Age | Commit message (Collapse) | Author |
|
Upgrade SRCREV to latest as it fixes the below issue:
Running UndefinedBehaviorSanitizer on projects that use
rapidjson triggers 'applying non-zero offset <NN> to null
pointer' findings in 'internal/stack.h' which are hard
to suppress by library users.
Removed "0001-CMake-remove-hardcoded-CMAKECONFIG_INSTALL_DIR-path.patch"
as the changes are already incorporated in the latest
codebase.
As per abi-compliance-checker report the source compatibility
and binary compatibility between previous SRCREV
6a905f9311f82d306da77bd963ec5aa5da07da9c and current
SRCREV 0ccdbf364c577803e2a751f5aededce935314313
is 100% and this patch is already tested on 64bit
ARM (aarch64) in a product with on target CI tests.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 04d9ea0ba7ece968244bf049893dd5636675b76f)
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
LIC_FILES_CHKSUM changed to do year updates
This is the last 5.3.x update. This will give us the best
starting point for doing Maintence moving forward.
Its a bug fix only update. See http://www.lua.org/work/diffs-lua-5.3.5-lua-5.3.6.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 25d8d65eb537b949aa42d1388fecbc22ba059b33)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Backport upstream patch for CVE-2019-15133.
Set CVE_PRODUCT to "giflib_project:giflib" which is used
in NVD. https://nvd.nist.gov/vuln/detail/CVE-2019-15133
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2020-35864 is for the rust crate for flatbuffers, not
flatbuffers itself.
https://security-tracker.debian.org/tracker/CVE-2020-35864
"NOT-FOR-US: flatbuffers rust crate"
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The custom configure block can be shared between target
and native if you just configure the sysroot option accordingly
and use STAGING_INCDIR to locate the python headers to build
against.
Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5fe362171c7f3426fced0c7889facec397c9cc5e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cde1019804c2f7b67bf89d178eec9f4efafea414)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream has deleted the 'master' branch, so use the 1.2 branch.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 583fbb4775a960391cb62d55164b91570a70921a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This is to update the tclap v1.2.2 with several bug fixes.
See:
https://sourceforge.net/p/tclap/bugs/23/
Signed-off-by: Chencheng Zhang <chencheng@wittra.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f03ad4971ed0b7cf34550a90ee3c0fa18f964533)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* depends on python3-protobuf from meta-python:
* fixes:
ERROR: Nothing RPROVIDES 'python3-protobuf' (but meta-oe/recipes-devtools/nanopb/nanopb_0.4.3.bb RDEPENDS on or otherwise requires it)
NOTE: Runtime target 'python3-protobuf' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['python3-protobuf']
ERROR: Required build target 'meta-world-pkgdata' has no buildable providers.
Missing or unbuildable dependency chain was: ['meta-world-pkgdata', 'nanopb', 'python3-protobuf']
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4678e224755dd6fc32be16b1d062a5f2af26753b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Uprev nodejs in order to fix CVE-2020-8277.
This CVE allows an attacker to trigger a DNS request for a host
of their choice, which could trigger a Denial of Service in
nodejs versions < 12.19.1.
See https://nvd.nist.gov/vuln/detail/CVE-2020-8277 for details.
CVE: CVE-2020-8277
Signed-off-by: Stacy Gaikovaia <Stacy.Gaikovaia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a44015408253d8a4f64055f41fa1f497aeacfc30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&patch=openssl_aes_ccm_iv_fix&revision=latest
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7070
https://bugs.php.net/patch-display.php?bug=79699&patch=fix-urldecode&revision=1600650364
https://github.com/php/php-src/blob/master/main/php_variables.c
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aff8a1fefb9a1a311e5ba14ad69871514270803a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Because CVE-2019-14274.patch is included in ice-mcpp.patch, the cve-check-tool fails to correctly judge the CVE of the OSS. CVE-2019-14274.patch is separated from ice-mcpp.patch to fix the problem.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9301b77e3266160ffb7e9bfd69d445f0392076c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Get fix
https://github.com/pikhq/musl-nscd/commit/ce81a80e30c2041d8260115fac86831ff64c354a
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The current nanopb recipe is blacklisted due to python2 dependencies.
However, newer releases of nanopb use python3 by default.
This commit updates the used nanopb version to 0.4.3 and removes the
recipe from the blacklist.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This perhaps is last release in 12.x LTS
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Backport a patch from upstream to take care of build failure e.g.
| ../deps/v8/src/codegen/arm/cpu-arm.cc:38:16: error: write to reserved register 'R7'
| asm volatile("svc 0\n"
| ^
| 1 error generated.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The main difference with squashfs-tools is the availability
of a shared library and a programmatic interface, rather
than just command-line tools.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Add apitrace to relevant packagegroup
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Michael Tretter <m.tretter@pengutronix.de>
|
|
apitrace consists of a set of tools to:
- trace OpenGL, OpenGL ES, Direct3D, and DirectDraw APIs calls to a file;
- replay OpenGL and OpenGL ES calls from a file;
- inspect OpenGL state at any call while retracing;
- visualize and edit trace files.
Signed-off-by: Michael Tretter <m.tretter@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
/var/run has been deprecated by systemd, so use /run instead,
as suggested by systemd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fix CVE-2020-15890 and CVE-2020-24372.
Also change PV format because the reference to 2.1.0-beta3
was already far behind the SRCREV. Now, base PV on a tag
and date of SRCREV commit if it is later. Sort order is
2.1.0~beta3 -> 2.1.0~beta-yymmdd -> 2.1.0 -> 2.1.0-yymmdd.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Same: having source-code-pro-fonts around is like a bugfix
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Fix CVE-2020-24371
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Backport with modifications to apply successfully.
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 7.4.9:
- Fixed: Upgrade apache2handler's php_apache_sapi_get_request_time
to return usec
- Fixed: BSTR to PHP string conversion not binary safe
- Fixed: DCOM does not work with Username, Password parameter
- Fixed: serialize() and unserialize() methods can not be called
statically
- Fixed: Segfault in php_str_replace_common
- Fixed: Assertion failure if dumping closure with unresolved
static variable
- Fixed: Assertion failure when assigning property of string
offset by reference
- Fixed: HT iterators not removed if empty array is destroyed
- Fixed: Changing array during undef index RW error segfaults
- Fixed: Use after free if changing array during undef var during
array write fetch
- Fixed: Use after free if string used in undefined index warning
is changed
- Fixed: Public non-static property in child should take priority
over private static
- Fixed: getimagesize function silently truncates after a null
byte
- Fixed: finfo_file crash (FILEINFO_MIME)
- Fixed: ftp_size on large files
- Fixed: mb_strimwidth does not trim string
- Fixed: Use of freed hash key in the phar_parse_zipfile function
- Fixed: ::getStaticProperties() ignores property modifications
- Fixed: ::getStaticPropertyValue() throws on protected props
- Fixed: Use after free when type duplicated into
ReflectionProperty gets resolved
- Fixed: Can't copy() large 'data://' with open_basedir
- Fixed: dns_check_record() always return true on Alpine
- Fixed: array_walk() does not respect property types
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The 0001-Do-not-include-sysctrl.h-with-glibc.patch is no longer needed,
and is thus removed.
The 0001-bitbang-Make-bitbang_swd-extern-definition.patch was fixed
upstream in c60252ac2b636c4d99b766a574b9df0966151696 and is thus removed.
Signed-off-by: Marc Reilly <marc@cpdesign.com.au>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.8.20:
- Add configuration setting to have docstrings not as preformatted
text but as normal documentation
- Bug fix: void return type reported as not documented
- Bug fix: Doxywizard 1.8.19 (Windows): Source code directory
seems to be ignored
- Bug fix: The Doxygen uses too much memory (or has probably a
memory leak)
- Bug fix: Doxygen doesn't stop on errors
- Bug fix: C++ grouped functions in namespace have disappeard
- Improvement of line count for e.g. warnings
- Improved layout on the bibliography page
- Updated the swedish language translation to 1.8.19
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
This error caused the curl library wouldn't to be linked correctly.
Signed-off-by: Arthur She <arthur.she@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 5.5:
- clonebundles can be annotated with the expected memory
requirements using the REQUIREDRAM option. This allows clients
to skip bundles created with large zstd windows and fallback
to larger, but less demanding bundles.
- The phabricator extension now provides more functionality of the
arcanist CLI like changing the status of a differential.
- Phases processing is much faster, especially for repositories
with old non-public changesets.
- For the case when connected to a TTY, stdout was fixed to be
line-buffered on Python 3
- Subversion sources of the convert extension were fixed to work
on Python 3
- Subversion sources of the convert extension now interpret the
encoding of URLs like Subversion.
- The empty changeset check of in-memory rebases was fixed to
match that of normal rebases (and that of the commit command).
- The push command now checks the correct set of outgoing
changesets for obsolete and unstable changesets. Previously, it
could happen that the check prevented pushing changesets which
were already on the server.
More details are available at:
https://www.mercurial-scm.org/wiki/Release5.5
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release B.02.19:
- detection of NVMe disks
- detection of SD/MMC and SDIO devices
- bug fixes
- code cleanup
- updated data files
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
it has a hard dependency on curlpp package which comes from
meta-networking
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Cc: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Shlomi Vaknin <shlomi.39sd@gmail.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Upgrade to release 1.54.02:
- Build: Use 'curl-config' found at configure time, not at make time.
- Fix bug: 'toValue' won't compile for vector of vectors or map of vectors. Thanks Yang Bo .
- Fix tiny memory leak in virtually impossible low memory situation.
It also solved one igt-gpu-tools test results misleading issue [1]
[1] https://gitlab.freedesktop.org/drm/igt-gpu-tools/-/issues/92
Signed-off-by: Arthur She <arthur.she@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Drop already upstreamed patches
use builtin uv, it does not build without it
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
The C++ Mathematical Expression Toolkit Library (ExprTk) is a simple
to use, easy to integrate and extremely efficient run-time
mathematical expression parsing and evaluation engine. The parsing
engine supports numerous forms of functional and logic processing
semantics and is easily extensible.
It is a header only library.
Signed-off-by: Vijay Khemka <vijaykhemka@fb.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
SkipPackage exception is deprecated.
Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
boost-url is a library for manipulating URI and URL.
Signed-off-by: James Feist <james.feist@linux.intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
-License-Update: Copyright year updated to 2020.
-0001-Templatize-basic_json-ctor-from-json_ref.patch
-0001-typo-fix.patch
Removed since these are included in 3.9.0
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|