aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2017-09-11mklibs-native: update SRC_URIdaisyAndre McCurdy
The upstream oe-core recipe fixed similar fetcher issues by switching to a specific debian snapshot version. However, the debian snapshot doesn't provide mklibs 0.1.38 so fetch from yoctoproject.org mirror instead. (From OE-Core rev: bad46f25ec5d0069d7274e22662b71ba9a9753c4) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11netbase: update SRC_URIAndre McCurdy
The upstream oe-core recipe fixed similar fetcher issues by switching to a specific debian snapshot version. However, the debian snapshot doesn't provide netbase v5.2 so fetch from yoctoproject.org mirror instead. (From OE-Core rev: ac617c2802c781bdc1516d48987b3e9458270556) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11lsof: update SRC_URIAndre McCurdy
The official lsof ftp site rejects download attempts from hosts for which it can not perform a DNS reverse-lookup. See: https://people.freebsd.org/~abe/ Fix for long download timeout and warnings from the bitbake fetcher. (From OE-Core rev: 65887209baf4c97241716621fd1609999a1fd76f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11libproxy: update SRC_URIAndre McCurdy
Google Code has been shut down so libproxy tarball needs to be fetched from elsewhere. (From OE-Core rev: ca015a8bbc3cca41ed5fec58cf37c278ed07d084) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11dpkg: update SRC_URIAndre McCurdy
The upstream oe-core recipe fixed similar fetcher issues by switching to a specific debian snapshot version. However, the debian snapshot doesn't provide dpkg v1.17.4 so fetch from yoctoproject.org mirror instead. (From OE-Core rev: f1dd3d54f1b104e0ab3d3857c4cdc9f6f1ecde9f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11ossp-uuid: use snapshot.debian.org for SRC_URIMaxin B. John
Using ${DEBIAN_MIRROR} for SRC_URI doesn't work very well as that will only contain releases that are currently in Debian. So, move all of SRC_URI to the .bb so it can use snapshot.debian.org instead, and set UPSTREAM_CHECK_URI to ${DEBIAN_MIRROR} so upstream release checking continues to work. [YOCTO #10040] (From OE-Core rev: 1194231ad4d3076824a84a92004ced13379d1983) Signed-off-by: Maxin B. John <maxin.john@intel.com> (cherry picked from commit 1b38ad4cb8faeb86c5e8cb6b7201194722c5ef31) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11ossp-uuid: update SRC_URI to not use Google CodeAlexander Kanavin
Google Code is shutting down so tarballs will be fetched from a Debian mirror instead (From OE-Core rev: d8a3f404f2c54ce3f3aae15f1fc3fd4dcbdc1424) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 779c53911da663f06437e8a06c9a8c361d614fe6) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11mailx: fix SRC_URIRobert Yang
The old one is not available any more. (From OE-Core rev: 6edc2a0bc5f579893ee40fbcf39bcb9f8cbf1ee8) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 3569d434e754a62ec998fbf48380d653d1524dc4) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11dosfstools: fix SRC_URIRobert Yang
Fixed: WARNING: Failed to fetch URL ftp://ftp.uni-erlangen.de/pub/Linux/LOCAL/dosfstools/dosfstools-2.11.src.tar.gz, attempting MIRRORS if available And add a HOMEPAGE for it, there is no dosfstools 2.11 on its official page (but 3.x). (From OE-Core rev: 9e7710c8f021b7e88f1e8d16846b707e62fb3d35) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> (cherry picked from commit cba73a598abc396fae4fb582be98fc04cb2a580f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11base-passwd: fix SRC_URIRobert Yang
Fixed: WARNING: Failed to fetch URL ftp://ftp.debian.org/debian/pool/main/b/base-passwd/base-passwd_3.5.29.tar.gz, attempting MIRRORS if available (From OE-Core rev: 9707527623a1e3bb7035bc1bd1be96619846cabc) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> (cherry picked from commit 9ac88e3a9ac36ed83f01ac21db57a3c01a24385e) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11cryptodev-linux: update SRC_URIChang Rebecca Swee Fun
Gna! project announced that the download site from gna.org HTTP server will soon be closing down. We have verified that the site is no longer accessible without network proxy cache. We need to update SRC_URI to point to new alternative (nwl.cc HTTP server) in order to avoid fetcher issues in future. [YOCTO #11575] (From OE-Core rev: f28d763bd73275068ed0a5a7b8efba073c5f8a62) Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dc8b21ae0ed3bceb9f3df4f6cd8f8f55b9c306fb) Tweak commit to apply to older cryptodev 1.6 recipe in OE 1.6 Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11pigz: Update SRC_URIRichard Purdie
Upstream have released a new tarball and removed the old one. Revert to the Yocto Project source mirror instead, preserving the upstream version check. (From OE-Core rev: de49fa8db38ea4e2d925c85b3cce252191916035) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 839b17ffd96abff3e9cf47fb4a6d680637c865b1) Tweak commit to apply to older pigz v2.3.1 recipe in OE 1.6 Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11stat: fix SRC_URIRobert Yang
The old SRC_URI is redirected to the new one, fixed: WARNING: Failed to fetch URL ftp://metalab.unc.edu/pub/Linux/utils/file/stat-3.3.tar.gz, attempting MIRRORS if available (From OE-Core rev: c7bb712d0a5f1333eb97a515e8f839d606141274) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 45034239c7e38ec991aa75d7c30417c22bfdef28) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11kernel: Added bc-native as DEPENDSAlejandro Hernandez
The makefile checks for bc during for compilation [YOCTO #6781] (From OE-Core rev: a3778df1699ac8a1e80cae6886b41bfcbbebc016) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c067e52cffe002de3b39aa1bced308dd532859c1) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11setserial: add missing depends on groff-nativeYue Tao
[YOCTO #6526] setserial needs groff-native to build (From OE-Core rev: 8f7d4a59c22cd90050bb3597daf89785f4ff5f71) Signed-off-by: Jonas Zetterberg <jonas.zetterberg@windriver.com> Signed-off-by: Yue Tao <yue.tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1a1d1d89b490703ec163b82ba93f10a7d3e93270) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-04-11eglibc: security fix CVE-2015-7547Javier Viguera
CVE-2015-7547: getaddrinfo() stack-based buffer overflow Backport patch from GLIBC-2.20 to EGLIBC-2.19. (From OE-Core rev: a4e80e831cd13e6418af0d770c5dbd5b9270eaa5) Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-19package_manager: Fix BAD_RECOMMENDATIONS for opkgPaul Barker
In package_manager.py, when using opkg as the packager, the command 'opkg <args> info <pkg>' is called to get information about each pkg in BAD_RECOMMENDATIONS in a format that can be written to the status file. The 'Status: ...' line is modified and all other lines are passed through. Changing the verbosity level argument for this command will change what it written into the status file. Crucially, with the default verbosity level, no blank lines are being printed by the opkg command and so no blank lines are being written to the status file to separate each package entry. The package parsing code in opkg expects package entries in the status file to be separated by at least one blank line. If no blank line is seen, the next package entry is interpreted as a continuation of the last package entry, but the new values overwrite the old values. So with the default verbosity level, a blank line follows some package entries and these are parsed. The others are dropped due to the lack of blank lines. As the verbosity increases, more debugging messages add blank lines and more packages are parsed. The solution to ensure that this works correctly regardless of the verbosity level is simply add a blank line after the output of 'opkg info' is written to the status file, ensuring that the next package is separated from the current package. [YOCTO #6816] (From OE-Core rev: d0326ff5abde814da8647debfd559fcb9aede3a4) Signed-off-by: Paul Barker <paul@paulbarker.me.uk> Cc: Chris Carr <chris.carr@ge.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-01-17bitbake: cooker: Ensure bbappend files are processed in a determistic orderRichard Purdie
self.appendlist is a dict and as such unordered. This can lead to cases where appends with different names (e.g. x_%.bbappend vs. x_123.bbappend) can be reordered in application which in turn reorders the variables that those bbappend files might touch. Reorderd variables changes the sstate cache signatures causing real world issues. To avoid this, use a list for the append files instead. This patch is conservative and just adds a new data structure alongside the existing one and uses it to resolve the core issue. Later patches (post release) can handle some of the wider but less problematic ones (e.g. issues in bitbake-layers flatten). [YOCTO #7511] (Bitbake rev: d9a695e9e546cf3a158c88b0ecf2ecc132fb52e5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-16squashfs-tools: enable building unsquashfs and fix ↵Martin Jansa
squashfs-4.2-fix-CVE-2012-4025.patch * build unsqaushfs, useful when debuging corrupt squashfs from mksquashfs * squashfs-4.2-fix-CVE-2012-4025.patch fixes CVE in unsquashfs which we weren't building and it actually breaks building it, because someone missed squashfs_fs.h change from the original change * add git headers in all patches and fix references to new github repository (From OE-Core rev: e1a2540227250d854d5bba278634bcc9e7572cda) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-15openssl: upgrade to 1.0.1pTudor Florea
This upgrade fixes CVE-2015-1793 Removed openssl-fix-link.patch. The linking issue has been fixed in openssl. (From OE-Core rev: d140c1b13c3f3a7e2d982b5aa8b11c5e0c23c158) Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-06-03poky.conf: DISTRO_VERSION bumpBeth Flanagan
We missed the DISTRO_VERSION bump for the 1.6.3 release. I've opened https://bugzilla.yoctoproject.org/show_bug.cgi?id=7836 to ensure that this doesn't happen again. (From meta-yocto rev: d1dea3bd544788aaec977908c5d0ca1f0e6d9e56) Signed-off-by: Beth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-13build-appliance-image: Update to daisy head revisionyocto-1.6.3daisy-11.0.3Richard Purdie
(From OE-Core rev: 5a577ec878a15f3caaf4893b819825ffb8c81266) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-13security_flags: Fix typo for cupsRichard Purdie
(From OE-Core rev: 327da66bb4d0b2a219e8a1b0805b504b269b22d9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-12powertop: Fix build for !uclibcMartin Jansa
* EXTRA_LDFLAGS isn't defined for !uclibc and configure fails when it reads it unexpanded, see config.log snippet: configure:4177: checking whether the C compiler works configure:4199: i586-oe-linux-gcc -m32 -march=i586 --sysroot=/OE/sysroots/qemux86 -O2 -pipe -g -feliminate-unused-debug-types -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed ${EXTRA_LDFLAGS} conftest.c >&5 i586-oe-linux-gcc: error: ${EXTRA_LDFLAGS}: No such file or directory configure:4203: $? = 1 configure:4241: result: no (From OE-Core rev: fd6418949249be252e4831ecf88f84297f81eaeb) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Backported from OpenEmbedded Dizzy branch, commit c8f9b5c9a8e5179c2013f25decd6a5483df9c716. Signed-off-by: Jens Rottmann <Jens.Rottmann@ADLINKtech.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-12systemd: fix /var/log/journal ownershipJonathan Liu
The ownership needs to be explicitly set otherwise it inherits the user and group id of the build user. (From OE-Core rev: 0752c79282b1cc9699743e719518e6c341d50a3a) (From OE-Core rev: e64cee7ccf9dedbadc3a63e4ed3eb15172ef4403) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Conflicts: meta/recipes-core/systemd/systemd_219.bb Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01eglibc: fix two security issues.Armin Kuster
The includes two CVE fixes: CVE-2012-3406 CVE-2014-7817 (From OE-Core rev: fed4d140da67fc51d54b02df83882177f6ddab10) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01e2fsprogs: CVE-2015-0247Sona Sarmadi
Fixes input sanitization errors. References http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4 http://www.ocert.org/advisories/ocert-2015-002.html (From OE-Core rev: f3e5b052689b2eba30e26903e964791f92241e65) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01elfutils: CVE-2014-9447Sona Sarmadi
directory traversal in read_long_names() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447 Upstream commit with the analysis: https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e (From OE-Core rev: 6e7badf6819f372bd6dced191c7fda9748062126) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01coreutils: parse-datetime: CVE-2014-9471Sona Sarmadi
Memory corruption flaw in parse_datetime() Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 (From OE-Core rev: 0b13fbf3f9b4419141445b381ffa9445af6e52ab) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01libpng16: CVE-2015-0973Sona Sarmadi
Fixes CVE-2015-0973 (duplicate of CVE-2014-9495), a heap-based overflow vulnerability in the png_combine_row() function of the libpng library, when very large interlaced images were used. Upstream patch: http://sourceforge.net/p/libpng/code/ci/dc294204b641373bc6eb603075a8b98f51a75dd8/ External Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 http://seclists.org/oss-sec/2014/q4/1133 (From OE-Core rev: 10c8aeebca301ffd853e75df3f9c1d16d0352d76) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-05-01Qemu: CVE-2014-2894Sona Sarmadi
Fixes an out of bounds memory access flaw in Qemu's IDE device model Reference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 (From OE-Core rev: 5f7cdf1e1212af5e3dcf36c8817c63cc853b1a91) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-28documentation: Updated manual revision table to new dateScott Rifenbark
Using May of 2015 now. (From yocto-docs rev: b5ade15ae89769e6e9a082e48d635a09ecdcc116) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-27python: CVE-2014-7185Sona Sarmadi
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. PoC: (From OE-Core rev: 2590eb53a6dac90cba52edd09ea56a6bdf4c4533) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-24bitbake: lib/bb/utils: add safeguard against recursively deleting things we ↵Paul Eggleton
shouldn't Add some very basic safeguard against recursively deleting paths such as / and /home in the event of bugs or user mistakes. Addresses [YOCTO #7620]. (Bitbake master rev: 56cddeb9e1e4d249f84ccd6ef65db245636e38ea) (Bitbake rev: aa56ab0593b36abb4d7d2303ab19eb80d9cee93d) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-24bitbake: fetch/git: Remove a possible trailing '/' in subpathAnders Darander
If the subpath parameter to the git fetcher ends with a trailing '/', bb.utils.prunedir() will be called on '/'... Fixes [YOCTO #7620]. (Bitbake master rev: 380a3fb372c8b0a53dd7528562e6e7a222dc76ef) (Bitbake rev: fad3ea40ebaf2cdcb981fb38bd755015e50fc9a5) Signed-off-by: Anders Darander <anders@chargestorm.se> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-15openssl: Fix x32 openssl patch which was not buildingBrendan Le Foll
x32 builds where broken due to patch rebase not having been done correctly for this patch (From OE-Core rev: a2966949e68bbdce8d0a0fd5946d078b84ae63e9) Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-11bitbake: data.py: fixes bad substitution when running devshellRichard Tollerton
Running bitbake inside make results in the exported environment variable MAKEOVERRIDES="${-*-command-variables-*-}", which the shell chokes on when trying to expand it. But of course, it probably shouldn't have been trying to expand it in the first place -- so just escape the dollar sign. (Bitbake rev: 18cd0ce6a55c9065c3f1bf223b47d817b5efcd8f) (Bitbake rev: 012fb876c1cf0b3aeee3c8c168af0a8947518246) Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-10ref-manual: Corrected the "package_rpm.bbclass" section.Scott Rifenbark
A cut-and-paste error had left a "package_deb" string in the first sentence of the section. Replaced with "package_rpm." Reported-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com> (From yocto-docs rev: 1197367b394d4d2267ed1ce4fefdd55b9efae621) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-28Revert "file: Update CVE patch to ensure file gets built correctly"Richard Purdie
This reverts commit ece58a88ef905e42de4b8b690106b553ccaa9f30. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-28file: Update CVE patch to ensure file gets built correctlyRichard Purdie
If we touch both files, we can end up in a situation where magic.h should be rebuilt and isn't. The easiest fix is not to touch the generated files which ensures the timestamps are such that it is always rebuilt. (From OE-Core rev: ece58a88ef905e42de4b8b690106b553ccaa9f30) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-25openssl: Upgrade to 1.0.1mBrendan Le Foll
Security update, some patches modified to apply correctly mostly due to upstream changing indentation/styling * configure-targets.patch updated * fix-cipher-des-ede3-cfb1.patch updated * openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch updated * openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch removed as no merged with 3942e7d9ebc262fa5c5c42aba0167e06d981f004 in upstream (From OE-Core rev: 248dec5e550cfcaaaa479a5bff9b79ba5cd0765d) Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-11utils.bbclass: fix create_cmdline_wrapperJavier Viguera
Similar to commit 4569d74 for create_wrapper function, this commit fixes hardcoded absolute build paths in create_cmdline_wrapper. Otherwise we end up with incorrect paths in users of this function. For example the 'file' wrapper in current released toolchain: exec -a /home/pokybuild/yocto-autobuilder/yocto-worker/nightly-fsl-arm/build/build/tmp/work/x86_64-nativesdk-pokysdk-linux/nativesdk-file/5.18-r0/image//opt/poky/1.7.1/sysroots/x86_64-pokysdk-linux/usr/bin/file `dirname $realpath`/file.real --magic-file /opt/poky/1.7.1/sysroots/x86_64-pokysdk-linux/usr/share/misc/magic.mgc "$@" (From OE-Core rev: 49ab89eb9f83388e99069a4b53bdc4cba22bb6f3) (From OE-Core rev: 8503dee5a42fc0dc6dc6c79ce316aba1c91da6d1) Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-10qt4: add patch for BMP denial-of-service vulnerabilityJonathan Liu
For further details, see: https://bugreports.qt.io/browse/QTBUG-44547 (From OE-Core rev: 4c61140ae04b3957bec12b18863d8ff39b81b396) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-10binutils: several security fixesArmin Kuster
CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 and one supporting patch. [Yocto # 7084] (From OE-Core rev: 859fb4d9ec6974be9ce755e4ffefd9b199f3604c) (From OE-Core rev: d2b2d8c9ce3ef16ab053bd19a5705b01402b76ba) (From OE-Core rev: 2343cdb81ddef875dc3d52b07565b4ce9b3a14a4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-10documentation: Prepared for YP 1.6.3 doc release.Scott Rifenbark
Updated the following: * poky.ent - bumped the variables for 1.6.3 * <manuals>.xml - updated the manual revision tables for June of 2015. * mega-manual.sed - Rolled the 1.6.2 string to 1.6.3 so links in mega-manual will work locally. (From yocto-docs rev: b3048611d268d129e9e1244d8dab6203519aa361) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-03-03lib/oe/package_manager: support exclusion from complementary glob process by ↵Paul Eggleton
regex Sometimes you do not want certain packages to be installed when installing complementary packages, e.g. when using dev-pkgs in IMAGE_FEATURES you may not want to install all packages from a particular multilib. This introduces a new PACKAGE_EXCLUDE_COMPLEMENTARY variable to allow specifying regexes to match packages to exclude. (From OE-Core master rev: d4fe8f639d87d5ff35e50d07d41d0c1e9f12c4e3) (From OE-Core rev: 5e92eb11cdf1dd06a3e2ca015f1aebaace321acd) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-17ref-manual: Fixed icecc example codeScott Rifenbark
Fixes [YOCTO #6912] The example used to make sure builders use the same sstate signatures regardless if they use icecc or not was incorrect. I updated the INHERIT_DISTRO line of the example to use the append part in the name so it appends the icecc as suggested by the bug submitter. Reported-by: Peter Bergin <petan679@gmail.com> (From yocto-docs rev: 772e95e201c21b8488962e7a31b7cc02f9186882) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-17documentation: Reverted back to the 1.76.1 XSL stylesheetScott Rifenbark
Using the 1.76.1 version in all the customization layers so the manual revision tables will build with boxes. (From yocto-docs rev: a5ff3f41ed0eb0157983affdd0238d88d545295b) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Conflicts: documentation/adt-manual/adt-manual-customization.xsl documentation/bsp-guide/bsp-guide-customization.xsl documentation/dev-manual/dev-manual-customization.xsl documentation/mega-manual/mega-manual-customization.xsl documentation/ref-manual/ref-manual-customization.xsl documentation/yocto-project-qs/yocto-project-qs-customization.xsl Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-06yocto-bsp: Add branch to SRC_URI for custom kernelsTom Zanussi
Without 'branch' in the SRC_URI, a SRCREV specified for a non-master KBRANCH will result in a fetch failure since the branch tested by the fetcher will default to master, which doesn't contain the SRCREV. This fixes the problem by adding branch=KBRANCH to the SRC_URI. Fixes [Yocto #6518]. (From meta-yocto rev: 8aeb8715690ea5aa4a36fbe6403d46f53e0f99a5) Signed-off-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-02-06btrfs: create an empty file to build the fs inSaul Wold
The newer btrfs-utils needs an empty file to build the filesystem in, so create an empty file and use it for the mkfs to build the fs in. [YOCTO #6804] (From OE-Core rev: afc44fad44261677c799558ffd35f4908556bce0) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>