Yue Tao [Sun, 27 Apr 2014 12:04:19 +0000 (20:04 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0854
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854
(From OE-Core rev:
b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:51:12 +0000 (19:51 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851
(From OE-Core rev:
8c9868d074f5d09022efc9419ee09eb805f68394)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:44:28 +0000 (19:44 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0858
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858
(From OE-Core rev:
0ee8754c973f5eff3ba4d00319a5308888c12b17)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:37:10 +0000 (15:37 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0852
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852
(From OE-Core rev:
37f9371b44bd914fdd64e4c4e4448a2908512203)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:10:15 +0000 (15:10 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0845
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845
(From OE-Core rev:
cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 03:56:19 +0000 (11:56 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0868
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868
(From OE-Core rev:
29dcc2c8e834cf43e415eedefb8fce9667b3aa40)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 25 Apr 2014 08:26:00 +0000 (16:26 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2099
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099
(From OE-Core rev:
3e27099f9aad1eb48412b07a18dcea398c18245b)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:58:29 +0000 (18:58 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865
(From OE-Core rev:
4a93fc0a63cedbebfdc9577e2f1deb3598fb5851)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:38:34 +0000 (18:38 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2263
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)
muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,
allows remote attackers to have unspecified impact and vectors, which
trigger an out-of-bounds write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2263
(From OE-Core rev:
70bf8c8dea82e914a6dcf67aefb6386dbc7706cd)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sebastian Wiegand [Tue, 20 May 2014 13:22:41 +0000 (15:22 +0200)]
distro_features_check.bbclass: fix wrong indentation
To fix check of REQUIRED_DISTRO_FEATURES fix indentation in python code.
[YOCTO #6349]
Reported and written by: Sebastian Wiegand <sebastian.wiegand@gersys.de>
(From OE-Core rev:
986db87a3931edce8be79f309d07497e4179a810)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 21 May 2014 14:29:40 +0000 (15:29 +0100)]
bitbake: data_smart: Fix an unusual variable reference bug
If you try:
Y = ""
Y_remove = "X"
in OE-Core, bitbake will crash with a KeyError during expansion. The reason
is that no expansion of the empty value is attempted but removal from is it
and hence no varparse data is present for it in the expand_cache.
If the value is empty, there is nothing to remove so the best fix is simply
not to check for None but check it has any value.
Also add a test for this error so it doesn't get reintroduced.
(Bitbake rev:
af3ce0fc0280e6642fa35de400f75fdbabf329b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
David Reyna [Wed, 21 May 2014 14:15:09 +0000 (15:15 +0100)]
bitbake: toaster: reduce redundant foreign key lookups
Replace redundant foreign key lookups with "with" to improve all
recipes page load time. Do depends pre-lookup in the view class,
and use python itertation instead of filter() all to achieve x16
processing speedup.
[YOCTO #6137]
(Bitbake rev:
a68a6dc50c11cc59e7c873414e3e22ac2644dea7)
Signed-off-by: David Reyna <David.Reyna@windriver.com>
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Conflicts:
bitbake/lib/toaster/toastergui/views.py
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Farrell Wymore [Wed, 21 May 2014 14:15:08 +0000 (15:15 +0100)]
bitbake: toaster: sort columns properly after edit columns
If a sorted column is made invisible through the edit columns function,
resort the table the its default order.
[YOCTO 5919]
(Bitbake rev:
64618f7489eb9eb13a97d03cd2d353384f5faa70)
Signed-off-by: Farrell Wymore <farrell.wymore@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ionut Chisanovici [Wed, 21 May 2014 14:15:07 +0000 (15:15 +0100)]
bitbake: toaster: toaster oe-selftest support
This patch adds toaster tests using the oe-selftest infrastructure.
You need to have builds done - the tests will verify data integrity
after the toaster collection phase.
Once you have your toaster builds done, to run the automated backend
tests via oe-selftest do the followings:
1. Update builddir/conf/bblayers.conf to contain the meta-selftest
layer
2. From the builddir run:
'oe-selftest toaster'
or if you just want to run a single test:
'oe-selftest toaster.Toaster_DB_Tests.testname'
This first part adds the meta/lib/oeqa toaster file.
(Bitbake rev:
bb5b1d6b139b886e54bfdc0c17f2b556db6a7fde)
Signed-off-by: Ionut Chisanovici <ionutx.chisanovici@intel.com>
Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Mon, 19 May 2014 20:43:40 +0000 (13:43 -0700)]
cups: fix for cups not building without avahi
Backport upstream patch for CUPS issue: STR #4402
[YOCTO #6325]
(From OE-Core rev:
7decf9dce56868e39902dac5957eb72f6e1e9acd)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cristian Iorga [Mon, 19 May 2014 14:39:04 +0000 (17:39 +0300)]
harfbuzz: upgrade to 0.9.28
(From OE-Core rev:
8462728aef78debaa15e33121b3ae733049a96ab)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Thu, 15 May 2014 01:37:28 +0000 (22:37 -0300)]
wic: add support to look in all layers and get plugins
Plugins are looked in 'scripts/lib/mic/plugins/[type]/' directory on all
BBLAYERS variable returned by bitbake environment. If found, it will
be load at runtime.
The user could create your own plugin and keep it inside its layers. For
now the path must be <layer-dir>/scripts/lib/mic/plugins/[type]/. Where
'type' could be 'imager' or 'source'.
(From OE-Core rev:
bb6f5d7de1c7ce2680874a74949903db0f5bb91a)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Thu, 15 May 2014 01:37:27 +0000 (22:37 -0300)]
wic: add support to look in all layers and get .wks file
.wks file are looked in 'scripts/lib/image/canned-wks' directory on all
BBLAYERS variable returned by bitbake environment. If found, it will
be used.
The user could create your own .wks and keep it inside its layers. For
now the path must be <layer-dir>/scripts/lib/image/canned-wks.
(From OE-Core rev:
1f3e312211f277a1befd707a59a0c0a9bf6cbcbc)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 19 May 2014 11:42:27 +0000 (12:42 +0100)]
libav: upgrade 9.x version to 9.13
(From OE-Core rev:
937a0da0861abb7656762b2a3fb69eb275dd4a9a)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 19 May 2014 11:42:26 +0000 (12:42 +0100)]
libav: upgrade 0.8.x version to 0.8.11
(From OE-Core rev:
206f34ac0c0b65768ec2b553a0cb8b93fe7e5ae3)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Mon, 19 May 2014 08:03:28 +0000 (16:03 +0800)]
runqemu-internal: add "console=ttyS0" to ramfs image kernel parameters
We need this kernel command parameter so that when we start a ramfs
image, we can actually get some output. Although we can make this
happen by specifying the 'bootparams' for the 'runqemu' command, it's
better to make this the default behaviour.
(From OE-Core rev:
3d202594bb92fe75cd70f81345e64c2179b52c32)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Fri, 16 May 2014 07:39:42 +0000 (15:39 +0800)]
quilt: Update to 0.63 version
Upgrade quilt to 0.63 version and add perl-module-text-parsewords to
RDEPENDS of ptest.
(From OE-Core rev:
48c09163db18634e3071009b94645812ade285f4)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Mon, 19 May 2014 05:36:31 +0000 (13:36 +0800)]
libpcre: Update to 8.35 version
Upgrade libpcre to 8.35 version.
(From OE-Core rev:
32c007bfc4fe7a0ba75644584bb80f8bdff09a01)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 07:00:38 +0000 (15:00 +0800)]
openssl: fix for CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
attackers to inject data across sessions or cause a denial of service
(use-after-free and parsing error) via an SSL connection in a
multithreaded environment.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298
(From OE-Core rev:
751f81ed8dc488c500837aeb3eb41ebf3237e10b)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 06:32:13 +0000 (14:32 +0800)]
tiff: fix for Security Advisory CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers
to cause a denial of service (out-of-bounds write) via a crafted (1)
extension block in a GIF image or (2) GIF raster image to
tools/gif2tiff.c or (3) a long filename for a TIFF image to
tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which
states that the input cannot exceed the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple
buffer overflows in libtiff before 4.0.3 allow remote attackers to cause
a denial of service (out-of-bounds write) via a crafted (1) extension
block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3)
a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1
and 3 are disputed by Red Hat, which states that the input cannot exceed
the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231
(From OE-Core rev:
19e6d05161ef9f4e5f7277f6eb35eb5d94ecf629)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:53 +0000 (13:42 +0800)]
nss: CVE-2013-1740
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933
changeset: 10946:
f28426e944ae
user: Wan-Teh Chang <wtc@google.com>
date: Tue Nov 26 16:44:39 2013 -0800
summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
changeset: 10945:
774c7dec7565
user: Wan-Teh Chang <wtc@google.com>
date: Mon Nov 25 19:16:23 2013 -0800
summary: Bug 713933: Declare the |falseStart| local variable in the smallest
changeset: 10848:
141fae8fb2e8
user: Wan-Teh Chang <wtc@google.com>
date: Mon Sep 23 11:25:41 2013 -0700
summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
changeset: 10898:
1b9c43d28713
user: Brian Smith <brian@briansmith.org>
date: Thu Oct 31 15:40:42 2013 -0700
summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
(From OE-Core rev:
11e728e64e37eec72ed0cb3fb4d5a49ddeb88666)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:52 +0000 (13:42 +0800)]
nss: CVE-2014-1492
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492
https://bugzilla.mozilla.org/show_bug.cgi?id=903885
changeset: 11063:
709d4e597979
user: Kai Engert <kaie@kuix.de>
date: Wed Mar 05 18:38:55 2014 +0100
summary: Bug 903885, address requests to clarify comments from wtc
changeset: 11046:
2ffa40a3ff55
tag: tip
user: Wan-Teh Chang <wtc@google.com>
date: Tue Feb 25 18:17:08 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie
changeset: 11045:
15ea62260c21
user: Christian Heimes <sites@cheimes.de>
date: Mon Feb 24 17:50:25 2014 +0100
summary: Bug 903885, fix IDNA wildcard handling, r=kaie
(From OE-Core rev:
a83a1b26704f1f3aadaa235bf38094f03b3610fd)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Thu, 8 May 2014 10:16:24 +0000 (18:16 +0800)]
subversion: fix for Security Advisory CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277
(From OE-Core rev:
e0e483c5b2f481240e590ebb7d6189a211450a7e)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:22:17 +0000 (15:22 +0800)]
subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21
and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of
service (NULL pointer dereference and crash) via a LOCK on an activity URL.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20
and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via an anonymous LOCK for a URL that does
not exist.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847
(From OE-Core rev:
3962b76185194fa56be7f1689204a1188ea44737)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 05:21:25 +0000 (13:21 +0800)]
subversion: fix for Security Advisory CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845
(From OE-Core rev:
432666b84b80f8b0d13672aa94855369f577c56d)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:57:31 +0000 (15:57 +0800)]
subversion: fix for Security Advisory CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause
a denial of service (assertion failure or out-of-bounds read) via a
certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision
root.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4131
(From OE-Core rev:
ce41ed3ca5b6ef06c02c5ca65f285e5ee8c04e7f)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 02:49:03 +0000 (10:49 +0800)]
subversion: fix for Security Advisory CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505
(From OE-Core rev:
02314673619f44e5838ddb65bbe22f9342ee6167)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 4 Apr 2014 05:35:31 +0000 (13:35 +0800)]
subversion: fix for Security Advisory CVE-2013-1849
Reject operations on getcontentlength and getcontenttype properties
if the resource is an activity.
(From OE-Core rev:
94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 05:01:16 +0000 (13:01 +0800)]
screen: fix for Security Advisory CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or
overwrite arbitrary files via a symlink attack on the
/tmp/screen-exchange temporary file.
(From OE-Core rev:
be8693bf151987f59c9622b8fd8b659ee203cefc)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 04:41:17 +0000 (12:41 +0800)]
Screen: fix for Security Advisory CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with
world-readable permissions, which might allow local users to obtain
sensitive session information.
(From OE-Core rev:
25a212d0154906e7a05075d015dbc1cfdfabb73a)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Thu, 15 May 2014 12:09:08 +0000 (14:09 +0200)]
lttng-modules: Fix build with older kernels for 2.3.3 as 2.4.0
Apply the change "lttng-modules: Fix 3.14 bio tracepoints" to
2.3.3 as well as 2.4.0.
(From OE-Core rev:
a419ad43a5b3aa5bc3aa095af4d79abe4c24b0d7)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 09:36:17 +0000 (17:36 +0800)]
initrdscripts: fix for /run/media
mount.sh in udev-extraconf was modified to use /run/media instead
of /media. Unfortunately, our scripts in initrdscripts have some
dependency on the auto-mounting mechanism proviced by udev-extraconf.
So these scripts should also be fixed to use /run/media instead /media,
otherwise, our live image cannot work correctly.
(From OE-Core rev:
be0327b6a900be5434b6b1f08277faf2f65d5da8)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 07:05:18 +0000 (15:05 +0800)]
init-live.sh: list block devices correctly
Instead of using 'ls /dev/sd*' command to list block devices, we
should rather use 'cat /proc/partitions'.
(From OE-Core rev:
fc5dfad6490d0b3f2529f84ae9dfbd6b00b5c380)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Thu, 15 May 2014 07:04:59 +0000 (15:04 +0800)]
udev-extraconf: fix the misuse of /run/media
The error was introduced by the following commit.
acfe3014d41de5e87cdbc58d0396349c6b9c3ffd
udev-extraconf: update mount.sh to use /run/media instead of /media
It accidently replaced 'device/media' by 'device/run/media' which causes
error for live images to be unable to boot up correctly, complaining
"Cannot find rootfs.img in /media/*".
This patch fixes the above problem.
(From OE-Core rev:
62ae16c40252f39ba28e072218d67f47b26b3535)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cristiana Voicu [Thu, 15 May 2014 14:20:24 +0000 (17:20 +0300)]
packagegroup-core-lsb: fix warning text
There should be just one warning thrown, instead of 3.
(From OE-Core rev:
7c4fefcd7836c4f94836b96a07ad414f5ac1ca11)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 15 May 2014 14:01:07 +0000 (15:01 +0100)]
pango: enable ptest
Install the test suite for ptest. The test suite needs some fonts to be present
to depend on liberation-fonts.
(From OE-Core rev:
af387e788ed73130331536c7b22c6237e7c23c71)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Thu, 15 May 2014 08:54:32 +0000 (16:54 +0800)]
syslinux-native: fix parallel building issue
There might be an error when parallel build:
[snip]
cp: cannot create directory `tmp/sysroots/x86_64-linux/usr/share/
syslinux/com32/include/gplinclude': No such file or directory
make[4]: *** [install] Error 1
make[3]: *** [gpllib] Error 2
[snip]
This is a potential issue. In ${S}/com32/gpllib/Makefile file,
install target wants to copy $(SRC)/../gplinclude to
$(INSTALLROOT)$(COM32DIR)/include/ directory, but in ${S}/com32/lib/Makefile
file, the install target will remove $(INSTALLROOT)$(COM32DIR)/include
directory. We need to do com32/lib first.
The patch make com32/gpllib depends on com32/lib to fix this issue.
(From OE-Core rev:
cae1a039658cfb47390650ad5b56536ff19e1217)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Fri, 16 May 2014 20:50:45 +0000 (13:50 -0700)]
libusb1: disable floating dependency on udev
libusb added support for udev, but this causes a circular dependecny between
udev and libusb, so hardcode the disable here.
Also remove the patch that is no longer used.
(From OE-Core rev:
5c0f8111f9ec5a2c3b2826946af5132aaa13a9b9)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Fri, 9 May 2014 20:50:04 +0000 (16:50 -0400)]
README: add maintainers section for hardware reference boards
Kevin Hao has stepped up to take care of issues specific to the meta-yocto-bsp
hardware reference boards. I'll also serve as a maintaier, so adding my name
as well.
To make this clear, let's add it to the README.hardware file that describes
the boards.
cc: Kevin Hao <kexin.hao@windriver.com>
(From meta-yocto rev:
7ea7fdf4a9ad0fcedf9a939e20146342d6ab1c57)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chris Morgan [Sun, 18 May 2014 18:24:12 +0000 (14:24 -0400)]
bitbake: fetch2/gitsm: Documentation improvements for gitsm:// fetcher
(Bitbake rev:
ef2bf63e56b87e19d1a9059dd2d81a9a1a537254)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 12 May 2014 17:00:03 +0000 (18:00 +0100)]
gstreamer/lame: Better gcc 4.9 fix
gstreamer/lame does runtime detection to enable/disable things like SSE code.
Unfortunately it is broken and will try and use this even with i586
compiler flags. This change forces it back to the approach with gcc 4.8
by disabling the problematic headers.
Its suboptimal but less so that the proposed previous forced enabling of
SSE on x86 everywhere.
(From OE-Core rev:
e273301efa0037a13c3a60b4414140364d9c9873)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Gary S. Robertson [Wed, 14 May 2014 23:38:41 +0000 (18:38 -0500)]
rt-tests: restore erroneously deleted patch files
Commit "rt-tests: bump version 0.87 => 0.89" (SHA1 ID: 7996ca) erroneously
deleted several patch files which were still required for proper function
of the rt-tests recipe. These missing patches adversely affected builds
of the hwlatdetect and hackbench utilities as well as other components.
This commit restores the missing patches and allows the recipe to properly
generate all the components once more. hwlatdetect and hackbench are
built properly and the /usr/src/backfire directory is properly populated
on the target system.
(From OE-Core rev:
66daa92582a5a5643fd2e45aace1f5c009b2ded3)
Signed-off-by: Gary S. Robertson <gary.robertson@linaro.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tudor Florea [Mon, 5 May 2014 22:40:11 +0000 (00:40 +0200)]
curl: remove inapporpriate file from curl release
This is the adaptation for the a bugfix upstream
The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release
interfered with the upstream fix for
https://sourceforge.net/p/curl/bugs/1350/
(From OE-Core rev:
c5a52f5b5ae7c5528bc59ee7fb69a2f460a89b81)
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Thu, 15 May 2014 13:57:24 +0000 (06:57 -0700)]
libusb1: Update to 1.0.18
(From OE-Core rev:
62bccaa7979213555fced945b1b09e92683d4213)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andrea Adami [Wed, 14 May 2014 21:00:22 +0000 (23:00 +0200)]
mips: add tune file for mips32r2 (only hard-float)
Kernel and initramfs built and tested on GCW Zero (jz4770)
(From OE-Core rev:
149885560e2fbc91c7f60226d015ba9842373e26)
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 12 May 2014 14:56:42 +0000 (15:56 +0100)]
libsdl2: upgrade to 2.0.3
License checksum changed only because copyright year changed; the actual
license text remains the same.
(From OE-Core rev:
4abf6bb14f8f374e1dca31edc5edfbc1841904ca)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 12 May 2014 14:37:42 +0000 (15:37 +0100)]
dropbear: add missing patch header
* Add a brief subject mentioning what the patch is for
* Add Upstream-Status
(From OE-Core rev:
ce01282b24c6715c85f8dfac6df3e750e77a50b8)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 12 May 2014 13:02:42 +0000 (14:02 +0100)]
nfs-utils: upgrade to 1.3.0
(From OE-Core rev:
67787c97438f365564a91eb926900570bc979e41)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 12 May 2014 13:02:28 +0000 (14:02 +0100)]
ethtool: upgrade to 3.14
(From OE-Core rev:
dffda81a2791165aa4300227d601867d5a82753c)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Tue, 6 May 2014 13:19:19 +0000 (14:19 +0100)]
openssh: move packaging definitions to the end
(From OE-Core rev:
19efeb598c5fb527bd5bc473d7a7d78242ec05a0)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Thu, 1 May 2014 11:22:00 +0000 (12:22 +0100)]
openssh: update to 6.6p1
(From OE-Core rev:
f091dbd6324a89682d29cac0bd0ba40899c8bdd5)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drew Moseley [Wed, 14 May 2014 17:08:38 +0000 (13:08 -0400)]
glib-2.0: Do not use readlink to set target paths.
Do not use readlink to set ABS_GLIB_RUNTIME_LIBDIR when cross
compiling. Doing so causes host paths to potentially pollute the
target. Unfortunately in this case we don't actually convert to
an absolute path.
(From OE-Core rev:
2eb434ec298c279846ddd535a7122986558eb2c8)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yasir-Khan [Wed, 14 May 2014 12:04:53 +0000 (17:04 +0500)]
bluez5: Update the bluetooth.conf
In bluez5, agent interface has been renamed from org.bluez.Agent
to org.bluez.Agent1. Reflect this change in bluetooth.conf to
allow sending of dbus messages to agent interface.
*Resolves no PIN prompt bug while pairing
*Resolves bluetooth keyboard connection problem
(From OE-Core rev:
c53c9ba05a5f38c047f3f928a9496f952843f467)
Signed-off-by: Yasir-Khan <yasir_khan@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 14 May 2014 10:13:19 +0000 (11:13 +0100)]
freetype: disable harfbuzz
Freetype has an automatically detected dependency on Harfbuzz, which has a
dependency on Freetype.
To produce deterministic builds and avoid link failures when rebuilding freetype
with harfbuzz present add a PACKAGECONFIG for Harfbuzz and disable it by
default.
(From OE-Core rev:
17131d42c02b591e1b6d547852cb09b004b8d609)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Wed, 14 May 2014 09:29:07 +0000 (17:29 +0800)]
dbus: Update to 1.8.2 version
Upgrade dbus to 1.8.2.
Modify ptest suite to make it enabled on new version.
If systemd in DISTRO_FEATURES, we expect to install dbus systemd
unit files.
Remove unneeded patches since it's included in new version.
Remove unrecognized option: "--with-xml"
[YOCTO #6092]
(From OE-Core rev:
596470547451084944082cbed50351ad0d912255)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tim Orling [Sat, 10 May 2014 03:22:00 +0000 (20:22 -0700)]
licenses.conf: add AGPL variations
(From OE-Core rev:
0c16964c8f1c96066ab7254048bc5025dd7b4e59)
Signed-off-by: Tim Orling <TicoTimo@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Maxin B. John [Mon, 5 May 2014 20:42:22 +0000 (22:42 +0200)]
bzip2: fix ptest execution failure
This patch fixes the bzip2 ptest execution failure:
root@qemux86:/usr/lib/bzip2/ptest# ./run-ptest
make: *** No rule to make target 'runtest'.
(This is also applicable for daisy branch)
(From OE-Core rev:
a8157ba1682c650962150f941b2db775156bbde6)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Sat, 5 Apr 2014 02:14:11 +0000 (23:14 -0300)]
wic: Extend indirect string connection to support image names and rootfs
The wic command-line param --rootfs-dir gets extended to support
multiple directories and image names. Each '--rootfs-dir' could be
connected using a special string. This special string is a image
name which gets expanded by bitbake to get 'IMAGE_ROOTFS' or
a rootfs-dir path pointing to rootfs directory. Like this:
wic create ... --rootfs-dir rootfs1=core-image-minimal \
--rootfs-dir rootfs2=core-image-minimal-dev
.wks:
part / --source rootfs --rootfs-dir="rootfs1" --ondisk sda --fstype=ext3 \
--label primary --align 1024
part /standby --source rootfs --rootfs-dir="rootfs2" \
--ondisk sda --fstype=ext3 --label secondary --align 1024
(From OE-Core rev:
58417093d7ce83c8a2f683a356fddc23aaee5e8e)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Sat, 5 Apr 2014 02:14:10 +0000 (23:14 -0300)]
wic: add find_artifact() to get a specific bitbake variable
This helper is used by source plugins to get specific bitbake
variable.
(From OE-Core rev:
b8e51f73bc8e67ca60b7dd8d67091257aad62efd)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
João Henrique Ferreira de Freitas [Sat, 5 Apr 2014 02:14:09 +0000 (23:14 -0300)]
wic: Move find_bitbake_env_line() to oe.misc
Move find_bitbake_env_line() since they're going to need to be
accessible from source plugins.
(From OE-Core rev:
d881ec6136255fd0f4a8cf36f9ce148ade02c103)
Signed-off-by: João Henrique Ferreira de Freitas <joaohf@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Koen Kooi [Tue, 13 May 2014 07:19:51 +0000 (09:19 +0200)]
curl: make PACKAGES match with FILES/RRECOMMENDS
Mostly cosmetic, but entries in PACKAGES should be specified the exact same way as FILES/RRECOMMENDS entries to avoid problems.
(From OE-Core rev:
4d2a7f47a9830788455afe00a7c6a857cebbcb81)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Koen Kooi [Tue, 13 May 2014 10:16:29 +0000 (12:16 +0200)]
ca-certificates: generate CAfile for -native in do_install
Git-replacement-native needs the generated files in place for https:// URIs:
WARNING: Failed to fetch URL git://github.com/kernelslacker/trinity.git;protocol=https, attempting MIRRORS if available
ERROR: Fetcher failure: Fetch command failed with exit code 128, output:
Cloning into bare repository '/build/linaro/build/build/downloads/git2/github.com.kernelslacker.trinity.git'...
fatal: unable to access 'https://github.com/kernelslacker/trinity.git/': error setting certificate verify locations:
CAfile: /build/linaro/build/build/tmp-eglibc/sysroots/x86_64-linux/etc/ssl/certs/ca-certificates.crt
CApath: none
ERROR: Function failed: Fetcher failure for URL: 'git://github.com/kernelslacker/trinity.git;protocol=https'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /build/linaro/build/build/tmp-eglibc/work/aarch64-oe-linux/trinity/1.3-r0/temp/log.do_fetch.7843
ERROR: Task 1378 (/build/linaro/build/meta-linaro/meta-linaro/recipes-extra/trinity/trinity_1.3.bb, do_fetch) failed with exit code '1'
(From OE-Core rev:
74a772727cbf4d76d2ef314041acafb3086e4ff9)
Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Tue, 13 May 2014 07:46:27 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and
earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking
by presenting an unacceptable HostCertificate.
(From OE-Core rev:
7b2fff61b3d1c0566429793ee348fa8978ef0cba)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Tue, 13 May 2014 07:46:26 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2532
sshd in OpenSSH before 6.6 does not properly support wildcards on
AcceptEnv lines in sshd_config, which allows remote attackers to
bypass intended environment restrictions by using a substring located
before a wildcard character.
(From OE-Core rev:
a8d3b8979c27a8dc87971b66a1d9d9282f660596)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joe Slater [Mon, 12 May 2014 18:54:04 +0000 (11:54 -0700)]
qemu: define PACKAGECONFIG[] for ssh2
qemu configure will search for libssh2 if we do not enable or
disable it's use, resulting in non-deterministic builds. We
define PACKAGECONFIG[] to avoid this.
(From OE-Core rev:
ecb819b12a89e4e944974068d2e20ed226979317)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Tue, 13 May 2014 02:54:26 +0000 (10:54 +0800)]
gdb: add PACKAGECONFIG for babeltrace
Add PACKAGECONFIG for 'babeltrace' so that we don't have the implicit
dependency which might lead to problems when building images.
As an example of showing what problem we might have without this patch,
see the following steps which would lead to a failure.
1. IMAGE_INSTALL_append = " gdb"
2. bitbake babeltrace
3. bitbake gdb
4. bitbake babeltrace -ccleansstate
5. bitbake core-image-minimal
The rootfs process would fail with the following error message.
error: Can't install gdb-7.7-r0@i586: no package provides babeltrace >= 1.2.1+git0+
66c2a20b43
(From OE-Core rev:
3c34d9391136b09bc2e7b0bda6cdc96507845c4b)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drew Moseley [Mon, 12 May 2014 20:10:46 +0000 (16:10 -0400)]
mesa-demos: Specify the lib dir properly.
Use STAGING_EXECPREFIXDIR to specify the location of glut
header files and libs rather than STAGING_LIBDIR.
Also revert the previous unneeded change to glut.patch.
(From OE-Core rev:
f38c1846184722180d9091a7a5c1e6e20eed7f2c)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 12 May 2014 16:57:51 +0000 (17:57 +0100)]
rt-tests: Fix warning flag typo
As per the comment, this makes it match the Makefile
(From OE-Core rev:
6fce92430e6e837d068eb8531dcd432f38adca3a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Mon, 12 May 2014 07:01:26 +0000 (15:01 +0800)]
pax-utils: upgrade to 0.8.1
Build success for qemux86-64, and test on core-image-minimal.
(From OE-Core rev:
791302c5842bac59e47fc6f096cc3d4ce3ce57a9)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mark Hatle [Mon, 12 May 2014 15:35:34 +0000 (10:35 -0500)]
rpm: Fix rpm -V usage
[YOCTO #6309]
It appears a logic issue has caused rpm -V to no longer
verify the files on the filesystem match what was installed.
(From OE-Core rev:
117862cd0eebf6887c2ea6cc353432caee2653aa)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Laurentiu Palcu [Mon, 12 May 2014 14:29:02 +0000 (17:29 +0300)]
adt_installer: run autoreconf before configuring opkg
opkg fails to build on hosts with older autotools versions.
[YOCTO #6293]
(From OE-Core rev:
01f3afece8917a5f965f463b79e04693b0d2932a)
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:38 +0000 (15:55 +0200)]
eglibc: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder
to bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
If possible try to use any of the default FILESPATH dirs.
Also remove superfluous comment and do minor indentation fix.
(From OE-Core rev:
57109e59abb7c6af029f452d06b46f47084cff11)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:37 +0000 (15:55 +0200)]
uclibc: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
(From OE-Core rev:
ae8711bc2952e96ac3434624548a3dbfd501ec7f)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:36 +0000 (15:55 +0200)]
u-boot: remove unused FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
However in u-boot no FILESPATH additions are currently needed so
instead it should be removed.
(From OE-Core rev:
f8675ffa3f90d4e411a82d33ac8319f2c4c19235)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:35 +0000 (15:55 +0200)]
python: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the
path. Don't migrate paths that already exist in base FILESPATH to
FILESEXTRAPATHS.
(From OE-Core rev:
00cbfadbf402ad1462ec0c8eaaaefa9a225a4aa7)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:34 +0000 (15:55 +0200)]
gcc: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
(From OE-Core rev:
879ff7e931a80fd090db4485b6b6dee8e4c71d30)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:33 +0000 (15:55 +0200)]
linuxdoc-tools: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend.
(From OE-Core rev:
6ffd023085f8918b7967e8b7de674f0411220382)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:32 +0000 (15:55 +0200)]
qemu: remove unused FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
However in nativesdk-qemu-helper no FILESPATH additions are currently needed so
instead it should be removed.
(From OE-Core rev:
cd35938fa4fac4451da3ef32626988c51ed8c021)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:31 +0000 (15:55 +0200)]
mesa: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
Also remove unused filespath addition.
(From OE-Core rev:
de37e4d7f995a0032d016c621c35ef1f79daa8ae)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:30 +0000 (15:55 +0200)]
xorg-lib: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
(From OE-Core rev:
ff700e01bc0639b67eb2934340b71c37d518a941)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:29 +0000 (15:55 +0200)]
trace-cmd: refactoring recipe
Fixes [YOCTO #4497]
Refactoring recipe to avoid duplicated entries in trace-cmd and
kernelshark bb-files. Also remove usage of FILESPATH and split package
unique patches into separate dirs.
(From OE-Core rev:
bc57d7041e126850245e4a5ab0211979b49b97ff)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:28 +0000 (15:55 +0200)]
gstreamer: remove unused FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
However in gstreamer no FILESPATH additions are currently needed so
instead it should be removed.
(From OE-Core rev:
aea206132384419f7f7c3514f9035eded1c5ef93)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:27 +0000 (15:55 +0200)]
dbus: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
(From OE-Core rev:
435dc012734669889b12e7bbd5364e24bbace098)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker [Mon, 12 May 2014 13:55:26 +0000 (15:55 +0200)]
systemtap: remove usage of FILESPATH
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the path.
(From OE-Core rev:
20de1b4d28f165593e86ee52211ebb595da4c01f)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 12 May 2014 10:04:26 +0000 (11:04 +0100)]
git: Fix various makefile flags
We need to pass CFLAGS and LDFLAGS to the makefile correctly so we
need to list them as part of EXTRA_OEMAKE.
We also have a problem where git hardlinks binaries in bindir with
those in its libexecdir. If we change the RPATH in one of them, it
breaks the other. We therefore set the no cross dir hardlinking flag
git already has for this kind of issue. This ensures the RPATHS for
the git-core binaries works correctly. Its pure luck this has
sometimes worked so far.
(From OE-Core rev:
64c6ae6a69215b659b82c67e238bc0fbc09a3eab)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:53 +0000 (13:14 +0100)]
systemd: remove tcp-wrappers option
systemd version 212 removed the TCP wrappers support, so remove the
PACKAGECONFIG stanza for it.
(From OE-Core rev:
2e7ce6b537035bfac6742214b3b2f987963fba3c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:52 +0000 (13:14 +0100)]
json-glib: upgrade to 1.0.0
Inherit lib_package so that the newly added binary doesn't ship in the library
package.
(From OE-Core rev:
8b2d20624af0dd4cbbfd317c219e67cbabad833a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:51 +0000 (13:14 +0100)]
python-numpy: add Signed-off-by to patches
These patches were authored by Koen Kooi in oe-classic commits:
443f6022df06d9f9dc221011c1744274deff2c2c
19a4b765a694c070bc50477026cda03143af34df
As the patches haven't changed since, add his SOB.
(From OE-Core rev:
355674b2033143eb992a9f775a848ed22831e383)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:50 +0000 (13:14 +0100)]
gdk-pixbuf: upgrade to 2.30.7
Drop tests-check.patch as it has been merged into this release.
License checksums updated as the FSF address was changed.
(From OE-Core rev:
99b91a43962e4f40d9593053f252603d5a7ae842)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:49 +0000 (13:14 +0100)]
freetype: upgrade to 2.5.3
Also drop the redundant definition of S.
(From OE-Core rev:
f5d13a8581ca50dcf9707d4e1ca0bd63fcba29c3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:48 +0000 (13:14 +0100)]
glib-2.0: upgrade to 2.40.0
The patches Fix-Werror-format-string, gio-test-race, gtest-skip-fixes, and
ptest-dbus have all been merged upstream.
Two license checksums changed as upstream has updated the FSF address in those
files.
(From OE-Core rev:
b755139b8112b425ff0a21f121104b7d212e7143)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 May 2014 12:14:47 +0000 (13:14 +0100)]
gst-openmax: fix build with GLib 2.40 onwards
GLib 2.40 adds g_ptr_array_insert, but gst-openmax is definining that as a
static helper function. Rename the static function so it doesn't conflict with
GLib's namespace.
(From OE-Core rev:
f453cd989b47677b863acda7a4627636f66436f4)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sun, 15 Dec 2013 16:30:29 +0000 (16:30 +0000)]
qemu/local.conf.sample: Add sdl PACKAGECONFIG
Currently the SDL configuration option for qemu floats. This is confusing to new users
and makes the build non-determinstic. This patch adds a PACKAGECONFIG option, defaulting
to off and adds documentation to local.conf.sample leaving it on by default since this
is the configuration our quick start assumes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sun, 11 May 2014 14:25:44 +0000 (15:25 +0100)]
bitbake: fetch2/perforce: Ensure command has a default
Ensure there is default command available if FETCHCMD_p4 isn't set.
Also clean up the getVar references whilst here.
(Bitbake rev:
d150226d11d5f041f78c8c3ce4abc5465dbc81d8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sun, 11 May 2014 12:05:40 +0000 (13:05 +0100)]
bitbake: parse: Improve file inheritance logging
The file inheritance logging has been here since the dawn of time. It
duplicates output many times over and logs to debug level 2. When running
with the debug option, its understandable the user may want to see the
paths of files included in the build.
These changes remove pointless/duplicate output and print the
include paths clearly at debug level one in a form which
users should be able to more easily parse.
(Bitbake rev:
633a56987df639295fe9128418da5634050063e5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / scm / bb / tizen-distro.git / log