| Age | Commit message (Collapse) | Author |
|---|
|
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.10.7 to and including 7.50.3
Not affected versions: curl < 7.10.7 and curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.12.2 to and including 7.50.3
Not affected versions: curl < 7.12.2 and curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.34.0 to and including 7.50.3
Not affected versions: curl < 7.34.0 and curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.3 to and including 7.50.3
Not affected versions: curl < 7.3 and curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Signed-off-by: Rajkumar Veer <rveer@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2017-10668
https://nvd.nist.gov/vuln/detail/CVE-2017-11335
Patches from:
CVE-2017-9147:
https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06
CVE-2017-9936:
https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-10688:
https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
CVE-2017-11355:
https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3)
(From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
minor fixes to get to apply
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Libtiff is vulnerable to a heap buffer overflow in the tools/tiffcp
resulting in DoS or code execution via a crafted BitsPerSample value.
Porting patch from <https://github.com/vadz/libtiff/commit/
5c080298d59efa53264d7248bbe3a04660db6ef7> to solve CVE-2017-5225.
(From OE-Core rev: 434990304bdfb70441b399ff8998dbe3fe1b1e1f)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change
fix in Ruby SVN r57410 to apply to ruby 2.2.5:
https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410
Fixes [YOCTO #12271]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
epitest.fi is down and hostap-utils source is now available in
w1.fi. So, move SRC_URI to https://w1.fi
Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards,
this recipe will be removed from oe-core in future (most likely to
meta-handheld)
[YOCTO #12051]
(From OE-Core rev: 541b14c58132e8460a762617889bd5e3d736c1a4)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The Invisible Mirror FTP service is currently down, and FTP is horrible, so
switch to the HTTP mirror.
(From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Gentoo is removing the package due to dead upstream;
Debian might carry it for a while longer.
(From OE-Core rev: 5026730a2f0701ebad4ddf57990b1ae3b484ae72)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The mirrors are not working so remove them. Simplify the SRC_URI as the archive in only in the older-releases dir.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com>.
(From OE-Core rev: 791a3493c88c9c249f21f6d893b2061e1d8a0af6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied to work with morty version
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Newer versions of gpg (at least 2.1.5 and 2.2.1) have issues when signing occurs in parallel
so (unfortunately) the signing must be done serially. Once the upstream problem is fixed,
this patch must be reverted, otherwise we loose all the intrinsic parallelism from
bitbake.
[YOCTO #12022]
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
directory
The high-level method tempfile.TemporaryDirectory give us no way to
ignore erros on removal thus use tempfile.mkdtemp instead. Ignoring possible issues
on removal is neccesary because it contains gpg sockets that are automatically removed
by the system once the process terminates, otherwise the following log is observed:
..
..
File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd
os.unlink(name, dir_fd=topfd)
FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.browser'
[YOCTO #11821]
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Porting the mainline commit, to fix gcc7 builds:
474c90156c [give up on gcc ilog2() constant optimizations]
We also integrate the 4.1.39 -stable update to pick up additional
fixes.
(From OE-Core rev: 774e0d3f429d383c55e9f54ab095f13694e1d8e6)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit f0effea8716faae749a7d15003647d68fa0cabf7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
KERNEL_IMAGETYPES lists all the kernel images that we want to build. in
cb17b6c2a7 (kernel.bbclass: support kernel image type of vmlinux.gz), some logic
was added to support vmlinux.gz which is not a target built by kernel
makefiles (only vmlinux). It is clear that the goal of this logic is only to
support vmlinux.gz and not others compressed format (such as Image.gz) which are
valid target for kernel makefiles.
For Image.gz we should rely on the kernel makefiles and not do the compression
in kernel class.
This patch updates the logic used to filter out non supported kernel target from
KERNEL_IMAGETYPES, and make vmlinux.gz a 'special case', instead of *.gz. If
more special cases are needed in the future, we could add them in a similar way.
This patch should be a no-op for anyone using vmlinux or vmlinux.gz, and on top
of that it is fixing the build for Image.gz which was not working until now.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cfc0c897656fe67e81a6a5dcd936dff785529f41)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an
information disclosure vulnerability which allows remote attackers to obtain
sensitive information from the bluetoothd process memory. This vulnerability
lies in the processing of SDP search attribute requests.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
eSDK testcases Ids were modified on testopia, hence there needs to be a change in the devtool script.
[YOCTO #11603]
Signed-off-by: libertad <libertad.cruz@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When selected multiple subimages a similar error could happend:
Variable do_image_cpio[subimages] value changed \
from 'cpio.gz.u-boot cpio.gz' to 'cpio.gz cpio.gz.u-boot'
To avoid this, 'ctypes' should be sorted at 'gen_conversion_cmds'.
This garantee that 'CONVERSION_CMD_xxx' are always written in tha same
order and consequently 'do_image_cpio' have the same hash.
(From OE-Core rev: 271f1a5f65b8685a1e3645026876251122ef3974)
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* the libc.so.6 dependency is detected always:
$ grep FILERDEPENDS BUILD-*/pkgdata/qemux86/runtime/localedef
BUILD-bad/pkgdata/qemux86/runtime/localedef:FILERDEPENDSFLIST_localedef: /usr/bin/localedef
BUILD-bad/pkgdata/qemux86/runtime/localedef:FILERDEPENDS_/usr/bin/localedef_localedef: libc.so.6(GLIBC_2.15) libc.so.6(GLIBC_2.3) libc.so.6(GLIBC_2.2) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.0) libc.so.6
BUILD-ok/pkgdata/qemux86/runtime/localedef:FILERDEPENDSFLIST_localedef: /usr/bin/localedef
BUILD-ok/pkgdata/qemux86/runtime/localedef:FILERDEPENDS_/usr/bin/localedef_localedef: libc.so.6(GLIBC_2.15) libc.so.6(GLIBC_2.3) libc.so.6(GLIBC_2.2) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.0) libc.so.6
* but in some builds the glibc dependency isn't built soon enough:
$ diff -uNr BUILD-*/pkgdata/qemux86/runtime/localedef
--- BUILD-bad/pkgdata/qemux86/runtime/localedef 2017-09-02 21:17:50.000000000 +0000
+++ BUILD-ok/pkgdata/qemux86/runtime/localedef 2017-09-11 10:15:49.954381592 +0000
@@ -6,6 +6,7 @@
LICENSE: GPLv2 & LGPLv2.1
DESCRIPTION_localedef: glibc: compile locale definition files
SUMMARY: Locale data from glibc
+RDEPENDS_localedef: glibc (>= 2.26)
SECTION: base
PKG_localedef: localedef
FILES_localedef: /usr/bin/localedef
and the build fails with QA issues:
http://errors.yoctoproject.org/Errors/Details/155529/
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.0), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.15), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.3), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.2), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.1), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6, but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA run found fatal errors. Please consider fixing them.
* reproducible with Yocto 2.2 Morty as well, with slightly different
error message:
ERROR: glibc-locale-2.24-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.4), but no providers found in RDEPENDS_localedef? [file-rdeps]
* cherry-picked from master 2d2b4d7383c93174fe8eeb72440e81345df71295
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This only started showing up now for some reason but it does seem like
a legitimate bug in Makefile.am.
(From OE-Core rev: f43290f6e302dbacf5581d1fe1c6c991dd387779)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Using httpServer from python for sharing sstate is known to be buggy, it can't
cope with the number/type of requests coming from bitbake and quietly fails
to share files.
This causes intermittent build failures which are hard to debug. We can
use a file:// url for the sstate mirror instead, removing the need for
the http server.
The sdk-update test is simply dropped since the SDK is never published
to this location and hence it would never have any update. Its equiavalent
to pointing at an empty web server. There is a better eSDK update test in
testsdk so rather than improve this one, lets drop it and concentrate on
the one there.
(From OE-Core rev: 7606f05e48ad2e31650e3a56bfcd04b4fbfad1e3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Lately autobuilders are experiencing hangs with selftest,
it seems it is cause if an error happens in setUpClass
method of oeSDKExtSelfTest class because HTTP server
keeps running in background.
This patch will ensure tearDownClass will be run if there
is an error in setUpClass.
(From OE-Core rev: eb1383949f76c6eb36f86c051057f761a71016a3)
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
1. Test case adds perl recipe before build eSDK.
2. After this added recipe, the script verifies the update:
${SDK_DEPLOY}/${TOOLCHAINEXT_OUTPUTNAME}.sh
oe-publish-sdk [esdk] [path-to-http]
CORE_IMAGE_EXTRA_INSTALL = "perl"
bitbake -c populate-sdk-ext [some-image]
devtool sdk-update
This should fix [YOCTO #9369]
(From OE-Core rev: 21bd406bf89e9ceafe1a807877406be817cacca6)
Signed-off-by: Francisco Pedraza <francisco.j.pedraza.gonzalez@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the error below when SSTATE_DIR is not "${BUILDDIR}/sstate-cache".
FileNotFoundError: [Errno 2] No such file or directory: '/xxx/../sstate-cache'
(From OE-Core rev: 785f0343d04c1684363b5289a3012cf7e1caa95f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This updates to a newer glibc and updates patchelf to include a bugfix
to work with gold.
(From OE-Core rev: a2ab288bd002ebb6e64d46e941fb122e1157ff49)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This release includes fixes for Windows/Mingw support.
(From OE-Core rev: b5f471b74b2da533abfad2601b221fa806fcf3b2)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
Thiruvadi Rajaraman
Rajkumar Veer
Yi Zhao
Li Zhou
Joshua Lock
Ross Burton
Maxin B. John
Alexander Kanavin
Armin Kuster
Leonardo Sandoval
Bruce Ashfield
Nicolas Dechesne
libertad
Gerson Fernando Budke
Martin Jansa
Jussi Kukkonen
Richard Purdie
Mariano Lopez
Francisco Pedraza
Chen Qi