| Age | Commit message (Collapse) | Author |
|---|
|
This reverts commit a384248938ea9db096866bf4ec8678d35ca62a12.
This package update slipped in doing the maint process. Removing it.
(From OE-Core rev: fddd3ca8490adaceab6491632cf249c2320e4fda)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 73ebdcaedde460108f98971f037e50e9b15c9f0c)
(From OE-Core rev: 3bcc575367ac2519fc76fbd3d1d7f0223c059b96)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since commit [f1dc9ac rng-tools: Fix crazy defaults] fixed
init based on sysvinit, this fix rngd.service based on systemd.
(From OE-Core rev: b1980460839baa04d10866877cbfe31ca8093ff3)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop upstreamed reproducibility-add-file-directive-to-assembler.patch
Drop signals library as upstream has removed it:
https://www.boost.org/users/history/version_1_69_0.html
(From OE-Core rev: 894d2867275e72caac9181ea3b859d7595268f7f)
(From OE-Core rev: 4f14eacc4806d9b824045b5b782746c5954dbe2d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: af3e1bbcc615adfc1f915448afe9c794ad938522)
(From OE-Core rev: e3ef28a7a131f89b9718ef7039d85ef481c7b1de)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For changes, see:
https://github.com/ivmai/libatomic_ops/compare/v7.6.6...v7.6.8
Also switch to using tarball release instead.
(From OE-Core rev: a33170ff9a7abc5689e266e093069fd716c62622)
(From OE-Core rev: 88581ac9f694e950bdbe6f26eb164b23d3b5530c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rpm use nss as digest crypto library and which will cause an error as follows:
error: test-manual-1.2.3-20181012.noarch.rpm: Header SHA1 digest: BAD (Expected
f1deb7dc4a10742d88ccd1e967dbc62ae45095a5 !=4ad9d7dad6d70d6086eefec62612ad5d77f2fe81) => this value is wrong
error: test-manual-1.2.3-20181012.noarch.rpm: not an rpm package (or package manifest)
The error is caused by SHA_HTONL in nss, for there is no need to reverse the host value for arm 32be, so fix it.
(From OE-Core rev: 257a1ccd16928dff64aa4d2e1553f52e910edbb2)
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This recipe doesn't ship a *-config binary, so don't inherit binconfig.
(From OE-Core rev: 8b7d74aa7bb73daf84593fafde3eef4595918b63)
(From OE-Core rev: 8fd1b5fb464a3b72c94dffb3535e244b72c18b02)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove _BUILD_STRING and _BUILD_TIME in _pl_bld.h
to avoid introducing timestamp in the .so library
such as libnspr4.so as below:
$ readelf --wide --decompress --hex-dump=.rodata libnspr4.so
[snip]
0x00004000 32303138 2d31312d 31352030 353a3439 2018-11-15 05:49
[snip]
[YOCTO #12639]
(From OE-Core rev: a3ca6272845c33f48430210470f133034ad8399d)
(From OE-Core rev: af18be423ead8a5aabf29dcf2fa5fcb874edd24d)
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 1100e7f1519be91c90b139c337799c7ea635a8b3)
(From OE-Core rev: 6187f5eff556d5f308fa6812dc5335a2769cb249)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4a373ce7d718ee3299bcf7f9fa62e7337d41e40a)
(From OE-Core rev: 65134404a6572f126e159503a079d5b8d3e1c1d5)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 5efe9eb79ac325f55fc52f67b522afaf7ebb847a)
(From OE-Core rev: 5c8a8465d24b33f53a7e3bc4dc1d0dfbb14685d6)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Notable change:
libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
see: https://lists.gnupg.org/pipermail/gnutls-help/2018-September/004457.html
(From OE-Core rev: 0697141e7be0b755db600aa0d5a975eac62cc7b8)
(From OE-Core rev: 7c062c9d2c48cd758b3ca9a4c7a5b26d74b9c1e3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
[v2]
Fix typo in version in subject
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a .file directive explicitly for all *_elf_gas.S files to prevent the linker
adding a host build-system path as a FILE symbol to the object file.
This replaces the existing patch that added the .file directive to a small
subset of these files.
Upstream-Status: Submitted [https://github.com/boostorg/context/issues/91]
(From OE-Core rev: 5ff5f89f2db079a6baf0275ebf1333b4b9642504)
(From OE-Core rev: 763398b87c257ab672430bedd01004b9317d02b2)
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: f0394e80a37f1da47042a1aa0487594f390603f9)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Both RHEL and SLES uses ppc64/ppc64le for powerpc 64 bit big/little
endian targets instead of powerpc64/powerpc64le in libgpg-error.
Also libgpg-error provides common target system names in form like
<arch>-unknown-linux-gnu.
Add mapping for ppc64/ppc64le targets to their libgpg-error equivalents
to fix native builds.
Cross build for arm64 tested on IBM Power 8 machine with RHEL7 for
ppc64le variant only, but should work for ppc64 as well.
(From OE-Core rev: f1af780769477f06eb925fd87c844baba04ada2d)
Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some of gdbm's ptest cases require gdbmtool, which is packaged into
${PN}-bin. So extend the RDEPENDS_${PN}-ptest to include the package.
(From OE-Core rev: e188a75aa882efc98b8390f43f18279c3707314a)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: Only extract relevant parts from init.c & gpg-error.h.in
(From OE-Core rev: a5c1ff6deb6393666745889eee8297112848ba28)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Two unrelated lines were extracted from apu_version.h for the license
information.
License-Update: Only extract the relevant part from apu_version.h
(From OE-Core rev: 2edb0f24a13f27b2fae94fb447221ad2ddb924a0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Two unrelated lines were extracted from apr_lib.h for the license
information.
License-Update: Only extract the relevant part from apr_lib.h
(From OE-Core rev: 90ab83ecc509c2fdc1f6083d771031decdcaad63)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 0f0db9fc8512a0ecd0cdba3304a195cd925a5029)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes
(From OE-Core rev: 9d5d19cee30ac73b9fbf75308e5729857384983e)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are both "curl" and "libcurl" CPEs in NVD.
All "curl" CVEs are now missed in the reports.
Hence, switch "CVE_PRODUCT" to a space separated list
of the items.
(From OE-Core rev: 69ff709c2450c42139fd9705e3a74464221ad754)
Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
MPFR has a couple of things implemented in assembly and in case of
ARC those parts were written long ago when ARC GCC port was not yet
upstreamed. On upstreaming of GCC some constraints were changed and
so we can no longer build MPFR for ARC with up-to-date tools seeing
something like that:
| In file included from ../../mpfr-4.0.1/src/mpfr-impl.h:112,
| from ../../mpfr-4.0.1/src/mul.c:24:
| ../../mpfr-4.0.1/src/mul.c: In function 'mpfr_mul':
| ../../mpfr-4.0.1/src/mpfr-longlong.h:415:3: error: impossible constraint in 'asm'
| __asm__ ("add.f\t%1, %4, %5\n\tadc\t%0, %2, %3" \
| ^~~~~~~
(From OE-Core rev: 887a062ca139014ae6dfd1919e0ff9a5ef4db35e)
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 2d9dbcc638cc39b935b89b6e66ed216ea9b05d62)
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It uses certutil from nss to create a blank certificate. But the
checksum of database file key4.db changes every time:
$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
b892c5ff7c1977d4728240b0cf628377 key4.db
7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
$ rm *
$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906 cert9.db
405d55178e866a115c1aa975fccfa764 key4.db
7b9136cb03f07ae62eb213a5239fda71 pkcs11.txt
Provide pre-created databases with a blank certificate to fix
non-determinism issue. And these database files are from nss qemux86-64
build.
(From OE-Core rev: e64a30f7af87fa960b012ace92c51b88e8abae68)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The configuration option is WITH_KDE now, as it supports both KDE4 and KDE5.
(From OE-Core rev: 2a5d1db6643482dd06a456e303c6f6bc88059813)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The option WITH_PYTHON got replaced by
WITH_PYTHON2 and WITH_PYTHON3.
(From OE-Core rev: 91fe0fb4c7d48cf8fb02fbde26fe5657d5d9a491)
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Make the subdir fetch path for configure.ac relative. This avoids the
following error after having done `devtool modify acl`:
ERROR: acl-2.2.52-r0 do_unpack: Unpack failure for URL:
'file://configure.ac;subdir=.../builds/qemux86-64/workspace/sources/acl'.
subdir argument isn't a subdirectory of unpack root
.../builds/qemux86-64/tmp/work/core2-64-poky-linux/acl/2.2.52-r0
(From OE-Core rev: 8a12bb7349bce29403077e18875563a9b0770838)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The LICENSES file contains references to source files with other
licenses than GPL/LGPL that stipulate that they shall be mentioned in
any documentation accompanying a product including this library.
License-Update: Add missing LICENSES file
(From OE-Core rev: 67bc0b3babd922c800a03c1370d6d33a75f273c1)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For some reason, the copyright part was left out of the license
information included in LIC_FILES_CHKSUM, preventing it from being
used in, e.g., documentation to satisfy the requirements of the
license.
License-Update: Include the complete license information
(From OE-Core rev: 390becd2dcf4fe791ec3715a74e34a46bd457e7a)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Freeze-breaking upgrade for a security bug fix involving cookie URLs, and a
number of static analysis fixes.
Drop CVE-2018-12910.patch as this is merged in 2.62.3.
(From OE-Core rev: a8098782fab87498026a09c06716b631c77c5ad6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Current run-ptest script prints nothing, when stress tests fail.
Fix it in new implementation, discarding external dependency on sed.
Also leave in place all stress output, just add standard ptest result.
Fixes: 3f0106bf2e41 ("libusb: Add ptest")
(From OE-Core rev: cd05029c78dea48c20f9acb2c5fee56b19193f22)
Signed-off-by: Maksym Kokhan <maksym.kokhan@globallogic.com>
Reviewed-by: Andrii Bordunov <andrii.bordunov@globallogic.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The first line of output of '$CC --version' is written to check_stdint.h
as a comment line. It causes multilib install file conflict.
Do not echo compiler version info to check_stdint.h to fix the issue.
(From OE-Core rev: f9db6ac8044495f9299fb0e962d3d6838bbce08f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When cross-compiling for arm architecture, bjam fails to properly
detect the abi, which causes a failed conditional to omit the
assembly code that supports the platform.
(From OE-Core rev: 920f2c479c3cf30d92f79dc9098e5915c05cc5e1)
Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 7b7b0fb8c27d06919f537a272107fc3f0b9cf9e5)
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[Alexey: Rebased on top of other patches like RiscV, NIOS2 etc]
(From OE-Core rev: bc9259fad8f90f0cbabd3db7509c401b071e4ff3)
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add trust-paths PACKAGECONFIG item which enables support for default
trust-paths in /etc/ssl/certs/ca-certificates.crt
(From OE-Core rev: d63f16f03ad60ab77fd5c78de1bbf1f248c51c6e)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
p11-kit is no longer doing odd/even for development/stable releases, so
drop the custom UPSTREAM_CHECK_GITTAGREGEX.
(From OE-Core rev: 1a38f27342c5a40f81e579b2d0feb7b6e9880ac7)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Inherit from distutils-common-base and pythonnative/python3native to
avoid runtime dependency on Python, whilst still fixing clang builds.
Fixes: 8bfb54edc6fa ("gpgme: Inherit distutils3-base")
Suggested-by: Khem Raj <raj.khem@gmail.com>
(From OE-Core rev: 4e1e914101146149cbfd70ff00cfcd0fdcf1a88c)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream is moving to Meson, so backport a patch to use that instead of
autotools.
(From OE-Core rev: d297f7ebf3f62528d055e1938a9693d6f3a61935)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 979b247c558eeb151fce925ee6600700ef20f869)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport the CVE patch from the upstream
https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch
https://curl.haxx.se/docs/CVE-2018-14618.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14618
(From OE-Core rev: b76903b4b7bfec71be0a8a14e2cab4e2ec852222)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as
gpg-agent. This breaks if gnupg-native is reused from sstate for a different
build directory and GPG signing of packages is required.
Patch in getenv() checks for gnupg-native when returning the hardcoded paths,
and create a wrapper script which overrides GNUPG_BINDIR. There are more paths
that can be overridden, but this one is sufficient to make GnuPG work.
(From OE-Core rev: dfd69ff889ed78bf137116583d8ae351859ee203)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Test suite test_dbm failed after gdbm upgrtade to 13.1,
from 13.1, return value of some function are changed.
* gdbm_fetch, gdbm_firstkey, and gdbm_nextkey behavior
If the requested key was not found, these functions return datum with
dptr pointing to NULL and set gdbm_errno to GDBM_ITEM_NOT_FOUND (in
prior releases, gdbm_errno was set to GDBM_NO_ERROR),
(From OE-Core rev: 0952c190fc6aec333676ce3883e8232fa8595551)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix install files conflicts between multlib packages by inherit multilib_script:
| file /usr/bin/cairo-trace conflicts between attempted installs of lib32-libcairo-perf-utils-1.14.12-r0.x86 and libcairo-perf-utils-1.14.12-r0.core2_64
| file /usr/bin/icu-config conflicts between attempted installs of lib32-icu-dev-62.1-r0.x86 and icu-dev-62.1-r0.core2_64
| file /usr/bin/gpgrt-config conflicts between attempted installs of lib32-libgpg-error-dev-1.32-r0.x86 and libgpg-error-dev-1.32-r0.core2_64
(From OE-Core rev: 52f2dd97e9dd20dea0f3cdeb2df490d1a4c646aa)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 60909e5d4ac94ed77699a569960bb689acb432dd)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
setfattr is now provided also by busybox since 1.29.2 upgrade and
do_rootfs is failing with:
update-alternatives: Error: not linking usr/bin/setfattr to /bin/busybox.nosuid since
usr/bin/setfattr exists and is not a link
(From OE-Core rev: d633633f3d83467fe1f946c57e2e75e0e774ec7e)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in
oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause
information disclosure (heap-based buffer over-read) via a crafted audio
file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2018-11439
Patch from:
https://github.com/taglib/taglib/pull/869/commits/272648ccfcccae30e002ccf34a22e075dd477278
(From OE-Core rev: a300c4917b6c22ef039158be7ae92055c35658d4)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This was only needed with old pkg-config, but we have 0.29.2 so this can be
dropped.
(From OE-Core rev: 27605fc88d0dc8021abeccc38bab286f56a92736)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Armin Kuster
Alexander Kanavin
Hongxu Jia
Khem Raj
Anuj Mittal
Zheng Ruoqin
Ross Burton
Mingli Yu
Douglas Royds
Serhey Popovych
Chen Qi
Peter Kjellerstedt
Changqing Li
Armin Kuster
Grygorii Tertychnyi
Alexey Brodkin
Kai Kang
Pascal Bach
Maksym Kokhan via Openembedded-core
Vernon Mauery
Antoine Tenart
Alex Kiernan
Zhixiong Chi
Martin Jansa
Yi Zhao