| Age | Commit message (Collapse) | Author |
|---|
|
Append the necessary QB_ flags to the MACHINE configuration of
beaglebone-yocto. Using Qemu with "-machine virt" simplifies things
greatly because for this machine the dtb is compiled into qemu. Since
the beaglebone-yocto kernel config also supports this cpu architecture,
it just works. However, u-boot is not involved and the virt machine is
not 100% equal to a am335x SoC.
A MACHINE configuration suitable for Qemu as well as for the real
hardware allows to provide just one eSDK where both runqemu and devtool
build-image work. Otherwise a qemuarm and a beaglebord-yocto MACHINE
eSDK would be required to support development in Qemu as well as on real
hardware.
(From meta-yocto rev: 48bf40749cc63e8e951c76abbe65b1b9620b2481)
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The addition of some debugging code meant that comparisions between sig
files with a taint and without a taint weren't working. Tweak the logic
to avoid tracebacks if one side doesn't have a taint.
(Bitbake rev: f5ea06fc2b6713c9f8e85ecf7cb981ae9a84d896)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The recipe was called -native but didn't inherit native.
(From OE-Core rev: f0d822fad2a163d1ee32ed3b4c0359245140e19b)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4b301030cf9cf7a981dcff85a50e915c045e3130)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4fa03fa14f8facb134ecd772a99c25184d8a4cbd)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Also avoids maintaining a different set of patches for both.
(From OE-Core rev: b3b1c00cc46b33ddbf7e008267032220e1e298af)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Include the fix by Mark Adler which has also been adopted by Debian.
(From OE-Core rev: 4df4de2ac8bc0e80446e1ad0ce67eb244e2d2a32)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
See:
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
https://www.securityfocus.com/bid/107160
(From OE-Core rev: 7e90506534ed2a70680382cf28614f02fdb98409)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rsync includes its own copy of zlib and doesn't recommend linking with
the system version [1].
Import CVE fixes that impact zlib version 1.2.8 [2] that is currently used
by rsync.
[1] https://git.samba.org/rsync.git/?p=rsync.git;a=blob;f=zlib/README.rsync
[2] https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3agnu%3azlib%3a1.2.8
(From OE-Core rev: a55fbb4cb489853dfb0b4553f6e187c3f3633f48)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Porting patch from <https://git.netfilter.org/iptables/commit/iptables/
xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e> to solve
CVE-2019-11360.
(From OE-Core rev: 5a38ef7eef9ecef2d27ae89f01691072bb94a25e)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop the following patches since the issues have been fixed upstream:
0001-file01.sh-Fix-in-was-not-recognized.patch
0001-lapi-Define-TST_ABI-32-64-to-detect-target-type.patch
0001-syscalls-setrlimit03.c-read-proc-sys-fs-nr_open-for-.patch
0007-fix-__WORDSIZE-undeclared-when-building-with-musl.patch
0009-fix-redefinition-of-struct-msgbuf-error-building-wit.patch
0021-Define-_GNU_SOURCE-for-MREMAP_MAYMOVE-definition.patch
0023-ptrace-Use-int-instead-of-enum-__ptrace_request.patch
0024-rt_sigaction-rt_sigprocmark-Define-_GNU_SOURCE.patch
0026-crash01-Define-_GNU_SOURCE.patch
0028-rt_sigaction.h-Use-sighandler_t-instead-of-__sighand.patch
0034-periodic_output.patch
0039-commands-ar01-Fix-for-test-in-deterministic-mode.patch
define-sigrtmin-and-sigrtmax-for-musl.patch
setregid01-security-string-formatting.patch
Refresh the following patches:
0004-build-Add-option-to-select-libc-implementation.patch
0005-kernel-controllers-Link-with-libfts-explicitly-on-mu.patch
0008-Check-if-__GLIBC_PREREQ-is-defined-before-using-it.patch
0018-guard-mallocopt-with-__GLIBC__.patch
0020-getdents-define-getdents-getdents64-only-for-glibc.patch
0035-fix-test_proc_kill-hang.patch
0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch
0001-open_posix_testsuite-mmap24-2-Relax-condition-a-bit.patch
0001-shmctl01-don-t-use-hardcoded-index-0-for-SHM_STAT-te.patch
0001-diotest4-Let-kernel-pick-an-address-when-calling-mma.patch
0001-getrlimit03-adjust-a-bit-of-code-to-compatiable-with.patch
Add patch:
0006-rt_tgsigqueueinfo-disable-test-on-musl.patch
(From OE-Core rev: eb59546c83f4c217de6272a8d3b2fa65e3c84e7f)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
APPEND is usually attached to a machine. This patch avoids multiconfig
errors such as:
| NOTE: Direct dependencies are ['multiconfig:qt5022:/workdir/repo/poky/meta/recipes-core/glibc/glibc_2.29.bb:do_populate_sysroot', 'multiconfig:qt5022:virtual:native:/workdir/repo/poky/meta/recipes-devtools/pseudo/pseudo_git.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/quilt/quilt-native_0.65.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/gcc/gcc-cross_8.3.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/gcc/gcc-runtime_8.3.bb:do_populate_sysroot']
| NOTE: Installed into sysroot: []
| NOTE: Skipping as already exists in sysroot: ['glibc', 'pseudo-native', 'quilt-native', 'gcc-cross-x86_64', 'gcc-runtime', 'libgcc', 'linux-libc-headers', 'libtool-native', 'texinfo-dummy-native', 'libmpc-native', 'flex-native', 'automake-native', 'zlib-native', 'mpfr-native', 'gmp-native', 'binutils-cross-x86_64', 'xz-native', 'autoconf-native', 'gnu-config-native', 'gettext-minimal-native', 'm4-native']
| DEBUG: Python function extend_recipe_sysroot finished
| DEBUG: Executing shell function do_install
| install: cannot stat 'loader.conf': No such file or directory
| WARNING: exit code 1 from a shell command.
| ERROR: Function failed: do_install (log file is located at /workdir/build/tmp/work/bobcat-poky-linux/systemd-bootconf/1.00-r0/temp/log.do_install.737)
NOTE: recipe systemd-bootconf-1.00-r0: task do_install: Failed
ERROR: Task (multiconfig:qt5022:/workdir/repo/poky/meta/recipes-core/systemd/systemd-bootconf_1.00.bb:do_install) failed with exit code '1'
(From OE-Core rev: 84d08b0bed9e1c5f223f9ec437bb8d96a2bda599)
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In order to phase out poky-lsb, move the alternate test configurations
to a separate .inc file. This is necessary to avoid maintaining this
configuration in the autobuilder config (such as kernel version numbers).
(From meta-yocto rev: 235f592b44617afcd31211e476428fadf456eaea)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the default since -trim was dropped back in 2012 so this extra
configuration is pointless.
(From meta-yocto rev: f2868c6c667c109e416d5e51140f50fd5f0a10bc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From meta-yocto rev: 91ef1c51e647a2fd5925345b1ec66deeeda2103b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
So that people or other tools can easily know which one is being used, just
like what we did for run.do_task and log.do_task, otherwise, we have no way
to know it. I usually use "ls -t", but it isn't reliable since the one which
is being used may not the latest one.
(Bitbake rev: cf286dff653eed542bf347ca46234c224944d5b0)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 450335ba5e73a375eb9932b4c4cf37979640dbfc copies the pseudo
database to the working directory in order to have ownership information
when the filesystem is generated.
Unfortunately this does not work anymore. The filenames on the database
are absolute and there is no information about the new directory.
Instead of fixing the database, we could redo a bit the way we patch the
fstab file. Now I am saving the old contents of fstab, modifying the
file and then reverting the changes on exit.
This is faster than the previous approach, although it can cause
indeterminism if the application is killed before finishing.
(From OE-Core rev: dcbf7b864dd1713b54a172d8714ce1508482f086)
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
djb2 hash algorithm was found to do collisions, so the database was
sometime missing data. Remove this hash mechanism, clear and populate
elements from scratch in PRODUCTS table if the current year needs an
update.
(From OE-Core rev: 78de2cb39d74b030cd4ec811bf6f9a6daa003d19)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE_CHECK_WHITELIST does not contain version anymore, as it was not
used. This variable should be set per recipe.
(From OE-Core rev: 7069302a4ccbb5b72e1902f284cf078516fd7294)
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The master branch's current tip commit as of this writing is [1], see the
squashfs-tool's repo at [0].
Because of commits [2]-[4] which are included in the master branch three
corresponding patches are dropped as they are not needed anymore. The single
remaining patch was rebased on top of [1] to apply cleanly.
Commits [5] & [6] introduced interesting features, namely zstd support and
reproducibility of created SquashFS images. They are reflected in two new
PACKAGECONFIG options now, but only the latter ("reproducible") is appended to
the default options as OE-core does not contain a recipe to build zstd at the
moment (a working zstd recipe can be found e.g. in meta-rauc, see [7]).
[0] https://github.com/plougher/squashfs-tools.git
[1] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6")
[2] 46bdc1726e5a ("mksquashfs: Make a load of functions static")
[3] b0ca8a5c98ff ("pseudo.c: add explicit <sys/stat.h> include")
[4] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6")
[5] 6113361316d5 ("squashfs-tools: Add zstd support")
[6] e0d74d07bb35 ("Add configuration and Mksquashfs build options for
reproducible builds")
[7] https://layers.openembedded.org/layerindex/recipe/79049/
(From OE-Core rev: 92f34fbe321040db3dc0431dd464747324058e2e)
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
https://curl.haxx.se/changes.html#7_65_2
(From OE-Core rev: 54b91da2bd07e8c3a40e61d90af251a1bfbf50f4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: bbde94e994f4904b983ee396b55eb68931de7d4c)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Differentiate it from openssl gem for Ruby.
(From OE-Core rev: 2ec481b19d6c9c20ce6573de77ae89e576d6b8cb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
-Upgrade from libpciaccess_0.14.bb to libpciaccess_0.16.bb.
-libpciaccess/0004-Don-t-include-sys-io.h-on-arm.patch
Removed since this is included in 0.16.
(From OE-Core rev: c2140b42c8516100c55c381d98e0f281b562d2db)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
-Upgrade from xwininfo_1.1.4.bb to xwininfo_1.1.5.bb.
(From OE-Core rev: 7f34f3657568a0130aa31a481973509203984a06)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
-Upgrade from libice_1.0.9.bb to libice_1.0.10.bb.
-libice/CVE-2017-2626.patch
Removed since this is included in 1.0.10.
(From OE-Core rev: d3581b5d5562604ba31fc2b10873b3b0c9bf75fc)
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 00c84fd2583022d6f11067cc0b2e8782a09abc26)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes:
https://github.com/GNOME/glib/blob/glib-2-60/NEWS
(From OE-Core rev: 7ab3b3d57df1bddf2241b75ae6ebec29ea288502)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
License-Update: Change in version and copyright year/date.
Changelog:
https://sourceware.org/git/?p=bzip2.git;a=blob;f=CHANGES
(From OE-Core rev: ad33d889ad551651d72cf1cdfdfffdd147ee91ac)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: a0236a8f682ab0e897cd99555b9225bae4fb04ab)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
See:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395
(From OE-Core rev: cef180de3684491f1ac4180ddbcc102121222181)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Introduce a new variable INIT_MANAGER and create 4 init-manager-*.inc
files to configure init manager settings. Available values of
INIT_MANAGER are sysvinit, systemd, mdev-busybox and a default of none.
'none' provides backwards compatibility.
The settings of various VIRTUAL-RUNTIME variables are moved into these
files from the packagegroups.
[YOCTO #13031]
[Modifications by RP for backwards compatibility]
(From OE-Core rev: 8d0b4704a526a48cd5e67df61b613424bbbdccde)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With recent changes to runqueue, this fuction is unsafe as setscene tasks can run
at the same time as normal ones and doing things before do_fetch no longer
offers any guarantees.
There is other code which cleans out things from the sysroots as tasks rerun so
we should rely upon that instead.
(From OE-Core rev: 27ce69861edb7e52078b59ebf8fefc9201e9a228)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From meta-yocto rev: a287de83c5d92492a6d2f88c1e86fc11f1b6f310)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We are not using Python2. I removed this instance in the ref
manual. The variable "PYTHON_PN" referenced Python 2. It no
longer does.
(From yocto-docs rev: bd2ed0c640e12e8010ebff0aaba77e8fe367d63e)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was a typo in the BBMULTICONFIG variable description.
It appeared as "BBMULTIFONFIG". I fixed it.
(From yocto-docs rev: c53b1bb6e588f9ee87cb8ab85fc8c3985257a37a)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the "Enabling GObject Introspection Support" section, a link
existed to the "Known Issues" section further down in the
chapter. The target of the link was missing and appeared as the
placeholder "xxx". I put in the proper link.
(From yocto-docs rev: 8d0d1b2104f08e888075bc0ae0bed4f0ec2f4ea6)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes YOCTO #13079
Bug is about making sure the section on the devtool command
talks about oe-local-files. Two devtool commands (modify
and upgrade) needed to mention the role of the oe-local-files
area and how it is used during these commands. I updated the
appropriate sections:
* Use devtool modify to Modify the Source of an Existing Component
* Use devtool upgrade to Create a Version of the Recipe that
Supports a Newer Version of the Software.
(From yocto-docs rev: 70ed68eca6dcb5b1f1b5638fd27a7b513b65661e)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Missing information for some of the releases put back in.
(From yocto-docs rev: f4c09ab9eda925c16946d9d6cf58d1e40d8f6a07)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If you specify both setscene and non-setscene tasks on the commandline, the
non-setscene tasks could be missed, e.g. "bitbake X:do_patch X:do_populate_sysroot"
and do_patch would fail to run.
Fix the problem in runqueue and add a testcase.
(Bitbake rev: 75292fdec5d9c0b5b3c554c4b7474a63656f7e12)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4a69bf5ae3328d124a7607a52333643ebf7ec0b3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 6ee8d724bb7347a47395709df9d16e32abc9e06e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Ensure that the /etc/opkg directory exists before we try to create a
file there.
(From OE-Core rev: 30ff50223cd0b79fd3b8aa393ea1e621282773ac)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Instead of hiding problems in the debug log let's print them as warnings
instead.
(From OE-Core rev: 088f5d97001bd4b573f00cfca93b8d24e814fd64)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the following warning by just deleting the files:
WARNING: opensbi-0.4-r0 do_package: QA Issue: opensbi: Files/directories were installed but not shipped in any package:
/lib
/lib/libsbiutils.a
/lib/libsbi.a
(From OE-Core rev: ecbf494b26db71076ad74902a75a3205c849d81e)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream now uses plain gettext.
(From OE-Core rev: 0fd2b3318a7fb9bf8eeb760f82fe796f5b29643f)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Error info:
getrlimit03.c:104: FAIL: __NR_prlimit64(0) had rlim_cur =
ffffffffffffffff but __NR_getrlimit(0) had rlim_cur = 7fffffff
According to kernel code: [arch/mips/include/uapi/asm/resource.h]
RLIM_INFINITY is set to 0x7fffffffUL instead of ULONG_MAX on mips32.
/*
* SuS says limits have to be unsigned.
* Which makes a ton more sense anyway,
* but we keep the old value on MIPS32,
* for compatibility:
*/
#ifndef __mips64
# define RLIM_INFINITY 0x7fffffffUL
#endif
Adding conditional statement about mips to fix this.
(From OE-Core rev: 6bb6de711631fb2d339c447c6f88c8e06c17b967)
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.
(From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some product names are too vague to be searched without also matching the
vendor, for example Flex could be the parser compiler we ship, or Adobe Flex, or
Apache Flex, or IBM Flex.
If entries in CVE_PRODUCT contain a colon then split it as vendor:product to improve the search.
Also don't use .format() to construct SQL as that can lead to security
issues. Instead, use ? placeholders and lets sqlite3 handle the escaping.
(From OE-Core rev: e6bf90009877d00243417898700d2320fd87b39c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Adrian Freihofer
Richard Purdie
Ross Burton
Anuj Mittal
Li Zhou
Yi Zhao
Ricardo Ribalda Delgado
Robert Yang
Pierre Le Magourou
Ulrich Ölmann
Zang Ruochen
Kai Kang
Scott Rifenbark
Alistair Francis
Hongzhi.Song