| Age | Commit message (Collapse) | Author |
|---|
|
Backport a patch [1] to fix CVE-2023-50495.
[1] http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=7723dd6799ab10b32047ec73b14df9f107bafe99
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
So far it was assumed that it was detected ok for target recipe but
actually it ends up with warnings and build moves on, however with
gcc-14 these warnings are treated as errors and we see the problem even
with target recipes.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Serial tty is hung after reset command -
$echo "test " >> /dev/ttyS0
test
$stty -a < /dev/ttyS0
speed 115200 baud; rows 34; columns 153; line = 0;
intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>;
start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R;
werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0;
-parenb -parodd -cmspar cs8 hupcl -cstopb cread clocal -crtscts
-ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon ixoff -iuclc -ixany -imaxbel iutf8
opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon -iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc
$reset
$echo "test " >> /dev/ttyS0
^C
$stty -a < /dev/ttyS0
^C
Updating reset_tty_settings API with latest code which fixes tty hung issue
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix CVE-2023-29491.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These tests do not include needed headers which results in warnings and
as errors when using -Werror or latest clang e.g.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is to avoid check-version reporting a broken current version
(6.3+nnnn sorts higher than 6.3 and isn't tagged in upstream git).
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The GitHub mirror of ncurses is updated daily, whereas the Debian
packaging repository is only updated when they do an upgrade.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes a fix for CVE-2022-29458
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
which has the same info as the in-file header used in before
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ncurses does AC_TRY_RUN() to determine is poll() actually works. As that
doesn't work in cross-compiles, we seed it with 'yes'.
However, MinGW doesn't have a working poll(), so use a :linux override
so that this only applies to Linux builds.
The ncurses build now compiles but doesn't link in MinGW, which is a step
forwards at least.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
lnr is a script in oe-core that creates relative symlinks, with the same
behaviour as `ln --relative --symlink`. It was added back in 2014[1] as
not all of the supported host distributions at the time shipped
coreutils 8.16, the first release with --relative.
However the oldest coreutils release in the supported distributions is
now 8.22 in CentOS 7, so lnr can be deprecated and users switched to ln.
[1] 6ae3b85eaffd1b0b6914422e8de7c1230723157d
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
This update was made with the script added to contrib in this patch which
aims to help others convert other layers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This recudes the file count from ~2850 to ~100 which is a huge win
for reducing build directory clutter, its unlikely anything uses the
terminfo data or man pages in the sysroot. This is especially helpful
as we usually end up with two copies of these sets of files.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By default ncurses includes the values of LDFLAGS in its output
pkgconfig .pc files. This causes issues because OE includes options that
are specific to either the build host, or build configuration. These
options are not expected to be embedded in the pkgconfig output that is
installed.
Specifically this change resolves issues with uninative, where uninative
includes '-Wl,--dynamic-linker=' in LDFLAGS in order to force the
building and execution of native binaries against the dynamic linker
provided by uninative. This path is specific to TMPDIR at the time of
build, such that the installed files (and the associated sstate) have
this path. This prevents the sstate from being portable across build
directories/hosts.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed when ncurses-terminfo-base is not installed:
$ infocmp
infocmp: couldn't open terminfo file linux.
The required file is in ncurses-terminfo-base
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adjust for other st implementations
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of having a config.cache that overrides the system site files,
simply set the values in CACHED_CONFIGUREVARS. We can also drop the
mkstemp check as the configure.ac assumes it works, leaving just
nanosleep.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This will be needed again when using patchlevel versions again.
Also make it more generic.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: copyright years and holders
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The build was deciding whether to rename manpages based upon the presence of
/etc/debian_version. Be explicit about the configuration instead and
ensure determinism.
[YOCTO #13781]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Include the version number in a format that is comparable to what we get
from NVD.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport changes to tinfo/comp_hash.c, tinfo/parse_entry.c,
and progs/dump_entry.c from upstream to fix CVEs.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This reverts commit 91227184b59df30222e45abf2edf13e4e65164a1.
Instead of fixing incorrect regex, the commit actually broke the correct one.
Before the reverted commit:
alexander@alexander-box:~/development/poky$ devtool check-upgrade-status ncurses
INFO: ncurses 6.1 6.1+20181013 Hongxu Jia <hongxu.jia@windriver.com> 7a97a7f937762ba342d5b2fd7cd090885a809835
After the reverted commit:
alexander@alexander-box:~/development/poky$ devtool check-upgrade-status ncurses
INFO: ncurses 6.1 UNKNOWN_BROKEN Hongxu Jia <hongxu.jia@windriver.com>
The code in bitbake/lib/bb/fetch2/git.py actually splits each tag
with '/' as separator and takes only the last part for some reason,
so the "debian/" or "upstream/" prefixes are never a part of the string
that is matched against regex:
https://salsa.debian.org/debian/ncurses/tags
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The upstream git tag has a `upstream/' prefix, such as:
>>> import re
>>> pattern = "upstream/(?P<pver>\d+(\.\d+)+(\+\d+)*)"
>>> string = "upstream/6.1+20181013"
>>> result = re.match(pattern, string)
>>> result['pver']
'6.1+20181013'
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This can save configure time since it runs configure multiple times:
$ time bitbake ncurses-native -cconfigure
35s -> 25s
Saved 10s
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix handling of escape characters in regexs and hence fix python
Deprecation warnings which will be problematic in python 3.8.
Note that some show up as:
"""
meta/classes/package.bbclass:1293: DeprecationWarning: invalid escape sequence \.
"""
where the problem isn't on 1293 in package.bbclass but in some _prepend to a
package.bbclass function in a different file like mesa.inc, often from
do_package_split() calls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Rebase 0001, 0002
2. Fix [already-stripped] QA Issue
Since the following commit add, it strip executables which
are installed by default.
...
commit 087eaf92c621098927f3f98e3652411de48f8b6b
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 21 08:01:41 2018 +0100
Import upstream patch 20180120
20180120
+ build-fix in picsmap.c for stdint.h existence.
+ add --disable-stripping option to configure scripts.
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Debian anonscm service in Alioth is shutdown and thus
fetching ncurses sources fails.
https://wiki.debian.org/Alioth
"Alioth is broken, and there is nobody around to fix it. Don't ask the remaining people who give it life support to implement fixes and changes. It is being replaced by a cocktail of ?GitLab (see Salsa), read-only repos and keep-alive mechanisms. See below for more information."
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
termlib needs to be disabled on some targets e.g. mingw
this change paves the way for doing that. Functionally
it does not change anything for other platforms
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Ncurses doesn't honour ${libdir} for terminfo, so try more options to remove it.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Other sections of the .inc already use mkdir -p, so use it here as well.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
- Drop backported CVE fix
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
CVE-2017-13728, CVE-2017-13731
There is an illegal address access in the function dump_uses() in progs/dump_entry.c
in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_safe_strcat function in
strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
There is an illegal address access in the function _nc_read_entry_source()
in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_save_str function in
alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in
ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an illegal address access in the function postprocess_termcap()
in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13734
https://nvd.nist.gov/vuln/detail/CVE-2017-13732
https://nvd.nist.gov/vuln/detail/CVE-2017-13731
https://nvd.nist.gov/vuln/detail/CVE-2017-13730
https://nvd.nist.gov/vuln/detail/CVE-2017-13729
https://nvd.nist.gov/vuln/detail/CVE-2017-13728
Upstream patch:
https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=129aac80802d997b86ab0663836b7fdafb8e3926
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rebase patches:
- tic-hang.patch -> 0001
- configure-reproducible.patch -> 0002
Drop fix-cflags-mangle.patch, which accepted by upstream
...
commit 1b74f120ab7be89011408a6ad0f1c748a314bae8
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 26 09:01:34 2017 +0100
Import upstream patch 20170225
20170225
+ fixes for CF_CC_ENV_FLAGS (report by Ross Burton).
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
After switching to Recipe Specific Sysroots, ncurses
will not be populated in its own sysroots, then
siteconfig_gencache fails to find some headers,
so add ${SYSROOT_DESTDIR}/${includedir} into the
search list to fix the issue.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The --disable-static option doesn't exist in ncurses. Its equivalent is
--without-normal so remove the option which does nothing.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Build static libraries without the binutils "ar" -U option.
This option deliberately breaks deterministic mode.
The option seems to be a relic from 2015, intended as a workaround
for some unspecified build problems.
[YOCTO#11247]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a patch to fix the CC/CFLAGS mangling that broke builds. [RB]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Newer host distributions are moving to ncurses6, therefore add entries so the
host's ncurses{w}6-config scripts aren't picked up.
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
Mingli Yu
Khem Raj
Soumya Sambu
Chen Qi
Alexander Kanavin
Ross Burton
Richard Purdie
Konrad Weihmann
Ross Burton
Peter Kjellerstedt
Nathan Rossi
Robert Yang
Ross Burton
Adrian Bunk
Anuj Mittal
Trevor Gamblin
Hongxu Jia
Mikko Rapeli
Koen Kooi
Ovidiu Panait
Jackie Huang
Juro Bystricky
Trevor Woerner