Paul Eggleton [Thu, 29 May 2014 17:17:15 +0000 (18:17 +0100)]
bitbake: fetch2: improve handling of two classes of URL parameter mistakes
Handle the following situations in a URL (e.g. in SRC_URI):
* Trailing semicolon in a URL - this is now ignored.
* Parameter specified with no value (no equals sign). This still
produces an error, but at least it is MalformedUrl with a proper
message rather than "ValueError: need more than 1 value to unpack".
(Bitbake rev:
bfd13dfbc4c9f1dd8315002271791b1d9e274989)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 30 May 2014 09:19:20 +0000 (10:19 +0100)]
bitbake: Revert "toaster: toaster oe-selftest support"
This reverts commit
bb5b1d6b139b886e54bfdc0c17f2b556db6a7fde.
Applied to incorrect repo.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ionut Chisanovici [Wed, 21 May 2014 14:15:07 +0000 (15:15 +0100)]
toaster: toaster oe-selftest support
This patch adds toaster tests using the oe-selftest infrastructure.
You need to have builds done - the tests will verify data integrity
after the toaster collection phase.
Once you have your toaster builds done, to run the automated backend
tests via oe-selftest do the followings:
1. Update builddir/conf/bblayers.conf to contain the meta-selftest
layer
2. From the builddir run:
'oe-selftest toaster'
or if you just want to run a single test:
'oe-selftest toaster.Toaster_DB_Tests.testname'
This first part adds the meta/lib/oeqa toaster file.
(From OE-Core rev:
762d425ed6f6d9046d3e3230c44b42ea6173b447)
Signed-off-by: Ionut Chisanovici <ionutx.chisanovici@intel.com>
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Armin Kuster [Wed, 28 May 2014 21:21:39 +0000 (14:21 -0700)]
Update tzcode to 2014c
(From OE-Core rev:
3fa9508521d27e17bfe1a0aeb15d7fc2377218cd)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Armin Kuster [Wed, 28 May 2014 21:21:38 +0000 (14:21 -0700)]
Update tzdata to 2014c
Removed solar-time experiment as per
http://mm.icann.org/pipermail/tz/2013-November/020488.html
(From OE-Core rev:
57af3fb9662106f0a65a1b4edf83e2398be0a8f1)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tudor Florea [Wed, 28 May 2014 16:59:54 +0000 (18:59 +0200)]
ethtool: use serial-tests config needed by ptest.
buildtest-TESTS and runtest-TESTS targets are required by ptest.
In order to have those targets in automake 1.13.4 serial-tests
should be specified since parallel-tests is assumed by default
and serial-tests is optional.
ptest results:
PASS: test-cmdline
PASS: test-features
==================
All 2 tests passed
==================
(From OE-Core rev:
15bdef1f25ef567caf2f2e270de899e35da7cca9)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 28 May 2014 16:38:36 +0000 (17:38 +0100)]
sstatesig: Move saferecipedeps handling to be earlier
We want to use the saferecipedeps handling code to allow gcc-cross-* to
work on multiple different tunes. Its currently in target only code
so it needs to be earlier to allow it to work on native-> target
dependencies.
This change has no effect on existing uses but makes gcc-cross become
shared as desired.
(From OE-Core rev:
9e03db2dfab0b534b86fd48c9190b2d7d0d21238)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Roy Li [Thu, 22 May 2014 06:42:51 +0000 (14:42 +0800)]
openssl: add openssl-CVE-2010-5298.patch SRC_URI
make openssl-CVE-2010-5298.patch truely work
(From OE-Core rev:
eab33442480cc27a5cd00b3f46984fea74b7c0f9)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 28 May 2014 11:56:25 +0000 (12:56 +0100)]
readline: use upstream's aclocal.m4 as acinclude.m4
Instead of shipping a fork of the upstream aclocal.m4, simply rename it to
acinclude.m4 at configure time. We don't need the fork now that autoheader is
excluded.
(From OE-Core rev:
e531923c4c17becb2f1a8a89adfeff0a82961a4a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 28 May 2014 11:56:24 +0000 (12:56 +0100)]
readline: exclude autoheader from autoreconf
readline ships a hand-maintained config.h, instead of letting autoheader
generate one from configure.ac. The required arguments to AC_DEFINE are not in
configure.ac so autoheader will produce warnings and the generated code will not
behave as expected.
Solve this by excluding autoheader from autoreconf, so the upstream config.h.in
is used.
(From OE-Core rev:
8c37d32d6133c6ad2b9142e7a42775e7a979b570)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 28 May 2014 11:56:23 +0000 (12:56 +0100)]
readline: add missing STRUCT_DIRENT_D_* symbols to config.h.in
readline maintains config.h.in by hand but several symbols are incorrect. Fix
these so that the test results are reflected in config.h.
(From OE-Core rev:
bc0d0c71eca48be05490209261b88b1f92bcf847)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 20 Mar 2014 23:18:26 +0000 (16:18 -0700)]
tcmode-default.inc: Default to using gcc 4.9
(From OE-Core rev:
050dbf916b7da792be0f9ca2ee7895ceb397fbce)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexandru-Cezar Sardan [Wed, 28 May 2014 13:24:41 +0000 (16:24 +0300)]
gcc: add patch to fix errors with Decimal64 type
[OE-core bug #6270] - https://bugzilla.yoctoproject.org/show_bug.cgi?id=6270
(From OE-Core rev:
8f8ef80131d4aa62a4b106d365a5e7b6273c766d)
Signed-off-by: Alexandru-Cezar Sardan <alexandru.sardan-KZfg59tc24xl57MIdRCFDg@public.gmane.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Tue, 27 May 2014 19:58:59 +0000 (12:58 -0700)]
i2c-tools: Add i2c-tools to the core
i2c-tools has been sitting outside of oe-core for long enough now. It is
a required tool for board validation, and many people are pulling it
into their builds and their own layers. Let's add it to the core.
This patch includes the i2c-tools recipe from meta-oe as of:
commit
9df13b4140e8c6bfa0e4fb89107a6146981d2cdc
Author: Khem Raj <raj.khem@gmail.com>
Date: 2014-04-26
i2c-tools: Fix build when S != B
(From OE-Core rev:
32ac58819580d359e22161be1abf62215d202250)
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Khem Raj <raj.khem@gmail.com>
Cc: Martin Jansa <Martin.Jansa@gmail.com>
Cc: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Cc: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Fri, 23 May 2014 16:57:59 +0000 (09:57 -0700)]
linux-yocto-dev: Dynamic SRCREV update
The current implementation would result in the default SRCREVs being
used by the fetcher, even though the anonymous python would update them
to AUTOREV. This appears to be something to do with early parsing
bitbake black magic.
This patch ensures the default is never assigned if we are actually
building the recipe by using a function to assign it in the first place.
The USE_DEFAULT* variables are removed as they are not necessary to
allow for overriding the SRCREVs.
The anonymous python parse check is moved closer to the top of the
recipe to be a bit more logically representative of its intended
purpose.
(From OE-Core rev:
a0334b0de654a41c53df54ef80625094368113f6)
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Mon, 26 May 2014 17:40:10 +0000 (13:40 -0400)]
linux-yocto/3.10: bump kver to v3.10.40
Integrating the latest korg releases for the 3.10 kernel.
(From OE-Core rev:
574c03bd5fd73281472f8267a31cfecb235f1c65)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Mon, 26 May 2014 17:40:09 +0000 (13:40 -0400)]
beaglebone: enable the nowayout option for the watchdog
Bumping the meta SRCREV for the following fix:
[
The default watchdog behaviour is to stop the timer if the process
managing it closes the file /dev/watchdog. The system would not reboot
if watchdog daemon crashes due to a bug in it or get killed by other
malicious code. So we prefer to enable nowayout option for the
watchdong. With this enabled, there is no way of disabling the watchdog
once it has been started. This option is also enabled in the predecessor
of this BSP (beagleboard)
]
[YOCTO: 3937]
(From OE-Core rev:
7006412c285a4a6c75d5349f60dc71b0b735ff90)
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Mon, 26 May 2014 17:40:08 +0000 (13:40 -0400)]
linux-yocto-rt/3.14: update to 3.14-rt5
Updating the the latest 3.14-rt release.
(From OE-Core rev:
ca1d952c964ce25bf78d47c7a856105d59d72cac)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Mon, 26 May 2014 17:40:07 +0000 (13:40 -0400)]
linux-yocto/3.14: update to v3.14.4
Bumping the 3.14 recipes to the latest korg -stable release.
(From OE-Core rev:
5c0088767a59c63d2197b54450a54578fa10fa07)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Volker Vogelhuber [Mon, 26 May 2014 07:22:03 +0000 (09:22 +0200)]
bitbake: fetch2/hg: Fix missing proto param for hg checkout with user and pw
A fix for the former patch when checking out a repository with
username and password using HG
(Bitbake rev:
0e7b594ccbceb3149f38776cea204807031ef69f)
Signed-off-by: Volker Vogelhuber <v.vogelhuber@digitalendoscopy.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Fri, 23 May 2014 15:22:17 +0000 (16:22 +0100)]
bitbake: bitbake-layers: show-cross-depends: add support for RRECOMMENDS
RRECOMMENDS must be satisfied at build time, and these could cross layer
boundaries, so report these if they exist.
(Bitbake rev:
5569b3dca61e6d962494ca65c7aad09b2eb2ae63)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Fri, 23 May 2014 15:22:16 +0000 (16:22 +0100)]
bitbake: bitbake-layers: show-cross-depends: ignore self-satisfied RDEPENDS
Overlayed recipes caused this to show false positives because the
overlaying version appeared to be satisfying the overlayed version's
RDEPENDS; but you'd never be building both at the same time.
(Bitbake rev:
b94318174fe7f92b9a20eabb0bc4055066cb3d51)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Fri, 23 May 2014 15:22:15 +0000 (16:22 +0100)]
bitbake: bitbake-layers: show-cross-depends: ignore global inherits
It's not particularly useful to show globally inherited classes here
since they do not normally represent a dependency.
(Bitbake rev:
d16948bb88fcf44d861985838030be7c08697963)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Fri, 23 May 2014 15:22:14 +0000 (16:22 +0100)]
bitbake: bitbake-layers: show-cross-depends: add option to ignore a layer
By default, show-cross-depends shows dependencies on OE-Core (i.e.
"meta") which is not particularly useful. Add an option to allow you to
hide those. For example, to hide all dependencies on OE-Core:
bitbake-layers show-cross-depends -i meta
Multiple layers can be specified by using commas as separators (no
spaces).
(Bitbake rev:
0e9062e65acbb05c1d9b3a9145eb866c3d562309)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:55:50 +0000 (10:55 +0100)]
lighthttp: Use pkg-config for pcre dependency
(From OE-Core rev:
d2457880e7bb08b9c2f8d60e70b1d59ed84e9da9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:55:20 +0000 (10:55 +0100)]
libarchive: Use pkg-config for libxml2 dependency
(From OE-Core rev:
fe277bf0a61d5d7787dba699ee1ed4d979ba5cff)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:54:50 +0000 (10:54 +0100)]
libksba: Use pkg-config for dependencies
Use pkg-config in the m4 macros for the package, ensure we have a host
field in the .pc file.
(From OE-Core rev:
4a971a90988435902a4a8dd9c721d440cd80c0bd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:53:28 +0000 (10:53 +0100)]
gpgme: Update to ensure we pkg-config for dependencies
(From OE-Core rev:
ffffc627b21a3cf8b407d16a437793b5fddf7127)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:52:43 +0000 (10:52 +0100)]
libgcrypt: Use pkg-config for dependencies
Use pkg-config instead of -config files in the m4 macros.
(From OE-Core rev:
74d73cf1e4607cb313b5e4c7138b555d5999a46d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:51:20 +0000 (10:51 +0100)]
libxslt: Use pkg-config for dependencies
(From OE-Core rev:
f0479e60b660778ab27b946d426daa17a08a28ea)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:50:50 +0000 (10:50 +0100)]
gnupg: Convert to use pkg-config for dependencies
Use pkg-config to find pth instead of pth-config and our own macros from
aclocal-copy.
(From OE-Core rev:
437ad15de308769c9251a37ed41dabed5653fc96)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:50:00 +0000 (10:50 +0100)]
libassuan: Improve pkgconfig support
Add api_version and host to the .pc file and use pkg-config in the
m4 macros for the package.
(From OE-Core rev:
17e5793847601d2aeb497ffe14871df65543abfb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 22 May 2014 09:49:47 +0000 (10:49 +0100)]
libgpg-error: Extend pkgconfig support to m4 macros
Whilst there is currently .pc file pkgconfig support, it was unused by the
m4 macros. This extends the support so they're used instead of the -config
scripts.
(From OE-Core rev:
ff573270f7e87296840911189fd2087a1bc597f7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 27 May 2014 15:09:16 +0000 (16:09 +0100)]
devshell: Add interactive python shell
Being able to interact with the python context in the Bitbake task execution
environment has long been desireable. This patch introduces such a
mechanism. Executing "bitbake X -c devpyshell" will open a terminal connected
to a python interactive interpretor in the task context so for example you can
run commands like "d.getVar('WORKDIR')"
This version now includes readline support for command history and various other
bug fixes such as exiting cleanly compared to previous versions.
(From OE-Core rev:
36734f34fe6e4b91e293234687e63c02f5b3117e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Seebach [Wed, 28 May 2014 00:14:46 +0000 (19:14 -0500)]
pseudo: Honor umask again
The fchmodat-permissions patch was fine for the fchmod case, but
had the unintended side effect of disregarding umask settings for
open, mknod, mkdir, and their close relatives. Start tracking umask
and masking the umask bits out where appropriate.
(From OE-Core rev:
ce23c1cc33a015fbd184df6c16658353334ab611)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mike Crowe [Tue, 27 May 2014 16:28:43 +0000 (17:28 +0100)]
cmake: Avoid accidentally including libacl.h
The cmake recipe doesn't depend on libacl yet cmake will detect libacl.h
and use it by default. This risks build failures if libacl.h is unstaged
during the build and it also means that the build cmake will sometimes
support ACLs and sometimes not.
This can be avoided by setting ENABLE_ACL=0 but until the fix for
http://cmake.org/Bug/view.php?id=14866 is released we also need to set
HAVE_ACL_LIBACL_H=0.
(From OE-Core rev:
e76973b4ef687c5b36ed6f9eb202322ae4af9b9f)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Tue, 27 May 2014 19:47:45 +0000 (12:47 -0700)]
ddimage: Support Mac OS
Update the ddimage script to allow it to work on Mac OS too. The biggest
difference is sysfs vs diskutil and in the syntax of the stat command
between Mac OS and Linux, unfortunately. Workarounds using ls, cut, and
columns got really fragile really quickly. Relying on stat and switching
on uname seemed the more robust solution.
(From OE-Core rev:
8962fe11a0697348affb8a1ab95abca4995470a6)
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
Cc: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Valentin Popa [Wed, 21 May 2014 16:33:17 +0000 (19:33 +0300)]
eglinfo: updated to compile with mesa10+
Updated to the newer
4b317648ec6cf39556a9e5d8078f605bc0edd5de.
(From OE-Core rev:
9948e4239b88026804c33d84830dbfe6b0ed3e59)
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Valentin Popa [Wed, 21 May 2014 14:42:28 +0000 (17:42 +0300)]
libxshmfence: add it to oe-core
mesa 10+ depends on this (if the user builds mesa
with dri3 support enabled). So add it to oe-core.
(From OE-Core rev:
afa3e8943d9e52a2d20ceea1e6a02a3133ef79fa)
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Valentin Popa [Wed, 21 May 2014 14:39:49 +0000 (17:39 +0300)]
dri3proto: add it to oe-core
mesa 10+ depends on this (if the user builds mesa
with dri3 support enabled). So add it to oe-core.
(From OE-Core rev:
6a9717bd34854ecb56a4ab1731b6bf3cf4b471ea)
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sebastian Wiegand [Thu, 22 May 2014 10:24:16 +0000 (12:24 +0200)]
distro_features_check.bbclass: fix searching whole list
Search whole list of REQUIRED_DISTRO_FEATURES.
Print only the missing/conflicting feature on error.
(From OE-Core rev:
4290e10c17aa5477bbd57023c35426c12fcc25cb)
Signed-off-by: Sebastian Wiegand <sebastian.wiegand@gersys.de>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Thu, 22 May 2014 16:02:20 +0000 (09:02 -0700)]
weston: upgrade to 1.5.0
* replace 0001-remove-dependence-on-wayland-scanner-flags.patch with
disable-wayland-scanner-pkg-check.patch
* add make-lcms-configureable.patch (WIP... needs work)
= fix for JaMa test-dependencies
(From OE-Core rev:
7c40efb62f34f866c98a0b2df50d66c60d76143a)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Thu, 22 May 2014 16:02:19 +0000 (09:02 -0700)]
wayland: upgrade to 1.5.0
* update disable-macro-checks-not-used-for-scanner.patch
= trivial change to non-patched text (+ posix_fallocate)
* drop just-scanner.patch, no longer needed
(From OE-Core rev:
f453259c6710a6b3fb3c542b3921426baf160347)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 22 May 2014 14:28:32 +0000 (15:28 +0100)]
perl: stop perl-modules recommending perl-ptest
Change the logic that generates the perl-modules recommends to be an include
filter instead of an exclude filter, so that new sub-packages don't become
dependants of perl-modules (such as perl-ptest).
[ YOCTO #6203 ]
(From OE-Core rev:
94e164c5b5316e2797c5bab51d127935002c6008)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Roy Li [Thu, 22 May 2014 06:37:18 +0000 (14:37 +0800)]
babeltrace: fix alignment issue
Fix alignment issue in babeltrace
(From OE-Core rev:
862f14832d2d8a1917a5046d0299dbbbe6dc66da)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Roy Li [Thu, 22 May 2014 06:37:35 +0000 (14:37 +0800)]
lttng-tools: fix alignment issue
Fix alignment issue in lttng-tools
(From OE-Core rev:
539b77a29eb24b3896c9c436c0b4ce61c6b72b34)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cristian Iorga [Thu, 22 May 2014 09:33:51 +0000 (12:33 +0300)]
bluez5: upgrade to 5.19
- Fixes to OBEX, AVRCP browsing, HID over GATT
and handling of device unpaired events for dual-mode devices.
- New features: user space based HID host implementation (for BR/EDR).
(From OE-Core rev:
5dce15e6623748ce3c1456f12d5cde6edc1be939)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
yanjun.zhu [Tue, 20 May 2014 01:27:47 +0000 (09:27 +0800)]
perl: fix for CVE-2010-4777
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0,
5.14.0, and other versions, when running with debugging enabled,
allows context-dependent attackers to cause a denial of service
(assertion failure and application exit) via crafted input that
is not properly handled when using certain regular expressions,
as demonstrated by causing SpamAssassin and OCSInventory to
crash.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4777
(From OE-Core rev:
368df9f13ddf124e6aaaec06c02ab698c9e0b6c3)
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Seebach [Wed, 21 May 2014 23:12:33 +0000 (18:12 -0500)]
pseudo: handle fchmodat better, mask out unwanted write bits
It turns out that pseudo's decision not to report errors from
the host system's fchmodat() can break GNU tar in a very strange
way, resulting in directories being mode 0700 instead of whatever
they should have been.
Additionally, it turns out that if you make directories in your
rootfs mode 777, that results in the local copies being mode 777,
which could allow a hypothetical attacker with access to the
machine to add files to your rootfs image. We should mask out
the 022 bits when making actual mode changes in the rootfs.
This patch represents a backport to the 1.5.1 branch of three
patches from the 1.6 branch, because it took a couple of tries
to get this quite right.
(From OE-Core rev:
45371858129bbad8f4cfb874e237374a5ba8db4c)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Philip Balister [Wed, 21 May 2014 12:57:12 +0000 (08:57 -0400)]
python-native : Add patch to fix configure error with gcc 4.8.
We apply this patch to the python recipe already. Without this patch
the zeroc-ice-native recipe will not build.
See: http://bugs.python.org/issue17547 for more details.
(From OE-Core rev:
2335a8ed3748e687e7f34f21f27f8e4029d1e26b)
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Wed, 21 May 2014 04:47:29 +0000 (21:47 -0700)]
bitbake.conf: add default ${CPAN_MIRROR}
* Set default to http://search.cpan.org/CPAN/, as it should be
(From OE-Core rev:
7cf349c3f1f195d529fbd73ce4bf63a439ffa4e6)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Wed, 21 May 2014 04:47:28 +0000 (21:47 -0700)]
mirrors.bbclass: add ${CPAN_MIRROR} option
* Perl modules fail to fetch because default CPAN site has been flaky lately.
* Create option to use metacpan.org as a mirror.
(From OE-Core rev:
ffca381d9ad5de3e593c93274cfdb3d2ff4a447f)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Tue, 20 May 2014 02:49:47 +0000 (10:49 +0800)]
initramfs-live-install: avoid using grub.d/40_custom
We have this in recipes-bsp/grub/grub/40_custom:
[snip]
menuentry "Linux" {
set root=(hd0,1)
linux /vmlinuz root=__ROOTFS__ rw __CONSOLE__ __VIDEO_MODE__ __VGA_MODE__ quiet
}
[snip]
These lines are only for initrdscripts/files/init-install.sh, the side
effect is that it would make the target's grub-mkconfig doesn't work
well since the 40_custom will be installed to /etc/grub.d/40_custom, the
grub-mkconfig will run the 40_custom, and there will always be a
'menuentry "Linux"' menu in grub.cfg no matter it is valid or not, we
can do this in init-install.sh rather than grub to fix the problem,
which is also much simpler.
(From OE-Core rev:
8ae89d08454c11035eb2826a06e2243c9f2568b4)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 21 May 2014 16:50:17 +0000 (17:50 +0100)]
taglib: Force a disable of the floating dependency on boost
taglib appears to depend on boost if it finds it in the sysroot. Force
it not to do this. Someone with better cmake skills may be able to
do this in a neater way.
(From OE-Core rev:
2c6c6c98416e5a458a02106524b5aa10a4b71d60)
(From OE-Core rev:
87fd1d7331f6f64a9037d97672dbe66d93f276de)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 20 May 2014 01:28:26 +0000 (09:28 +0800)]
guile: Update to 2.0.11 version
Upgrade guile to 2.0.11 version and remove unneeded patch since
it's included in new version.
(From OE-Core rev:
f1727bb18f35ff01e53d3d442a6ff3c613639fa6)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 20 May 2014 06:37:42 +0000 (14:37 +0800)]
byacc: Update to
20140422 version
Upgrade byacc to
20140422 version.
(From OE-Core rev:
d58ab8819724cf460360458ac6e59a9c0ca7966c)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 20 May 2014 05:59:46 +0000 (13:59 +0800)]
flex: Update to 2.5.39 version
Upgrade flex to 2.5.39 version.
(From OE-Core rev:
701f1ae89926306dfbd19786fe0ddabc36fb485c)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 28 Apr 2014 03:12:34 +0000 (11:12 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0849
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849
(From OE-Core rev:
1a43a8054f51fbd542f3f037dc35f8b501e455bf)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 13:02:51 +0000 (21:02 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0850
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850
(From OE-Core rev:
69f3f0f94f4fd224e5a6b275207adf0539d085c3)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:24:18 +0000 (20:24 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0856
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856
(From OE-Core rev:
571ccce77859435ff8010785e11627b20d8b31f4)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:04:19 +0000 (20:04 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0854
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854
(From OE-Core rev:
b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:51:12 +0000 (19:51 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851
(From OE-Core rev:
8c9868d074f5d09022efc9419ee09eb805f68394)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:44:28 +0000 (19:44 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0858
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858
(From OE-Core rev:
0ee8754c973f5eff3ba4d00319a5308888c12b17)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:37:10 +0000 (15:37 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0852
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852
(From OE-Core rev:
37f9371b44bd914fdd64e4c4e4448a2908512203)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:10:15 +0000 (15:10 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0845
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845
(From OE-Core rev:
cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 03:56:19 +0000 (11:56 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0868
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868
(From OE-Core rev:
29dcc2c8e834cf43e415eedefb8fce9667b3aa40)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 25 Apr 2014 08:26:00 +0000 (16:26 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2099
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099
(From OE-Core rev:
3e27099f9aad1eb48412b07a18dcea398c18245b)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:58:29 +0000 (18:58 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865
(From OE-Core rev:
4a93fc0a63cedbebfdc9577e2f1deb3598fb5851)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:38:34 +0000 (18:38 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2263
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)
muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,
allows remote attackers to have unspecified impact and vectors, which
trigger an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2263
(From OE-Core rev:
70bf8c8dea82e914a6dcf67aefb6386dbc7706cd)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sebastian Wiegand [Tue, 20 May 2014 13:22:41 +0000 (15:22 +0200)]
distro_features_check.bbclass: fix wrong indentation
To fix check of REQUIRED_DISTRO_FEATURES fix indentation in python code.
[YOCTO #6349]
Reported and written by: Sebastian Wiegand <sebastian.wiegand@gersys.de>
(From OE-Core rev:
986db87a3931edce8be79f309d07497e4179a810)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 21 May 2014 14:29:40 +0000 (15:29 +0100)]
bitbake: data_smart: Fix an unusual variable reference bug
If you try:
Y = ""
Y_remove = "X"
in OE-Core, bitbake will crash with a KeyError during expansion. The reason
is that no expansion of the empty value is attempted but removal from is it
and hence no varparse data is present for it in the expand_cache.
If the value is empty, there is nothing to remove so the best fix is simply
not to check for None but check it has any value.
Also add a test for this error so it doesn't get reintroduced.
(Bitbake rev:
af3ce0fc0280e6642fa35de400f75fdbabf329b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
David Reyna [Wed, 21 May 2014 14:15:09 +0000 (15:15 +0100)]
bitbake: toaster: reduce redundant foreign key lookups
Replace redundant foreign key lookups with "with" to improve all
recipes page load time. Do depends pre-lookup in the view class,
and use python itertation instead of filter() all to achieve x16
processing speedup.
[YOCTO #6137]
(Bitbake rev:
a68a6dc50c11cc59e7c873414e3e22ac2644dea7)
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Conflicts:
bitbake/lib/toaster/toastergui/views.py
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Farrell Wymore [Wed, 21 May 2014 14:15:08 +0000 (15:15 +0100)]
bitbake: toaster: sort columns properly after edit columns
If a sorted column is made invisible through the edit columns function,
resort the table the its default order.
[YOCTO 5919]
(Bitbake rev:
64618f7489eb9eb13a97d03cd2d353384f5faa70)
Signed-off-by: Farrell Wymore <farrell.wymore@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ionut Chisanovici [Wed, 21 May 2014 14:15:07 +0000 (15:15 +0100)]
bitbake: toaster: toaster oe-selftest support
This patch adds toaster tests using the oe-selftest infrastructure.
You need to have builds done - the tests will verify data integrity
after the toaster collection phase.
Once you have your toaster builds done, to run the automated backend
tests via oe-selftest do the followings:
1. Update builddir/conf/bblayers.conf to contain the meta-selftest
layer
2. From the builddir run:
'oe-selftest toaster'
or if you just want to run a single test:
'oe-selftest toaster.Toaster_DB_Tests.testname'
This first part adds the meta/lib/oeqa toaster file.
(Bitbake rev:
bb5b1d6b139b886e54bfdc0c17f2b556db6a7fde)
Signed-off-by: Ionut Chisanovici <ionutx.chisanovici@intel.com>
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Mon, 19 May 2014 20:43:40 +0000 (13:43 -0700)]
cups: fix for cups not building without avahi
Backport upstream patch for CUPS issue: STR #4402
[YOCTO #6325]
(From OE-Core rev:
7decf9dce56868e39902dac5957eb72f6e1e9acd)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cristian Iorga [Mon, 19 May 2014 14:39:04 +0000 (17:39 +0300)]
harfbuzz: upgrade to 0.9.28
(From OE-Core rev:
8462728aef78debaa15e33121b3ae733049a96ab)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Thu, 15 May 2014 01:37:28 +0000 (22:37 -0300)]
wic: add support to look in all layers and get plugins
Plugins are looked in 'scripts/lib/mic/plugins/[type]/' directory on all
BBLAYERS variable returned by bitbake environment. If found, it will
be load at runtime.
The user could create your own plugin and keep it inside its layers. For
now the path must be <layer-dir>/scripts/lib/mic/plugins/[type]/. Where
'type' could be 'imager' or 'source'.
(From OE-Core rev:
bb6f5d7de1c7ce2680874a74949903db0f5bb91a)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Thu, 15 May 2014 01:37:27 +0000 (22:37 -0300)]
wic: add support to look in all layers and get .wks file
.wks file are looked in 'scripts/lib/image/canned-wks' directory on all
BBLAYERS variable returned by bitbake environment. If found, it will
be used.
The user could create your own .wks and keep it inside its layers. For
now the path must be <layer-dir>/scripts/lib/image/canned-wks.
(From OE-Core rev:
1f3e312211f277a1befd707a59a0c0a9bf6cbcbc)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 19 May 2014 11:42:27 +0000 (12:42 +0100)]
libav: upgrade 9.x version to 9.13
(From OE-Core rev:
937a0da0861abb7656762b2a3fb69eb275dd4a9a)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 19 May 2014 11:42:26 +0000 (12:42 +0100)]
libav: upgrade 0.8.x version to 0.8.11
(From OE-Core rev:
206f34ac0c0b65768ec2b553a0cb8b93fe7e5ae3)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Mon, 19 May 2014 08:03:28 +0000 (16:03 +0800)]
runqemu-internal: add "console=ttyS0" to ramfs image kernel parameters
We need this kernel command parameter so that when we start a ramfs
image, we can actually get some output. Although we can make this
happen by specifying the 'bootparams' for the 'runqemu' command, it's
better to make this the default behaviour.
(From OE-Core rev:
3d202594bb92fe75cd70f81345e64c2179b52c32)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Fri, 16 May 2014 07:39:42 +0000 (15:39 +0800)]
quilt: Update to 0.63 version
Upgrade quilt to 0.63 version and add perl-module-text-parsewords to
RDEPENDS of ptest.
(From OE-Core rev:
48c09163db18634e3071009b94645812ade285f4)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Mon, 19 May 2014 05:36:31 +0000 (13:36 +0800)]
libpcre: Update to 8.35 version
Upgrade libpcre to 8.35 version.
(From OE-Core rev:
32c007bfc4fe7a0ba75644584bb80f8bdff09a01)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 07:00:38 +0000 (15:00 +0800)]
openssl: fix for CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
attackers to inject data across sessions or cause a denial of service
(use-after-free and parsing error) via an SSL connection in a
multithreaded environment.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298
(From OE-Core rev:
751f81ed8dc488c500837aeb3eb41ebf3237e10b)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 06:32:13 +0000 (14:32 +0800)]
tiff: fix for Security Advisory CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers
to cause a denial of service (out-of-bounds write) via a crafted (1)
extension block in a GIF image or (2) GIF raster image to
tools/gif2tiff.c or (3) a long filename for a TIFF image to
tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which
states that the input cannot exceed the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple
buffer overflows in libtiff before 4.0.3 allow remote attackers to cause
a denial of service (out-of-bounds write) via a crafted (1) extension
block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3)
a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1
and 3 are disputed by Red Hat, which states that the input cannot exceed
the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231
(From OE-Core rev:
19e6d05161ef9f4e5f7277f6eb35eb5d94ecf629)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:53 +0000 (13:42 +0800)]
nss: CVE-2013-1740
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933
changeset: 10946:
f28426e944ae
user: Wan-Teh Chang <wtc@google.com>
date: Tue Nov 26 16:44:39 2013 -0800
summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
changeset: 10945:
774c7dec7565
user: Wan-Teh Chang <wtc@google.com>
date: Mon Nov 25 19:16:23 2013 -0800
summary: Bug 713933: Declare the |falseStart| local variable in the smallest
changeset: 10848:
141fae8fb2e8
user: Wan-Teh Chang <wtc@google.com>
date: Mon Sep 23 11:25:41 2013 -0700
summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
changeset: 10898:
1b9c43d28713
user: Brian Smith <brian@briansmith.org>
date: Thu Oct 31 15:40:42 2013 -0700
summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
(From OE-Core rev:
11e728e64e37eec72ed0cb3fb4d5a49ddeb88666)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:52 +0000 (13:42 +0800)]
nss: CVE-2014-1492
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492
https://bugzilla.mozilla.org/show_bug.cgi?id=903885
changeset: 11063:
709d4e597979
user: Kai Engert <kaie@kuix.de>
date: Wed Mar 05 18:38:55 2014 +0100
summary: Bug 903885, address requests to clarify comments from wtc
changeset: 11046:
2ffa40a3ff55
tag: tip
user: Wan-Teh Chang <wtc@google.com>
date: Tue Feb 25 18:17:08 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie
changeset: 11045:
15ea62260c21
user: Christian Heimes <sites@cheimes.de>
date: Mon Feb 24 17:50:25 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling, r=kaie
(From OE-Core rev:
a83a1b26704f1f3aadaa235bf38094f03b3610fd)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Thu, 8 May 2014 10:16:24 +0000 (18:16 +0800)]
subversion: fix for Security Advisory CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277
(From OE-Core rev:
e0e483c5b2f481240e590ebb7d6189a211450a7e)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:22:17 +0000 (15:22 +0800)]
subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21
and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of
service (NULL pointer dereference and crash) via a LOCK on an activity URL.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20
and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via an anonymous LOCK for a URL that does
not exist.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847
(From OE-Core rev:
3962b76185194fa56be7f1689204a1188ea44737)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 05:21:25 +0000 (13:21 +0800)]
subversion: fix for Security Advisory CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845
(From OE-Core rev:
432666b84b80f8b0d13672aa94855369f577c56d)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:57:31 +0000 (15:57 +0800)]
subversion: fix for Security Advisory CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause
a denial of service (assertion failure or out-of-bounds read) via a
certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision
root.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4131
(From OE-Core rev:
ce41ed3ca5b6ef06c02c5ca65f285e5ee8c04e7f)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 02:49:03 +0000 (10:49 +0800)]
subversion: fix for Security Advisory CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505
(From OE-Core rev:
02314673619f44e5838ddb65bbe22f9342ee6167)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 4 Apr 2014 05:35:31 +0000 (13:35 +0800)]
subversion: fix for Security Advisory CVE-2013-1849
Reject operations on getcontentlength and getcontenttype properties
if the resource is an activity.
(From OE-Core rev:
94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 05:01:16 +0000 (13:01 +0800)]
screen: fix for Security Advisory CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or
overwrite arbitrary files via a symlink attack on the
/tmp/screen-exchange temporary file.
(From OE-Core rev:
be8693bf151987f59c9622b8fd8b659ee203cefc)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 04:41:17 +0000 (12:41 +0800)]
Screen: fix for Security Advisory CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with
world-readable permissions, which might allow local users to obtain
sensitive session information.
(From OE-Core rev:
25a212d0154906e7a05075d015dbc1cfdfabb73a)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Thu, 15 May 2014 12:09:08 +0000 (14:09 +0200)]
lttng-modules: Fix build with older kernels for 2.3.3 as 2.4.0
Apply the change "lttng-modules: Fix 3.14 bio tracepoints" to
2.3.3 as well as 2.4.0.
(From OE-Core rev:
a419ad43a5b3aa5bc3aa095af4d79abe4c24b0d7)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 09:36:17 +0000 (17:36 +0800)]
initrdscripts: fix for /run/media
mount.sh in udev-extraconf was modified to use /run/media instead
of /media. Unfortunately, our scripts in initrdscripts have some
dependency on the auto-mounting mechanism proviced by udev-extraconf.
So these scripts should also be fixed to use /run/media instead /media,
otherwise, our live image cannot work correctly.
(From OE-Core rev:
be0327b6a900be5434b6b1f08277faf2f65d5da8)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 07:05:18 +0000 (15:05 +0800)]
init-live.sh: list block devices correctly
Instead of using 'ls /dev/sd*' command to list block devices, we
should rather use 'cat /proc/partitions'.
(From OE-Core rev:
fc5dfad6490d0b3f2529f84ae9dfbd6b00b5c380)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 07:04:59 +0000 (15:04 +0800)]
udev-extraconf: fix the misuse of /run/media
The error was introduced by the following commit.
acfe3014d41de5e87cdbc58d0396349c6b9c3ffd
udev-extraconf: update mount.sh to use /run/media instead of /media
It accidently replaced 'device/media' by 'device/run/media' which causes
error for live images to be unable to boot up correctly, complaining
"Cannot find rootfs.img in /media/*".
This patch fixes the above problem.
(From OE-Core rev:
62ae16c40252f39ba28e072218d67f47b26b3535)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cristiana Voicu [Thu, 15 May 2014 14:20:24 +0000 (17:20 +0300)]
packagegroup-core-lsb: fix warning text
There should be just one warning thrown, instead of 3.
(From OE-Core rev:
7c4fefcd7836c4f94836b96a07ad414f5ac1ca11)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>