The patch recently added for CVE-2021-30004 broke compilation with
CONFIG_TLS=internal. This adds the necessary function to let it
compile again.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d6ef417074)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to release 3.11.4:
- Bug fix where a MongoClient would mistakenly attempt to create
minPoolSize connections to arbiter nodes
- Bug fix that prevented PyMongo from retrying writes after a
writeConcernError on MongoDB 4.4+
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit dcb9ecc1e5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to release 4.0.2:
- Using Union containing generics as type hint causes an error
- Libdoc does not anymore work with resource files in PYTHONPATH
- Rebot removes sourcename attribute from <kw> in output.xml
- Run Keyword If Test Failed does not work correctly if it is not
first keyword in teardown and test is skipped
- Argument conversion problems when type hint is ABC
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 73d63dd3fe)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to release 1.3.4:
- Reverts the unsatisfying fix for KeyError during import when
running with python optimisation level of 2
- instead a RuntimeError is thrown when Python is running with
optimization level 2
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
(cherry picked from commit 87e6a45374)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Since tbb has a COMPATIBLE_MACHINE entry to prevent it from building
for powerpcc, let's also remove it from the meta-oe-support package
group.
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 564f721954)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| [log_check] Warn: update-alternatives: sh has multiple providers with the same priority, please check /workdir/raspberrypi4_64-mortsgna-linux/allgui-dev-image/1.0-r0/rootfs/usr/lib/opkg/alternatives/sh for details
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit df10c7bcc0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-License-Update: Change distribition to distribution.
Specific permission is granted for the GPLed code in this distribution to be linked to OpenSSL without invoking GPL clause 2(b).
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 902eea11f1)
[Bug fix update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
inheriting license class which brings in
AVAILABLE_LICENSES into do_configure task checksums class since it wants to
enable thin-provisioning-tools if distro allows GPL-3 automatically, but this
brings issues when other layers which have additional licenses are
provided which ends up in signature mismatches so leave that setting to end-user and keep it disabled by
default with a comment in recipes stating that if needed then the user should enable it via
config metadata or bbappends.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f592e81f11)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
[meta-openembedded ticket #327] --
https://github.com/openembedded/meta-openembedded/issues/327
The python version in the shebang at the begining of the ufw script
should be the same one as the version the setup.py script was called
with.
The fix in patch "setup-only-make-one-reference-to-env.patch"
depends on sys.executable returning "/usr/bin/env pythonX". However,
it returns "/usr/bin/pythonX". Using sys.version_info we can get the
major version of the python used to called the script and append
that to the shebang line so it works as intended.
Signed-off-by: Silcet <camorga1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5194af1afd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The latest version does not support PPC architecture, so disable
the it. Otherwise the following error occurs:
/srv/nvme/yocto/hardknott/builds/tbb/tmp/work/ppc7400-poky-linux/tbb/2021.2.0-r0/git/src/tbb/tools_api/ittnotify_config.h:338:12: error: '__TBB_machine_fetchadd4' was not declared in this scope
338 | return __TBB_machine_fetchadd4(ptr, 1) + 1L;
| ^~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Saul Wold <saul.wold@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8170a965d0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Some targets might be interested in limiting how big
zram can grow. If the variable is set in /etc/default/zram file,
configure it in mem_limit sysfs attribute.
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cb1cf05378)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
it uses qemu underneath which segfaults on musl/x86
until its fixed, we disable vector icons
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 44ca91f0fe)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix a security issue CVE-2020-36242 where certain sequences of
``update()`` calls when symmetrically encrypting very large
payloads (>2GB) could result in an integer overflow, leading to
buffer overflows.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
License-Update: License updated (year updated)
Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2.2.x is LTS, so upgrade to latest release 2.2.20.
This upgrade fixes several CVEs such as CVE-2021-3281.
Also, CVE-2021-28658.patch is dropped as it's already in 2.2.20.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade to latest stable version.
The 1.10 branch is not maitained any more, it stops update in 2019.
The 1.11 branch has fix for CVE-2020-26117, which is a high risk CVE.
https://nvd.nist.gov/vuln/detail/CVE-2020-26117
Some changes in this new version are as below.
1) 'bash' is added to RDEPENDS as /usr/libexec/vncsession-start requires it.
2) DEPENDS on libpam and requires 'pam' distro feature.
This is because upstream has made 'pam' mandatory in the following commit.
"""
commit d80817f101d1b3f1a9b1c5ec268f28fffa2d75f9
Author: Pierre Ossman <ossman@cendio.se>
Date: Wed Jul 11 15:49:46 2018 +0200
Make PAM mandatory
It is present on all UNIX systems anyway, so let's simplify things.
We will need it for more proper session startup anyway.
"""
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The +1 fixes build issues for the 5.4 kernel.
This update looks like bugfixes
Signed-off-by: Armin Kuster <akuster808@gmail.com>
v2]
Wrong version listed
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4784c7c62f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Saul Wold
Alexander Vickberg
wangmy
Leon Anavi
Trevor Gamblin
Andreas Müller
zangrc
Khem Raj
Silcet
Martin Jansa
Armin Kuster
Sinan Kaya
Yi Zhao
Kai Kang
Mingli Yu
Chen Qi
Stefan Ghinea
Ulrich Ölmann