aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2014-07-08populate-extfs.sh: fix to handle special file names correctlyChenQi/dora-populate-extfsChen Qi
`debugfs' treats spaces and "" specially. So when we are dealing with file names, great care should be taken to make sure that `debugfs' recognizes file names correctly. The basic solution here is: 1. Use quotation marks to handle spaces correctly. 2. Replace "xxx" with ""xxx"" so that debugfs knows that the quotation marks are parts of the file name. [YOCTO #6503] Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
2014-07-03libtool-cross/native: Force usage of bash due to sstate inconsistenciesRichard Purdie
Scenario: a) libtool script is built on system with bash as /bin/sh b) machine B installs sstate from build a) c) machine B has dash as /bin/sh In this scenario, the script fails to work properly since its expecting /bin/sh to have bash like syntax and it no longer does have it. This patch forces the configure process to use /bin/bash, not /bin/sh and hence allows the scripts to work correctly when used from sstate. (From OE-Core rev: 24d5b449e5f4d91119f0d8e13c457618811aadfc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-07-03perf: split packgingHenning Heinold
* some fundamental perf commands can work without the dependency on perl, python or bash make them separate packages and RSUGGEST them * bump PR The patch was sponsored by sysmocom Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-07-03perf: add slang to the dependenciesHenning Heinold
* TUI/GUI support was added in 2.6.35 based on libnewt * since 3.10 slang replaced libnewt completly * changing TUI_DEFINES is not necessary, because NO_NEWT is still respected with newer kernels * add comment about the gui history to the recipe The patch was sponsored by sysmocom Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-07-03perf: fix broken shell comparsion in do_installHenning Heinold
The patch was sponsored by sysmocom Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-30e2fsprogs: Fix populate-extfs.shStéphane Cerveau
Fix the use of command dirname on ubuntu 12.04. dirname does not accept space in file name. Signed-off-by: Stéphane Cerveau <scerveau@connected-labs.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-24prelink: Fix SRC_URIKhem Raj
The SHA we use it actually on cross_prelink branch if you do not use yocto source mirrors then the fetch for prelink on dora fails due to missing branch in SRC_URI Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-24populate-extfs.sh: keep file timestampsChen Qi
Fix populate-extfs.sh to keep file timestamps while generating the ext file systems. [YOCTO #6348] Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
2014-06-24rpm: Fix rpm -V usageMark Hatle
[YOCTO #6309] It appears a logic issue has caused rpm -V to no longer verify the files on the filesystem match what was installed. (From OE-Core master rev: 117862cd0eebf6887c2ea6cc353432caee2653aa) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2014-06-24consolekit: fix console-kit-log-system-start.service startupJonathan Liu
console-kit-log-system-start.service fails to to start if the /var/log/ConsoleKit directory does not exist. Normally it is created automatically but as we mount a tmpfs at /var/log, we need to add a tmpfiles.d entry to create it. (From OE-Core master rev: 2a9a14bf400fe0c263c58aa85b02aba7311b1328) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
2014-06-24populate-extfs.sh: error out if debugfs encounters some errorChen Qi
Previously, even if we encounter some error when populating the ext filesystem, we don't error out and the rootfs process still succeeds. However, what's really expected is that the populate-extfs.sh script should error out if something wrong happens when using `debugfs' to generate the ext filesystem. For example, if there's not enough block in the filesystem, and allocating a block for some file fails, the failure should not be ignored. Otherwise, we will have a successful build but a corrupted filesystem. The debugfs returns 0 as long as the command is valid. That is, even if the command fails, the debugfs still returns 0. That's really a pain here. That's why this patch checks the error output to see whether there's any error logged. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-24populate-extfs.sh: fix to handle /var/lib/opkg/alternatives/[[ correctlyChen Qi
There was a patch trying to fix this problem by using 'dirname', but it caused some build failures, thus got reverted. The problem is that $DIR might be empty and we should first do the check before trying to use $(dirname $DIR). [YOCTO #5712] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-17x264: Update SRCREV to match commit in upstream git repoKhem Raj
It seems that 585324fee380109acd9986388f857f413a60b896 is no longer there in git and it has been rewritten to ffc3ad4945da69f3caa2b40e4eed715a9a8d9526 Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be (master rev: b193c7f251542aa76cb5a4d6dcb71d15b27005eb) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Patrick Doyle <wpdster@gmail.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: fix for CVE-2010-5298Yue Tao
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298 (From OE-Core master rev: 751f81ed8dc488c500837aeb3eb41ebf3237e10b) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: fix CVE-2014-3470Paul Eggleton
http://www.openssl.org/news/secadv_20140605.txt Anonymous ECDH denial of service (CVE-2014-3470) OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: fix CVE-2014-0224Paul Eggleton
http://www.openssl.org/news/secadv_20140605.txt SSL/TLS MITM vulnerability (CVE-2014-0224) An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: fix CVE-2014-0221Paul Eggleton
http://www.openssl.org/news/secadv_20140605.txt DTLS recursion flaw (CVE-2014-0221) By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: use upstream fix for CVE-2014-0198Paul Eggleton
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora, which is the same as the patch which was actually applied upstream for the issue, i.e.: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b107586c0c3447ea22dba8698ebbcd81bb29d48c Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-10openssl: fix CVE-2014-0195Paul Eggleton
http://www.openssl.org/news/secadv_20140605.txt DTLS invalid fragment vulnerability (CVE-2014-0195) A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. Only applications using OpenSSL as a DTLS client or server affected. (Patch borrowed from Fedora.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-06gnutls: patch for CVE-2014-3466 backportedValentin Popa
Backported patch for CVE-2014-3466. This patch is for dora. Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21openssl: fix CVE-2014-0198Maxin B. John
A null pointer dereference bug was discovered in do_ssl3_write(). An attacker could possibly use this to cause OpenSSL to crash, resulting in a denial of service. https://access.redhat.com/security/cve/CVE-2014-0198 Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Matt Fleming <matt.fleming@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-29build-appliance: Update to Dora 1.5.2Saul Wold
Fix to be HEAD of Dora, not master Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-29build-appliance-image: Update to head revisionRichard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-29make: fix invoking makeinfo failed at do_install timeHongxu Jia
Reproduce steps: $ bitbake texinfo-native $ bitbake make $ bitbake make -cdevshell In the devshell: root:make-3.82# echo "" >> doc/make.texi root:make-3.82# ../temp/run.do_install Failed Log: ... tmp/work/i586-poky-linux/make/3.81-r1/make-3.81/doc/make.texi:8165: @itemx must follow @item ... Backport from make 4.0 to fix this issue. [YOCTO #6219] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-19mesa: double check for eglplatform.hValentin Popa
Even if 'egl' is in PACKAGECONFIG, mesa egl support can be disabled explicitly (changing configure flags using a .bbappend, for example). On dora, meta-fsl-arm is an example of this kind. On master there are no known cases, and we should encourge package configuration through PACKAGECONFIG. This patch adds another check for the existence of eglplatform.h before 'sed' can alter it. Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-11openssl: bump PRPaul Eggleton
We don't normally do this, but with the recent CVE fixes (most importantly the one for the serious CVE-2014-0160 vulnerability) I am bumping PR explicitly to make it a bit more obvious that the patch has been applied. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-11sstatesig: Anchor inherits class testsRichard Purdie
This avoids a nasty sstate hash corruption issue where the fact the testimage bbclass was inherited meant that the checksum changed due to testimage.bbclass being confused with image.bbclass. This patch anchors the bbclass names to avoid this confusion. (From OE-Core master rev: 943a75a4f3b6877e4092dae14b59b7afef8cad3d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
2014-04-11classes/image: ignore modules.* changing during multilib image constructionPaul Eggleton
Since we now run depmod when building images (as the postinst that does this is now on kernel-base instead of kernel-image) it is possible to have module file differences between the two halves of the multilib image, and the code that checks for such differences detects this and fails. Whitelist this file to avoid the failure. Specifically, modules.alias, modules.dep and modules.symbol can differ along with their .bin counterparts. Related to fix for [YOCTO #5392]. (From OE-Core master rev: 0a315804bf991664c0948e3024b8e8b9e9085808) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-11classes/kernel: move module postinst commands to kernel-basePaul Eggleton
Since kernel-base is the package that contains the files that depmod needs to run, we should be running depmod from the kernel-base postinstall rather than kernel-image. Fixes [YOCTO #5392]. (From OE-Core master rev: f7d2cb383281ec8dfa90950ba04d87dd29ffc676) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-11sstatesig.py: Fix image regeneration issueRichard Purdie
With the "ABI safe" recipes, we've been excluding those from signatures. This is fine in the general case but in the specific case of image recipes it breaks. A good test case is the interfaces file. Editting this causes init-ifupdown to rebuild but not an image containing it (e.g. core-image-minimal). We need to ensure the checksums are added to the image recipes and this change does that. (From OE-Core master rev: fd085f15e7cd093953f974f69277e130174d551d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-09openssl: backport fix for CVE-2014-0160Paul Eggleton
Fixes the "heartbleed" TLS vulnerability (CVE-2014-0160). More information here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 Patch borrowed from Debian; this is just a tweaked version of the upstream commit (without patching the CHANGES file which otherwise would fail to apply on top of this version). Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-09Security Advisory - openssl - CVE-2013-6449Yue Tao
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (From OE-Core master rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-09Security Advisory - openssl - CVE-2013-6450Yue Tao
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (From OE-Core master rev: 94352e694cd828aa84abd846149712535f48ab0f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-09Security Advisory - openssl - CVE-2013-4353Yue Tao
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (From OE-Core master rev: 35ccce7002188c8270d2fead35f9763b22776877) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-04Revert "buildhistory_analysis: fix error when comparing image contents"Richard Purdie
This reverts commit 5b616aa7b618f6ed221d6fa9738220a2c2349f7d.
2014-04-04eglibc 2.18: powerpc: Fix time related syscallsMats Kärrman
Concatenated fix of PowerPC time related system calls in eglibc 2.18 taken from upstream glibc. See credits in patch header. The effect is that some time related system calls returns nothing or garbage. Fix tested on PowerPC e300c3. Eglibc 2.17 does not have this issue and the patches are already part of 2.19. Signed-off-by: Mats Karrman <mats.karrman@tritech.se> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-04mesa: build fix for gallium-eglValentin Popa
(*) add MESA_EGL_NO_X11_HEADERS to defines (*) avoid altering eglplatform.h from {top_srcdir}/include using an alternative to 0003-EGL-Mutate-NativeDisplayType-depending-on-config patch. [YOCTO #5882] Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-26image_types.bbclass: use 4096 instead of 8192 bytes-per-inodeRobert Yang
The image not correctly created if 'ptest-pkgs' is in IMAGE_FEATURES, this is because there is no free inode left. We can use 4096 instead of 8192 bytes-per-inode to fix the problem, and most of the distributions us 4096, such as Ubuntu, Suse, Fedora and CentOS. There are another problems: * There are error message when there is no free inode left if we run the mke2fs command manually, but they are not in log.do_rootfs. * The image generation doesn't stop when error happens because mke2fs doesn't return failed for this case. Will fix them in other threads. [YOCTO #5957] (From OE-Core master rev: 09ab3a00598d06e3a1bf871811c2ac37359c74da) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-25license.bbclass: fix copying license directories failedHongxu Jia
For each recipe, it populated license files to ${LICENSE_DIRECTORY}/${PN}, such as kernel's license dir was ${LICENSE_DIRECTORY}/kernel-3.10.17-yocto-standard; In do_rootfs task, it copied license directories from ${LICENSE_DIRECTORY}/ ${pkg}, and ${pkg} was listed in ${INSTALLED_PKGS}; We got ${INSTALLED_PKGS} by rpm query, such as the kernel were 'kernel-*', but the kernel's PN was linux-yocto, so searching ${LICENSE_DIRECTORY}/ kernel-* failed. Copied license directories from ${LICENSE_DIRECTORY}/${PN} fixed this issue. [YOCTO #5572] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-13lsbtest: fix comparison bashismStefan Stanacar
== is a bashism use = instead. (Based on OE-Core master rev: c90d1047c41148cbd57f26b5a34563346602a71b) Signed-off-by: Stefan Stanacar <stefanx.stanacar@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11iproute2: de-bash its scripts to remove the bash dependencyChen Qi
If we build a minimal image with iproute2 installed, the following error will appear during rootfs. error: Can't install iproute2-3.10.0-r0.0@i586: no package provides /bin/bash The problem is that iproute2 has an implicit dependency on 'bash'. This dependency is from per-file dependency checking. Patch two scripts, ifcfg and rtpr, from iproute2 to remove the bash specific syntax. [YOCTO #5415] (From OE-Core master rev: 1132c4210eddd59b22b2640935ab0bb8f48c0124) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11libomxil: Fix link issue for gst-omxSébastien Mennetrier
gst-omx element can not load due to a missing symbol. Missing symbol RM_Deinit. (From OE-Core master rev: 56301698a55bcbab4272b273fd98ce4de84cbfac) Signed-off-by: Sébastien Mennetrier <s.mennetrier@innotis.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11grub: move xz to DEPENDS list from RDEPENDS listMing Liu
liblzma5 is really requiring by grub, setting RDEPENDS to xz would pull unneeded xz binaries into rootfs. (From OE-Core master rev: 78526905999fa38047ae8f3491127cc03de3e3f6) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11avahi: handle SO_REUSEPORT not being availableRoss Burton
Linux < 3.9 doesn't have the SO_REUSEPORT option so instead of failing to start when built with >=3.9 kernel headers but booted on <3.9 kernels, continue as if SO_REUSEPORT wasn't available. (From OE-Core rev: 85e89da55f778ad3713460cb0df1435d82e94510) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-11Revert "license.bbclass: fix copying license directories failed"Richard Purdie
This reverts commit e58a1499accd74d3e6fe4f899711d4c680ebc18f. It depends on other functionality not backported to dora.
2014-03-06gnutls: fix failure during do_compilePaul Eggleton
Add a Debian patch to fix a load of errors building the documentation within do_compile e.g.: | ./x509-api.texi:15: misplaced { | ./x509-api.texi:15: misplaced } (From OE-Core master rev: b09a9a5f298596795f17243e5ffcf7dab295a8e6) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-05gnutls: Fixed bug that prevented the rejection of v1 intermediate CA ↵Karl Hiramoto
certificates. This patch is for the OE-Core dora branch - it comes from upstream: >From 467478d8ff08a3cb4be3034ff04c9d08a0ceba3e From: Nikos Mavrogiannopoulos <nmav@redhat.com> Date: Wed, 12 Feb 2014 16:41:33 +0100 For more info see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 http://www.gnutls.org/security.html#GNUTLS-SA-2014-1 https://www.gitorious.org/gnutls/gnutls/commit/467478d8ff08a3cb4be3034ff04c9d08a0ceba3e Signed-off-by: Karl Hiramoto <karl@hiramoto.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-05gnutls: CVE-2014-0092 correct return codesKarl Hiramoto
This patch is for the OE-Core dora branch - it comes from upstream: git://gitorious.org/gnutls/gnutls.git branch: gnutls_2_12_x commit: 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Author: Nikos Mavrogiannopoulos <nmav@gnutls.org> Date: Thu Feb 27 19:42:26 2014 +0100 For more info see: http://www.gnutls.org/security.html#GNUTLS-SA-2014-2 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b Signed-off-by: Karl Hiramoto <karl@hiramoto.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-02-14systemd: journald fix ignored disk space restrictionsDiego Sueiro
The upstream bug report can be seen at: [Systemd #68161] -- https://bugs.freedesktop.org/show_bug.cgi?id=68161 This backports patches come from 207 and need to address this in the 206 version for dora branch. Signed-off-by: Diego Sueiro <diego.sueiro@gmail.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-02-14gcc: Include patch scheduled for GCC 4.8.3 to fix epilogue on ARMHolger Hans Peter Freyther
GCC 4.8.0, 4.8.1 and 4.8.2 can generate broken epilogues for the ABI used by the kernel. Apply the patch that is included for GCC 4.8.3 from http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58854. The issue was found on Yocto/Dora and the patch should be backported to this branch. A kernel built with Dora's GCC 4.8.1 misbehaved on: while true; do (for i in `seq 1 100`; do echo "Log message... $RANDOM"; done) | logger; done busybox's syslogd would from time to read a huge negative value and then exit, strace would get stuck waiting on a syscall. After this patch it appears to work better. (From OE-Core master rev: 3004eb3b7ee5fd8dfe9c4e5749b4e125d0bd4b59) Signed-off-by: Holger Hans Peter Freyther <holger@moiji-mobile.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>