| Age | Commit message (Collapse) | Author |
|---|
|
Stable branch bug fix and security release.
One patch update, none deleted.
This is expected to be the final release in the 2.62.x stable series
Changes:
Fix SOCKS5 username/password authentication (#1986)
Exception handling fixes on Windows (!1373)
Bugs fixed:
1986 Socks5 Proxy: Authentication seems broken
1988 Socks5 Proxy: Wrong error returned when using no authentication
2049 Crash in g_array_copy
1378 Backport !1373 win32 exception fixes to glib-2-62
1380 Backport !1254 “giomodule: gio modules are no longer installed in bindir on MSVC” to glib-2-62
1393 Backport !1390 “garray: Fix copying an array with reserved elements” to glib-2-62
1394 Backport part of !1375 “tests: Skip g-file-info-filesystem-readonly test if bindfs fails” to glib-2-62
1411 Backport SOCKS5 fixes to glib-2-62
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Stable branch bug fix and security release.
One patch updated, three removed since they are no longer needed
Changes (from release notes):
Fix potential relative read when calling g_printerr(), which could lead to a
denial of service from a setuid-root process being used to block access to the
TTY for another user (#1919)
Fix SOCKS proxy resolver sometimes not being used when resolving addresses
via Happy Eyeballs (CVE-2020-6750) (#1989)
Several other Happy Eyeballs fixes for address resolution (#1871, #1872, #1902)
Fix parsing of full Julian day range from $TZ environment variable (#1999)
Several race condition/crash fixes (!1353, !1357)
Bugs fixed:
1919 read from relative path in g_printerr() in 2.58.3
1995 Tracker issue for Happy Eyeballs regressions
1999 GTimeZone fails to accept full Julian day range when parsing the direct $TZ string format
1323 Backport !1314 “gtimezone: fix parsing of Julian day in POSIX TZ format” to glib-2-62
1331 Backport !1330 “W32: Correctly set st_ino when doing private stat()” to glib-2-62
1352 Backport !1351 “glib.supp: update g-threaded-resolver-getaddrinfo-config” to glib-2-62
1361 Backport !1353 GMainContext source reference fixes to glib-2-62
1365 Refactor g_socket_client_connect_async()
1370 Backport !1369 “build: Rework path construction to reliably add prefix” to glib-2-62
1371 Backport !1357 “gunixmounts: Make GUnixMountMonitor thread-safe” to glib-2-62
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Bug and CVE fix release
Fixes CVE-2020-13645
Details of changes at:
https://gitlab.gnome.org/GNOME/glib-networking/-/commits/glib-2-62
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Currently in NVD DB an item popped up, which hasn't set baseMetricV2.
Let the parser handle it as an optional item.
In case use baseMetricV2 before baseMetricV3
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fdcbf3f28289188c5a97664d1421d4a5c4991eda)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The blocks which test for entry exitence (file or directory) use a
`A && B || C` syntax. This form is not behaving as a if-then-else block
even the code logic assumes that. C may run when A is true which breaks
the case where VERBOSE is 'no' but the file/directory exists.
Along with fixing these specific issues, this patch fixes the other
instances where blocks of form `A && B || C` are used as if-then-else.
Signed-off-by: Andrei Gherzan <andrei@gherzan.ro>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1b9ea22acb66554925720e04cf24100664234574)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Andrei Gherzan <andrei@gherzan.ro>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0a128a238f63d52aa82f8c63ee2f84ab528b3346)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Source: glibc.org
MR: 104799
Type: Security Fix
Disposition: Backport from beea361050728138b82c57dda0c4810402d342b9
ChangeID: 29df826fb697fdd2742c3bace33388bda962c5f1
Description:
Signed-off-by: Armin Kuster <akuster@gmvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ffa4fa35e1f6132b19788166a2b87517d9e17d95)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
settimeofday(2) has been deprecated as of glibc 2.31
which hwclock makes use of. This patch makes hwclock
compatible with glibc v2.31
See patch for more details:
busybox/0001-hwclock-make-glibc-2.31-compatible.patch
Fixes [YOCTO #13981]
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The update via Commit https://git.openembedded.org/openembedded-core/commit/meta/recipes-core/glibc?id=2c7e0e0bf32eb1ed0b7d8acddb16c0d1e93f2aa1
should have added the whitelist for this CVE removed
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 213ac2d345ec6d4ef0daf7a7d8237038a914c491)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE: CVE-2018-1000500
Signed-off-by: Rahul Kumar <rahulk@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Commit 992cec44 (coreutils: Move stdbuf into an own package
coreutils-stdbuf) breaks package-qa when the single-binary
PACKAGECONFIG is used:
ERROR: coreutils-8.32-r0 do_package_qa: QA Issue: /usr/bin/stdbuf contained in package coreutils-stdbuf requires /usr/bin/coreutils, but no providers found in RDEPENDS_coreutils-stdbuf? [file-rdeps]
ERROR: coreutils-8.32-r0 do_package_qa: QA run found fatal errors. Please consider fixing them.
With that PACKAGECONFIG, /usr/bin/stdbuf is just a simple "script"
containing the single line
#!/usr/bin/coreutils --coreutils-prog-shebang=stdbuf
Since there's no point splitting stdbuf to its own package when all
the functionality is in the single big coreutils binary anyway, fix
this by not creating the separate stdbuf package for the single-binary
case. But also make sure that the coreutils-stdbuf item always exists
so recipes can always RDEPEND on coreutils-stdbuf.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 74d24b5b895198898944260136d05e991a203c11)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
as this is already packaged in kernel-install package,
it shouldn't be part of the base package
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ed04241f30e12e7c0479026a9e354e49dfa4119c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
in container image, it don't have init system,
install package initscripts will report error:
systemctl: command not found
fix by use same way as systemd.bbclass to decide if systemctl
mask will run
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 790276bde066ecc9876120c3097dcd57a9936f00)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This unit was changed from 'BindsTo' in the following commit.
"""
commit f0f359ec9210759f6b4dbfb35d3fba8af208c43a
Author: Jason Wessel <jason.wessel@windriver.com>
Date: Thu Aug 29 07:00:31 2019 -0700
serial-getty@.service: Allow device to fast fail if it does not exist
"""
It was changed back to 'BindTo' in the following commit.
"""
commit 63bbff61b78c651339c4b18d8376187379ec3b3c
Author: Otavio Salvador <otavio.salvador@gmail.com>
Date: Fri Jun 12 14:30:44 2020 -0300
systemd: Sync systemd-serialgetty@.service with upstream
"""
This is now causing runtime problem for qemuarm64. The default.target
is not reached until a timeout. Output is like below.
"""
root@qemuarm64:~# systemd-analyze
Bootup is not yet finished (org.freedesktop.systemd1.Manager.FinishTimestampMonotonic=0).
Please try again later.
Hint: Use 'systemctl list-jobs' to see active jobs
root@qemuarm64:~# systemctl list-jobs
JOB UNIT TYPE STATE
102 getty.target start waiting
1 multi-user.target start waiting
95 systemd-update-utmp-runlevel.service start waiting
110 serial-getty@hvc0.service start waiting
111 dev-hvc0.device start running
"""
We can see that we are waiting for /dev/hvc0, while in fact there's no /dev/hvc0.
Jason's commit actually solves such problem.
So restore to use Jason's method. Do not use 'BindsTo'.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 43b989c1231d3d867303ccebceda72364a9519ee)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is a bugfix release:
ver 0.32:
Fix issue with handling D-Bus watch removal.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98d97384167a8d297650e49f9cabf4fae823b4a0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The systemd upstream has been doing some improvements in the service
which were not in sync, with the forked file. Mainly:
- Use BindsTo to bind the service with the required serial device
- Add of getty-pre.target as dependency so we can run things before
getty@.service and serial-getty@.service
- Add conflicts to rescue to avoid issues with sulogin
We did not change the ExecStart and Environment fields so we don't have
side effects of this change.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 63bbff61b78c651339c4b18d8376187379ec3b3c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The autobuilder has been experiencing SSL: CERTIFICATE_VERIFY_FAILED
errors during error report uploads when using buildtools due to looking
for certs in /opt/poky
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 197f1d5d14b8e57295f5a81c03c86abba5328614)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
There are few fixes specifically for compiling with gcc10 that are good
to have, before hitting them later
Backport build fix from master for aarch64 with gcc10
Drop CVE-2020-10029 patch its already applied on latest 2.31 branch
latest glibc 2.31 added fix for __getauxval/aarch64 issue
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2c7e0e0bf32eb1ed0b7d8acddb16c0d1e93f2aa1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This was fixed in upstream version 4.4.12.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 281d53ebab4c4c1b6c880ab14761d715196fb8d7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
staging_populate_sysroot_dir() collects postinsts from the sysroot
and executes them. These postinsts, in turn, may call binaries that
are only available from the sysroot. This works fine with recipe-specific
sysroots, as all necessary paths are already in PATH, but breaks down
in this recipe which imitates the old global sysroot way but doesn't adjust
the PATH to include the binary paths from global sysroot.
To reproduce the failure:
$ bitbake docbook-xml-dtd4-native
$ bitbake -c build_native_sysroot build-sysroots
...
Exception: subprocess.CalledProcessError: Command '/home/akanavin/build/tmp/sysroots/x86_64/usr/bin/postinst-docbook-xml-dtd4-native-xmlcatalog' returned non-zero exit status 127.
Subprocess output:
/home/akanavin/build/tmp/sysroots/x86_64/usr/bin/postinst-docbook-xml-dtd4-native-xmlcatalog: 5: /home/akanavin/build/tmp/sysroots/x86_64/usr/bin/postinst-docbook-xml-dtd4-native-xmlcatalog: xmlcatalog: not found
/home/akanavin/build/tmp/sysroots/x86_64/usr/bin/postinst-docbook-xml-dtd4-native-xmlcatalog: 8: /home/akanavin/build/tmp/sysroots/x86_64/usr/bin/postinst-docbook-xml-dtd4-native-xmlcatalog: xmlcatalog: not found
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6b5f7bda4204d45cd29670cefcd53dc5da031095)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
22af6a2595dbec98ce4a2e3b1324ad8d400390ad removed the PACKAGES
setting, but left the FILES-assignments of libsysfs-dev and -staticdev.
As these have no use anymore they can be safely removed
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 941cc0cd0a69e95ca571a9a8cb0732bb06fa2b3a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This tool can be turned on in busybox which lead into a error during
do_rootfs.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eb22e7a1190a79fd74ae54f23a13ec4932f41b0d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since commit [882ae0dcce core-image-minimal-initramfs: use
initramfs-framework for initialization] applied, it should
keep the restriction with initramfs-module-install
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 295dbabce213855432b6274026e3b45a18b90e80)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Currently only VERSION_ID field is sanitized, but os-release (5) has
more fields with the same requirement. Moreover, those fields come
unquoted in most distributions, because quotes are not needed for a
values without whitespaces.
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Backport patches from upstream to fix a build error in the kill utility.
Fixes:
| In file included from ../util-linux-2.35.1/misc-utils/kill.c:57:
| ../util-linux-2.35.1/include/pidfd-utils.h: In function ‘pidfd_open’:
| ../util-linux-2.35.1/include/pidfd-utils.h:19:17: error: ‘SYS_pidfd_open’ undeclared (first use in this function); did you mean ‘pidfd_open’?
Signed-off-by: Benjamin Fair <benjaminfair@google.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is needed in particular for newer versions of rpm
which would otherwise fail to build due to absence of omp.h header.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This ensures that we have go compiler installed into image along with
runtime
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
RISCV64 now supports golang (starting dunfell), therefore limit
disabling to rv32 only.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The common bzip2 license was renamed from "bzip2" to "bzip2-1.0.6" in
commit 669600ef to match the official SPDX identifier.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
On ubuntu 18.04.1, it does not provides `mdir' by default
which caused `wic ls **.wic' failed on fat partition
...
$ wic ls build/tmp-glibc/deploy/images/xilinx-zynqmp/wrlinux-image-std-xilinx-zynqmp.wic
ERROR: Can't find executable 'mdir'
...
Add nativesdk-mtools to buildtools-tarball and use buildtools
to provide mdir
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This is a bugfix release:
ver 0.31:
Fix issue with verification of the second certificate in chain.
Fix issue with handling trusted CA matching in verification.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
License-Update: Updated copyright years [1]
Latest master 0.10.x+ has added support for mips/mips64, which should
help compile ruby on musl for these architectures
Switch SRC_URI to github upstream URI
Check for common arches before checking others in map_kernel_arch
Drop already upstreamed patches
[1] https://github.com/kaniini/libucontext/commit/d31eaabbaf5f45656c10e4bccd3fe6653a7d3ec1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Builds like native-openjdk, really wants a to link
some tools against the static version. Since when
using the extended tarball, its the only place to
get it, add the library.
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently, this unit is packaged into udev-hwdb which then adds it as rdep
instead of rrecommends to systemd itself, this meant that even if we
added udev-hwdb to BAD_RECOMMENDATIONS, it would not be respected since
its a rdep, therefore move the service unit file into udev package
instead, this decouples the hard runtime dependency and restores the bad
recommendations expectations
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Alex Kiernan <alex.kiernan@gmail.com>
Cc: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Avoid confusing messages caused by EIO on reading
/proc/sys/net/ipv6/conf/*/stable_secret if those are not set yet.
Make it behave the same as procps(>=3.3.13).
Fixes:
$ sysctl -a | grep ipv6.conf | grep stable_secret
sysctl: error reading key 'net.ipv6.conf.all.stable_secret': Input/output error
sysctl: error reading key 'net.ipv6.conf.default.stable_secret': Input/output error
sysctl: error reading key 'net.ipv6.conf.eth0.stable_secret': Input/output error
sysctl: error reading key 'net.ipv6.conf.lo.stable_secret': Input/output error
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport fixes introduced in 2.63.6 for memory leaks and memory corruption in
GMainContext
Upstream merge: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1353
Fixes SIGSEGV in GStreamer:
Thread 2 "multihandlesink" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff6bb9700 (LWP 18045)]
0x00007ffff7d65992 in g_source_unref_internal (source=0x7ffff00047d0, context=0x55555561c800, have_lock=1) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:2146
2146 ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c: No such file or directory.
(gdb) bt
#0 0x00007ffff7d65992 in g_source_unref_internal (source=0x7ffff00047d0, context=0x55555561c800, have_lock=1) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:2146
#1 0x00007ffff7d65bb6 in g_source_iter_next (iter=iter@entry=0x7ffff6bb8db0, source=source@entry=0x7ffff6bb8da8) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:980
#2 0x00007ffff7d67ef3 in g_main_context_prepare (context=context@entry=0x55555561c800, priority=priority@entry=0x7ffff6bb8e30) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:944
#3 0x00007ffff7d6896b in g_main_context_iterate (context=context@entry=0x55555561c800, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:3900
#4 0x00007ffff7d68b4c in g_main_context_iteration (context=0x55555561c800, may_block=may_block@entry=1) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gmain.c:3981
#5 0x00007ffff6be4482 in gst_multi_socket_sink_thread (mhsink=0x555555679ab0 [GstMultiSocketSink]) at ../../../gst-plugins-base-1.14.4/gst/tcp/gstmultisocketsink.c:1164
#6 0x00007ffff7d8fb35 in g_thread_proxy (data=0x55555565c770) at ../../../../../../../repo/workspace/sources/glib-2.0/glib/gthread.c:784
#7 0x00007ffff7841ebd in start_thread (arg=<optimized out>) at pthread_create.c:486
#8 0x00007ffff7aa12bf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
#8 0x00007ffff7aa12bf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Signed-off-by: Daniel Gomez <daniel@qtec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
During a busybox upgrade on a ipk based system, it is possible
that busybox is the only shell in the system. During the uninstall
the alternative for /bin/sh is removed and everything after that
goes down hill.
* Add a check to verify if busybox is the shell, and save it to
the busyboxrm directory created in tmp. Then add an alternative
for /bin/sh that points to that busybox at the lowest priority.
* Add PATH to the busyboxrm directory using shell(as during an upgrade
busybox and its links are missing).
* When install over remove extra busybox if present.
deb and rpm are uneffected by the bug because they both drag in bash,
however neither upgrade seemed to have issue with the changes.
[YOCTO 13850]
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fix logic for CVE DB update so that when the CPE version is '-',
it keeps the version as '-' in the DB file too and leave other
operation as blank.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CPE version could be '-' to mean no version info.
Current cve_check treat it as not valid and does not report these
CVE but some of these could be a valid vulnerabilities.
Since non-valid CVE can be whitelisted, so treat '-' as all version
and report all these CVE to capture possible vulnerabilities.
Non-valid CVE to be whitelisted separately.
[YOCTO #13617]
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This reverts commit 4e692daf66d2c9d51d418706e20f4527505dc0bd.
The patch did not take into consideration of read-only rootfs, causing
the following regression.
ERROR "The following packages could not be configured offline and rootfs is read-only: ['100-ifupdown']"
The original patch was added to resolve problem running `ifup eth1' on
a systemd based rootfs. However, when using systemd, we do not use ifup
to manage our network interfaces.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
systemd sets net.core.default_qdisc = fq_codel, include
kernel-module-sch-fq-codel in RRECOMMENDS to satify this
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Steve Sakoman
Konrad Weihmann
Andrei Gherzan
Armin Kuster
Sakib Sajal
akuster
Lee Chee Yang
Rahul Chauhan
Rasmus Villemoes
Changqing Li
Chen Qi
Pierre-Jean Texier
Otavio Salvador
Khem Raj
Adrian Bunk
Alexander Kanavin
Marco Felsch
hongxu
Richard Purdie
Vyacheslav Yurkov
Benjamin Fair
Peter Kjellerstedt
Jeremy Puhlman
Yi Zhao
Daniel Gomez
Alex Kiernan