| Age | Commit message (Collapse) | Author |
|---|
|
Google Code has been shut down so libproxy tarball needs to be
fetched from elsewhere.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus
making them apply broader than cookies are allowed. This can allow arbitrary
sites to set cookies that then would get sent to a different and unrelated site
or domain.
(From OE-Core rev: ddbaade8afbc9767583728bfdc220639203d6853)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
By not detecting and rejecting domain names for partial literal IP addresses
properly when parsing received HTTP cookies, libcurl can be fooled to both
sending cookies to wrong sites and into allowing arbitrary sites to set cookies
for others.
(From OE-Core rev: 985ef933208da1dd1f17645613ce08e6ad27e2c1)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-support/curl/curl_7.35.0.bb
|
|
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x
and possibly other products, allows local users to obtain private RSA
keys via a cache side-channel attack involving the L3 cache, aka
Flush+Reload.
Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in
git://git.gnupg.org/libgcrypt.git
Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
|
|
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.Per: http://cwe.mitre.org/data/definitions/787.html
(From OE-Core rev: 191cab2f679491c2b6ddba49c5cf4886dcd22f57)
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
the patch comes from:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-1544
https://hg.mozilla.org/projects/nss/rev/204f22c527f8
author Robert Relyea <rrelyea@redhat.com>
https://bugzilla.mozilla.org/show_bug.cgi?id=963150
Bug 963150: Add nssCertificate_AddRef and nssCertificate_Destroy calls
to PK11_ImportCert to prevent nssTrustDomain_AddCertsToCache from
freeing the CERTCertificate associated with the NSSCertificate. r=wtc.
(From OE-Core rev: 7ef613c7f4b9e4ff153766f31dae81fc4810c0df)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Mozilla Network Security Services (NSS) before 3.15.2 does
not ensure that data structures are initialized before
read operations, which allows remote attackers to cause a
denial of service or possibly have unspecified other
impact via vectors that trigger a decryption failure.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1739
(From OE-Core rev: 9b43af77d112e75fa9827a9080b7e94f41f9a116)
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-support/nss/nss.inc
|
|
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5606
https://bugzilla.mozilla.org/show_bug.cgi?id=910438
http://hg.mozilla.org/projects/nss/rev/d29898e0981c
The CERT_VerifyCert function in lib/certhigh/certvfy.c in
Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides
an unexpected return value for an incompatible key-usage certificate
when the CERTVerifyLog argument is valid, which might allow remote
attackers to bypass intended access restrictions via a crafted certificate.
(From OE-Core rev: 1e153b1b21276d56144add464d592cd7b96a4ede)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-support/nss/nss.inc
|
|
configure.ac references the m4 directory so things like gtkdocize
will try and place m4 files there. We need to ensure the directory
exists or the builds can fail.
(From OE-Core rev: 0ced649c055dd25c500d0fd34e4ea94504d98580)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backported patch for CVE-2014-3466.
This patch is for daisy.
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933
changeset: 10946:f28426e944ae
user: Wan-Teh Chang <wtc@google.com>
date: Tue Nov 26 16:44:39 2013 -0800
summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
changeset: 10945:774c7dec7565
user: Wan-Teh Chang <wtc@google.com>
date: Mon Nov 25 19:16:23 2013 -0800
summary: Bug 713933: Declare the |falseStart| local variable in the smallest
changeset: 10848:141fae8fb2e8
user: Wan-Teh Chang <wtc@google.com>
date: Mon Sep 23 11:25:41 2013 -0700
summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
changeset: 10898:1b9c43d28713
user: Brian Smith <brian@briansmith.org>
date: Thu Oct 31 15:40:42 2013 -0700
summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
(From OE-Core rev: 11e728e64e37eec72ed0cb3fb4d5a49ddeb88666)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492
https://bugzilla.mozilla.org/show_bug.cgi?id=903885
changeset: 11063:709d4e597979
user: Kai Engert <kaie@kuix.de>
date: Wed Mar 05 18:38:55 2014 +0100
summary: Bug 903885, address requests to clarify comments from wtc
changeset: 11046:2ffa40a3ff55
tag: tip
user: Wan-Teh Chang <wtc@google.com>
date: Tue Feb 25 18:17:08 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie
changeset: 11045:15ea62260c21
user: Christian Heimes <sites@cheimes.de>
date: Mon Feb 24 17:50:25 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling, r=kaie
(From OE-Core rev: a83a1b26704f1f3aadaa235bf38094f03b3610fd)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Git-replacement-native needs the generated files in place for https:// URIs:
WARNING: Failed to fetch URL git://github.com/kernelslacker/trinity.git;protocol=https, attempting MIRRORS if available
ERROR: Fetcher failure: Fetch command failed with exit code 128, output:
Cloning into bare repository '/build/linaro/build/build/downloads/git2/github.com.kernelslacker.trinity.git'...
fatal: unable to access 'https://github.com/kernelslacker/trinity.git/': error setting certificate verify locations:
CAfile: /build/linaro/build/build/tmp-eglibc/sysroots/x86_64-linux/etc/ssl/certs/ca-certificates.crt
CApath: none
ERROR: Function failed: Fetcher failure for URL: 'git://github.com/kernelslacker/trinity.git;protocol=https'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /build/linaro/build/build/tmp-eglibc/work/aarch64-oe-linux/trinity/1.3-r0/temp/log.do_fetch.7843
ERROR: Task 1378 (/build/linaro/build/meta-linaro/meta-linaro/recipes-extra/trinity/trinity_1.3.bb, do_fetch) failed with exit code '1'
(From OE-Core rev: 74a772727cbf4d76d2ef314041acafb3086e4ff9)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the adaptation for the a bugfix upstream
The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release
interfered with the upstream fix for
https://sourceforge.net/p/curl/bugs/1350/
(From OE-Core rev: c5a52f5b5ae7c5528bc59ee7fb69a2f460a89b81)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
[sgw - rebased patch for daisy]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Mostly cosmetic, but entries in PACKAGES should be specified the exact same way as FILES/RRECOMMENDS entries to avoid problems.
(From OE-Core rev: 4d2a7f47a9830788455afe00a7c6a857cebbcb81)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
attr needs libintl headers and libs. Add in the missing dependency and
ensure the linker flag gets passed in multilib builds by replacing the
PN == BPN check with a class-target override instead.
(From OE-Core rev: c19fb913006eb53025e5db1574d973c8d7ceec76)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this, uclibc builds fail with libtool version mismatches. The issue
is that we need to remove the files in ${S}, not ${B} which is now
the default after the B != S change.
(From OE-Core rev: 054151c77dae51e2826eeac9b9ae2de3a08f0bb6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
mkhelp: generate code for --disable-manual as well
This allows configure --disable-manual to run and build without having
to regenerate the src/tool_hugehelp.c file which otherwise is necessary
since we ship tarballs with that file present.
(From OE-Core rev: 544a96255203a6779d1f0022d003c6680f330511)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
While multible hosts sharing a common sstate cache, the fist host using
bash as default shell and build apr, the second host using dash as
default shell and build apr-util, there was a failure in apr-util:
...
| /bin/sh: 0: Can't open i586-poky-linux-libtool
| make[1]: *** [dbm/apr_dbm_gdbm.lo] Error 127
| make[1]: *** Waiting for unfinished jobs....
| make[1]: Leaving directory
`tmp/work/i586-poky-linux/apr-util/1.5.2-r0/apr-util-1.5.2'
...
The quick way to reproduce the defect in Ubuntu 1204:
1. Create a new build
2. sudo dpkg-reconfigure dash <set bash as /bin/sh>
3. bitbake apr
4. sudo dpkg-reconfigure dash <set dash as /bin/sh>
5. bitbake apr-util
Remove the use of $(SHELL) in the apr could avoid this issue.
(From OE-Core rev: 53af71200b6f6d117e1e7dc2e7a7d21c6faab8f9)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
gperf straight invoke is not suitable for cross environment (gperf-native should be used instead).
Formal patch has been submited to the upstream.
As libcap 2.24 is currently available, I prefer doing this quick fix.
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and
3.15 before 3.15.3 allows remote attackers to cause a denial
of service or possibly have unspecified other impact via
invalid handshake packets.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5605
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Integer overflow in Mozilla Network Security Services (NSS)
3.15 before 3.15.3 allows remote attackers to cause a denial
of service or possibly have unspecified other impact via a
large size value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1741
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions
with certain patterns that introduce a side channel, which allows physically
proximate attackers to extract RSA keys via a chosen-ciphertext attack and
acoustic cryptanalysis during decryption. NOTE: applications are not typically
expected to protect themselves from acoustic side-channel attacks, since this
is arguably the responsibility of the physical device. Accordingly, issues of
this type would not normally receive a CVE identifier. However, for this
issue, the developer has specified a security policy in which GnuPG should
offer side-channel resistance, and developer-specified security-policy
violations are within the scope of CVE.
Signed-off-by: Yong Zhang <yong.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits
cleared (no usage permitted) as if it has all bits set (all usage permitted),
which might allow remote attackers to bypass intended cryptographic protection
mechanisms by leveraging the subkey.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was an error about mips-gcc optimization while compiling
libsoup-2.4 2.45.3 with DEBUG_OPTIMIZATION enabled.
The test code of libsoup-2.4 2.45.3 triggered gcc assert which located
in gcc/dwarf2out.c:20810:
...
20806 gcc_assert (prev
20807 && (CALL_P (prev)
20808 || (NONJUMP_INSN_P (prev)
20809 && GET_CODE (PATTERN (prev)) == SEQUENCE
20810 && CALL_P (XVECEXP (PATTERN (prev), 0, 0)))));
...
The issue test code is the C function 'do_qvalue_tests' located in
tests/header-parsing.c.
The 2.45.92 have refactored the test code and this issue has been fixed.
So backport the fix to 2.45.3.
[YOCTO #5512]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The result of getfacl is sorted by user id.
In Centos or RHEL, bin user id is 1 and daemon user id is 2.
But in our image, bin user id is 2 and daemon user id is 1.
The patch fixes this issue to make ptest pass.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The compileflags and linkflags do_boostconfig puts into user-config.jam are
having no effect. According to
http://www.boost.org/boost-build2/doc/html/bbv2/reference/tools.html the
correct syntax would be <compileflags>"the flags" <linkflags>"the flags".
Since the flags specified were having no effect they can't be necessary and
can be safely removed. We should be passing ${CFLAGS}, ${CXXFLAGS} and
${LDFLAGS} instead so that users of the recipe can pass arbitrary flags as
they choose.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise we end up with missing symbols from libpthread
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
console-kit-log-system-start.service fails to to start if the
/var/log/ConsoleKit directory does not exist. Normally it is created
automatically but as we mount a tmpfs at /var/log, we need to add
a tmpfiles.d entry to create it.
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This is a very old version of Mozilla's Javascript engine, isn't
actually used by anything in OE-Core now that web is gone, and in public
layers outside of OE-Core is apparently only used by mediatomb within
meta-baryon.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* resolves following warnings:
WARNING: Use of PRINC 17 was detected in the recipe meta-openembedded/meta-systemd/recipes-core/systemd/systemd-machine-units_1.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_0.12.10.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_git.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-multimedia/recipes-multimedia/sox/sox_14.4.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer-common.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe meta-smartphone/meta-android/recipes-bsp/chroot-script/chroot-script_1.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/bind/bind_9.8.1.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-serialgetty.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/screen/screen_4.0.3.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow_4.1.4.3.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/libsdl/libsdl_1.2.15.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-kernel/modutils-initscripts/modutils-initscripts.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb (or one of its .bbappends)
WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-support/libcap/libcap_2.22.bb (or one of its .bbappends)
WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-bsp/keymaps/keymaps_1.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-compat-units.bb (or one of its .bbappends)
WARNING: Use of PRINC 12 was detected in the recipe openembedded-core/meta/recipes-core/initscripts/initscripts_1.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 13 was detected in the recipe openembedded-core/meta/recipes-core/base-files/base-files_3.0.14.bb (or one of its .bbappends)
WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/navit/navit_svn.bb (or one of its .bbappends)
WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.02.97.bb (or one of its .bbappends)
WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-connectivity/portmap/portmap_6.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-extended/pam/libpam_1.1.6.bb (or one of its .bbappends)
WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-efl/recipes-efl/efl/entrance_svn.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer2_git.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-bsp/formfactor/formfactor_0.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi_0.6.31.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/dhcp/dhcp_4.2.5-P1.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-core/init-ifupdown/init-ifupdown_1.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-graphics/xinput-calibrator/pointercal-xinput_0.0.bb (or one of its .bbappends)
WARNING: Use of PRINC 5 was detected in the recipe meta-openembedded/meta-oe/recipes-core/meta/distro-feed-configs.bb (or one of its .bbappends)
WARNING: Use of PRINC 5 was detected in the recipe openembedded-core/meta/recipes-connectivity/bluez/bluez4_4.101.bb (or one of its .bbappends)
WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-base.bb (or one of its .bbappends)
WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-core-boot.bb (or one of its .bbappends)
WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb (or one of its .bbappends)
WARNING: Use of PRINC 7 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/gpsd/gpsd_3.7.bb (or one of its .bbappends)
WARNING: Use of PRINC 7 was detected in the recipe openembedded-core/meta/recipes-core/udev/udev-extraconf_1.0.bb (or one of its .bbappends)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a Debian patch to fix a load of errors building the documentation
within do_compile e.g.:
| ./x509-api.texi:15: misplaced {
| ./x509-api.texi:15: misplaced }
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
certificates.
This patch is for the OE-Core master branch - it comes from upstream:
>From 467478d8ff08a3cb4be3034ff04c9d08a0ceba3e
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 12 Feb 2014 16:41:33 +0100
For more info see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959
http://www.gnutls.org/security.html#GNUTLS-SA-2014-1
https://www.gitorious.org/gnutls/gnutls/commit/467478d8ff08a3cb4be3034ff04c9d08a0ceba3e
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch is for the OE-Core master branch - it comes from upstream:
git://gitorious.org/gnutls/gnutls.git
branch: gnutls_2_12_x
commit: 6aa26f78150ccbdf0aec1878a41c17c41d358a3b
Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu Feb 27 19:42:26 2014 +0100
For more info see:
http://www.gnutls.org/security.html#GNUTLS-SA-2014-2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092
https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b
Signed-off-by: Karl Hiramoto <karl@hiramoto.org>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch goes through the OE-Core recipes and marks those which use autotools
but don't support a separate build directory (${S} != ${B}). A new class,
autotools-brokensep is used for this purpose.
This doesn't introduce any change in behaviour in its own right.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since we are re-doing the version from a big number down to a dot
based number we have to bump the Package Epoch (PE).
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It defined the CC to ${TARGET_PREFIX}gcc which lost the --sysroot and was
incorrect, it would cause unexpected errors, we should define it as CC=${CC}.
[YOCTO #5869]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Completes previous commit b5292d4115a4555a66b5e35acdc67dd71fb8577f.
Updates SUMMARY[doc] (meta/conf/documentation.conf).
Changes:
- rename DESCRIPTION with length < 80 to (non present tag) SUMMARY
- drop final point character at the end of SUMMARY string
- remove trailing whitespace of SUMMARY line
Note: don't bump PR
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Install libpcre test suite and run it as ptest.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
By default LDFLAGSICUDT=-nodefaultlibs -nostdlib for Linux
which means DT_NEEDED section for libicu will not be populated
with dependencies when we reset it to be empty then the default
libraries it needs are added to DT_NEEDED section in ELF header
This patch is a workaround as I consider it for now, since it could
be a problem in glibc dynamic loader for arm (especially for hf case)
where its unable to load shared objects which dont have any dependencies
expressed in DT_NEEDED segment.
here is when LDFLAGSICUDT=-nodefaultlibs -nostdlib
Dynamic section at offset 0x1549c10 contains 8 entries:
Tag Type Name/Value
0x0000000e (SONAME) Library soname:
[libicudata.so.51]
0x00000010 (SYMBOLIC) 0x0
0x6ffffef5 (GNU_HASH) 0xf8
0x00000005 (STRTAB) 0x188
0x00000006 (SYMTAB) 0x138
0x0000000a (STRSZ) 54 (bytes)
0x0000000b (SYMENT) 16 (bytes)
0x00000000 (NULL) 0x0
here is one with LDFLAGSICUDT empty
Dynamic section at offset 0x154a014 contains 22 entries:
Tag Type Name/Value
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x0000000e (SONAME) Library soname:
[libicudata.so.51]
0x00000010 (SYMBOLIC) 0x0
0x0000000c (INIT) 0x33c
0x0000000d (FINI) 0x500
0x6ffffef5 (GNU_HASH) 0xf8
0x00000005 (STRTAB) 0x204
0x00000006 (SYMTAB) 0x144
0x0000000a (STRSZ) 192 (bytes)
0x0000000b (SYMENT) 16 (bytes)
0x00000003 (PLTGOT) 0x154a0f8
0x00000002 (PLTRELSZ) 16 (bytes)
0x00000014 (PLTREL) REL
0x00000017 (JMPREL) 0x32c
0x00000011 (REL) 0x2fc
0x00000012 (RELSZ) 48 (bytes)
0x00000013 (RELENT) 8 (bytes)
0x6ffffffe (VERNEED) 0x2dc
0x6fffffff (VERNEEDNUM) 1
0x6ffffff0 (VERSYM) 0x2c4
0x6ffffffa (RELCOUNT) 1
0x00000000 (NULL) 0x0
btw. ldd reveals the fist one to be static library while the second
one is detected as shared library. This could be a clue into how
elf headers are being interpreted by dynamic loader.
The data seems to be all static in libicudata which could
load it quicker and thats what could be confusing dynamic linker ..may
be
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Rename SUMMARY with length > 80 to DESCRIPTION.
Note: don't bump PR
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Install attr test suite and run it as ptest.
ext test cases need depend on specific filesystem. So exclude them
order to make ptest all pass.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Install acl test suite and run it as ptest.
nfs test cases need depend on nfs service. So exclude them order to
make ptest all pass.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This reverts commit 4c80c557508e088fe226bfa1834464b505404652.
We *cannot* have nss becoming machine specific, that makes no sense.
|
|
Read kernel version from ${STAGING_KERNEL_DIR}/kernel-abiversion, to avoid
to use the hardcode kernel version.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
point CA bundle to /etc/ssl/certs/ca-certificates.crt instead of using the buildhost location, Configure would look at the buildhost and hardcode the bundle location for there into the target. This leads to non-working https support.
Also remove the empty and now useless curl-certs packages since it's empty and no ALLOW_EMPTY has been set.
Apart from making https work again with curl cmdline this also fixes libcurl which means git can fetch https repos as well instead of erroring out.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Andre McCurdy
Chong Lu
Kai Kang
Xufeng Zhang
Li Wang
yzhu1
Richard Purdie
Valentin Popa
Koen Kooi
Tudor Florea
Hongxu Jia
Matthieu Crapet
Yong Zhang
Ming Liu
Mike Crowe
Khem Raj
Jonathan Liu
Paul Eggleton
Martin Jansa
Karl Hiramoto
Saul Wold
Cristiana Voicu
Robert Yang
Roy Li