Age | Commit message (Collapse) | Author |
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9555a7dc768c32a009333232e25cef041054b7f7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
New upstream release fixing CVE-2022-3515
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4bef6fc673de958dfbab80bcbc2e0159803b97ee)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 8e453d64255ce6a01b193c3735bb0aefbaa6fb38)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 6d9ed8d4b13c2d87dae482bbadef039de050bc9d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
v2.0.15 changes
Various bug fixes and cleanups
Supported multiple preferred nodes
This release didn't include a release tarball. Furthermore, it had issues such as #135, #136 and #138 that got fixed in the follow up release. Please try to use v2.0.16 instead.
License checksum change from a typo fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8829fe6ee093acc6fb990f9ca6cad67c2c7549d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
=========
Add missing property parameters into libical-glib
Fix CMake option USE_32BIT_TIME_T actually uses a 32-bit time_t value
Fix icaltime_as_timet, which returned incorrect results for years >= 2100, to work properly between years 1902 and 10k.
Fix x-property comma handling and escaping
Built-in timezones updated to tzdata2022d (now with a VTIMEZONE for each time zone alias)
Fix fuzzer issues
Handle unreachable-code compile warnings with clang
Ensure all vanew_foo() calls finish with (void*)0 (not 0)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 6092ae3cbe0eaf006db615c6cc3f1692e1cc1df8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
RELEASE NOTES FOR 2.66
Fix documentation typos in cap_from_text.3 (Bug: 216514 reported by Paulo Andrade.)
Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk.
Slightly more robust Makefiles to address an error with make -j48 test observed by Tomasz Kłoczko.
Include a simple Go program, captrace, to trace kernel capability validation checks
This program can be used to figure out what capabilities a program needs to operate.
captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution.
Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 9040e612084a561b1766bb86c9c002b811eea4c9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
create-spdx can't detect the license properly if the case doesn't
match, so fix it.
Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9c87828493784d996910d742006268a626ef0130)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Includes fixes for CVE-2022-3705
https://nvd.nist.gov/vuln/detail/CVE-2022-3705
For a short list of important changes, see:
https://www.arp242.net/vimlog/
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6d917bd0f8810b5ed8d403ad25d59cda2fc9574)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Include fixes for CVE-2022-3352.
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 8aa707f80ae1cfe89d5e20ec1f1632a65149aed4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes a fix for CVE-2022-3278.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98c40271692147873a622e168e8b2e90a9fcc54c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Includes a fix for CVE-2022-3234.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d6b54f37aa4db1457296b8981b630a49d251ceb5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Includes fixes for CVE-2022-3099 and CVE-2022-3134.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d042923262130b6b96f703b5cd4184f659caeb92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
AC_TRY_RUN macro means the test needs to run to find the result and we
are cross compiling so this will always get wrong results, this results
in miscompiling apache2 on musl because it disables rlimit
(ac_cv_struct_rlimit) wrongly.
All these variables are determined with AC_TRY_RUN checks
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 504eb0ff1cae200ee85ec18ebae564cae9bf9c8c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE-2021-3520.patch
removed since it's included in 1.9.4
License-Update:
Copyright year updated to 2020
description of 3rd party applications changed
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f95c66050bc69af7769d1868b0118cefb24e5b0d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
License-Update: Adjust/reformat content of LICENSING.txt
=========================================================
"libatomic_ops_gpl.a" changed to "libatomic_ops_gpl.a file"
"sysdeps" changed to "atomic_ops/sysdeps"
"This applies only to test code, sample applications," changed to
"This applies only to the test code"
Changelog:
==========
Add note to README that AO malloc code has same license as AO stack
Adjust/reformat content of LICENSING.txt
Avoid AO_stack_t to cross CPU cache line boundary
Do not assume 'ordered except earlier write' for UWP/arm64
Do not name GCC intrinsics as C11 ones in ChangeLog and configure
Eliminate '-pedantic is not option that controls warnings' GCC-6.3 message
Ensure result of AO_test_and_set is always AO_TS_CLEAR or AO_TS_SET
Fix 'AO_malloc redefinition' MS VC warning caused by attributes mismatch
Fix 'use of undeclared SIG_BLOCK' Clang error if -std=c89 on Cygwin
Fix AO_compare_and_swap_full asm code for clang on sparc
Fix a typo in comment of AO_stack_push_explicit_aux_release
Fix code indentation in main() of test_stack.c
Refine AO_UNIPROCESSOR macro description in configure
Remove outdated comment about unsupported Win64 in atomic_ops_stack.h
Repeat black list check on CAS fail in stack_push_explicit_aux_release
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit a0f177ef7f52bab06d8fff752ba8390defd71ed5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
2022-08-18 Userspace RCU 0.13.2
* Revert "Fix: remove type constness in URCU_FORCE_CAST's C++ version"
* Fix: futex.h: include headers outside extern C
* Fix: add missing unused attribute to _rcu_dereference
* Fix: change method used by _rcu_dereference to strip type constness
* Fix: remove type constness in URCU_FORCE_CAST's C++ version
* Move extern "C" down in include/urcu/urcu-bp.h
* fix: ifdef linux specific cpu count compat
* Set git-review branch to stable-0.13
* fix: sysconf(_SC_NPROCESSORS_CONF) can be less than max cpu id
* Fix: revise obsolete command in README.md
* Fix: workqueue: remove unused variable "ret"
* Fix: urcu-qsbr: futex wait: handle spurious futex wakeups
* Fix: urcu: futex wait: handle spurious futex wakeups
* Fix: urcu-wait: futex wait: handle spurious futex wakeups
* Fix: defer_rcu: futex wait: handle spurious futex wakeups
* Fix: call_rcu: futex wait: handle spurious futex wakeups
* Fix: workqueue: futex wait: handle spurious futex wakeups
* Fix: Use %lu rather than %ld to print count
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b9ce9d9ab53baab7ba84187d17b34e48ff9eb16e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
===========
- Clarify libtasn1.map license. Closes: #38.
- Fix ETYPE_OK out of bounds read. Closes: #32.
- Update gnulib files and various maintenance fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit b8f2c6ec61ffcc607a35bd5c11f5020c9b676226)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 01c08d47ecfcc7aefacc8280e0055c75b13795b2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
https://curl.se/docs/CVE-2022-35252.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
SRC_URI include patch introduced in oe-core commit
fdc82b2314b580c0135c16b7278ebf8786311dec
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
musl does not implement GNU extention of strerror_r but XSI compliant
version, therefore add it via a packageconfig to set right variables
during configure to cache the value.
configure detection logic depends on runtime test which will always be
wrong on cross compiles therefore backport a patch to make it possible
to cache the needed configure variable.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ded3d76a844dd1aef9ac610fbe506bf76285369b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is defined for glibc automatically with _GNU_SOURCE but not for
musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 84375186570af548b49e44e884925f4feaddcc7a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Increase the size of loop variables in the printf() implementation to avoid integer overflow on multi-gigabyte string arguments. CVE-2022-35737.
This bug fix refers to: CVE-2022-35737 and it's a backport of a fix added in sqlite 3.39.2 (2022-07-21).
Signed-off-by: Ghassane Ben El Aattar <ghassaneb.aattar@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Includes fixes for:
CVE-2022-2816
CVE-2022-2817
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2862
CVE-2022-2874
CVE-2022-2889
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ec2d27d09444213ec1c9b91c6f8c4363f297294)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CHanges from 2.64:
- Fix syntax error in DEBUG build of protected code in setcap.c. (Bug reported by yixiangzhike.)
- Prevent bash from reading the wrong startup files when the capsh --user=xxx argument is used to invoke a shell as the user xxx. (Bug: 215926)
- Man page info for cap_get_pid() and cap_reset_ambient(). (Bug reports from nomonemo and Tinkerer One.)
- Improve documentation and help for the captree program.
- Updated go/Makefile comment about an unfixed Go runtime bug in go1.16 and go1.17 (resolved in go1.18+), and the deadlock behavior of the psx-fd test.
- Refresh the signatures on the two GPG keys morgan@ uses. The 4096 bit one is preferred, but the older one is also used for continuity reasons. This set of signatures should also be available from the various key servers out there.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c3b16a6d0d0d4246b44dec3b1818f435d32d04e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changes from 2.63:
- Fix memory leak in libpsx at program exit. (Bug: 215551 reported by Kalen Hall)
- Be more resilient to CGo configuration with Go compiler when building tests. (Bug: 215603)
- Fix cap_*prctl() return code/errno handling. (Bug: 215772 reported by Anderson Toshiyuki Sasaki)
- Minor clarification to cap_get_pid() man page concerning pid value within namespaces. (Bug: 215812)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bfbf8f05d1789b8a8a6826b83a21fd09b8e903ad)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changes from 4.10.0:
- Update ISO 639-3 codes from SIL website. Fixes #40
- Translation updates for ISO 3166-1
- Translation updates for ISO 3166-2
- Translation updates for ISO 3166-3
- Translation updates for ISO 639-2
- Translation updates for ISO 639-3
- Translation updates for ISO 639-5
- Translation updates for ISO 4217
- Translation updates for ISO 15924
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a269e59a960a56ac038f4e96c199a7577202b186)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
For fiber, only CMake modules were installed in boost 1.78.0.
In 1.79.0 and versions before 1.78.0 also the shared libraries
are installed. This upstream patch fixes the issue in 1.78.0.
Note that boost git repo does not show changes in tools/build
directory between 1.78.0 and 1.79.0 tags but the release tar balls
contain a large update of which this one is needed to fix the missing
shared libraries.
Only kirkstone is affected.
buildhistory shows the difference in metadata boost-fiber binary package
without and with this patch:
--- a/packages/core2-64-poky-linux/boost/boost-fiber/latest
+++ b/packages/core2-64-poky-linux/boost/boost-fiber/latest
@@ -1,8 +1,9 @@
PV = 1.78.0
PR = r0
-RPROVIDES =
-RDEPENDS =
+PKG = libboost-fiber1.78.0
+RPROVIDES = boost-fiber (=1.78.0)
+RDEPENDS = boost-context (>= 1.78.0) glibc (>= 2.35) libgcc (>= 11.3.0) libstdc++ (>= 11.3.0)
RRECOMMENDS =
-PKGSIZE = 0
+PKGSIZE = 80032
FILES = /usr/lib/libboost_fiber*.so.*
-FILELIST =
+FILELIST = /usr/lib/libboost_fiber.so.1.78.0
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Drop crosscompile.patch which was merged as part of:
509695c1c (tag: v9.0.0065) patch 9.0.0065: \
cross-compiling doesn't work because of timer_create check
Also drop: racefix.patch which may have been fixed upstream
and is being tracked by:
https://github.com/vim/vim/pull/10776
where upstream is asking if the different approach resolves the
race condition. Let's see what's out there!
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 6996472cd33d2d4b91821f2dfe24a27a697e4afe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Source: https://gitlab.com/gnutls/gnutls
MR: 120416
Type: Security Fix
Disposition: Backport from https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2
ChangeID: 703e01956915cf9543fdc47cfd5edb87403294f9
Description:
CVE-2022-2509 gnutls: Double free during gnutls_pkcs7_verify.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Remove 0003-dirmngr-uses-libgpg-error.patch
(upstream addressed the issue).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backport fixes for:
* CVE-2022-32205 - https://curl.se/docs/CVE-2022-32205.html
* CVE-2022-32206 - https://curl.se/docs/CVE-2022-32206.html
* CVE-2022-32207 - https://curl.se/docs/CVE-2022-32207.html
* CVE-2022-32208 - https://curl.se/docs/CVE-2022-32208.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changes in libsoup from 3.0.6 to 3.0.7:
* Fix leak in SoupAuthNTLM [Milan Crha]
* Fix constructing SoupAuthNTLM objects [Milan Crha]
* Disable mutual negotiation in SoupAuthNegotiate [Michael Catanzaro]
* http2: Do not advertise the `h2` protocool for proxy connections [Carlos Garcia Campos]
* http2: Remove left-over headers when HTTP/1 redirects to HTTP/2 [Carlos Garcia Campos]
* http2: Handle HTTP_1_1_REQUIRED error [Carlos Garcia Campos]
* http2: Read request bodies synchronously for sync requests [Carlos Garcia Campos]
* http2: Properly handle server sending shut down GOAWAY [Carlos Garcia Campos]
* tests: Remove dependency on Apache's PHP module [Carlos Garcia Campos]
* tests: Depend upon Apache's http2 module [Carlos Garcia Campos]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 800e0d32db86dccfe1b54111d01034e4a315cce9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This fixes the following CVEs:
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 03c044a81a76b7505b9d5bf0d936dde75b51905e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Fix out of memory [1]
OpenSSL host verification + hostname in certificate CN only seems broken in 7.82.0
[1] https://github.com/curl/curl/issues/8559
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Without `--with-gcc-arch=generic` libffi looks up the cpuid to automatically determine
which mtune/march to use. This makes the native sstate-cache unuseable since it's
possible to have a newer cpu building the recipe and the library being pulled from
another older cpu which doesn't have the instruction.
Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cddaecac1fdd4d033c2ff8ccaf1d60e1c598d5b7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The license checksum changed due to a major version change in the referenced file.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 89f34d8aa4f4572d048dbb732ca4c83d443157fb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
RDEPENDS_${PN}-ptest -> RDEPENDS:${PN}-ptest
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 37a47bfced900c2f1e239b216d8614eb290f2f0c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
It fails to compile xxhash when '-Og' is set in CFLAGS via such as set
DEBUG_BUILD = '1' in local.conf. Check and disable inline when '-Og'
exists.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3464c67cd34acbb1a6705369e34dee8af7e348ac)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Includes fixes for CVE-2022-1927, CVE-2022-1942.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changelog:
==========
Added
--------
Update ISO 639-2 codes to include Montenegrin (cnr) added in 2017.
Update ISO 4217. Fixes #24
ISO 639-3: New translation for Friulian
ISO 639-5: New translations for Esperanto, Hindi, Russian
ISO 4217: New translation for Esperanto
Changed
--------
Translation updates for ISO 3166-1
Translation updates for ISO 3166-2
Translation updates for ISO 3166-3
Translation updates for ISO 639-2
Translation updates for ISO 639-3
Translation updates for ISO 639-5
Translation updates for ISO 4217
Translation updates for ISO 15924
Fixed
--------
ISO 3166-2: Add parent codes for GB. Fixes #36
ISO 3166-2: Fix subdivision names for Finland. Fixes #37
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb771fa7740f9749d26a4d3f74a926eb1e564ee5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Previously, only the first line of the LICENSE file was included,
which only covered the license name and thus would not detect a change
to the version (or anything else for that matter).
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ac45755dffc611fb46f5cd1c07f4876d3094893)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add some further info to the patch based on upstream changes. Given the last release
in 2017 and glaring issues on at least armv5, it does raise the question on whether
we should drop this. There are probably better compression tools now.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 241309c6dec364445093fa5973cc8998431cbed9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
pfc files are used e.g. in 38-basic-pfc_coverage.sh
valgrind_test.supp is required, when valgrind is installed, otherwise
all valgrind tests fail
Signed-off-by: Joerg Vehlow <joerg.vehlow@aox.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 32ba67bc37b5ca73f7d29cb6c7de281ab8f824bd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Security fixes and update to Unicode property handling.
Upstream release notes:
https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.40
CVE: CVE-2022-1587
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We have libxml2 2.9.14 and we don't link statically against libxml2 anyway
so the CVE doesn't apply to libxslt.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c6315d8a2a1429a0fb7563b1d6352ceee7bc222c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735
CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fafce97bd440150ac5c586b53b887ee70a5b66bd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Additional changes in version 3.38.4 (2022-05-04):
Fix a byte-code problem in the Bloom filter pull-down optimization added by release 3.38.0 in which an error in the byte code causes the byte code engine to enter an infinite loop when the pull-down optimization encounters a NULL key. Forum thread 2482b32700384a0f.
Other minor patches. See the timeline for details.
Additional changes in version 3.38.5 (2022-05-06):
Fix a blunder in the CLI of the 3.38.4 release.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1bd414792ae2576685b2a352a5cc93343f06985)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|