| Age | Commit message (Collapse) | Author |
|---|
|
This implements an 'npm cache add' like functionality but allows to
specify the key of the data and sets metadata which are required to
find the data.
It is used to cache information as done during 'npm install'.
Keyformat and metadata are nodejs version specific.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Setting soname in LDFLAGS means that the extra mdb tools also
incorrectly get soname set. This then triggers package.bbclass to add a
duplicate shlib_provider in /usr/bin for liblmdb.so.0.9.29. Then any
other recipe depending on liblmdb is going to get a 'Multiple shlib
provider' error.
shlibs2/lmdb.list before:
liblmdb.so.0.9.29:/usr/bin:0.9.29
liblmdb.so.0.9.29:/usr/lib:0.9.29
shlibs2/lmdb.list after:
liblmdb.so.0.9.29:/usr/lib:0.9.29
Signed-off-by: Justin Bronder <jsbronder@cold-front.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
audit errors out due to swig munging it does with kernel headers
| audit_wrap.c: In function '_wrap_audit_rule_data_buf_set':
| audit_wrap.c:4701:17: error: cast specifies array type
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4701:15: error: invalid use of flexible array member
| 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
| | ^
| audit_wrap.c:4703:15: error: invalid use of flexible array member
| 4703 | arg1->buf = 0;
| | ^
These errors are due to VLAIS from kernel headers, so we copy
linux/audit.h and make the needed change in local audit.h and make
needed arrangements in build to use it when building audit package
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit ee3c680c300237c49a3c70610aa5794185c4adac)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Don't print configure message.
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit abe35f5953af99da4bf6b8d023ee4516ec4710fa)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Cryptsetup SSH tokens is the only feature that has a dependency on
libssh. Add a packageconfig to control this dependency.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
ax_create_stdint_h.m4 includes $CC as a comment in the generated header
which leads to buildpaths warning:
| WARNING: yasm-1.3.0+gitAUTOINC+ba463d3c26-r0 do_package_qa: QA Issue: File /usr/include/libyasm-stdint.h in package yasm-dev contains reference to TMPDIR [buildpaths]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a7346d2bb1a60289225cce78d760e4d264d1b2a2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes:
WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/bin/postgres in package postgresql contains reference to TMPDIR
File /usr/bin/pg_config in package postgresql contains reference to TMPDIR [buildpaths]
WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/include/pg_config.h in package libpq-dev contains reference to TMPDIR [buildpaths]
WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/include/postgresql/server/pg_config.h in package postgresql-server-dev contains reference to TMPDIR
File /usr/lib/postgresql/pgxs/src/Makefile.global in package postgresql-server-dev contains reference to TMPDIR [buildpaths]
WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/lib/libpgcommon.a in package postgresql-staticdev contains reference to TMPDIR
File /usr/lib/libpgcommon_shlib.a in package postgresql-staticdev contains reference to TMPDIR [buildpaths]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 59eff6269c4f4c150d976054d585872c92f20207)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Update the patch to make netgroup support optional to fit the commit
merged upstream [1], update the other patch depending on one of the
changes.
Without this update, a compilation using duktape with musl fails with:
| ../../../polkit-0.119/src/polkitbackend/polkitbackendduktapeauthority.c: In function 'js_polkit_user_is_in_netgroup':
| ../../../polkit-0.119/src/polkitbackend/polkitbackendduktapeauthority.c:1039:7: warning: implicit declaration of function 'innetgr' [-Wimplicit-function-declaration]
| 1039 | if (innetgr (netgroup,
| | ^~~~~~~
The main patch has been split in two, to apply the duktape part only when duktape is
applied.
[1] https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 271282b1a5579179241748d5f0bdb8d2ea013dd6)
{Fixup for kirkstone content; exlude Ducktape chages]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
polkitd user has default access to /bin/sh, add --shell /bin/nologin
to remove default access to /bin/sh and avoid login through it.
Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7ca63e5454bd7cbdb5ac58f6b5913e3387b64201)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
RDEPENDS_${PN} -> RDEPENDS:${PN}
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 10b508deacd8ff588b1511d077fcdd708deb653a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The rule allows non-priviledged users from plugdev group to
mount/unmount block devices
Signed-off-by: Vyacheslav Yurkov <v.yurkov@precitec.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d7ff4a77241fc79fc704a0d9d6b414b52f025531)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Changelog:
==========
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
----------------
(CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream
key in a specific state may result with heap overflow, and potentially
remote code execution. The problem affects Redis versions 7.0.0 or newer.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d9f8d015a45188c3cf2d6841ea05319032930dbc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This CVE is patched in our version of openjpeg. The NVD database doesn't
include a version range this is why it's still reported.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8d7b56ff235ea3b6da8e2b8a391176a99ca07327)
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Package changes mainly include performance improvements to
tcpsrv/imtcp, bug fixes and additional/updated tests:
https://github.com/rsyslog/rsyslog/blob/master/ChangeLog
ptest results for qemux86-64 with kvm and increasing filesystem space to
4GB using IMAGE_ROOTFS_EXTRA_SPACE :
Version | Passed | Failed | Skipped
8.2202 | 456 | 0 | 5
8.2206 | 465 | 0 | 5
Signed-off-by: Aryaman Gupta <aryaman.gupta@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0f048c4c46fd4b377b7aacc236a23249ae05fdaa)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2017-8806 doesn't apply to out configuration of postgresql so we
can safely ignore it.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit de4097f2304b2031265173c7d09aa1a2e983b81c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2007-2728, CVE-2007-3205 and CVE-2007-4596 are patched in our
version of php but they don't have a vulnerable version range in the
NVD database, that's why they need to be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1642bfcb071aadb542c488bf79922842e32f1db5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2014-8180, CVE-2017-18381 and CVE-2017-2665 are not affecting our
configuration so they can be safely ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ed904e65418416a96ec199b2ed4b9c82f11f5b64)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Some old CVEs don't have a vulnerable version range in the NVD database,
this causes come mismatch with cve-check. Ignore many CVEs that are
picked up by the class but are patched in our products.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit efa12676dd0676fd0aa63457d7ba360fe8a6fae2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2017-5834, CVE-2017-5835 and CVE-2017-5836 are patched in our
version of libplist but they don't have a vulnerable version range in
the NVD database, that's why they need to be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 261465eb6e2bd8f83e6841f8e42e1fb1be6d1499)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Without CVE_PRODUCT set to apache:thrift cve-check was catching
CVEs form facebook:thrift that are not related with this product.
Now the report is correct.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
|
|
This upgrade CVE fix:
CVE-2022-24349
CVE-2022-24917
CVE-2022-24918
CVE-2022-24919
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
This upgrade include CVE fix:
CVE-2022-24735
CVE-2022-24736
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
This upgrade include CVE fix:
CVE-2022-24735
CVE-2022-24736
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
Signed-off-by: Wentao Zhang <wzhang4@ala-lpd-susbld2.wrs.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 95904cca4a23de395069b01f1518d98fa8502afc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* A new connection status dispatcher setup is provided, where users can
provide custom scripts that will be called on bearer connect/disconnect
events. This dispatcher will make the netifd integration in openwrt work
much better, as we'll be able to report network-initiated disconnections
cleanly to netifd.
There are no default connection status dispatcher scripts installed, but
it's suggested distributions make sure the following directories exist:
- ${sysconfdir}/ModemManager/connection.d/
- ${libdir}/ModemManager/connection.d/
* API:
** Add missing Simple interface definitions in ModemManager-names.h.
* Build:
** meson: fix daemon enums dependencies.
** meson: fix port enums includes.
** meson: fix 'export_packages' in GIR setup.
** meson: fix simtech plugin module name.
** systemd: don't run ModemManager in containers.
* Core:
** serial: ensure the port object is valid after BUFFER_FULL handling.
** netlink: use unaligned netlink attribute length.
** netlink: only change IFF_UP flag.
** bearer: match unknown auth to chap in loose comparisons.
** charsets: return error if UTF-8 validation fails.
** fcc-unlock: make scripts POSIX shell compatible.
** modem-helpers: consider minimum ID when choosing best profile.
** modem-helpers: fix reading <Act> given in COPS=? responses.
** sms: prevent crash if date is out of range.
** profile-manager: fix copy-paste error on tags for quarks.
* QMI:
** Ignore slot status indications until initial status is known.
** Return error when loading capabilities if none is found.
* MBIM:
** Default initial EPS bearer's auth to chap when unknown.
** Update default error when network error is out of range.
* mmcli:
** Fix key length when printing list of items.
* Plugins:
** linktop: new port type hints.
** cinterion: add support for PLSx3w modems
** huawei: disable +CPOL based features in Huawei E226
* Several other minor improvements and fixes.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This upgrade includes patches for the following CVEs:
- CVE-2020-13902
- CVE-2020-27829
- CVE-2020-29599
- CVE-2021-20176
- CVE-2021-20241
- CVE-2021-20243
- CVE-2021-20244
- CVE-2021-20245
- CVE-2021-20246
- CVE-2021-3596
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Changelog:
==========
https://www.php.net/ChangeLog-8.php#8.1.7
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 75749fa360f32ed0b5c2e09c359e245e58cc7131)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The upstream commit fcb676a79d introduced new option
WITH_DLT_ADAPTOR_UDP to select dlt-adaptor-udp.service instread of
WITH_DLT_ADAPTOR, so update the PACKAGECONFIG.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This product is not present in the NVD database but another
one with exactly the same name is in fact present. For that
reason cve-check is outputting CVEs that are unrelated so they
can be ignored.
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The service warned on startup about running in compatibility mode since the configuration version was "3.31" instead of "3.36".
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e80ce510e187c00d6932027ac495a1d06f6a702f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
0001-configure.ac-bypass-autoconf-2.69-version-check.patch
refreshed for new version.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a9db38fa9a1fc50eca653816a7bfeda0251f0b6b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This reverts and reworks commit e75cc87c4f944dff766c426fafafd48c378544fe
These tools are needed by test-suites, not the package itself.
I do not want bash (gpl3) or python (big/lot of dependencies)
in my release image when I have ptest enabled in my distro for
sdk/testing image.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Set CVE_PRODUCT as 'iperf_project:iperf' for iperf2 and iperf3
recipes, cve-check class is setting default CVE_PRODUCT to
'iperf2' and 'iperf3' respectively which ignores the iperf
CVEs from NVD Database.
Reference:
CVE-2016-4303
Link: https://nvd.nist.gov/vuln/detail/CVE-2016-4303
Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
Signed-off-by: Akash Hadke <hadkeakash4@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
To cleanup metadata and improve source code management, github repo was
created here with all patches integrated:
https://github.com/denix0/devmem2
Update recipe accordingly, bump the version while at it to distinguish
from the original.
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 356b488fb06bcacb0aa553518442b2d9574f16af)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 397f4f054fd3600f7305055c724607973f5f5511)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes
libsdbus-c++.so.1.1.0: undefined reference to `__atomic_load_8'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5029571d689f80bfa5c3a391f088d1484c61d583)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Gianfranco Costamagna <locutusofborg@debian.org>
(cherry picked from commit 366663527aa5efd4e43a62919edcdf9caf14e77c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There will be tofos in output pictures without any font, so make
graphviz rrecommends on liberation-fonts.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0e036cb1bc0c272b27cbd7e42eacbae48edc685e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e7193af6c94436a577ebd472c6294eaef7c7cd15)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmial.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d59578a8170266d0d7e62c132495c0e06a17e0c9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
LTS version, bugfix only update.
Drop clang-64bit-atomics.patch as the patched code was removed in this update.
https://github.com/MariaDB/server/commit/cf483a7766d0730872232fdedd727d30a493fe29
Includes these CVES:
CVE-2022-27458
CVE-2022-27457
CVE-2022-27456
CVE-2022-27455
CVE-2022-27452
CVE-2022-27451
CVE-2022-27449
CVE-2022-27448
CVE-2022-27447
CVE-2022-27446
CVE-2022-27445
CVE-2022-27444
CVE-2022-27387
CVE-2022-27386
CVE-2022-27384
CVE-2022-27383
CVE-2022-27382
CVE-2022-27381
CVE-2022-27380
CVE-2022-27379
CVE-2022-27378
CVE-2022-27377
CVE-2022-27376
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c1720935bd80fa6023f2fcec7c252c0fea183029)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
in PACKAGECONFIG. This fixes a FTBFS due to missing dependency.
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a9e6d16e6640d105ecf3470ab891598034c9ef33)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 32581a7a4653b590118e53b5fabdec72f1d3d0c2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
0001-configure.ac-bypass-autoconf-2.69-version-check.patch
refreshed for new version.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b3aa90d11d0b6dbf705a0ed08d256e4980766902)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b7bef320005a7e44f28f871d3ecd825dae9c14b8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
Enrico Scholz
Justin Bronder
Khem Raj
Lei Maohui
Peter Kjellerstedt
Anuj Mittal
Mingli Yu
Marta Rybczynska
Akash Hadke
Yi Zhao
Vyacheslav Yurkov
Martin Jansa
wangmy
Davide Gardenal
Aryaman Gupta
Changqing Li
Wentao Zhang
Adrian Freihofer
Yue Tao
Aurélien Bertron
Peter Marko
Denys Dmytriyenko
Kai Kang
Armin Kuster
Gianfranco