Age | Commit message (Collapse) | Author |
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
It caused problems during do_rootfs.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
'apt-opkg' provides a stripped-down opkg frontend with an apt backend.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
| checking for shared library run path origin... /bin/sh: ../apt-1.0.10.1/buildlib/config.rpath: No such file or directory
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Dpkg-start-stop is not an intuitive name. Just call the package
start-stop-daemon. Don't rdepend on it, because it might be empty.
Install start-stop-daemon to /sbin to match Debian and busybox.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Keep default dependencies as before. Set default compressor to xz
if selected, gzip otherwise.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
0001-Revert-always-run-dpkg-configure-a-at-the-end-of-our.patch and
noconfigure.patch are obsolete due to dpkg's new --force-script-chrootless
option.
db_linking_hack.patch and environment.patch are marked as backports
from 2007.
no-curl.patch: curl-native is already a prerequisite.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Install missing files and directories (apt, apt-ftparchive,
apt-helper, apt-mark, trusted.gpg.d).
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
It needs to be relative to DPKG_INSTDIR when installing.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
This allows to avoid pulling in ncurses if only sgdisk is needed.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
|
|
1. They need to be run under regular user.
2. Some tests genuinely need more time than 30 seconds
3. The Makefile patch erroneously introduced a test-breaking change.
(From OE-Core rev: 3d6bf58c7080c1cacf3ed1f270ff5acf4858c790)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5e90281ac211e912ec6bfd6873e56152ec8bd4e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
CVE: CVE-2020-8492
(From OE-Core rev: c9ee462bb606b34ab31cfb90f84a5302d15135cf)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5811ed9140fab64da59d0d2ad6e6b0fec8341a20)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
fix CVE-2020-7211 for qemu slirp submodule
see :
https://www.openwall.com/lists/oss-security/2020/01/17/2
https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
(From OE-Core rev: 31362d739834377ac4ab880029c3e3dda0cd7698)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 5ea3d9d83ed695827634e3216664c13fcff6d48a)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
LICENSE checksum changed due to 2019 -> 2020 update.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Backport the 1st -- 9th patches listed by
<https://github.com/git/git/compare/v2.17.4...v2.17.5>
to solve CVE-2020-11008.
Also backport the 2nd -- 4th patches listed by
<https://github.com/git/git/compare/v2.17.3...v2.17.4>
for CVE-2020-5260 (not necessary, and only the 1st patch is necessary
for this CVE), because some of the above 9 patches are based on them.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Backport patch from <https://github.com/git/git/commit/
9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b> to solve CVE-2020-5260.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
With --force-overwrite (implied by --force-all), dpkg will not abort
when a package overwrites files from different packages. As this can
also lead to "The following package disappeared from your system as
all files have been overwritten by other packages: <package>" and
subsequently broken dependencies, this makes the simple case of
conflicting files hard to debug.
Instead of finding all possibly required force options, only disable
overwrite for now.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
The specific issue here is rpc/rpc.h, but its likely more general.
/usr/include is searched for rpc/rpc.h and if it exists on the
system, it changes behavior. If you are using the extended buildtools
tarball on a machine that has /usr/include/rpc/rpc.h, it will decide
that is good enough and not continue to search. nis fails to build
because /usr/include and /usr/lib are not part of the include/link
paths for the buildtools tarball compiler(nor should they be).
This makes it so python3-native will not build if you are using the
extended buildtools tarball, but from a larger issue perspective it
is building in likely different ways depending on what machine it
is building on.
libtirpc is already a depend so we shouldn't need the hosts rpc/rcp.h.
(From OE-Core rev: f37dfc7907ae7bac08d40468ddde2e5b8bba030c)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 400743867de587579dee85388c30190f353f80c8)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
pseudo-native is special in that bitbake ends up executing it from the
sysroot-components directory before we have any workdirs for the bitbake
fakeroot worker. Since we switched to dynamically linking sqlite, it
means sqlite from the host system may be found, we really want the version
in sysroot-components. Trying to run tasks to create some special environment
for pseudo is hard and error prone. The simplest fix is to add an RPATH to
the binary so that it can correctly find the sqlite we want.
Unfortunately passing $ORIGIN into make doesn't work so well with shell
quoting so we have to fix that during do_install.
[YOCTO #13814]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3937ca9e2dfabb1ce9bce1d536b60b1e2a43739b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes a bug wherein a use after free could potentially be used to run
malicious code if a user can be tricked into running e2fsck on a
maliciously crafted file system.
Also see:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948517
(From OE-Core rev: 23c1b157362609bd8d85c7d35e6c7f0f60c32c88)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Also see:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948508
(From OE-Core rev: 09bdcef183d885025da6aa87a7c2bf7e8268774e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
THE LICENSE checksum changed in this update due to copyright notice
added for 2020.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Prevent the full recipe-sysroot path from leaking into configargs.h. The
configargs.h header is intended to be static and unchanged as the
content is used as a means of determining that a gcc plugin is built for
the same gcc. This also effects the output of 'gcc -v'. Due to per
recipe sysroots and staging, the sysroot path would be replaced with the
sysroot local to the recipe thus changing the content of configargs.h.
This change also improves gcc binary reproducibility. The sysroot path
is replaced with the base target root "/".
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b8d6e2ab68ee5e341fe970b191bfd334e6d2c40b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Prevent the native(sdk) sysroot path from leaking into configargs.h. The
configargs.h header is intended to be static and unchanged as the
content is used as a means of determining that a gcc plugin is built for
the same gcc. This also effects the output of 'gcc --version'. Due to
per recipe sysroots and staging, the sysroot path would be replaced with
the sysroot local to the recipe thus changing the content of
configargs.h.
The sysroot path is replaced with a generic "/host" prefix which
represents the host sysroot (e.g. native or nativesdk).
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 84a78f46d59447eeec3d69532a7506148f64c979)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When configuring the cross-candian toolchain for a non-linux target system,
the resulting gcc configuration included:
--enable-initfini-array--without-headers
these should have been two separate options.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7b52893632dae7bc9ac75dddc7ad625e19f41050)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
see https://git.qemu.org/?p=qemu.git;a=commit;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|