Age | Commit message (Collapse) | Author |
|
These were broken in commit 4786ecdf7cd427089464dcb62579110d494e7cd7
which performed a cleanup to avoid non-standard field names.
There is an SPDX License list at https://spdx.org/licenses/ which
aims to be a standard. Yocto also uses a substitution map SPDXLICENSEMAP,
default one stored at meta/conf/licenses.conf.
According to meta/conf/licenses.conf, "AFL-2" corresponds to "AFL-2.0"
which is not correct for dbus.
According to the same licenses.conf file "MPL-1" corresponds to "MPL-1.0",
which is correct for libical but since SPDX aims to be a standard
I am updating the identifier in libical's .bb file as well.
To verify the actual license used you can use:
dbus:
cd /tmp/
wget http://dbus.freedesktop.org/releases/dbus-glib/dbus-glib-0.110.tar.gz
tar -xaf dbus-glib-0.110.tar.gz
cd dbus-glib-0.110
grep -A1 "^The Academic Free License$" COPYING
cd /tmp/
wget http://dbus.freedesktop.org/releases/dbus/dbus-1.12.14.tar.gz
tar -xaf dbus-1.12.14.tar.gz
cd dbus-1.12.14
grep -A1 "^The Academic Free License$" COPYING
cairo:
wget --quiet -O - https://cgit.freedesktop.org/cairo/plain/COPYING-MPL-1.1?h=1.16.0 | grep -A1 "MOZILLA PUBLIC LICENSE"
libical:
wget --quiet -O - https://raw.githubusercontent.com/libical/libical/v2.0.0/COPYING | grep "Mozilla Public License"
taglib:
wget --quiet -O - https://raw.githubusercontent.com/taglib/taglib/v1.11.1/COPYING.MPL | grep -A1 "MOZILLA PUBLIC LICENSE"
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in
oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause
information disclosure (heap-based buffer over-read) via a crafted audio
file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2018-11439
Patch from:
https://github.com/taglib/taglib/pull/869/commits/272648ccfcccae30e002ccf34a22e075dd477278
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678
Patch from:
https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Search made with the following regex: getVar ?\(( ?[^,()]*), True\)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Forcibly disable Boost as the macros it looks for are also present in our C++
standard library.
Enable c++11 in cmake as well as in CXXFLAGS [Khem Raj]
CXXFLAGS is required due to a cmake bug where it does not honor CMAKE_CXX_FLAGS
during configure time checks [Khem Raj]
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The previous fix for this issue was incomplete. We also need to change
the source file to avoid this error. Grepping the build directory for boost
will show the issue when building taglib after boost has been built.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Given that bitbake.conf sets the default values:
BP = "${BPN}-${PV}"
S = "${WORKDIR}/${BP}"
there are a number of recipes that set the variable S completely
superfluously, so get rid of them.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This adds a binconfig-disabled class which can be used by recipes where
a -config file is installed but we wish to disable it and just rely on
the .pc files instead.
Rather than simply deleting it, we make the script "exit 1" so that it
can be found in PATH and raise a build error rather than something
silently falling back to the build system for example.
Rather than randomly finding -config files, this adds in the
specification of a list of binconfig scripts which is more deterministic
and maintainable moving forward.
This patch converts various users in OE-Core to use this, a world build
of OE-Core tests out ok with this change. There will likely be issues in
other layers however, hence this being a RFT.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
taglib appears to depend on boost if it finds it in the sysroot. Force
it not to do this. Someone with better cmake skills may be able to
do this in a neater way.
(From OE-Core rev: 2c6c6c98416e5a458a02106524b5aa10a4b71d60)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Updated website;
- Updated tarball location;
- Switched to BP variable;
- Improved source dir definition;
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
* without target zlib it tries to use native one:
| /OE/sysroots/x86_64-linux/usr/lib/libz.so: could not read symbols: File in wrong format
| collect2: error: ld returned 1 exit status
| make[2]: *** [taglib/libtag.so.1.12.0] Error 1
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
WARNING: QA Issue: taglib: Files/directories were installed but not shipped
/usr/lib
/usr/lib/libtag.so
/usr/lib/libtag.so.1.12.0
/usr/lib/libtag.so.1
/usr/lib/libtag_c.so.0.0.0
/usr/lib/libtag_c.so
/usr/lib/libtag_c.so.0
...
Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Patches not needed anymore - they switched to cmake.
LGPL license was replaced with the actual LGPL 2.1 file.
License section in audioproperties.h file was modified as it includes the
new address of Free Software Foundation.
libtag static library is not built by default anymore and if cmake is
instructed to build static library than shared library is deactivated.
So actually this is a switch now.
Signed-off-by: Andrei Gherzan <andrei@gherzan.ro>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix a couple common typoes, all contained within comments so there
should be no effect on functionality.
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some place pnum=1 is used which is removed as well since
striplevel=1 is default
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
I've cleaned up some odd license fields, fixed some license
names and corrected some incorrect licenses. LICENSE really needs
a pass through by the maintainers as some of the licensing is
incorrect.
Also, every license with Artistic should be gone through and noted as
which version of Artistic.
Signed-off-by: Beth Flanagan <elizabeth.flanagan@intel.com>
|
|
hostap: add upstream status for hostap-fw-load.patch
lrzsz: add upstream status for lrzsz's patches
bluez: add upstream status for bluez's patches
bluez-dtl1-workaround: add upstream status for COPYING.patch
libgsmd: add upstream status for gsm's patches.
gypsy: add upstream status for gypsy's patch
libpcap: add upstream status for libpcap's patches
ppp: add upstream status for ppp's patches
libtelepathy: add upstream status for libtelepathy's patches
telepathy-python: add upstream status for telepahty-python's patches
wireless-tools: add upstream status for wireless-tools's patches
wpa-supplicant: add upstream status for wpa-supplicant
zeroconf: add upstream status for zeroconf's patch
glibc: add upstream status for glibc's patches
dpkg: add upstream status for dpkg's patches
makedevs: add upstream status for makedevs's patch
opkg: add upstream status for opkg's patches
opkg-utils: add upstream status for opkg-utils's patch
minicom: add upstream status for minicom patches
rpcbind: add upstream status for rpcbind's patch
which: add upstream status for which's patch
clutter-gst: add upstream status for clutter-gst's patches
flac: add upstream status for flac's patches
gst-ffmpeg: add upstream status for gst-ffmpeg's patch
liba52: add upstream status for liba52's patch
libid3tag: add upstream status for libid3tag
libmusicbrainz: add upstream status for libmusicbrainz's patch
pulseaudio: add upstream status for pulseaudio patches
db: add upstream status for db's patch
neon: add upstream status for neon's patch
taglib: add upstream status for taglib's patches
libetpan: add upstream status for libetpan's patch
libopensync: add upstream status for libopensync's patches
libopensync-plugin-evolution2: add upstream status for its patch
libopensync-plugin-syncml: add upstream status for its patch
libsyncml: add upstream status for libsyncml's patch
empathy: add upstream status for empathy's patch
wv: add upstream status for wv's patch
xournal: add upstream status for xournal's patch
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|
|
[YOCTO #860]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
|
|
Signed-off-by: Saul Wold <Saul.Wold@intel.com>
|