Age | Commit message (Collapse) | Author |
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The following CA certificate was Re-Added. It was removed in NSS 3.34, but has been re-added with only the Email trust bit set. (bug 1418678)
CN = Certum CA, O=Unizeto Sp. z o.o.
SHA-256 Fingerprint: D8:E0:FE:BC:1D:B2:E3:8D:00:94:0F:37:D2:7D:41:34:4D:99:3E:73:4B:99:D5:65:6D:97:78:D4:D8:14:36:24
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Contains fixes,
- timeout option missing the argument option ":" to getopt
- utils.c: Prefer monotonic clock to calculate elapsed time
- Add support to avoid load/run twice a run_ptest script
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This was patching -lxslt directly into the pkgconfig file, but XSLT_LIBS already
contains this so the patch is redundant.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
FTP isn't as reliable as HTTP.
[ YOCTO #12398 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
ICU library libicudata is created with a wrong endianness if the host
and target have different endianness. (e.g. build ICU for qemuppc on
x86-64 host)
See upstream bug report: http://bugs.icu-project.org/trac/ticket/11758
The discussion in oe-core mailing list:
https://www.mail-archive.com/openembedded-core@lists.openembedded.org/msg65155.html
The root cause is the native pkgdata can not generate correct icu data
for different endianness. By default, this data is built into the shared
library libicudata that would cause it corrupt. But ICU also provides
additional options for loading the data. With option
--with-data-packaging=archive, ICU outputs a single icudt.dat file which
can be loaded by the library.
See document: http://userguide.icu-project.org/icudata
So for big endian system, we can use the separated data file which
re-generates by icupkg and set the correct ICU_DATA environment variable
to make sure the library can load the data without problems.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Refreshed the following patch:
iconv-m4-remove-the-test-to-convert-euc-jp.patch
No change in license as update in License Checksum is due
to change in Copyright years.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
autoreconf finds autoconf/local.m4 on its own, so there's no need to mess around
with a fork of aclocal.m4 as acinclude.m4.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
For these reasons:
1) Upstream website has been dead for quite a while now;
2) Nothing is actually using neon in oe-core, except one gstreamer plugin in gst-plugins-bad
(and I couldn't find evidence of that plugin being used anywhere)
However, the recipe is still required by libmusicbrainz in meta-oe and so it will be moved there
(with the tarball taken from debian).
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
forward ported patch
assuan-def.h checksum changed do to "SPDX formating"
assuan.c checksum changes do to "SPDX formating"
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
for more info see:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.34_release_notes
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
merge .inc
forward ported two patches to work with 3.4
for more info see:
http://lists.gnu.org/archive/html/info-gnu/2017-11/msg00007.html
Change SRC_URI to use GNU download instead of liu.se, which interacts badly with
wget 1.19.2 and downloads uncompressed tarballs (RB).
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
XX nettle: update SRC_URI
|
|
zlib configure.ac support removed in 3.6.1
drop patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rebase a couple of patches.
LICENSE checksum change due to typo fix.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
nss ignores CFLAGS so we suggest them via CC.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
For recipes that depend on native ca-certificates.crt, /etc should be
added to the list of directories that automatically populate the
sysroot, otherwise the file may not be there.
Signed-off-by: Patrick Vacek <patrick@advancedtelematic.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
2.60.1 -> 2.60.2
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Double free in i18n/zonemeta.cpp in International Components for Unicode
(ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary
code via a crafted string, aka a "redundant UVector entry clean up
function call" issue.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-14952
Upstream patches:
http://bugs.icu-project.org/trac/changeset/40324/trunk/icu4c/source/i18n/zonemeta.cpp
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove upstreamed patch:
1. sqlite3-fix-CVE-2017-13685.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
0.4.14 -> 0.4.15
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
As there are no alternative providers for virtual/db remove the PROVIDES and
recipes can just depend on db.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove --disable-glibtest as ./configure no longer has it.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Drop 0001-nls.m4-Take-it-from-gettext-0.15.patch as it's now
upstreamed.
Remove --disable-xevie option:
https://github.com/GNOME/at-spi2-core/commit/644096a28a47bdf5c6e0c34c9cd5b944df059925
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Add a patch to fix bjam-native compile error (due to mistyped
variable name).
Drop upstreamed patch.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Drop upstreamed patches, including pkg-config support patch,
as upstream now does use pkg-config.
configure.in is now configure.ac, adjust recipe accordingly.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
|
|
Improve reproducible build of curl-dev and curl-dbg packages.
curl-dev: Correctly remove build host references from curl-config
curl-dbg: Do not generate time stamps in files generated by mkhelp.pl
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Triggered by looking at why Python doesn't find db.h (because it greps db.h for
a regex, and db.h is actually a oe_multilib_header wrapper) I realised that the
only reason we have to oe_multilib_header db.h is because one typedef is
different between 32-bit and 64-bit architectures.
However, the typedef is for a 64-bit integer so instead of using long (64-bit)
or long long (32-bit), just use int64_t. Some of the overly complicated
configure tests need to be deleted after this change but that is safe as we're
building in a controlled environment and can assume int64_t exists.
With this done the header doesn't change between architectures, and it doesn't
need to be wrapped by oe_multilib_header.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove the rfkill bash completion file that util-linux provides
to avoid conflicts.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This is a bug fix release on the
current stable branch. Note that, I've also switched the release
cadence to bi-monthly as less and less bug fixes/updates accumulate
each month on this branch.
** API and ABI modifications:
No changes since last version.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
LICENSE files changed:
Amend licence to relax its conditions for chains of binary distributions.
removed included patches
includes CVE-2017-8399
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.33_release_notes
* TLS compression is no longer supported. API calls that attempt to enable compression are accepted without failure. However, TLS compression will remain disabled.
* This version of NSS uses a formally verified implementation of Curve25519 on 64-bit systems.
* The compile time flag DISABLE_ECC has been removed.
* When NSS is compiled without NSS_FORCE_FIPS=1 startup checks are not performed anymore.
* Fixes CVE-2017-7805, a potential use-after-free in TLS 1.2 server when verifying client authentication
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.32_release_notes
The Websites (TLS/SSL) trust bit was turned off for the following root certificates.
* CN = AddTrust Class 1 CA Root
SHA-256 Fingerprint: 8C:72:09:27:9A:C0:4E:27:5E:16:D0:7F:D3:B7:75:E8:01:54:B5:96:80:46:E3:1F:52:DD:25:76:63:24:E9:A7
* CN = Swisscom Root CA 2
SHA-256 Fingerprint: F0:9B:12:2C:71:14:F4:A0:9B:D4:EA:4F:4A:99:D5:58:B4:6E:4C:25:CD:81:14:0D:29:C0:56:13:91:4C:38:41
The following CA certificates were Removed:
* CN = AddTrust Public CA Root
SHA-256 Fingerprint: 07:91:CA:07:49:B2:07:82:AA:D3:C7:D7:BD:0C:DF:C9:48:58:35:84:3E:B2:D7:99:60:09:CE:43:AB:6C:69:27
* CN = AddTrust Qualified CA Root
SHA-256 Fingerprint: 80:95:21:08:05:DB:4B:BC:35:5E:44:28:D8:FD:6E:C2:CD:E3:AB:5F:B9:7A:99:42:98:8E:B8:F4:DC:D0:60:16
* CN = China Internet Network Information Center EV Certificates Root
SHA-256 Fingerprint: 1C:01:C6:F4:DB:B2:FE:FC:22:55:8B:2B:CA:32:56:3F:49:84:4A:CF:C3:2B:7B:E4:B0:FF:59:9F:9E:8C:7A:F7
* CN = CNNIC ROOT
SHA-256 Fingerprint: E2:83:93:77:3D:A8:45:A6:79:F2:08:0C:C7:FB:44:A3:B7:A1:C3:79:2C:B7:EB:77:29:FD:CB:6A:8D:99:AE:A7
* CN = ComSign Secured CA
SHA-256 Fingerprint: 50:79:41:C7:44:60:A0:B4:70:86:22:0D:4E:99:32:57:2A:B5:D1:B5:BB:CB:89:80:AB:1C:B1:76:51:A8:44:D2
* CN = GeoTrust Global CA 2
SHA-256 Fingerprint: CA:2D:82:A0:86:77:07:2F:8A:B6:76:4F:F0:35:67:6C:FE:3E:5E:32:5E:01:21:72:DF:3F:92:09:6D:B7:9B:85
* CN = Secure Certificate Services
SHA-256 Fingerprint: BD:81:CE:3B:4F:65:91:D1:1A:67:B5:FC:7A:47:FD:EF:25:52:1B:F9:AA:4E:18:B9:E3:DF:2E:34:A7:80:3B:E8
* CN = Swisscom Root CA 1
SHA-256 Fingerprint: 21:DB:20:12:36:60:BB:2E:D4:18:20:5D:A1:1E:E7:A8:5A:65:E2:BC:6E:55:B5:AF:7E:78:99:C8:A2:66:D9:2E
* CN = Swisscom Root EV CA 2
SHA-256 Fingerprint: D9:5F:EA:3C:A4:EE:DC:E7:4C:D7:6E:75:FC:6D:1F:F6:2C:44:1F:0F:A8:BC:77:F0:34:B1:9E:5D:B2:58:01:5D
* CN = Trusted Certificate Services
SHA-256 Fingerprint: 3F:06:E5:56:81:D4:96:F5:BE:16:9E:B5:38:9F:9F:2B:8F:F6:1E:17:08:DF:68:81:72:48:49:CD:5D:27:CB:69
* CN = UTN-USERFirst-Hardware
SHA-256 Fingerprint: 6E:A5:47:41:D0:04:66:7E:ED:1B:48:16:63:4A:A3:A7:9E:6E:4B:96:95:0F:82:79:DA:FC:8D:9B:D8:81:21:37
* CN = UTN-USERFirst-Object
SHA-256 Fingerprint: 6F:FF:78:E4:00:A7:0C:11:01:1C:D8:59:77:C4:59:FB:5A:F9:6A:3D:F0:54:08:20:D0:F4:B8:60:78:75:E5:8F
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Porting patch from <https://github.com/curl/curl/commit/
5ff2c5ff25750aba1a8f64fbcad8e5b891512584> to solve CVE-2017-1000254.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch changes the result of the nettle dlopen-test
from FAIL to PASS. The test used to fail because the test could not
find and load libnettle.so.
This patch fixes this by using absolute path instead of relative.
This was the only test out of 88 that used to fail.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This build time option is needed to use the '--dns-interface' runtime
parameter to instruct 'curl' to use a specific interface for DNS
resolution.
Not enabled by default, as it depends on 'c-ares' package from
meta-openembedded (meta-networking).
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Update libgcrypt version from 1.8.0 to 1.8.1.
Signed-off-by: Jussi Laako <jussi.laako@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|