| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
|
|
its been shoved out of setuptools3 in oe-core now
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
|
|
it now ends up searching native python shared libraries and tries to
link with it and fails on non-host architectures
recipe-sysroot-native/usr/lib/libpython3.9.so: file not recognized: file format not recognized
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes
configure: error:
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LIBS environment variable.
Example: ./configure LIBS="-L/usr/non-standard-path/python/lib"
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes
configure: error:
Could not link test program to Python. Maybe the main Python library has been
installed in some non-standard library path. If so, pass it to configure,
via the LIBS environment variable.
Example: ./configure LIBS="-L/usr/non-standard-path/python/lib"
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This is needed to find _PYTHON_SYSCONFIGDATA_NAME
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fixes the following CVEs:
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
Full release notes at:
https://www.postgresql.org/docs/12/release-12-5.html
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Other products like "RedHat:fuse" introduce false CVE findings like:
https://nvd.nist.gov/vuln/detail/CVE-2018-10906
https://nvd.nist.gov/vuln/detail/CVE-2019-14860
https://nvd.nist.gov/vuln/detail/CVE-2020-25689
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
gupnp 1.2.3 adds mitigation for CVE-2020-12695 (CallStranger)
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Dependency of gupnp 1.2.3
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 69bae2a2360643805de2ae1cd9ebc4202cd5a2fb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove --enable-music-ogg-tremor as it broke vorbis support:
checking tremor/ivorbisfile.h usability... no
checking tremor/ivorbisfile.h presence... no
checking for tremor/ivorbisfile.h... no
checking for ov_open_callbacks in -lvorbisidec... no
configure: WARNING: *** Unable to find Ogg Vorbis Tremor library (http://www.xiph.org/)
configure: WARNING: Ogg Vorbis support disabled
With this change:
checking vorbis/vorbisfile.h usability... yes
checking vorbis/vorbisfile.h presence... yes
checking for vorbis/vorbisfile.h... yes
checking for ov_open_callbacks in -lvorbisfile... yes
-- dynamic libvorbisfile -> libvorbisfile.so.3
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 074c7d9a1ebb86674f02d8a5545e1ed54f6d87fe)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cde1019804c2f7b67bf89d178eec9f4efafea414)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: Wireshark.org
MR: 106181, 106696, 107655, 107673, 107682
Type: Security Fix
Disposition: Backport from wireshark.org
ChangeID: 57df6ac3b11aabd96e6aec728501ce7988bc176a
Description:
Bugfix only update including these cves:
3.2.8
CVE-2020-26575
CVE-2020-28030
3.2.9
CVE-2020-26418
CVE-2020-26421
CVE-2020-26420
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
scripts/build is interpreted as an sh script which may not recognize variable
assignment operator += and thus give the following error and fail to append
LDLIBS.
../scripts/build: 21: ../scripts/build: LDLIBS+=-lm: not found
Use the basic assignment instead.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a6a8fc75bad04be0842e22fb137d0e7a2dcb7279)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream has deleted the 'master' branch, so use the 1.2 branch.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 583fbb4775a960391cb62d55164b91570a70921a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is to update the tclap v1.2.2 with several bug fixes.
See:
https://sourceforge.net/p/tclap/bugs/23/
Signed-off-by: Chencheng Zhang <chencheng@wittra.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f03ad4971ed0b7cf34550a90ee3c0fa18f964533)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit db3aab1e47268ae8e919e0b94c2021139031f76e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* depends on python3-protobuf from meta-python:
* fixes:
ERROR: Nothing RPROVIDES 'python3-protobuf' (but meta-oe/recipes-devtools/nanopb/nanopb_0.4.3.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'python3-protobuf' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['python3-protobuf']
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'nanopb', 'python3-protobuf']
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4678e224755dd6fc32be16b1d062a5f2af26753b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* I enabled the shared library option to eliminate linker issues
with a package that used spdlog.
* Edited the tweak.h file so programs use the external fmt library
headers, not the oners in spdlog.
Signed-off-by: Philip Balister <philip@opensdr.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 010cd128e7ae8258f83c03195caa605bbce3e76b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 62c2f4a48a244ead00d4b32f42b10f52441afc1c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4a171790a66c6adb5bf0994c9b2c85a1ea0b8ce8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This works fine until valgrind is installed on build host but its not
selected as option to build in recipe, configure wrongly pokes at
/usr/lib and sees valgrind there and enables it but only to fail in
compile time where it does not find valgrind.h in recipe sysroot, since
OE's build environment add right guardrails to pkgconfig, there is no
need to add build staging area to pkgconfig search path which turns out
to be wrong for cross builds anyway
Fixes
../../../pidgin-sipe-1.25.0/src/core/sipe-cert-crypto-nss.c:34:10: fatal error: 'valgrind.h' file not found
^~~~~~~~~~~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 99bc44010402c2d8211805e78f6d4df751cf00e0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When multilib is enabled, tmpfiles.d is created in /usr/lib rather than
${libdir} which is /usr/lib64. It causes installed-vs-shipped error:
| ERROR: colord-1.4.4-r0 do_package: QA Issue: colord:
Files/directories were installed but not shipped in any package:
| /usr/lib/tmpfiles.d
| /usr/lib/tmpfiles.d/colord.conf
Fix the path in FILES to fix the issue.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f147cbab5d11e7f708448de1917d78ff99170464)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The Debian pool URLs are not permanent, and the package is no longer
included in any active Debian release. It is also not available through
any of the default Debian snapshot mirrors. Instead of adding a new
Debian snapshot mirror, use the upstream URL directly.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5265de84b38c3ce946bdc0a489a70cedf7145e1a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 155e7d6b3d5a43594006aff2050fd23a110b9cdb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The Debian pool URLs are not permanent and the package might vanish as
soon as the version is no longer part of any Debian release. Use the
upstream URL directly.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2e1a32a474b8600b56e4d7e2434967103b267ccb)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
aiohttp implicitly RDEPENDs on html, json, and socketserver modules,
which are part of python3 recipe. They can't be properly imported if
they are missing from RDEPENDS
Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8e7c57bd8f8250251e54fcbe149dc81743c0e30a)
[Fixup for Gatesgarth context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 7b8efbbd0f22d1871cfe2e90adec6aa9f5e9483d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The /etc/ethertypes is provided by netbase since 6.0[1].
Do not instal the file in ebtables, otherwise there would be a conflict:
Error: Transaction test error:
file /etc/ethertypes conflicts between attempted installs of netbase-1:6.2-r0.corei7_64 and ebtables-2.0.10+4-r4.corei7_64
[1] https://salsa.debian.org/md/netbase/-/commit/316680c6a2c3641b6abc76b3eebf88781f609d35
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit af6f068632281f8abd42dd3e3301eddd2b0d3ae4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Since systemd v246.5[1], udev_monitor_set_receive_buffer_size() will
return 0 or 1 if successful. We only need to check a negative value for
the failure.
[1] https://github.com/systemd/systemd-stable/commit/4dcae666889ae9469e4406c0bcaffadbc01c4f66
https://github.com/systemd/systemd-stable/commit/fe9b92e566f837665cc06c82374e4e42f9295c99
https://github.com/systemd/systemd-stable/commit/5dd4cc4b10daea5d2ba969425ba02d2098dd06a4
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 60a95ba16ec29d9cb8be32436bb0f96b2a5106aa)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Uprev nodejs in order to fix CVE-2020-8277.
This CVE allows an attacker to trigger a DNS request for a host
of their choice, which could trigger a Denial of Service in
nodejs versions < 12.19.1.
See https://nvd.nist.gov/vuln/detail/CVE-2020-8277 for details.
CVE: CVE-2020-8277
Signed-off-by: Stacy Gaikovaia <Stacy.Gaikovaia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a44015408253d8a4f64055f41fa1f497aeacfc30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&patch=openssl_aes_ccm_iv_fix&revision=latest
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7070
https://bugs.php.net/patch-display.php?bug=79699&patch=fix-urldecode&revision=1600650364
https://github.com/php/php-src/blob/master/main/php_variables.c
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aff8a1fefb9a1a311e5ba14ad69871514270803a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14383
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit baee1ebeafce5d6a99dafc30b91e6fb760197686)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14318
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1d44b4c03d51e91ce01cf5fd0b33155ce36f1862)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15803
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d259144422bb44af9dbc7397fc4077d0bf3fc83f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Because CVE-2019-14274.patch is included in ice-mcpp.patch, the cve-check-tool fails to correctly judge the CVE of the OSS. CVE-2019-14274.patch is separated from ice-mcpp.patch to fix the problem.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9301b77e3266160ffb7e9bfd69d445f0392076c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This change causes build failure:
Found CMake: NO
| Run-time dependency libhandy-1 found: NO (tried pkgconfig)
|
| ../gnome-calendar-3.38.1/meson.build:166:0: ERROR: Dependency "libhandy-1" not found, tried pkgconfig
Gategarth Core version of libandy is 0.0.13 so this patch is puzzling
This reverts commit 46ac17595bbd74a3dbcfbc7b5e1456ff78f5dca7.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Commits e2180b00b3b8fcf776c3 and 8edd760e66b48e411d2a added support for
native builds for the opensc and pcsc-lite recipes, but building
opensc-native fails after commit 40b3a5123120da0e4586 (2019-12-04,
"opensc: fix RDEPENDS in pcsc PACKAGECONFIG") with:
ERROR: Required build target 'opensc-native' has no buildable providers.
Missing or unbuildable dependency chain was: ['opensc-native', 'pcsc-lite-lib-native']
The commit in question is correct for target builds, but native builds
don't have packages, therefore there is no pcsc-lite-lib-native package
to depend on – the -lib part is also provided in pcsc-lite-native.
Ideally we would fix this in the opensc recipe. However, using syntax
like "PACKAGECONFIG_class-native[pcsc]" in the opensc recipe is
apparently not possible to overwrite the dependency for a native build,
and using RDEPENDS_remove has no effect either – apparently dependencies
from PACKAGECONFIG are added after RDEPENDS_remove is evaluated.
Therefore let pcsc-lite provide the missing package name for native
builds, even if fixing this unrelated package is not the most elegant
solution.
Fixes: 40b3a5123120da0e4586 (2019-12-04, "opensc: fix RDEPENDS in pcsc PACKAGECONFIG")
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
More information on: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976228
| A buffer overflow in the dlt_filter_load function in dlt_common.c in
| dlt-daemon 2.8.5 (GENIVI Diagnostic Log and Trace) allows arbitrary
| code execution because fscanf is misused (no limit on the number of
| characters to be read in a format argument).
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Stacy Gaikovaia <stacy.gaikovaia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add nettle and lz4 to DEPENDS to make the minifi extension archive
support crypto and lz4.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Keep sync with upstream
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This reverts commit e5d9133800f5c37172a6315d42a99464f9fe1902.
It exists in oe-core/master, but not in oe-core/gatesgarth, so this shouldn't
be included in meta-oe/gatesgarth.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 7.19.0:
- Fix to restore the ability to specify more than one extension
using command line flags when using traitlets 5.0
- Docs docs formatting that make the install commands work on zsh
- Always display the last frame in tracebacks even if hidden with
__traceback_hide__
- Avoid an issue where a callback can be registered multiple times.
- Avoid an issue in debugger mode where frames changes could be
lost.
- Never hide the frames that invoke a debugger, even if marked as
hidden by __traceback_hide__
- Fix calling the debugger in a recursive manner
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 6.1:
- Windows support has been improved. Tornado is now compatible
with the proactor event loop (which became the default in Python
3.8) by automatically falling back to running a selector in a
second thread. This means that it is no longer necessary to
explicitly configure a selector event loop, although doing so
may improve performance. This does not change the fact that
Tornado is significantly less scalable on Windows than on other
platforms.
- Binary wheels are now provided for Windows, MacOS, and Linux
(amd64 and arm64).
- This is the last release of Tornado to support Python 3.5.
Future versions will require Python 3.6 or newer
License-Update: Checksum change, lisense remains "Apache-2.0"
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.3.1:
- allow to avoid linking against VC2014_1 on windows
- do not mark move constructor / assignment operator of expression
as noexcept. This is to circumvent a suspected bug in the GCC
compiler in the manylinux1 image.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
Khem Raj
Robert Joslyn
Mikko Rapeli
Diego Santa Cruz
jabdoa2
Sean Nyekjaer
Armin Kuster
He Zhe
Chen Qi
Chencheng Zhang
Martin Jansa
Philip Balister
Kai Kang
Roland Hieber
Vyacheslav Yurkov
Yi Zhao
Joe Slater
Stacy Gaikovaia
Zheng Ruoqin
Wang Mingyu
Zang Ruochen
Armin Kuster
Gianfranco
viatsk
Max Kellermann
Hongxu Jia
Leon Anavi