Age | Commit message (Collapse) | Author |
|
Lots of bug fixes.
CVE: CVE-2021-21704 CVE-2021-21705
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Without it there are no terminal configurations on the target
and htop refuses to run.
(cherry picked from commit b5d74f8a6bd33e8468dd04d990f08d89d1e6928a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Its already upstream and also used in Debian and Ubuntu
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d0f2d7c954b9f3befd9470d97de581fe5b1fb2a8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 319490178b999a74a82d092320de5d9d2e5c67bd)
[Stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop all patches, now part of upstream codebase
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 37537bda8c4775ce1c390d1a9a5b2f5fab89bfc7)
[Stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It fails to start install_db.service when install mariadb-setupdb from a
package repo via dnf:
root@qemux86-64:~# systemctl status install_db
x install_db.service - Install MySQL Community Server Database
Loaded: loaded (/lib/systemd/system/install_db.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2021-07-09 02:55:12 UTC; 5s ago
Process: 504 ExecStart=/usr/bin/mysql-systemd-start pre (code=exited, status=203/EXEC)
Main PID: 504 (code=exited, status=203/EXEC)
Jul 09 02:55:12 qemux86-64 systemd[1]: Starting Install MySQL Community Server Database...
Jul 09 02:55:12 qemux86-64 systemd[504]: install_db.service: Failed to locate executable /usr/bin/mysql-systemd-start: No such file or directo>
Jul 09 02:55:12 qemux86-64 systemd[504]: install_db.service: Failed at step EXEC spawning /usr/bin/mysql-systemd-start: No such file or direct>
Jul 09 02:55:12 qemux86-64 systemd[1]: install_db.service: Main process exited, code=exited, status=203/EXEC
Jul 09 02:55:12 qemux86-64 systemd[1]: install_db.service: Failed with result 'exit-code'.
Jul 09 02:55:12 qemux86-64 systemd[1]: Failed to start Install MySQL Community Server Database.
The scripts required by install_db.service are packaged in
mariadb-server which depends on mariadb-setupdb already. So move the
scripts to mariadb-setupdb to make sure start install_db.service
successfully. And move creating user 'mysql' in mariadb-setupdb as well.
Packageconfig 'setupdb' has been useless from last upgrade, so remove it
at same time.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b7554ae2855483edc0a7d4c533d7d818bbc9e4f8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Forward port musl patches
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 287ffdf1d03731fadd6a90b224d08cf9a3b50de5)
[Stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This way, mariadb does not depend on mariadb-native anymore.
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6f05b2463a20f99d43c5a7db190dfe3490929247)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit abbca30bd61c0ff856785900aac899ab33ead08b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
musl finds this problem in sources where its missing to include
needed system header for ssize_t
Fixes
wsrep-lib/include/wsrep/gtid.hpp:80:5: error: unknown type name 'ssize_t'; did you mean 'size_t'?
ssize_t scan_from_c_str(const char* buf, size_t buf_len,
^~~~~~~
size_t
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0298521fcd9eefdd9cd415b58740b972d65cf93c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop fix-a-building-failure.patch because upstream has made is narrower
to apply to emulator builds and not just any cross compiling builds
Add missing dependency on boost
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2183f0894110a6913c44bee9a1f4b1cea7639bdc)
[Bug fix only update:
CVE-2021-2166
CVE-2021-2154 ]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Assume recent CMake upgrade made this pop up.
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ca18e276d63e9fc6fece6a32e88959cbcf84c91b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This patch backports the fix for CVE-2021-29478
CVE: CVE-2021-29478
Upstream-Status: Backport
[https://github.com/redis/redis/commit/29900d4e6bccdf3691bedf0ea9a5d84863fa3592]
An integer overflow bug in Redis 6.2 could be exploited to corrupt the heap and
potentially result with remote code execution.
The vulnerability involves changing the default set-max-intset-entries
configuration value, creating a large set key that consists of integer values
and using the COPY command to duplicate it.
The integer overflow bug exists in all versions of Redis starting with 2.6,
where it could result with a corrupted RDB or DUMP payload, but not exploited
through COPY (which did not exist before 6.2).
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This patch backports the fix for CVE-2021-29477.
CVE: CVE-2021-29477
Upstream-Status: Backport
[https://github.com/redis/redis/commit/f0c5f920d0f88bd8aa376a2c05af4902789d1ef9]
An integer overflow bug in Redis version 6.0 or newer could be exploited using
the STRALGO LCS command to corrupt the heap and potentially result with remote
code execution.
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
In sysbench version 0.4, the tmp variable used by the memory test to
execute requests is optimized by the compiler. Caching mechanism reduces
the direct accesses to the memory increasing the transfer speed. This
leads to false timing estimations that considerably affect read and
also random write operations.
In sysbench version 1, this issue is fixed adding the volatile modifier
to the tmp variable. This prevents compiler optimizations forcing a direct
access to the memory.
The final result is a realistic transfer speed measurement.
Signed-off-by: massimo toscanelli <massimo.toscanelli@leica-geosystems.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 59cce5ad1603c2975684ae15b639e0e3cd688c40)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This patch fixes the following error when libiio is installed when
python3 bindings are enabled:
ERROR: Execution of '.../libiio/0.21+gitAUTOINC+565bf68ecc-r0/temp/run.do_install.2349473' failed with exit code 1:
running build
running build_py
running install
Traceback (most recent call last):
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/build/bindings/python/setup.py", line 77, in _check_libiio_installed
raise OSError
OSError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/build/bindings/python/setup.py", line 106, in <module>
setup(**config)
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/recipe-sysroot-native/usr/lib/python3.9/site-packages/setuptools/__init__.py", line 153, in setup
return distutils.core.setup(**attrs)
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/recipe-sysroot-native/usr/lib/python3.9/distutils/core.py", line 148, in setup
dist.run_commands()
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/recipe-sysroot-native/usr/lib/python3.9/distutils/dist.py", line 966, in run_commands
self.run_command(cmd)
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/recipe-sysroot-native/usr/lib/python3.9/distutils/dist.py", line 985, in run_command
cmd_obj.run()
File ".../libiio/0.21+gitAUTOINC+565bf68ecc-r0/build/bindings/python/setup.py", line 52, in run
self._check_libiio_installed()
File "/libiio/0.21+gitAUTOINC+565bf68ecc-r0/build/bindings/python/setup.py", line 83, in _check_libiio_installed
raise Exception(msg)
Exception: The libiio library could not be found.
libiio needs to be installed first before the python bindings.
The latest release can be found on GitHub:
https://github.com/analogdevicesinc/libiio/releases
Some time ago a fix for this issue was already discussed here [1].
However in the same discussion also a second issue was being handled.
A fix for the second issue was merged in 51f98865da0. The first issue
didn't pop up anymore and so a fix was never applied.
Recently however after switching from build machine, I started seeing
the first issue. I suspect due to build caching the first issue didn't
pop up anymore before up until now. With this patch, fixes are now
available for both issues handled in [1].
[1]: https://github.com/openembedded/meta-openembedded/issues/248
Signed-off-by: Sam Van Den Berge <sam.van.den.berge@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2006-5201 affects only using an RSA key with exponent 3 on Sun Solaris.
Signed-off-by: Masaki Ambai <ambai.masaki@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 44113dcb5feea5522696d43d00909db41e5e6dbc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Rebuilding minifi-cpp in old build dir sometimes result
in do_compile failure. So set CLEANBROKEN to "1" to workaround
this problem. If further investigation is done and the underlying
problem is addressed, this setting could be removed.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a9e17243875b82dba698924cf2f1d31408127521)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This was introduced with commit:
2e0fd78
rapidjson: fix cmake artifacts installation for non-default BASELIB case
and should have been removed with commit:
5aa127a
rapidjson: Remove unwanted patches
NOTE: such multilib fixes are not needed after this commit in oe-core:
24f630c cmake.bbclass: Define LIB_SUFFIX
Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0ceacaa68e212cc06ea7371a206bdbe21033cc05)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Set an appropriate python processor directory in configure file to fix
the minifi startup warning:
[org::apache::nifi::minifi::python::PythonCreator] [error] Could not access /etc/minifi/minifi-python/
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a86b772e31079231a04762ed49ec83d32005ca15)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
From COPYING.README:
"""
Eigen is primarily MPL2 licensed. See COPYING.MPL2 and these links:
http://www.mozilla.org/MPL/2.0/
http://www.mozilla.org/MPL/2.0/FAQ.html
Some files contain third-party code under BSD or LGPL licenses, whence the other
COPYING.* files here.
All the LGPL code is either LGPL 2.1-only, or LGPL 2.1-or-later.
For this reason, the COPYING.LGPL file contains the LGPL 2.1 text.
"""
The upstream repository contains multiple COPYING files (various 3rd party
code is under different licenses), so update the LICENSE information
accordingly. Also, add MINPACK to meta-oe/licenses.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9efdb6799ed45cf04acde9b435aeb8ccd1f2843c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
libpfm4 is only enabled for powerpc arch as of now.
This enables the lib on Arm 64bit platform as well.
Signed-off-by: Olivier Georget <olivier.georget@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d02bd486736ba7cc552312849cea4fa33b1e1259)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
4.4.6 has been released from same SHA which was used for rc0
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e17fc085c025550be08353319983f9b89b11831b)
[Bug fix only updates:
Issues fixed:
SERVER-53604: Include original aws iam arn in authenticate audit logs
SERVER-52564: Deadlock between step down and MongoDOperationContextSession
WT-7442: RTS to open dhandle only when the dhandle has unstable updates
WT-7426: Set write generation number when the page image gets created
WT-7373: Improve slow random cursor operations on oplog]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop upstreamed patch
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 44664a2d66ea848d927164685c283f0ea8d3d12f)
[Bug fix only update:
Issues fixed:
SERVER-55298: Reproduce and Investigate BSONObjectTooLarge error
SERVER-53566: Investigate and reproduce "opCtx != nullptr && _opCtx == nullptr" invariant
SERVER-51281: mongod live locked
SERVER-46686: Explain does not respect maxTimeMS
SERVER-45836: Provide more LDAP details (like server IP) at default log level
All JIRA issues closed in 4.4.5
4.4.5 Changelog]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Centos 7 has glibc 2.18 and nss-native build fails due to implicit
declaration of function putenv during build. This is because of the
Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
putenv(): _XOPEN_SOURCE
|| /* Glibc since 2.19: */ _DEFAULT_SOURCE
|| /* Glibc versions <= 2.19: */ _SVID_SOURCE
and because nss coreconf/Linux.mk only defines
-D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE
So on such system with glibc 2.18, neither macro makes putenv()
available. Add -D_XOPEN_SOURCE for the Centos 7 and glibc 2.18
native build case.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Armin Kuster <akuster808@gmail.com>
Cc: Armin Kuster <akuster@mvista.com>
Cc: Khem Raj <raj.khem@gmail.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 30148b33b5d750702d7749ac59d8d740d8cb7024)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
getcontext|setcontext functionality is provided via libucontext for musl
but this library is not yet ported to RISCV
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a116630318789f08ebc6f350c37ef43f0884cb30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Refresh the following patch:
0001-configure.in-bypass-autoconf-2.69-version-check.patch
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 48cb359db26f4fa0efb811c24a6306a56bf60483)
[Bug fix update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
perf(oe-core) also uses the doc included in plugins/, so package it in own subdirs of trace-cmd.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d8402fdd6f6710effd763a0a9c06c83255e39722)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Sysdig depends on tbb which no longer builds for powerpc
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 433603cb7dd0243856509a552ff354dbc0fccd95)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Since tbb does not build for powerpc remove it from the enabled list
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e0581ad12f42427932e24abad97399c54f4b75f7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The patch recently added for CVE-2021-30004 broke compilation with
CONFIG_TLS=internal. This adds the necessary function to let it
compile again.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d6ef4170747d6668fa940328334055eef3e1e1d6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13616
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read
in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/97fefd050976bbbfca9608499f6a7d9fb86e70db]
CVE: CVE-2019-13616
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 57ae91d2914de96b1de69bfcb089a427ee3cb0ed)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473
The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2,
if they can trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1587/commits/e6a0982f7cd9282052b6e3485a458d60629ffa0b]
CVE: CVE-2021-29473
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a9aecd2c32fc8f238f62ef70813e032b6b52c2f2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29470
The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2,
if they can trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1581/commits/6628a69c036df2aa036290e6cd71767c159c79ed]
CVE: CVE-2021-29470
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit bb1400efda77a7289ca20782172bfbe1f457f161)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29464
The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to gain code execution, if they can
trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/f9308839198aca5e68a65194f151a1de92398f54]
CVE: CVE-2021-29464
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8c9470bdfaa1d33347ffaf25b3e18d2163667e18)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482
Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp
can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1523/commits/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da]
CVE: CVE-2021-3482
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9e7c2c9713dc2824af2a33b0a3feb4f29e7f0269)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29463
The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2,
if they can trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b]
CVE: CVE-2021-29463
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8e63ac6c86852a12408c2415be073c71420758ff)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29458
The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2,
if they can trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1536/commits/06d2db6e5fd2fcca9c060e95fc97f8a5b5d4c22d]
CVE: CVE-2021-29458
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f0d83c14d9064ce1ee19b92d95c8daf790fe7488)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457
The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file.
An attacker could potentially exploit the vulnerability to gain code execution, if they can
trick the victim into running Exiv2 on a crafted image file.
Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/0230620e6ea5e2da0911318e07ce6e66d1ebdf22]
CVE: CVE-2021-29457
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5be72693096cef671bf54bf1dd6ee8125614d064)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
versions on aarch64
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 54feab11a1866435107df366005b50aba3b8d1cd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Since tbb has a COMPATIBLE_MACHINE entry to prevent it from building
for powerpcc, let's also remove it from the meta-oe-support package
group.
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 564f7219544401b9bce545181a7e22000d3f7d40)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
| [log_check] Warn: update-alternatives: sh has multiple providers with the same priority, please check /workdir/raspberrypi4_64-mortsgna-linux/allgui-dev-image/1.0-r0/rootfs/usr/lib/opkg/alternatives/sh for details
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit df10c7bcc03d1a3eb0cd4d7e937bd935c8043c97)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
inheriting license class which brings in
AVAILABLE_LICENSES into do_configure task checksums class since it wants to
enable thin-provisioning-tools if distro allows GPL-3 automatically, but this
brings issues when other layers which have additional licenses are
provided which ends up in signature mismatches so leave that setting to end-user and keep it disabled by
default with a comment in recipes stating that if needed then the user should enable it via
config metadata or bbappends.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f592e81f11d455546447ddff35b2f89e18c0cc0c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The latest version does not support PPC architecture, so disable
the it. Otherwise the following error occurs:
/srv/nvme/yocto/hardknott/builds/tbb/tmp/work/ppc7400-poky-linux/tbb/2021.2.0-r0/git/src/tbb/tools_api/ittnotify_config.h:338:12: error: '__TBB_machine_fetchadd4' was not declared in this scope
338 | return __TBB_machine_fetchadd4(ptr, 1) + 1L;
| ^~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8170a965d0cedaafb60d83c370dd095228088865)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
* branch was renamed in upstream repo
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Some targets might be interested in limiting how big
zram can grow. If the variable is set in /etc/default/zram file,
configure it in mem_limit sysfs attribute.
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cb1cf053785bcb5670b2eca7051aa11f29ef80b1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
-License-Update: Add the license of MIT.
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a7d0d878542ec24d718972423b34c59aa5bd2498)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4b04112fddb7b2ef5d4b61975d385b386bbd9f5b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1dc583540355ab6af483b20b945cbd7c42984ccf)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It was accidentally dropped in last upgrade for this recipe
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Martin Jansa <martin.jansa@gmail.com>
Cc: Naveen Saini <naveen.kumar.saini@intel.com>
(cherry picked from commit b5ad9c011db2581cc84e5daa139acf73a0f6f5c0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|