| Age | Commit message (Collapse) | Author |
|---|
|
Backport patch from <https://github.com/golang/go/commit/
fa98f46741f818913a8c11b877520a548715131f> to solve CVE-2020-15586.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Automatic generation seems to work fine,
and does not become outdated.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8993270f8bc65e152418d84fde03f8ead83c054b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
[Rebased for v3.7.8]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: d9c5d9c52eb1f03ff9c907a76dda31042fb26edb)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
We were seeing a ton of empty perl modules being created such as
"perl-module-x86-64-linux-encoding" where the name would include
${TARGET_ARCH}-linux. These files were already being filtered in an
earlier do_split_packages() expression so exclude them from the latter
one to remove the pointless empty modules in PACKAGES.
This doesn't explain why some were not deterministic but will recude
the do_package execution time and clean up the build directories
at the very least.
(From OE-Core rev: 5aaf9d3a748cbad17a4a3e5d9715ac2f289b007d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f1a959d9831f43dda656e3b0c4d059db3363877)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
This changeset fixes a feature regression in ubiformat. Older versions
of ubiformat, when invoked with a flash-image, would return 0 in the
case no error was encountered. Upon upgrading to latest, it was
discovered that ubiformat returned 255 even without encountering an
error condition.
This changeset corrects the above issue and causes ubiformat, when given an
image file, to return 0 when no errors are detected.
Backport fix from 2.1.2
(From OE-Core rev: 3ee98b6c9ddd1dd0825245ca672236b7befb9859)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
(cherry picked from commit 7ebacd9cbaec98fbc406e8ae99c9805a24fdadc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
patchelf can corrupt shared libraries if the program headers don't
immediately follow the elf header. Add a patch submitted upstream
to address this.
(From OE-Core rev: faaf5f34332290708f3720a5488b3d1549d9e95a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e7811c787bbe2f5d49b3506309499acc27189988)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
file-native when built on a Debian 10 host will embed a dependency to
'libbz2.so.1.0' (instead of 'libbz2.so.1'). This can cause issues
when sharing the sstate between hosts e.g.:
recipe-sysroot-native/usr/lib/rpm/rpmdeps:
error while loading shared libraries: libbz2.so.1.0: \
cannot open shared object file: No such file or directory
To avoid this situation, let's add the bzip2-replacement-native to the
file recipe's DEPENDS_class-native .
Details in https://bugzilla.yoctoproject.org/show_bug.cgi?id=13915 .
(From OE-Core rev: 5a2bc3bfa9e1a4f37b6e26a5c40a4a9c025d03f1)
Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
(cherry picked from commit 4a996574464028bd5d57b90920d0887d1a81e9e9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Backported patch removed.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Previously the readline module would have been built regardless of
readline's presence in the sysroot, and the recipe would
fail at package_qa.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
The use case is building a gpl3-free image, without having
to rely on outdated recipes from meta-gplv2 layer.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
1. They need to be run under regular user.
2. Some tests genuinely need more time than 30 seconds
3. The Makefile patch erroneously introduced a test-breaking change.
(From OE-Core rev: 3d6bf58c7080c1cacf3ed1f270ff5acf4858c790)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5e90281ac211e912ec6bfd6873e56152ec8bd4e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
CVE: CVE-2020-8492
(From OE-Core rev: c9ee462bb606b34ab31cfb90f84a5302d15135cf)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5811ed9140fab64da59d0d2ad6e6b0fec8341a20)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
fix CVE-2020-7211 for qemu slirp submodule
see :
https://www.openwall.com/lists/oss-security/2020/01/17/2
https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
(From OE-Core rev: 31362d739834377ac4ab880029c3e3dda0cd7698)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
(From OE-Core rev: 5ea3d9d83ed695827634e3216664c13fcff6d48a)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
LICENSE checksum changed due to 2019 -> 2020 update.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Backport the 1st -- 9th patches listed by
<https://github.com/git/git/compare/v2.17.4...v2.17.5>
to solve CVE-2020-11008.
Also backport the 2nd -- 4th patches listed by
<https://github.com/git/git/compare/v2.17.3...v2.17.4>
for CVE-2020-5260 (not necessary, and only the 1st patch is necessary
for this CVE), because some of the above 9 patches are based on them.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Backport patch from <https://github.com/git/git/commit/
9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b> to solve CVE-2020-5260.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
With --force-overwrite (implied by --force-all), dpkg will not abort
when a package overwrites files from different packages. As this can
also lead to "The following package disappeared from your system as
all files have been overwritten by other packages: <package>" and
subsequently broken dependencies, this makes the simple case of
conflicting files hard to debug.
Instead of finding all possibly required force options, only disable
overwrite for now.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
The specific issue here is rpc/rpc.h, but its likely more general.
/usr/include is searched for rpc/rpc.h and if it exists on the
system, it changes behavior. If you are using the extended buildtools
tarball on a machine that has /usr/include/rpc/rpc.h, it will decide
that is good enough and not continue to search. nis fails to build
because /usr/include and /usr/lib are not part of the include/link
paths for the buildtools tarball compiler(nor should they be).
This makes it so python3-native will not build if you are using the
extended buildtools tarball, but from a larger issue perspective it
is building in likely different ways depending on what machine it
is building on.
libtirpc is already a depend so we shouldn't need the hosts rpc/rcp.h.
(From OE-Core rev: f37dfc7907ae7bac08d40468ddde2e5b8bba030c)
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 400743867de587579dee85388c30190f353f80c8)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
pseudo-native is special in that bitbake ends up executing it from the
sysroot-components directory before we have any workdirs for the bitbake
fakeroot worker. Since we switched to dynamically linking sqlite, it
means sqlite from the host system may be found, we really want the version
in sysroot-components. Trying to run tasks to create some special environment
for pseudo is hard and error prone. The simplest fix is to add an RPATH to
the binary so that it can correctly find the sqlite we want.
Unfortunately passing $ORIGIN into make doesn't work so well with shell
quoting so we have to fix that during do_install.
[YOCTO #13814]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3937ca9e2dfabb1ce9bce1d536b60b1e2a43739b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes a bug wherein a use after free could potentially be used to run
malicious code if a user can be tricked into running e2fsck on a
maliciously crafted file system.
Also see:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948517
(From OE-Core rev: 23c1b157362609bd8d85c7d35e6c7f0f60c32c88)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Also see:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948508
(From OE-Core rev: 09bdcef183d885025da6aa87a7c2bf7e8268774e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
THE LICENSE checksum changed in this update due to copyright notice
added for 2020.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Prevent the full recipe-sysroot path from leaking into configargs.h. The
configargs.h header is intended to be static and unchanged as the
content is used as a means of determining that a gcc plugin is built for
the same gcc. This also effects the output of 'gcc -v'. Due to per
recipe sysroots and staging, the sysroot path would be replaced with the
sysroot local to the recipe thus changing the content of configargs.h.
This change also improves gcc binary reproducibility. The sysroot path
is replaced with the base target root "/".
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b8d6e2ab68ee5e341fe970b191bfd334e6d2c40b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Prevent the native(sdk) sysroot path from leaking into configargs.h. The
configargs.h header is intended to be static and unchanged as the
content is used as a means of determining that a gcc plugin is built for
the same gcc. This also effects the output of 'gcc --version'. Due to
per recipe sysroots and staging, the sysroot path would be replaced with
the sysroot local to the recipe thus changing the content of
configargs.h.
The sysroot path is replaced with a generic "/host" prefix which
represents the host sysroot (e.g. native or nativesdk).
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 84a78f46d59447eeec3d69532a7506148f64c979)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
When configuring the cross-candian toolchain for a non-linux target system,
the resulting gcc configuration included:
--enable-initfini-array--without-headers
these should have been two separate options.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7b52893632dae7bc9ac75dddc7ad625e19f41050)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
see https://git.qemu.org/?p=qemu.git;a=commit;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Upstream release notes:
"
0.17029 2020-01-28
- Rebuild for order of 'NAME' and 'VERSION' sections in the generated
POD documentation (see 0.001004 in
https://metacpan.org/changes/distribution/Pod-Weaver-PluginBundle-SHLOMIF
).
- VERSION used to appear before NAME.
"
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f4a520cc827187d83f2997614d893bba7d74a152)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add a missing makefile dependency which can cause differences in
configuration (submitted upstream).
[YOCTO #13800]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fe97845a45434902c5a994e253a127a462d7d3b4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The code is encoding host compiler parameters into target builds. Avoid
this for our target builds. This should resolve builds which aren't
reproducible between hosts with different compilers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 71cdbf426e46e3ca1b5038f40e9f7ba958abc537)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1da6355f13e707b3ffa5025067e509e0120784d)
[Fixup for zeus context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Occasionally the reproducibility selftest fails because perl-pod differs,
specifically that the perltoc.pod file was sometimes missing modules.
Debugging revealed that there are missing dependencies so there is a build race:
building perltoc.pod from an clean build tree results in no modules being listed
at all.
A bug has been filed at https://github.com/arsv/perl-cross/issues/86 to solve
this properly, but for now we can just delete perltoc.pod after make has
finished and re-generate it.
[ YOCTO #13726 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7e0f6c9ea4f824f29dc30c6631fd8039ebe83a0b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Particularly remove a broken detection of skipped tests
(which was marking tests that actually passed), and install
additional artefacts needed for testing.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dbbce0918617c21d0e43e9727d38372c22dff3dc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Modules actually make use of these files, so they belong in perl-core
other than perl-doc (the immediate failure was ptests for
libmodule-build-perl failing).
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 829e8c49833e4cb8de5db869769eb492c827e8c9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Otherwise, some modules such as libmodule-build-perl fail to work
properly.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e4072d53a7fb4fbbdacce9a20968e71ef6cff307)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Drop fix-setgroup.patch as the upstream has fixed the issue.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 45edc6d23e20f7634c50db71e419c7e3bb7f393e)
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Add a patch which handles the following issues:
a) Remove the \n from configure_attr.sh since it gets quoted differently depending on
whether the shell is bash or dash which can cause the test result to be incorrect.
Reported upstream: https://github.com/arsv/perl-cross/issues/87
b) Sort the order of the module lists from configure_mods.sh since otherwise
the result isn't the same leading to makefile differences.
Reported upstream: https://github.com/arsv/perl-cross/issues/88
c) Sort the Encode::Byte byte_t.fnm file output (and the makefile depends whilst
there for good measure)
This needs to go to upstream perl (not done)
d) Use bash for perl-cross configure since otherwise trnl gets set to "\n" with bash
and "" with dash
Reported upstream: https://github.com/arsv/perl-cross/issues/87
(From OE-Core rev: 482fd0d99f989b5a72a25bdf402fb2f219420b5d)
(From OE-Core rev: def3a9d748564883d71c506726554df622701b00)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This was breaking reproducibility, and the files aren't needed on
target.
[YOCTO #13772]
(From OE-Core rev: 2e0f30c4680221c693495e3a0327378d502a518b)
(From OE-Core rev: 208efc88fa3c57244b272bf7e7f7f8163f14630c)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There is a bug in patch 2.7.3 and earlier where index lines
in patches can change file modes when they shouldn't:
http://git.savannah.gnu.org/cgit/patch.git/patch/?id=82b800c9552a088a241457948219d25ce0a407a4
This leaks into debug sources in particular (e.g. tcp-wrappers where
source files are read-only). Add the dependency to target recipes
to avoid this problem until we can rely on 2.7.4 or later.
We could try and remove all index lines from patch files but it will be a
losing battle. We could try and identify all the recipes which change
modes on files in patches but again, its a losing battle.
Instead, compromise and have patch-native as a dependency
for target recipes. We use patch-replacement-native since patch-native
is in ASSUME_PROVIDED.
Also add nativesdk-patch to buildtools-tarball.
[YOCTO #13777]
(From OE-Core rev: 5ed0840c93804488cd1c1aba6cb382b2434714a5)
(From OE-Core rev: fd3bd61a6fe5190c575dc968f3a0be9c1cbf21ed)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
There is a sorting problem with opkg-build where the ipk generated is depending
upon the order of files on disk. The reason is the --sort option to tar only
influences the orders of files tar reads, not those passed by the -T option.
Add in a sort call to resolve this issue. To ensure consistent sorting we
also need to force to a specific locale (C) else the results are still not
deterministic.
(From OE-Core rev: a9b8287984c63420e10329a69f7ac5125f1687f8)
(From OE-Core rev: b577a6d923042cfc04e67d470e0987488ea61412)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
- Drop 00001-Switch-all-scripts-to-use-Python-3.x.patch
- Drop 00001-opkg-build-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch
- Drop pipefail.patch
(From OE-Core rev: bf51a4a1312562cc9b5944b7dfccba0b3d11dc3c)
(From OE-Core rev: 1b71c28e1ca4fddc0f3c340ea4bcd76854ef620c)
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Linux kernel compilation for aarch64 triggers ICE if
CONFIG_CC_OPTIMIZE_FOR_SIZE=y.
The rootcause is GCC bug #91102 'aarch64 ICE on Linux kernel with -Os'.
Apply the fix to 9.2.
(From OE-Core rev: 14f34d32bfdaa752f5043e62750d2e7b92c4b419)
Signed-off-by: Taras Kondratiuk <takondra@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
patch for this CVE applies to v3.1.3pre1 not for v3.1.3.
patch already in v3.1.3.
see
https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce
(From OE-Core rev: 1e2739c821312527010fb0afbde5a20cd3f03d24)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Li Zhou
Adrian Bunk
Lee Chee Yang
Richard Purdie
Otavio Salvador
Jan-Simon Moeller
Alexander Kanavin
Trevor Gamblin
Changqing Li
haiqing
Jan Luebbe
Khem Raj
Jeremy Puhlman
Anuj Mittal
Rahul Chauhan
Nathan Rossi
Mark Hatle
Tim Orling
Ross Burton
Alejandro del Castillo
Taras Kondratiuk via Openembedded-core