| Age | Commit message (Collapse) | Author |
|---|
|
(From OE-Core rev: 6467eb4461f3cab16cab2ba63154c92fc2adacef)
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The autobuilder has been experiencing SSL: CERTIFICATE_VERIFY_FAILED
errors during error report uploads when using buildtools due to looking
for certs in /opt/poky
(From OE-Core rev: 197f1d5d14b8e57295f5a81c03c86abba5328614)
(From OE-Core rev: 35c6ab2501672083cf8b974d8b9c3daa3202de36)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
export OPENSSL_CONF to aviod SDK openssl can not find openssl.cnf.
(From OE-Core rev: 0aaf3dd17dcde959e9c0d62543cb91c9b33551b4)
(From OE-Core rev: 63d8569b2c9f66e8123e2672a7f8fb8e7cc1f0b4)
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Builds like native-openjdk, really wants a to link
some tools against the static version. Since when
using the extended tarball, its the only place to
get it, add the library.
(From OE-Core rev: 59c4a3fdbbfd5a6aaba7e0a1675dcd5866a7f3a4)
(From OE-Core rev: 152709dec03bbac582ca63b65f2efb835e0b33fb)
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* For buildtools-extended-tarball, where we are adding all of build-essentials
to the nativesdk, we need additional perl modules for autoconf and automake.
(From OE-Core rev: f0f766160663407ea7683d31bbf5f011accc9ba2)
(From OE-Core rev: e7ade58a7da52ebb40120020dd86dd3ae9b2148e)
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The eSDK installation code checks installed locales with the locale command which is
from glibc-utils. Add this so that we find the correct locales from the buildtools.
(From OE-Core rev: 7d35e4bc6ff94a2d03c48827d7d60a6855c9029d)
(From OE-Core rev: d99b6432decec0964ac0e08698abc782c9b114f5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Trying to create a clean PATH breaks cases where we install a buildtools tarball
on hosts to provide newer versions of gcc. Rework the fix for #8698 to clean up
directories in PATH which don't exist isntead. Do it with python as the shell
version was too fraught with corner cases.
(From OE-Core rev: 7674b63819aa7ca95ca5ca5477a5cce32e9691eb)
(From OE-Core rev: 9825236deacf6eb311121d233435a46288c02cdb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the SDK we need the plain symlinks and don't use alternative providers.
When these are missing the toolchain can work incorrectly so fix this.
(From OE-Core rev: 0c06cfaa016d06cc56d80dc1c244a938f3d38a3c)
(From OE-Core rev: 0d299c5dc04407d2d54574157f4014f50f2d0468)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need binutils to look at our ld.so.conf file within the SDK to ensure
we search the SDK's libdirs as well as those from the host system.
There add a patch which passes in the directory to the code using a define,
then add it to a section we relocate in a similar way to the way we relocate
the gcc internal paths. This ensures that ld works correctly in our buildtools
tarball.
Standard sysroot relocation doesn't work since we're not in a sysroot,
we want to use both the host system and SDK libs.
(From OE-Core rev: f6c1089642934ad93056ef19a0888965486ee030)
(From OE-Core rev: 09a2b16ac2bd1e3e415131e46315c851373aa7e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to search our own libdirs, then fall back to the system ones as our
customised dynamic loader will. Have ld.so.conf reflect that.
This ensures that binutils finds libraries here when linking too.
(From OE-Core rev: ab729c362684474a8346e5256d636200826feb47)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* For some aging distros, such as CentOS 7, the native version
of gcc is simply too ancient and is a constant source of
headaches for moving forward.
* Add an extended version of buildtools-tarball which adds all
of build-essential, so that the host is now modernized and
capable of compiling the latest versions of components.
Fixes [YOCTO #13714]
(From OE-Core rev: f0377af2325613b63716b0bb4db1ab253d79f388)
(From OE-Core rev: bb4979f0e8367b475cc9a5274933a61bb0eb64b3)
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 9cad716656b427e625a470a820b8b29b1ec9f976)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Added below patch in libpcre
CVE-2020-14155.patch
This patch fixes below error:
PCRE could allow a remote attacker to execute arbitrary
code on the system, caused by an integer overflow in
libpcre via a large number after (?C substring.
By sending a request with a large number, an attacker
can execute arbitrary code on the system or
cause the application to crash.
Tested-by: Rahul Taya <Rahul.Taya@kpit.com>
(From OE-Core rev: 3f536edfa56ce3f93223c23ed48427a0c24ede1a)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch from <https://github.com/golang/go/commit/
fa98f46741f818913a8c11b877520a548715131f> to solve CVE-2020-15586.
(From OE-Core rev: 0e8526ce8694ebd6988c3804e4d2ccf39cda90c7)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream https://pypi.python.org/pypi/${PYPI_PACKAGE}/
redirects to https://pypi.org/project/${PYPI_PACKAGE}/
(From OE-Core rev: b535360f0bd2fb6a057b678f35da1803a31eeba6)
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit e5f3f961242d888f3f786af8f793bf1d247fdff0)
[Yocto # 13990]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some pypi packages do have suffixes like dev, or a0 or b1.
When doing a version check on these, the version will get falsely
identified as major release versions.
Add a terminating slash to rule out those false positives
(From OE-Core rev: 13b145b9551884534f1dd2446eccfc55abc25f38)
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 0603f6d9f2abfa67b99b1bc39228f6aa16a0370d)
[Yocto bug #13990]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Depend on make-native instead of using host make to avoid errors like:
| controller-enumtypes.c:10:1: error: stray '\' in program
| 10 | \#include "gstinterpolationcontrolsource.h"
| | ^
| controller-enumtypes.c:10:2: error: stray '#' in program
| 10 | \#include "gstinterpolationcontrolsource.h"
| | ^
| controller-enumtypes.c:10:11: error: expected '=', ',', ';', 'asm' or '__attribute__' before string constant
| 10 | \#include "gstinterpolationcontrolsource.h"
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| controller-enumtypes.c:11:1: error: stray '\' in program
| 11 | \#include "gstlfocontrolsource.h"
| | ^
| controller-enumtypes.c:11:2: error: stray '#' in program
| 11 | \#include "gstlfocontrolsource.h"
This helps building on autobuilder where some workers have buildtools
with make 4.3 installed.
Building using meson works fine so later branches are not affected and
upstream has rejected patches to fix this:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/515
(From OE-Core rev: 74e22d0d2b61d0014f408972725469bb7a024622)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since 010202076760 ("meson.bbclass: avoid unexpected operating-system
names"), meson is no longer used with a cross file that appends the used
libc to the operating system name, e.g. linux-gnueabi.
Prior to that commit, the host_system == 'linux' checks in glib's meson
failed, which led to glib being compiled without libmount, mkostemp and
selinux even if explicitly requested.
As the aforementioned commit affects all recipes built by glib, it might
not be a candidate for backporting to current stable branches. To fix
just the glib issue, instances of host_system == 'linux' are patched
locally.
The patch is marked as Upstream-Status: Inappropriate as it is rendered
unnecessary for OE releases newer than Dunfell.
(From OE-Core rev: 2adcc5ade62fe10715a6c943565f71efe7627229)
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport the CVE patch from the upstream:
git://sourceware.org/git/glibc.git
commit 79a4fa341b8a89cb03f84564fd72abaa1a2db394
commit beea361050728138b82c57dda0c4810402d342b9
(From OE-Core rev: 9059f720f00f7b8dfac89d842ad19876eae201d5)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Master (nss version 3.54) is not affected by this issue. This is a backport
from nss version 3.54.
NSS has shown timing differences when performing DSA signatures, which was
exploitable and could eventually leak private keys. This vulnerability affects
Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Upstream patch:
https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e
(From OE-Core rev: c447b32c1ec0c117748a4be68dda02d375c81b85)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently in NVD DB an item popped up, which hasn't set baseMetricV2.
Let the parser handle it as an optional item.
In case use baseMetricV2 before baseMetricV3
(From OE-Core rev: e1c507da9fa5fd12dd42037d0476d94fe3aac730)
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fdcbf3f28289188c5a97664d1421d4a5c4991eda)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Automatic generation seems to work fine,
and does not become outdated.
(From OE-Core rev: 49a9b38bb8355aa6b3413335851b7b609356e33b)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8993270f8bc65e152418d84fde03f8ead83c054b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We can see tracebacks where the SIGTERM handler catches things
it shouldn't. Avoid exit(1) unless we're the process that
it was intended for.
[YOCTO #13664]
(From OE-Core rev: d9c62ffac611310efd47ed6397d31dccb72fe868)
(From OE-Core rev: 45b4bd7b4d30d81bdff0d471e8d97c2322ed2f75)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dba8c1d5ef0b574b7772d59e5992bfad8b7cca13)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes CVE-2020-11655
(From OE-Core rev: 3b06a6c73f4e49c6d00f758423c2e8865ec2de00)
(From OE-Core rev: 36edee3e489e7bd94d6fa555f87d94c5ec0f3ad8)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ without the CVE-2020-11656 fix that did not apply cleanly ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
To make the native python3 always used,
- Use sed one-liner instead
- Add substitution for ${S}/scripts/bpf_helpers_doc.py to fix the
following warning.
File "/usr/lib/python3.6/sysconfig.py", line 421, in _init_posix
_temp = __import__(name, globals(), locals(), ['build_time_vars'], 0)
ModuleNotFoundError: No module named '_sysconfigdata'
This issue is first reported by Joel Stanley <joel@jms.id.au>
The sed one-liner is credited to Anuj Mittal <anuj.mittal@intel.com>
(From OE-Core rev: 3f93173130a94310255389cfc62c67102a4fb21b)
(From OE-Core rev: c0bcc24ccc6d769935d7fa202a1405250d94e342)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3a1a18ba9d28adb5562eabe9ec354f6d93154f5c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In kernel 5.5+ there are python3 scripts that explicitly use
/usr/bin/python3 as the interpreter. That will find the host
python and produce undefined results.
We add that interpreter path to our substitutions to ensure
that our sysroot variant is used.
(From OE-Core rev: 103316d50d4947b3c3500eb5cbc4845702a62d22)
(From OE-Core rev: 3269e3d2d0258ac3788ed63fa46df4d4aae33b1e)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5c4f3127521607742f7cdf62481b64cf4d3e828)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Utils can not detect GCC 10 correctly due to wrong regex.
It generates this error "ERROR: Can't get compiler version from gcc --version output"
Sub-version numbers should be 1 or more digits instead of 1 only.
(From OE-Core rev: d9e58aff76edf1f5fdc31785fd81fae2c7c508c8)
Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@mind.be>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 186fe4a3d390a52b87282c3e694ce3251e45ee78)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 6e16ef0c2e0ec2bbb862231cd84e7650bd5789af)
(From OE-Core rev: add9b04f0596ade188224104595406d638a6fa73)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 75e91b8e52ec77398e6b0fc09456e971662d9d7e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: f12ea255a24d60c625d4e6ab4de0633df49679a5)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
[Rebased for v3.7.8]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport from systemd.git.
(OE-Core master rev: a1b22b2263da6d11a4e0cbfa792d2bd1e56f5346)
(From OE-Core rev: e6f233ebcef08f61dc00d2b20f2efcfdae33a694)
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: http://w1.fi/security/
Disposition: Backport from http://w1.fi/security/2020-1/
Affects <= 2.9 wpa-supplicant
(From OE-Core rev: 720d29cbfce34375402c6a4c17e440ffbb2659bf)
(From OE-Core rev: a341c128a5166c505ee1ec207abb87e5fa64d62e)
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit e9c696397ae1b4344b8329a13076f265980ee74d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d9c5d9c52eb1f03ff9c907a76dda31042fb26edb)
(From OE-Core rev: de3fe84fcfe3f1c3c2ad963b1fe459ccca9472a0)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 3f69946c6159fa359bc5800ee72ef6151d9ecd36)
(From OE-Core rev: b5c66309b776b9228fc1d9dbfaec9ccc6f48f0e7)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We were seeing a ton of empty perl modules being created such as
"perl-module-x86-64-linux-encoding" where the name would include
${TARGET_ARCH}-linux. These files were already being filtered in an
earlier do_split_packages() expression so exclude them from the latter
one to remove the pointless empty modules in PACKAGES.
This doesn't explain why some were not deterministic but will recude
the do_package execution time and clean up the build directories
at the very least.
(From OE-Core rev: 5aaf9d3a748cbad17a4a3e5d9715ac2f289b007d)
(From OE-Core rev: 6103cc314520280e55366d00657723e90f609d70)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f1a959d9831f43dda656e3b0c4d059db3363877)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bug fix only updates.
suitable for Stable branch updates where applicable.
Drop CVE patches included in update
LIC_FILES_CHKSUM update copyright year to 2020
Full changes found at : https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/CHANGES
(From OE-Core rev: c672d2b6c98607f1fda917f4a3189a53712e8fc2)
(From OE-Core rev: 74aacd292387f9a2c36381080ade5537af1d3d9e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit a6ba66cf5e754cdcd41f01d233fbef7b94a10225)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop backports.
Drop 0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch and
0001-lib-dns-gen.c-fix-too-long-error.patch as problem is fixed
upstream.
(From OE-Core rev: 6965ec5c491e71d5951dfb58fc060bd0b717e33d)
(From OE-Core rev: 3f723af6059fbfed6dac0c281f212b9a02c3e026)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This changeset fixes a feature regression in ubiformat. Older versions
of ubiformat, when invoked with a flash-image, would return 0 in the
case no error was encountered. Upon upgrading to latest, it was
discovered that ubiformat returned 255 even without encountering an
error condition.
This changeset corrects the above issue and causes ubiformat, when given an
image file, to return 0 when no errors are detected.
Backport fix from 2.1.2
(From OE-Core rev: 3ee98b6c9ddd1dd0825245ca672236b7befb9859)
(From OE-Core rev: e10f007c165ed974a0cd4d46934cd4708661aaf5)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
(cherry picked from commit 7ebacd9cbaec98fbc406e8ae99c9805a24fdadc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Postinst script from xorg-font-common.inc doesn't apply to this recipe.
So clear the postinst script of encodings.
(From OE-Core rev: ba94c908b99713ce115e9240df525c6442a60c7a)
(From OE-Core rev: 19c87007f6f92dc94db19e3c23ad06e09f397abe)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit 99ae6dbb7278dfd264453af852c108fa56a0d4e3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove service templates wpa_supplicant-nl80211@.service and
wpa_supplicant-wired@.service from SYSTEMD_SERVICE that they should NOT
be started/stopped by calling 'systemctl' in postinst and prerm scripts.
(From OE-Core rev: 7910a0d6f332253608767a9576a0d521dd87efd7)
(From OE-Core rev: c6c26311e846a688f2981b541be0966c73cd69d8)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit fe9b8e50461ab00ab3ad8b065ebd32f0eea2a255)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
vim will abort in many places with this setting. Replace
it with the benign _FORTIFY_SOURCE=1.
(From OE-Core rev: d9de155f6452f916edd3131addd0c2eebaf4d639)
(From OE-Core rev: db1e93c33150e712b90e81450fd2e161ea2fad08)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
(cherry picked from commit 18129cbaeddb3278efe9963718556e3765f06c1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
patchelf can corrupt shared libraries if the program headers don't
immediately follow the elf header. Add a patch submitted upstream
to address this.
(From OE-Core rev: faaf5f34332290708f3720a5488b3d1549d9e95a)
(From OE-Core rev: 1969b67592bf1cfb0088f89ecde516abf614238f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e7811c787bbe2f5d49b3506309499acc27189988)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In the generated cve.log files, include the epoch in the product
version. This better matches how versions are displayed elsewhere,
in particular the bb.warn("Found unpatched CVE...") that appears
on the terminal when CVEs are found.
(From OE-Core rev: 99f6de1c74b581054c74c6b4598a5d47facc9964)
(From OE-Core rev: a8b69927485acbe504fcd75dc2cafc4c550cb66a)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
(cherry picked from commit e1c3c0b6e5b01304e2127f5058986697e82adf93)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 2e497029ee00babbc50f3c1d99580230bc46155c)
(From OE-Core rev: 221e42c20148bb57986dfa862b352b9264694003)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in
metadata, this could fail cve_check
ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001
This patch ensures that download is done before running CVE scan, even
though these will be external patches and may not contain CVE tags as it
expects, but it will fix the run failures as seen above
(From OE-Core rev: dbf143d79476e54e8da93101fc16eaedeec88362)
(From OE-Core rev: 4b65abc70e84187f666e2ea2ab4dcf6bf7216658)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
file-native when built on a Debian 10 host will embed a dependency to
'libbz2.so.1.0' (instead of 'libbz2.so.1'). This can cause issues
when sharing the sstate between hosts e.g.:
recipe-sysroot-native/usr/lib/rpm/rpmdeps:
error while loading shared libraries: libbz2.so.1.0: \
cannot open shared object file: No such file or directory
To avoid this situation, let's add the bzip2-replacement-native to the
file recipe's DEPENDS_class-native .
Details in https://bugzilla.yoctoproject.org/show_bug.cgi?id=13915 .
(From OE-Core rev: 5a2bc3bfa9e1a4f37b6e26a5c40a4a9c025d03f1)
(From OE-Core rev: 693caddd3b62d0bcb76ec6d3d6faa6561b763598)
Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
(cherry picked from commit 4a996574464028bd5d57b90920d0887d1a81e9e9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It fails to build gcr if no commmand gpg on build host:
| meson.build:44:0: ERROR: Program(s) ['gpg2', 'gpg'] not found or not executable
Add dependency gnupg-native to fix the error.
(From OE-Core rev: da7360247995d7c8e79dfcaa0c0761952a9013f1)
(From OE-Core rev: 034f09ebd90a03a2775b44750951ce7a22e00564)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit e4a6eda4c246b2bca059defed796bdab19a7ab5f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
See full changelog https://github.com/eggert/tz/blob/master/NEWS#L11
(From OE-Core rev: 9d74b048e3a160d7a9a20e85817e9eb3a558af63)
(From OE-Core rev: 9a75b44244b42cdd341ee38a253b2d935ae05ee1)
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backported patch removed.
(From OE-Core rev: 2c33c482ba6691ae82252f192b3c03e8c8fb7d55)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libpam does not support 'obscure' checks to password,
there are the same checks in pam_cracklib module.
And this fix can remove the below error message while
updating password with 'passwd':
pam_unix(passwd:chauthtok):unrecognized option[obscure]
(From OE-Core rev: f5b90eeed7366432b39c7cd8c6ee8c23e2d4abe8)
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea761dbac90be77797308666fe1586b05e3df824)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rewrite relocatable_native_pcfiles() so that it can handle that any of
the checked pkgconfig directories are empty without causing an
exception.
(From OE-Core rev: d449e6b536c197b6723dab1d61e989706c14f19c)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f9c5df6dc1c13e9b05ff1b47ad84ad339f6779a4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Jeremy Puhlman
Steve Sakoman
Liwei Song
Tim Orling
Richard Purdie
Rahul Taya
Li Zhou
Konrad Weihmann
Anuj Mittal
Ahmad Fatoum
Zhixiong Chi
Ovidiu Panait
Adrian Bunk
Sakib Sajal
He Zhe
Bruce Ashfield
Charles-Antoine Couret
Hongxu Jia
Lee Chee Yang
wenlin.kang@windriver.com
Armin Kuster
akuster
Alexander Kanavin
Otavio Salvador
Kai Kang
Joe Slater
Ralph Siemsen
Khem Raj
Jan-Simon Moeller
Pierre-Jean Texier
haiqing
Peter Kjellerstedt