aboutsummaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* cve-check: failure to parse versions should be more visibleRoss Burton2019-12-101-2/+2
| | | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: ensure all known CVEs are in the reportRoss Burton2019-12-101-2/+7
| | | | | | | | | | | | CVEs that are whitelisted or were not vulnerable when there are version comparisons were not included in the report, so alter the logic to ensure that all relevant CVEs are in the report for completeness. (From OE-Core rev: 98256ff05fcfe9d5ccad360582c36eafb577c264) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* cve-check: backport rewrite from masterRoss Burton2019-12-1012-620/+292
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As detailed at [1] the XML feeds provided by NIST are being discontinued on October 9th 2019. As cve-check-tool uses these feeds, cve-check.bbclass will be inoperable after this date. To ensure that cve-check continues working, backport the following commits from master to move away from the unmaintained cve-check-tool to our own Python code that fetches the JSON: 546d14135c5 cve-update-db: New recipe to update CVE database bc144b028f6 cve-check: Remove dependency to cve-check-tool-native 7f62a20b32a cve-check: Manage CVE_PRODUCT with more than one name 3bf63bc6084 cve-check: Consider CVE that affects versions with less than operator c0eabd30d7b cve-update-db: Use std library instead of urllib3 27eb839ee65 cve-check: be idiomatic 09be21f4d17 cve-update-db: Manage proxy if needed. 975793e3825 cve-update-db: do_populate_cve_db depends on do_fetch 0325dd72714 cve-update-db: Catch request.urlopen errors. 4078da92b49 cve-check: Depends on cve-update-db-native f7676e9a38d cve-update-db: Use NVD CPE data to populate PRODUCTS table bc0195be1b1 cve-check: Update unpatched CVE matching c807c2a6409 cve-update-db-native: Skip recipe when cve-check class is not loaded. 07bb8b25e17 cve-check: remove redundant readline CVE whitelisting 5388ed6d137 cve-check-tool: remove 270ac00cb43 cve-check.bbclass: initialize to_append e6bf9000987 cve-check: allow comparison of Vendor as well as Product 91770338f76 cve-update-db-native: use SQL placeholders instead of format strings 7069302a4cc cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELIST 78de2cb39d7 cve-update-db-native: Remove hash column from database. 4b301030cf9 cve-update-db-native: use os.path.join instead of + f0d822fad2a cve-update-db: actually inherit native b309840b6aa cve-update-db-native: use executemany() to optimise CPE insertion bb4e53af33d cve-update-db-native: improve metadata parsing 94227459792 cve-update-db-native: clean up JSON fetching 95438d52b73 cve-update-db-native: fix https proxy issues 1f9a963b9ff glibc: exclude child recipes from CVE scanning [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement (From OE-Core rev: 8c87e78547c598cada1bce92e7b25d85b994e2eb) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sudo: Fix CVE-2019-14287Dan Tran2019-12-103-0/+270
| | | | | Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* tar: Fix CVE-2018-20482Dan Tran2019-12-102-0/+406
| | | | | Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libgcrypt: CVE-2019-12904Shubham Agrawal2019-12-103-0/+508
| | | | | | | fix Upstream-Status: Backport Signed-off-by: Shubham Agrawal<shuagr@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sdk: Install nativesdk locales for all TCLIBC variantsKhem Raj2019-12-101-4/+0
| | | | | | | | | | | | | | | | | | | | install_locales() here is actually operating on nativesdk and only glibc is the default library for nativesdk, since thats what most of desktop/server distros use, therefore bailing out based on TCLIBC is not needed here, since nativesdk-glibc would be required for all non-glibc targetting SDKs as well. Fixes SDK install time error ERROR: OE-core's config sanity checker detected a potential misconfiguration. Either fix the cause of this error or at your own risk disable the checker (see sanity.conf). Following is the list of potential problems / advisories: Your system needs to support the en_US.UTF-8 locale. ERROR: SDK preparation failed Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* at-spi2: fix dbus-daemon pathJed2019-12-101-1/+1
| | | | | | | | "dbus_daemon" is supposed to be set to the full dbus-daemon file path, not just its directory. Signed-off-by: Jed <jed.openxt@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* build-appliance-image: Update to thud head revisionRichard Purdie2019-10-171-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS"Armin Kuster2019-10-172-2/+41
| | | | | | | | | | | This reverts commit e8cd30ba6cec854d85c7ad47edc208107858a5d7. This backport introduced an issue not seen the AB QA. Issue can be seen if BAD_RECOMMENDATIONS_append = " udev-hwdb" is used Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to thud head revisionRichard Purdie2019-10-151-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: Security fix for CVE-2019-5482Muminul Islam2019-10-132-0/+69
| | | | | | Signed-off-by: Muminul Islam <muislam@microsoft.com> [Fixup for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libsolv: Security fix for CVEs: <CVE-2018-20532, CVE-2018-20533, CVE-2018-20534>Muminul Islam2019-10-138-0/+472
| | | | | | | | | | | Signed-off-by: Muminul Islam <muislam@microsoft.com> CVE: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 Upstream-Status: Backport Cherry picked from https://github.com/openSUSE/libsolv/pull/291/commits Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gnutls: Fix CVE-2019-3829 and CVE-2019-3836Dan Tran2019-10-135-0/+985
| | | | | Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* kernel-devsrc: check for localversion files in the kernel source treec-thaler2019-10-131-0/+9
| | | | | | | | | localversion files are ignored. This might lead to a bad version magic when building out-of-tree modules via SDK. (Backport from master https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-kernel/linux/kernel-devsrc.bb?id=59fcee90de0cbb5b6b8333ab2b0e36214b174e52) Signed-off-by: Christian Thaler <christian.thaler@tes-dst.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* glibc: Security fix for cve <CVE-2019-6488, CVE-2019-7309>Muminul Islam2019-10-133-0/+483
| | | | | | | | | Signed-off-by: Muminul Islam <muislam@microsoft.com> CVE: CVE-2019-6488, CVE-2019-7309 Upstream-Status: Backport Signed-off-by: Armin Kuster <akuster808@gmail.com>
* arch-arm64.inc: Lower the priority of aarch64 in MACHINEOVERRIDESPeter Kjellerstedt2019-10-131-1/+1
| | | | | | | | | This makes sure, e.g., ${SOC_FAMILY} and ${MACHINE} have higher priorities than aarch64. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* kernel.bbclass: fix installation of modules signing certificatesDmitry Eremin-Solenikov2019-10-131-1/+1
| | | | | | | | | | | | | If one has provided external key/certificate for modules signing, Kbuild will skip creating signing_key.pem and will write only signing_key.x509 certificate. Thus we have to check for .x509 file existence rather than .pem one. Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2527e731eba43bd36d0ea268aca6b03155376134) Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* uninative: Update to 2.7 releasestable/sumo-communityMichael Halstead2019-10-071-5/+5
| | | | | | | | | The 2.7 release updates glibc to version 2.30. Recently added to openSUSE Tumbleweed and needed for Fedora Core 31. Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gnupg: Do not apply -Woverride-init guard for gcc >= 9Khem Raj2019-10-074-5/+37
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libgpg-error: Fix build with gawk 5.xSean Nyekjaer2019-10-072-0/+162
| | | | | | | | | | Based on poky master, but for version 1.35 Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> [backported to thud yocto# 13580] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* qemu: fix build issue on new hosts with glibc 2.30Armin Kuster2019-10-063-0/+146
| | | | | | | | | | | | | | | | | | | This fixes the following error: TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:254:16: error: static declaration of ‘gettid’ follows non-static declaration 254 | _syscall0(int, gettid) | ^~~~~~ TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:185:13: note: in definition of macro ‘_syscall0’ 185 | static type name (void) \ | ^~~~ In file included from /usr/include/unistd.h:1170, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/include/qemu/osdep.h:90, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20: /usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here 34 | extern __pid_t gettid (void) __THROW; | ^~~~~~ Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wget: Security fixes CVE-2018-20483Andrii Bordunov via Openembedded-core2019-10-063-0/+202
| | | | | | | | | | | | | Source: http://git.savannah.gnu.org/cgit/wget.git/ Type: Security Fix Disposition: Backport from http://git.savannah.gnu.org/cgit/wget.git/ Description: Fixes CVE-2018-20483 Signed-off-by: Aviraj CJ <acj@cisco.com> [Affects Wget before 1.20.1] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sqlite3: Security fix for CVE-2019-8457Shubham Agrawal2019-10-062-0/+127
| | | | | | Signed-off-by: Shubham Agrawal <shuagr@microsoft.com> [Cleaned up patch] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* perl: Fix CVE-2018-18311 to 18314Dan Tran2019-10-065-0/+518
| | | | | | Signed-off-by: Dan Tran <dantran@microsoft.com> [Perl before 5.26.3 and 5.28.x before 5.28.1] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* json-c: Don't --enable-rdrandAdrian Bunk2019-10-061-2/+0
| | | | | | | | | | | | | | | | | | In recent years AMD CPUs have had various problems with RDRAND giving either non-random data or no result at all, which is problematic if either build or target machine has a CPU with this problem. The fallback is /dev/urandom, and I'd trust the kernel here. --enable-rdrand was added in an upgrade to a new upstream version without mentioning any reason. [YOCTO #13534] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* unzip: fix CVE-2019-13232Dan Tran2019-10-064-0/+513
| | | | | Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* elfutils: CVE fix for elfutilsShubham Agrawal2019-10-063-0/+221
| | | | | | | | | CVE: CVE-2019-7664.patch CVE: CVE-2019-7665.patch Sign off: Shubham Agrawal <shuagr@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* qemu: Fix 4 CVEsDan Tran2019-10-057-54/+351
| | | | | | | | | Fixes CVE-2018-18954, CVE-2019-3812, CVE-2019-6778, and CVE-2019-8934. Also deleted duplicated patch and cleanup. Signed-off-by: Dan Tran <dantran@microsoft.com> [fixup for thud-next] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/selftest/context: ensure log directory existsChen Qi2019-10-031-0/+1
| | | | | | | | | | Ensure log directory exists to avoid the following error. FileNotFoundError: [Errno 2] No such file or directory: '/.../build-selftest/tmp/log/oe-selftest-results-20181207043431.log' Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linux-yocto/4.14: update to v4.14.143Bruce Ashfield2019-09-243-16/+16
| | | | | | | | Updating to the latest 4.14 -stable. Lightly build and boot tested on qemu* Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* pango: fix CVE-2019-1010238Anuj Mittal2019-09-242-1/+41
| | | | | | | | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 65631a048f57965745dc8cc23cb80c4c3a71ba94) [Fix up for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* patch: backport fixesAnuj Mittal2019-09-243-0/+175
| | | | | | | | | | | | | The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 12f9689cba740da6b8c7d9292c74c3992c2e18f2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* patch: fix CVE-2019-13638Trevor Gamblin2019-09-242-0/+45
| | | | | | | | | | (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 555b0642579c00c41bc3daab9cef08452f9834d5) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libxslt: fix CVE-2019-13117 CVE-2019-13118Anuj Mittal2019-09-243-1/+112
| | | | | | | | | (From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libxslt: Cve fix CVE-2019-11068Muminul Islam2019-09-242-0/+129
| | | | | Signed-off-by: Muminul Islam <muislam@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3: Fix CVEsDan Tran2019-09-245-0/+599
| | | | | | | | Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636, CVE-2019-9740, and CVE-2019-9747. Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python: Fix 3 CVEsDan Tran2019-09-243-0/+348
| | | | | | | Fixes CVE-2018-20852, CVE-2019-9740, and CVE-2019-9747 Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* binutils: Fix 4 CVEsDan Tran2019-09-245-0/+342
| | | | | | | | | Fixes CVE-2018-20623, CVE-2018-20651, CVE-2018-20-671, and CVE-2018-1000876 for binutils 2.31.1. Signed-off-by: Dan Tran <dantran@microsoft.com> [fixed up .inc for thud-next context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dhcp: Replace OE specific patch for compatibility with latest bind with ↵Adrian Bunk2019-09-243-2883/+80
| | | | | | | | | | upstream patch This also fixes a dhcp breakage noticed by Enrico Scholz. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dhcp: drop lost patchRuslan Bilovol2019-09-241-117/+0
| | | | | | | | | | | | Commit 7cb42ae87ef9 "dhcp: update 4.4.1" dropped 0008-tweak-to-support-external-bind.patch from recipe, but left the patch itself in source tree. Remove this patch since nobody uses it. Cc: Armin Kuster <akuster808@gmail.com> Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dhcp: fix issue with new bind changesArmin Kuster2019-09-082-0/+2883
| | | | Signed-off-by: Armin Kuster <akuster808@gmail.com>
* go: update to 1.11.13, minor updatesArmin Kuster2019-09-051-3/+3
| | | | | | | | | | | | | | | | | | | | | Source: golang.org MR: 99376 Type: Security Fix Disposition: Backport from golang.org ChangeID: 41576ab4a0abdebbc44f1a35a83bf04e5f2fde06 Description: https://golang.org/doc/devel/release.html go1.11.11 (released 2019/06/11) includes a fix to the crypto/x509 package. See the Go 1.11.11 milestone on our issue tracker for details. go1.11.12 (released 2019/07/08) includes fixes to the compiler and the linker. See the Go 1.11.12 milestone on our issue tracker for details. go1.11.13 (released 2019/08/13) includes security fixes to the net/http and net/url packages. See the Go 1.11.13 milestone on our issue tracker for details. Includes CVE: CVE-2019-14809 Signed-off-by: Armin Kuster <akuster@mvista.com>
* bind: upgrade 9.11.5 -> 9.11.5-P4Adrian Bunk2019-09-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | Source: OE.org MR: 99751, 99752, 99753 Type: Security Fix Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-connectivity/bind?h=warrior&id=5d286da0fbe1a7ded2f84eec990e49d221bdeab4 ChangeID: ce3719ea11bd03af3baeca51a22115badf84be01 Description: Bugfix-only compared to 9.11.5, mostly CVE fixes. COPYRIGHT checksum changed due to 2018 -> 2019. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Included cves: CVE-2018-5744 CVE-2018-5745 CVE-2019-6465 ] Signed-off-by: Armin Kuster <akuster@mvista.com>
* bind: update to latest LTS 9.11.5Armin Kuster2019-09-042-75/+3
| | | | | | | | | | | | | | | | | | | | | | | Source: bind.org MR: 99750 Type: Security Fix Disposition: Backport from bind.org ChangeID: bca5c436229f1b8c7e8eb3e45fc6188ffdb5e224 Description: includes: CVE-2018-5738 drop patch for CVE-2018-5740 now included in update see: https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html Add RECIPE_NO_UPDATE_REASON for lts Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Also includes CVE-2018-5740] Signed-off-by: Armin Kuster <akuster@mvista.com>
* binutils: Security fix for CVE-2019-12972Armin Kuster2019-09-042-0/+40
| | | | | | | | | | | | | | | | Source: git://sourceware.org / binutils-gdb.git MR: 98770 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031 ChangeID: 7ced6bffbe01cbeadf50177eb332eef514baa19c Description: Fixes CVE-2019-12972 Signed-off-by: Armin Kuster <akuster@mvista.com> [v2] forgot to refresh inc file before sending
* binutils: Security fix for CVE-2019-14444Armin Kuster2019-09-042-0/+34
| | | | | | | | | | | | | | | Source: git://sourceware.org / binutils-gdb.git MR: 99255 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 ChangeID: 67ad4ab1ec34b941bdcfbb4f55d16176bbbd3d72 Description: Affects: <= 2.32.0 Fixes CVE-2019-14444 Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gcc: Security fix for CVE-2019-14250Armin Kuster2019-09-042-0/+45
| | | | | | | | | | | | | | Source: gcc.org MR: 99120 Type: Security Fix Disposition: Backport from https://gcc.gnu.org/viewcvs?rev=273794&root=gcc&view=rev ChangeID: 28ab763c18f1543607181cd9657f45f7752b6fcb Description: Affects < 9.2 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* qemu: add a patch fixing the native build on newer kernelsBartosz Golaszewski2019-08-163-10/+346
| | | | | | | | | | | The build fails on qemu-native if we're using kernels after commit 0768e17073dc527ccd18ed5f96ce85f9985e9115. This adds an upstream patch that fixes the issue. Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Refactoried for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libcomps: fix CVE-2019-3817Andrii Bordunov via Openembedded-core2019-08-152-0/+98
| | | | | Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>