| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Backported from Kirkstone
(cherry-picked from commit 84425db660a30570044e334509e174e5c92173ed)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is 1.0.10 release with few more commits on top.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1 for these components.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
avoid using vendored version
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d8053b7e2b21c651b34b48f025f47cb511c36e37)
[FIxes this error
--- LOG END ---
| error: downloading 'http://download.draios.com/dependencies/libb64-1.2.src.zip' failed
| status_code: 22
| status_string: "HTTP response code said error"
| log:
| --- LOG BEGIN ---
]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 92441f9d6a958c245a03f89ec44ef2c17dd6b0ee)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
kernel-module-overlay
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Commit 17e931e77 ("polkit: fix CVE-2021-3560") contains
- upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81
Commit 67ec3e049 ("polkit: Fix for CVE-2021-4115") contains both:
- upstream commit a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 (CVE-2021-3560)
- upstream commit 41cb093f554da8772362654a128a84dd8a5542a7 (CVE-2021-4115)
Thus the fix for CVE-2021-3560 is applied twice, resulting in warnings
during do_patch. Curiously it neither fails nor complains about patch
already applied. Also devtool silently discards the duplicate patch.
Drop the duplicate patch, to resolve following warnings:
WARNING: polkit-0.116-r0 do_patch: Fuzz detected:
Applying patch 0001-GHSL-2021-074-authentication-bypass-vulnerability-in.patch
patching file src/polkit/polkitsystembusname.c
Hunk #1 succeeded at 438 with fuzz 2 (offset 3 lines).
Applying patch CVE-2021-4115.patch
patching file src/polkit/polkitsystembusname.c
Hunk #4 succeeded at 439 with fuzz 2.
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add patch to fix CVE-2016-9296
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport a patch [1] to fix CVE-2021-3560.
[1] https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Squashed together 6000f5a3b and 7f4f1ee71
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.vom>
|
|
a) use option 7z to build the lib7z.so library
This is needed for android-tools for building fastboot
from android-tools
b) Packaged the lib7z.so and codec libraries as a part of this recipe
Fastboot RDepends on it lib7z.so
c) Fixed a C++17 forbidden error when lib7z.so is built
fixes the below error
| ../../../../CPP/7zip/Archive/Wim/WimHandler.cpp: In member function 'virtual LONG NArchive::NWim::CHandler::GetArchiveProperty(PROPID, PROPVARIANT*)':
| ../../../../CPP/7zip/Archive/Wim/WimHandler.cpp:308:11: error: use of an operand of type 'bool' in 'operator++' is forbidden in C++17
| 308 | numMethods++;
| | ^~~~~~~~~~
| ../../../../CPP/7zip/Archive/Wim/WimHandler.cpp:318:9: error: use of an operand of type 'bool' in 'operator++' is forbidden in C++17
| 318 | numMethods++;
Signed-off-by: Nisha Parrakat <Nisha.Parrakat@kpit.com>
Signed-off-by: Nisha Parrakat <nishaparrakat@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Akash Hadke <Akash.Hadke@kpit.com>
Signed-off-by: Akash Hadke <hadkeakash4@gmail.com>
(cherry picked from commit 3c36a8efe2a964c3aa9bfcd836cee3f80a837fcd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add patch to fix CVE-2021-4115
Also, add a support patch to cleanly apply CVE patch
Link: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/109
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add patch to fix CVE-2018-5996
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
handling of argument vector
Upstream-Status: Backport
CVE: CVE-2021-4034
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Port patch to fix CVE-2020-8927 for brotli from Debian Buster
CVE: CVE-2020-8927
Signed-off-by: Jan Kraemer <jan@spectrejan.de>
[Fixup to apply with URL changes]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
According to the upstream [1], the bug happens only if the programmer
does not follow the API definition.
[1] https://github.com/akheron/jansson/issues/548
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Bug fix only updates. see: https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES
Including these cves:
5.0.14
Security Fixes:
* (CVE-2021-41099) Integer to heap buffer overflow handling certain string
commands and network payloads, when proto-max-bulk-len is manually configured
to a non-default, very large value [reported by yiyuaner].
* (CVE-2021-32762) Integer to heap buffer overflow issue in redis-cli and
redis-sentinel parsing large multi-bulk replies on some older and less common
platforms [reported by Microsoft Vulnerability Research].
* (CVE-2021-32687) Integer to heap buffer overflow with intsets, when
set-max-intset-entries is manually configured to a non-default, very large
value [reported by Pawel Wieczorkiewicz, AWS].
* (CVE-2021-32675) Denial Of Service when processing RESP request payloads with
a large number of elements on many connections.
* (CVE-2021-32672) Random heap reading issue with Lua Debugger [reported by
Meir Shpilraien].
* (CVE-2021-32628) Integer to heap buffer overflow handling ziplist-encoded
data types, when configuring a large, non-default value for
hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries
or zset-max-ziplist-value [reported by sundb].
* (CVE-2021-32627) Integer to heap buffer overflow issue with streams, when
configuring a non-default, large value for proto-max-bulk-len and
client-query-buffer-limit [reported by sundb].
* (CVE-2021-32626) Specially crafted Lua scripts may result with Heap buffer
overflow [reported by Meir Shpilraien].
5.0.11
Integer overflow on 32-bit systems (CVE-2021-21309):
Redis 4.0 or newer uses a configurable limit for the maximum supported bulk
input size. By default, it is 512MB which is a safe value for all platforms.
If the limit is significantly increased, receiving a large request from a client
may trigger several integer overflow scenarios, which would result with buffer
overflow and heap corruption.
5.0.10
This release fixes a potential heap overflow when using a heap allocator other
than jemalloc or glibc's malloc. See:
https://github.com/redis/redis/pull/7963
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- add an upstream proposed patch 317.patch to fix a build failure with enabled systemd binding
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 01fa60898c2fe65f327bea2f84aaca00aef3f371)
[Stable version, bug fix only]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- drop patches 241 245 275: upstream
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Stable version, bug fix only]
(cherry picked from commit 8c17cac68473f98e663f05bc08b7505c0529e495)
[ Stable version, bug fix only
Fixup for Dunfell context]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
behaviour
Upstream commented to use the second one
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c32d2eb448ce343463dc75cc6120f395e32f0177)
[Fixup for Dunfell context]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a7c9aa13dd94712ea49f535fbbf38d2db54cf7e2)
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
service file.
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b2fe766703e94cee2e3d1e21f3274789d6cd0c57)
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- drop patch 204: upstream
- add gcc-10 build fix proposed upstream 238.patch
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 97092276dd453a4ef67aaec7bdcb0fb3cf1a5ca5)
[Stable version, bug fix only]
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It is a (non trivial) cherry pick from
(cherry picked from commit b9ede0cb182ab095c863a6a5154bbe259a33f5c0)
python3-pyyaml was moved from meta-python to meta-oe, so that we could
apply this specific patch which breaks basic YP compatible check
script.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* branch was renamed in upstream repo
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* fixes:
ERROR: uml-utilities-20040406-r1 do_package: QA Issue: uml-utilities: Files/directories were installed but not shipped in any package:
/usr/lib/uml/port-helper
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
uml-utilities: 1 installed and not shipped files. [installed-vs-shipped]
* pass LIB_DIR instead of using default value from Makefile:
$ grep LIB_DIR.*= tools/port-helper/Makefile
LIB_DIR ?= /usr/lib/uml
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes
configure: error:
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LIBS environment variable.
Example: ./configure LIBS="-L/usr/non-standard-path/python/lib"
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit be7d2286bfe80835e8e014114aaf587e2930c683)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit a0c26ca2b4c5e18a22b8d6f3c952fb00caf2bd34)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Søren Andersen <san@skov.dk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3c8ad9192c1c9f4323bdc7ff28456f11db689adb)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
More information on: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976228
| A buffer overflow in the dlt_filter_load function in dlt_common.c in
| dlt-daemon 2.8.5 (GENIVI Diagnostic Log and Trace) allows arbitrary
| code execution because fscanf is misused (no limit on the number of
| characters to be read in a format argument).
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
[Fix up for Dunfell context - AK]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
In oe-core commit:
2ce6ef29b9bb4f16ed9d78e166d455b7a6d968bf
cups crossscripts have been fixed to report the correct serverbin folder, so
backend, filters, etc, need to go in ${libexecdir} now.
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit db7fc115e058e2e0e481e284768538f097cfdd90)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The Standard output type "syslog" is obsolete, causing a warning since systemd
version 246 [1].
Please consider using "journal" or "journal+console"
[1] https://github.com/systemd/systemd/blob/master/NEWS#L202
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f9f8904623e5ca3ecea74e983f8d766a785097d4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This includes the following changes:
1.9.10:
- fix ordering cycle with private tmp
1.9.11:
- Fixed wrong version string in v1.9.10
1.9.12:
- Fix a memory leak in havege_destroy
1.9.13:
- Added support for --version
- Updated systemd SystemCallFilter settings
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7e82d252fa558ebb6fe0d07b50a4be6abe40a725)
[Bug fix only update, also fixes https://github.com/openembedded/meta-openembedded/issues/277]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ERROR: upm-2.0.0+gitAUTOINC+5cf20df96c-r0 do_package: QA Issue: upm:
Files/directories were installed but not shipped in any package:
/usr/lib/python3.8/site-packages/upm/pyupm_adc121c021.py
/usr/lib/python3.8/site-packages/upm/pyupm_hmc5883l.py
/usr/lib/python3.8/site-packages/upm/_pyupm_mma8x5x.so
/usr/lib/python3.8/site-packages/upm/_pyupm_m24lr64e.so
/usr/lib/python3.8/site-packages/upm/pyupm_tca9548a.py
/usr/lib/python3.8/site-packages/upm/pyupm_mb704x.py
/usr/lib/python3.8/site-packages/upm/_pyupm_ehr.so
......
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit efe14bb04e58dd2028ba7c1521f08e2bd5382130)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ERROR: mraa-2.1.0+gitAUTOINC+e15ce6fbc7-r0 do_package: QA Issue: mraa:
Files/directories were installed but not shipped in any package:
/usr/lib/python3.8/site-packages/_mraa.so
/usr/lib/python3.8/site-packages/mraa.py
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fadaf4867074d0140e769b954b7e8afb92c4dd1a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f6aa84fcf197bb74ed2a4dc1e3bb898fc884e27b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 339b7c6c34b33be852f8f5a5ee57660495b54cc6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
See changelog https://github.com/snarlistic/jpnevulator/blob/master/Changelog
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 28bf55bafc57c905755f32d685452492db9eae41)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Change SRC_URI: all udisks related sources moved to
https://github.com/storaged-project
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit dc25abfed8ce775ceb23dd483fe85924dc550bfe)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 778cdc8480a68d9eed1daa21b628802c1475a57d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
-License-Update: Copyright year updated to 2020.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ddb9565aeb8938911cc94c04e6a94b5373af4c6b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes
rsyslog-8.2002.0/runtime/../action.c:1666: undefined reference to `__sync_bool_compare_and_swap_8'
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
License-Update: Changed Copyright years [1]
Add a patch to fix reproducibile builds
[1] https://github.com/Pulse-Eight/libcec/commit/d5e5200ed1a998af24fa5290ad764e0a2ed086c6#diff-7116ef0705885343c9e1b2171a06be0e
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
See full changelog https://github.com/taocpp/PEGTL/releases/tag/2.8.3
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add additional DEPENDS on libxcomposite, libxfixes, libxdamage
Add update-alternatives similar to xfce-session from meta-xfce
For release notes and changes see:
https://github.com/ice-wm/icewm/releases/
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
LuaJIT is not porteed to riscv yet
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
Wang Mingyu
Yoann Congal
Sourav Kumar Pramanik
Khem Raj
Hugo SIMELIERE
Martin Jansa
Ralph Siemsen
Virendra Thakur
Mingli Yu
Armin Kuster
Nisha Parrakat
Ranjitsinh Rathod
Virendra Thakur
Jeremy Puhlman
Spectrejan
Marta Rybczynska
Armin Kuster
Gianfranco
Nicolas Dechesne
Søren Andersen
Diego Rondini
Pierre-Jean Texier
Zheng Ruoqin
Alex Kiernan
Andreas Müller
Wang Mingyu
Tim Orling
Peter Kjellerstedt