glibc/work/armv5e-oe-linux-gnueabi/freeradius/3.0.19-r0/git/build/lib/local//.libs
/arm-oe-linux-gnueabi/9.2.0/ld: build/lib/local/.libs/libfreeradius-radius.so: undefined reference to `__atomic_compare_exchange_8'
/arm-oe-linux-gnueabi/9.2.0/ld: build/lib/local/.libs/libfreeradius-radius.so: undefined reference to `__atomic_load_8'
/arm-oe-linux-gnueabi/9.2.0/ld: build/lib/local/.libs/libfreeradius-radius.so: undefined reference to `__atomic_store_8'
| collect2: error: ld returned 1 exit status
| scripts/boiler.mk:630: recipe for target 'build/bin/local/radeapclient' failed
Explicitly link libatomic to fix the issue.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
upb dependency needs to fed as source, since it lacks the CMake based
external module builds like some other deps
Forward port the cross lib installation patch
Drop gettid patch as it was a backport which is in this revision
Link with libatomic on mips
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This upgrade adds some new features and fixes numerous bugs including
the following CVEs:
CVE: CVE-2017-16808 (AoE)
CVE: CVE-2018-14468 (FrameRelay)
CVE: CVE-2018-14469 (IKEv1)
CVE: CVE-2018-14470 (BABEL)
CVE: CVE-2018-14466 (AFS/RX)
CVE: CVE-2018-14461 (LDP)
CVE: CVE-2018-14462 (ICMP)
CVE: CVE-2018-14465 (RSVP)
CVE: CVE-2018-14881 (BGP)
CVE: CVE-2018-14464 (LMP)
CVE: CVE-2018-14463 (VRRP)
CVE: CVE-2018-14467 (BGP)
CVE: CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
CVE: CVE-2018-10105 (SMB - too unreliably reproduced,
SMB printing disabled)
CVE: CVE-2018-14880 (OSPF6)
CVE: CVE-2018-16451 (SMB)
CVE: CVE-2018-14882 (RPL)
CVE: CVE-2018-16227 (802.11)
CVE: CVE-2018-16229 (DCCP)
CVE: CVE-2018-16301 (was fixed in libpcap)
CVE: CVE-2018-16230 (BGP)
CVE: CVE-2018-16452 (SMB)
CVE: CVE-2018-16300 (BGP)
CVE: CVE-2018-16228 (HNCP)
CVE: CVE-2019-15166 (LMP)
CVE: CVE-2019-15167 (VRRP)
CVE: CVE-2018-14879 (tcpdump -V)
Deleted patch "0001-CVE-2017-16808-AoE-Add-a-missing-bounds-check.patch"
since the fix is included in the upgrade.
Modified patches "avoid-absolute-path-when-searching-for-libdlpi.patch",
"unnecessary-to-check-libpcap.patch", and "add-ptest.path" since
the upgrade renamed configure.in to configure.ac and made changes
to the file.
Added PACKAGECONFIG for smb. It is disabled by default in
the upgraded version in both the package's configure script and this
bitbake recipe since it is insecure.
Modified the parsing of ptest result to align with the new output
format.
With core-image-minimal on qemux86-64/kvm:
Recipe | Passed | Failed | Skipped | Time(s)
Before | 408 | 0 | 2 | 4
After | 431 | 11 | 2 | 10
11 test failed after the upgrade since libpcap is not upgraded
alongside with tcpdump.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
According to configure.ac, make install might fail when run with multiple jobs:
$ tail -15 log.do_configure
...
When running "make install" do not use any form of parallel or job
server options (such as GNU make's -j option). Doing so may cause
errors.
...
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
These are needed for other packages which want to link against
libstrongswan or other libraries included with Strongswan.
By default, no headers are installed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add qttools-native to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5LinguistTools build error.
Add qtmultimedia to PACKAGECONFIG[qt5] DEPENDS to resolve missing
Qt5Multimedia build error.
Add qtsvg to PACKAGECONFIG[qt5] DEPENDS to resolve missing Qt5Svg build
error.
Inherit cmake_qt5 when qt5 is in PACKAGECONFIG to resolve
get_target_property() called with non-existent target "Qt5::qmake"
build error.
Automatically add qt5 to PACKAGECONFIG when meta-qt5 is in the build
since adding qt5 via a .bbappend won't satisfy the conditional inherit
cmake_qt5. The poppler recipe does exactly this.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This reverts commit 5f32fd6b08d79b9a4d1bffb9b2bcbc535a5b27d2.
* fixed by restricting -Wno-error=address-of-packed-member only for
target, spice-native is still useful for qemu-native when spice
PACKAGECONFIG is enabled
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
* with older native gcc on host this will break spice-native with:
cc1: error: -Werror=address-of-packed-member: no option -Waddress-of-packed-member
because older gcc doesn't recognize address-of-packed-member warning
to work around this ignore them all
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
some plugins are installed into libdir/opensaf but we were making a copy
into libdir as well, this patch changes that so the packaged files are
appearing only once
create_empty_library should be using cross compiler with linker flags,
existig code in this area is not cross compile friendly
skip dev-so QA test since some .so are stubs which are packages in PN
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
* Remove perl-lib since it had been removed by oe-core:
commit 68552c353255188de3d5b42135360a30e7eac535
Author: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Sun Dec 2 12:46:37 2018 +0100
perl: remove the previous version of the recipe
Now the files are in perl pacakge.
* Fix perl paths when perl is enabled.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixed:
PACKAGECONFIG_append_pn-corosync = ' rdma'
$ bitbake corosync
| configure: error: Package requirements (rdmacm) were not met:
|
| No package 'rdmacm' found
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
libOpenIPMI.so.0 is SONAME for openIPMI.so in openipmi-perl package
which means the shlibs code will automatically add it as a provider for
this shared library but actual public library is provided by openipmi
package, and it results in
ERROR: openipmi-2.0.27-r0 do_package: openipmi: Multiple shlib providers for libOpenIPMI.so.0: openipmi-perl, openipmi (used by files: /mnt/jenkins/workspace/Yocto-world-musl/build/tmp/work/aarch64-yoe-linux/openipmi/2.0.27-r0/packages-split/openipmi/usr/bin/openipmi_eventd)
The library in perl package is actually not required to compete to
provide for public interfaces
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The license checksum change is due to the date being updated.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
$ bitbake spice-native
checking whether the C compiler works... no
configure: error: in `/path/to/spice-native/0.14.2+gitAUTOINC+7cbd70b931_4fc4c2db36-r0/build':
configure: error: C compiler cannot create executables
It's a broken native recipe which means no ones need it any more, so remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fix security vulnerabilities. For further details, see:
https://mosquitto.org/blog/2019/09/version-1-6-6-released/
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The restriction to ARM instruction set came in the original
wireshark recipe, which was 2 major versions ago (and also
a few toolchains ago). Wireshark 3.x seems to be building
fine allowing thumb instructions, at least on cortexa9t2hf.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|