| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38ecb83c444406b5157712d87aef3bbb320b45ec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
https://github.com/p11-glue/p11-kit/releases/tag/0.23.22
Release notes:
Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
anchor: Prefer persistent format when storing anchor [#329]
common: Fix infloop in p11_path_build [#326, #327]
proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
common: Check for a NULL locale before freeing it [#321]
Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
https://github.com/p11-glue/p11-kit/commit/c4e75e10021ce86ab42682ea4936dce94ced2f77
patch to fix trailing newline using custom_target() caused error
with DISTRO_FEATURES api-documentation due to meson bugs, enable
manpages PACKAGECONFIG should prevent this error.
| warning: failed to load external entity "../version.xml"
| ../p11-kit-docs.xml:11: parser error : Failure to process entity version
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| ../p11-kit-docs.xml:11: parser error : Entity 'version' not defined
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| unable to parse ../p11-kit-docs.xml
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b112ba291835061640123c13784e2b33cc73f17d)
[0.23.x is an lts release, bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e811db2f614500f16415fc09801f229968428e7)
[0.23.x is an lts release, bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Added below CVE:
CVE-2020-12825
Link: CVE-2020-12825 [https://gitlab.gnome.org/Archive/libcroco/-/commit/6eb257e5c731c691eb137fca94e916ca73941a5a]
Link: https://gitlab.gnome.org/Archive/libcroco/-/issues/8
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f8cee7386c556e1c5adb07a0aee385642b7a5568)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Whitelisted below CVEs:
1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.
2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2943efe3f56d394308f9364b439c25f6a7613288)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
rngd daemon may spam the console when using an older version
than 6.11.
Backport patches from https://github.com/nhorman/rng-tools/pull/99/commits
Signed-off-by: Julien Massot <julien.massot@iot.bzh>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
0001-certdata2pem.py-use-python3.patch
removed since it is included in 20210119
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit afd86357e07f69090eaff4c5db2c517867dd4ccf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9bc2943a7819c7e6d1bd4c1c03b265671811784c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
-License-Update: format changed
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0007f38b03bcb0bd561bd9181fbffc7dec47fe9a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
backport CVE-2020-8284 fixes from upstream, but drop
binary file tests/data/test1465.
upstream fixes for CVE-2020-8231, CVE-2020-8285 and CVE-2020-8286
does not applies cleanly to 7.69.1, fedora have working patch
hence import patch from Fedora.
https://koji.fedoraproject.org/koji/rpminfo?rpmID=24270817
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This patch makes gcc produce broken code. It is unclear why it is there
in the first place. Drop it.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f3cace37496fe1dc4fd045f688f7d441505c437)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 46d837442ab216941df2d02f60c69155463e02d8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Support for gdbm was made optional in 3260ad9e, but it was still being
used unconditionally.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 09d303ca295dc27874c72b30c37a64d1fdf4c5c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2654384db4999c78bc3d98215a4eecdab63541b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
nativesdk support
In order to make wic tool work in sdk which is out of an
existed Yocto build, it needs to port wic tool as a nativesdk
recipe.
First, make these runtime depends recipes to support nativesdk
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb4f7f078e1d3b1afbf93ca4dc5e690f60c59412)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
scons is using host ar to create it, which may or may not
be built with reproducible option by default. Rather than
patch scons for the benefit of a single recipe, let's
just not install the .a, which is unused anyway.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7e44275f4d286f005b2f19e3dcc9c6d390b98f30)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Patch is added to address an issue preventing libffi
from compiling under clang.
Change-Id: I55e36d252ec8e84de9b35fea18044c2c0e8c5aab
Signed-off-by: Brett Warren <brett.warren@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 01e8c53488dd5ebb206bef2415549e8ac1ac7601)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Upstream renamed master -> dev, update SRC_URI to match.
[YOCTO #14135]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3369aa0322693604533ef7d30dca234e52605fe2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
As per https://groups.google.com/g/sqlite-dev/c/U7OjAbZO6LA this issue
is believed to be either iOS specific, or fixed in 3.8.9.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry-picked from d11a2157befcfe40517140988dd26bf0ed7240b6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The srcrev bump is actually bring single commit [1] on top of 2.4.0 which fixes ptest
runs with messges like
ERROR: Unable to detach from controlling tty, Inappropriate ioctl for device
[1] https://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/commit/?id=834670317bd3f6e427e1ac461c07ada6b8936dfd
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 791da075619139fa55751f8013c73d2fbf0cf64c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fd180d21ec907726b2fcd7709b93cb8e464390d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add support for un ptests in multiple directories, useful in multilib
builds.
Changes,
1e9a845 Add support to specify multiple folder for ptest-runner
287ba30 Makefile: Fix TEST_LDFLAGS gcc cmdline position
[YOCTO #12604]
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1203ee86e3cf4d73f6ba513452717f1c4f78c501)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
libbsd contains a multitude of licenses. For (commercial) projects the
3rd clause of the BSD-4-Clause license can be problematic. But only a
few man pages use this license. This means that the main package
containing the binary library itself is not under BSD-4-Clause ruling.
Signed-off-by: Mark Jonas <toertel@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9c3e3f83b5fb162d161a7b9773d426418a22c05f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The license headers are clear that the code is "or later", fix LICENSE
to match.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f0b5cdfcb104ac50222a47652e090ad8770e49f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
remove some extra whitespaces
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 32ce3716761165b9df12306249418645724122cc)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2020-13632
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13632
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2020-13631
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13631
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2020-13630
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13630
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2020-13435
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13435
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2020-13434
Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13434
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The official links on:
https://curl.haxx.se/download.html
use https now and we're seeing this warning:
WARNING: curl-native-7.72.0-r0 do_fetch: Failed to fetch URL http://curl.haxx.se/download/curl-7.72.0.tar.bz2, attempting MIRRORS if available
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0aa24abf6c4d68efa63026d2496b6adc16734d35)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
To avoid false positives (such as CVE-2010-0734, rubygems:curl), expand
the CVE_PRODUCT list to include all the vendors that have been used.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bb265122cccea9466405fdd924ad10ce8cda0dec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backport the CVE patch from the usptream:
https://gitlab.com/gnutls/gnutls.git
commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 84b1bc500e318657cb7a8a189b59cc63bc91dca3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
fix error:
file /usr/include/gpgme.h conflicts between attempted installs of gpgme-dev-1.13.1-r0.core2_64 and lib32-gpgme-dev-1.13.1-r0.core2_32
part of diff:
-#if 64
+#if 0
#ifndef _FILE_OFFSET_BITS
-#error GPGME was compiled with _FILE_OFFSET_BITS = 64, please see the section "Largefile support (LFS)" in the GPGME manual.
+#error GPGME was compiled with _FILE_OFFSET_BITS = 0, please see the section "Largefile support (LFS)" in the GPGME manual.
#else
-#if (_FILE_OFFSET_BITS) != (64)
-#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 64, please see the section "Largefile support (LFS)" in the GPGME manual.
+#if (_FILE_OFFSET_BITS) != (0)
+#error GPGME was compiled with a different value for _FILE_OFFSET_BITS, namely 0, please see the section "Largefile support (LFS)" in the GPGME manual.
#endif
#endif
#endif
LFS support is enabled by default, and this header is generated during
build according to current configure
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bd056f9c4c22740a4f7ede00c758a21037eae5ca)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
fix error:
file /usr/include/ffitarget.h conflicts between attempted installs of lib32-libffi-dev-3.3-r0.armv7vet2hf_vfp and libffi-dev-3.3-r0.cortexa57
part of diff
#ifndef LIBFFI_ASM
-typedef unsigned long ffi_arg;
-typedef signed long ffi_sarg;
-
-typedef enum ffi_abi {
- FFI_FIRST_ABI = 0,
- FFI_SYSV,
- FFI_VFP,
- FFI_LAST_ABI,
-#if defined(__ARM_PCS_VFP) || defined(_M_ARM)
- FFI_DEFAULT_ABI = FFI_VFP,
+#ifdef __ILP32__
+#define FFI_SIZEOF_ARG 8
+#define FFI_SIZEOF_JAVA_RAW 4
+typedef unsigned long long ffi_arg;
+typedef signed long long ffi_sarg;
+#elif defined(_M_ARM64)
+#define FFI_SIZEOF_ARG 8
+typedef unsigned long long ffi_arg;
+typedef signed long long ffi_sarg;
#else
- FFI_DEFAULT_ABI = FFI_SYSV,
-#endif
-} ffi_abi;
+typedef unsigned long ffi_arg;
+typedef signed long ffi_sarg;
#endif
-#define FFI_EXTRA_CIF_FIELDS \
- int vfp_used; \
- unsigned short vfp_reg_free, vfp_nargs; \
- signed char vfp_args[16] \
-
-#define FFI_TARGET_SPECIFIC_VARIADIC
-#ifndef _M_ARM
-#define FFI_TARGET_HAS_COMPLEX_TYPE
+typedef enum ffi_abi
+ {
+ FFI_FIRST_ABI = 0,
+ FFI_SYSV,
+ FFI_LAST_ABI,
+ FFI_DEFAULT_ABI = FFI_SYSV
+ } ffi_abi;
#endif
/* ---- Definitions for closures ----------------------------------------- */
#define FFI_CLOSURES 1
-#define FFI_GO_CLOSURES 1
#define FFI_NATIVE_RAW_API 0
#if defined (FFI_EXEC_TRAMPOLINE_TABLE) && FFI_EXEC_TRAMPOLINE_TABLE
#ifdef __MACH__
-#define FFI_TRAMPOLINE_SIZE 12
-#define FFI_TRAMPOLINE_CLOSURE_OFFSET 8
+#define FFI_TRAMPOLINE_SIZE 16
+#define FFI_TRAMPOLINE_CLOSURE_OFFSET 16
#else
#error "No trampoline table implementation"
#endif
#else
-#ifdef _MSC_VER
-#define FFI_TRAMPOLINE_SIZE 16
-#define FFI_TRAMPOLINE_CLOSURE_FUNCTION 12
-#else
-#define FFI_TRAMPOLINE_SIZE 12
-#endif
+#define FFI_TRAMPOLINE_SIZE 24
#define FFI_TRAMPOLINE_CLOSURE_OFFSET FFI_TRAMPOLINE_SIZE
#endif
+#ifdef _M_ARM64
+#define FFI_EXTRA_CIF_FIELDS unsigned is_variadic
+#endif
+
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit efe8d76810973e7032e729beee106b8acc39b8ed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
For example, CVE-2019-18397 uses fribidi instead gnu_fribidi.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fa5d0f2c61a704436d71e5f02042fa8b2940f541)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Stability / bugfix / security release
Fixes CVE-2018-20030, CVE-2020-13114, CVE-2020-13113,
CVE-2020-13112, CVE-2020-0093, CVE-2019-9278, CVE-2020-12767,
CVE-2016-6328, CVE-2017-7544
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 76e8c645cb2568c2dfa014af0eeac36d8f8b60ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This was discussed and accepted upstream by the project so their license is consistent.
Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018
and https://gitlab.com/gnutls/gnutls/-/merge_requests/1285.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 267d07301c79c24969c169add05284f612c41d77)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Security and bug fix release on the stable 3.6.x branch
Fixes CVE-2020-13777
Detailed list of changes at:
https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd88c81804a4a52b9875f2244c9f35911539be96)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
async_pipe is missing the executor_type type, which is expected by
asio in /usr/include/boost/asio/impl/read.hpp. Without this, it's
not possible to even compile code that uses constructs such as:
boost::asio::io_service foo;
boost::process::async_pipe foopipe{ boost::process::async_pipe(foo) };
This is only relevant for Dunfell because master has already moved to
boost-1.73.0 in which this bug has been fixed. The bug is also not
present in Zeus, which uses boost-1.71.0.
Signed-off-by: Viktor Rosendahl <Viktor.Rosendahl@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
As an unconditionally dependency of subversion, extend serf recipe for
building a nativesdk variant being usable by nativesdk-subversion.
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ff731a25a49c768f04a474438efccb3bb505a898)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
libnl is required by networkmanager.
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b3c96103a5063eeefb0c537227eab3f77616b9c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backported from master with two differences:
1. Move exit in do_make_icudata_class-target after big endian patch
application (not required for master since new upstream icu includes
the patch)
2. In do_install_append_class-target test for existence of .dat input
file before calling icupkg
icu data generation was found to be racy, and causig AB failures;
making it serial and leaving it on is not an option as it regresses
to several minutes.
The specific bug is that rules.mk has:
LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH ../bin/gencnval -s . -d ./out/build/icudt66l mappings/convrtrs.txt
which creates a file and numerous rules like
LD_LIBRARY_PATH=../lib:../stubdata:../tools/ctestfw:$LD_LIBRARY_PATH ../bin/genrb -s ./misc -d ./out/build/icudt67l -i ./out/build/icudt67l -k -q numberingSystems.txt
which quietly read it. There is no prerequisite for the former to complete first.
The race is extra complicated to fix as rules.mk is itself
generated through a custom in-tree python tool.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit df89e8d1136fd406ba35ae573e2cb0cfc88c6aad)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e16ef0c2e0ec2bbb862231cd84e7650bd5789af)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Source: sqlite.org
MR: 104526
Type: Security Fix
Disposition: Backport from https://www.sqlite.org/src/vinfo/10fa79d00f8091e5?diff=1
ChangeID: a1c012b8c8aecd4970f3ae16686bf25f2376f542
Description:
Affects sqlite < 3.32.3
Fixes CVE CVE-2020-15358
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Source: https://curl.haxx.se/
MR: 104472, 104458
Type: Security Fix
Disposition: Backport from https://github.com/curl/curl/commit/{600a8cded447cd/8236aba58542c5f}
ChangeID: 1300924f7a64b22375b4326daeef0b686481e30c
Description:
- Affected versions: curl 7.20.0 to and including 7.70.0
- Not affected versions: curl < 7.20.0 and curl >= 7.71.0
Fixes both CVE-2020-8169 and CVE-2020-8177
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This helps with gpl3-free builds.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3260ad9e8ff185b4799269bbcdd9f638e976c4b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
These workarounds are removed because a previous patch
solve the host path reference for gawk and perl, and it skips
the do_package_qa issue by setting the INSANE_SKIP. But it
introduces regression for do_rootfs. The dependencies are
calculated and will require packages like python, perl, gawk
and csh. The error is like below.
Error:
Problem: conflicting requests
- nothing provides /bin/csh needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/nawk needed by vim-tools-8.2-r0.corei7_64
- nothing provides /usr/bin/python needed by vim-tools-8.2-r0.corei7_64
So we keep the previous patch which solve the host path reference
problem and restore the long-used 'chmod -x' workaround here.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bf3e799e32b4de300887b844b0b7bce3d60ca379)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
Alexander Kanavin
Lee Chee Yang
saloni
Julien Massot
zhengruoqin
Wang Mingyu
Mans Rullgard
Changqing Li
Peter Kjellerstedt
Maxime Roussin-Bélanger
Hongxu Jia
Brett Warren
Richard Purdie
Steve Sakoman
Khem Raj
Anibal Limon
Mark Jonas
Randy MacLeod
Ross Burton
Zhixiong Chi
Chen Qi
Viktor Rosendahl
Jens Rehsack
Christian Eggers
Armin Kuster