1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 03:47:03 +00:00

2167 Commits

Author SHA1 Message Date
Richard Purdie eb2d2f5c11 attr: Disable parallel make install
do_install fails on newer versions of make with interesting and hard to
debug errors. Disablle parallle make install as a workaround. Later verisons
of attr in newer releases don't have the issue.

(From OE-Core rev: 6043b9a2ea879f8960897b11eb947801508a94da)

(From OE-Core rev: f06861bbe402fff3f370687585e43c0270609d00)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-09-16 13:34:54 +01:00
Anuj Mittal 4417758540 gnupg: upgrade 2.2.16 -> 2.2.17
Also fixes CVE-2019-13050. Announcement:

https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html

(From OE-Core rev: c6e46323f0d62daf8bd424e642581fdcba920ef7)

(From OE-Core rev: ae33f509d753821111bb6b30343b02b37d996339)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Zang Ruochen 5901e08156 gnupg: upgrade 2.2.15 -> 2.2.16
(From OE-Core rev: 825be9d66ae9f503f1dd2dce0fac530554057613)

(From OE-Core rev: bb12f99a5bce3fcee1ef36406197231723647a8d)

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Oleksandr Kravchuk 0b55331e63 gnupg: update to 2.2.15
(From OE-Core rev: e60b3994d4bc282191302e1fd9b7d2106ee2f6cb)

(From OE-Core rev: 431bd084f71f9479c2ff9f37237799ad1f02d289)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Qi.Chen@windriver.com b569007b7b sqlite3: fix CVE-2019-16168
(From OE-Core rev: 8d663da7e5fad8dd936fbefeba67db6e0e356975)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Ross Burton ee276e50e5 libsoup: set CVE_PRODUCT
(From OE-Core rev: 5aa78e651ddef8a19768fa713993568cd3cc2a13)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Anuj Mittal c3a32fdace boost: fix build for x32
Commit: d336110b94 boost: update to 1.67.0

dropped the patch that ensured boost doesn't over-ride the architecture flags
set by us resulting in errors:

| build/tmp/work/x86_64_x32-poky-linux-gnux32/boost/1.69.0-r0/recipe-sysroot/usr/include/bits/long-double.h:44:10: fatal error: bits/long-double-64.h: No such file or directory
| #include <bits/long-double-64.h>
|          ^~~~~~~~~~~~~~~~~~~~~~~
| compilation terminated.

Remove the relevant part from gcc.jam again to ensure we are passing
them correctly again.

Fixes [YOCTO #13598]

(From OE-Core rev: aad28f42b1c8aa1335c040630ebff4a69be07e35)

(From OE-Core rev: 1cfd56ebdbcbab4ded1b0ea3c4bc44d3e83a9288)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ebbfe23acfbc820ad7b71c95539b5af97a8be49d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-04-09 00:07:12 +01:00
Adrian Bunk a8df2dea8d lz4: Whitelist CVE-2014-4715
(From OE-Core rev: ca4fc78584ec5a7bbeac188f4ed935b3128eb6eb)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-01-28 11:15:02 +00:00
Oleksandr Kravchuk 178c487ed2 popt: fix SRC_URI
rpm5.org has been down for about a year now. Use linuxfromscratch.org
as an alternative reliable source instead.

(From OE-Core rev: 2e2fb4e9db2e328dcb771951feb7f7ab5c0c4dd6)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d9224014da9a512b1b8837e4e7a736d465c97be3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-01-16 22:38:53 +00:00
Ross Burton 10662c6c3a boost: set CVE vendor to Boost
There's a Boost module for Drupal.

(From OE-Core rev: e8ffa02f3efcf5303b8cf57eb29e498e816e63c0)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-01-16 22:38:52 +00:00
Joe Slater 58e85c5395 libxslt: fix CVE-2019-18197
Use patch from upstream after 1.1.33 release.

(From OE-Core rev: aa88f0f3b7f70ddc88f187c91860505b256aeda3)

Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-11-18 14:42:13 +00:00
Yi Zhao c8125e68c6 libgcrypt: fix CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-12904

Patches from:
https://github.com/gpg/libgcrypt/commit/1374254c2904ab5b18ba4a890856824a102d4705
https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020

(From OE-Core rev: a981d9b753a13e100af1f654fb3384f0bcda0b65)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 37e390ff05b6a4509019db358ed496731d80cc51)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 4c207cb1ad46c0d2005ab3eae70d78c937e084b5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-10-30 13:47:54 +00:00
Muminul Islam 2559517faf libcroco: Fix two CVEs
CVE: CVE-2017-8834 CVE-2017-8871

(From OE-Core rev: fe2d5b0d56201110323911d206243fdcc7f80115)

Signed-off-by: Muminul Islam <muislam@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-10-30 13:47:54 +00:00
Zang Ruochen b5626d15c8 gnutls:upgrade 3.6.7 -> 3.6.8
-Upgrade from gnutls_3.6.7.bb to gnutls_3.6.8.bb.

(From OE-Core rev: c5d2ca323a255f09c7b3378af5956671205867f4)

Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b34486a616ab4d4b30247a5dff58a18ef26ed709)
[Bug fix only update.
Including: CVE-2019-3836 CVE-2019-3829
https://lists.gnupg.org/pipermail/gnutls-help/2019-May/004527.html]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-10-30 13:47:54 +00:00
Armin Kuster 1b9559de4b Curl: Security fix for CVE-2019-5482
Source: curl.org
MR: 99905
Type: Security Fix
Disposition: Backport from https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d
ChangeID: e0c807da8937f687a4b2e28eaa6b4b5a51845bc5
Description:

Fixes CVE-2019-5482
- Affected versions: libcurl >= 7.19.4 to and including 7.65.3
- Not affected versions: libcurl < 7.19.4

(From OE-Core rev: d2e5558133f970a8a196c545dd00af9315c1a06a)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-09-30 16:44:42 +01:00
Sean Nyekjaer c6720451a8 libgpg-error: Fix build with gawk 5.x
Based on poky master, but for version 1.35

(From OE-Core rev: 4e110b7d3b6e84015249f4174766dd3790f9bbbe)

Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-09-30 16:44:42 +01:00
Bedel, Alban 5743d1591b boost: Fix build and enable context and coroutines on aarch64
Like for ARM bjam need some hints about the ABI to properly build on
aarch64. While at it also enable context and coroutine as these are
supported on aarch64.

(From OE-Core rev: 219befc2dad0c6df171f46725c995ce0038fa4f8)

Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-09-30 16:44:42 +01:00
Bedel, Alban 95632e679d rng-tools: fix very long shutdown delay with systemd
The systemd service file has DefaultDependencies=no but is not
properly configured to also stop the unit. Because of this the unit
keep running after shutdown but systemd still waits for it to finish to
then later resort to a hard kill. All this take 1m30s with the default
configuration.

To fix this problem add the missing Before=shutdown.target and
Conflicts=shutdown.target to have systemd stop the unit on shutdown.

(From OE-Core rev: b6daf8a5755842c0e38b1a88687a18432138a45a)

Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-09-30 16:44:41 +01:00
Anuj Mittal 7401aef349 libxslt: fix CVE-2019-13117 CVE-2019-13118
(From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5)

(From OE-Core rev: 7a3b5f260c498da39ecedb313898d1f5482ddd2f)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-09-30 16:44:41 +01:00
Anuj Mittal 01b8a8b54b curl: fix CVE-2019-5435 CVE-2019-5436
(From OE-Core rev: 952bfcc3f4b9ee5ba584da0f991f95e80654355a)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-07-29 23:50:49 +01:00
Anuj Mittal 4626a7f6d1 vim: fix CVE-2019-12735
(From OE-Core rev: c7efa41e7fed263413d5f55d5ed5d17e874623a3)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-07-29 23:50:49 +01:00
Adrian Bunk 3dc1065b8d libxslt: Fix CVE-2019-11068
(From OE-Core rev: 7fa78955448aa371d3e032c12fe078e5ddfd68a0)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-30 22:34:23 +01:00
Randy MacLeod 852f90451d ptest-runner: enable child procs as session leader
When running the run-execscript bash ptest as a user rather than root, a warning:
  bash: cannot set terminal process group (16036): Inappropriate ioctl for device
  bash: no job control in this shell
contaminates the bash log files causing the test to fail. This happens only
when run under ptest-runner and not when interactively testing!

The changes made to fix this include:
1. Get the process group id (pgid) before forking,
2. Set the pgid in both the parent and child to avoid a race,
3. Find, open and set permission on the child tty, and
4. Allow the child to attach to controlling tty.

(From OE-Core rev: 25121d92f1a4cd70223038e09a719fec94355ee6)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-30 22:34:23 +01:00
Sakib Sajal 3ee2004f36 ptest-runner: update SRCREV to latest HEAD on ptest-runner2 repo
63d097c Add SPDX-License-Identifier: GPL-2.0-or-later in source files (HEAD)
   fb93c99 utils.c: close all file descriptors after completing a ptest

(From OE-Core rev: 884e0d80d0113e8af5bdbd7988e391c1292e37c2)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Randy Macleod <randy.macleod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-30 22:34:23 +01:00
Philippe Normand 09dea32f47 gnutls: Use ca-certificates as default trust store file
Since version 2.58 the glib-networking TLS database relies on GnuTLS's system
trust store, so not enabling it leads to TLS errors in applications depending on
glib-networking. The raised runtime warning is:

process:500): GLib-Net-WARNING **: 09:14:09.321: Failed to load TLS database: Failed to load system trust store: GnuTLS was not configured with a system trust
(app:490): ... TLS Error: TLS certificate  has unknown CA.

(From OE-Core rev: 1d147be584d2f016853edbe9751247d7daa0b5d0)

(From OE-Core rev: 712c78984c891e6357e1b1dc414431fb6c226c49)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-18 11:28:58 +01:00
Richard Purdie cdd4ba6c3e libpcre: Add make dependency for ptest
The tests are run from a makefile so this dependency is needed.

(From OE-Core rev: d2361e9bb6caf66cf6d492fc5957c601fd3f9e6d)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-07 13:57:48 +01:00
Richard Purdie d7d71fd2f2 apr/apr-util: Add ptest dependency on libgcc
Avoid:

libgcc_s.so.1 must be installed for pthread_cancel to work

when running the ptest without libgcc.

(From OE-Core rev: f704c1021e311ad493374d8cd38e800b79a96746)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-07 13:57:48 +01:00
Richard Purdie 4ec1e60607 gettext/flex/m4/bzip2/gzip/parted/slang/attr: Add make to -ptest packages
This solves ptest runtime errors where make was missing causing the ptests
to fail.

(From OE-Core rev: 47bcd4dec32e87b7353b079f63931d11cd0568e6)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fixup for warrior context]
[Dropped ptest fixes for pkg w/o ptests in warrior]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-07 13:57:48 +01:00
Mingli Yu 04b69971fb nettle: fix the Segmentation fault
The commit[8ac8fa8ee1 nettle: update to 3.4.1]
add CFLAGS_append = " -std=c99" to silence the
below error for native build:
| ../nettle-3.4.1/rsa-sign-tr.c: In function 'sec_equal':
| ../nettle-3.4.1/rsa-sign-tr.c:243:3: error: 'for' loop initial declarations are only allowed in C99 mode
   for (size_t i = 0; i < limbs; i++)
   ^
| ../nettle-3.4.1/rsa-sign-tr.c:243:3: note: use option -std=c99 or -std=gnu99 to compile your code
| Makefile:263: recipe for target 'rsa-sign-tr.o' failed

But the above change will trigger below Segmentation
fault:
 # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00]
 [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f
 Segmentation fault

So update the logic to CFLAGS_append = " -std=gnu99"
to fix the issue.

(From OE-Core rev: 91359a91b8c89dc5e1f3a946137204156c47a3af)

(From OE-Core rev: cccf000f07eb8b60874c66c60a47c46d546e5ca0)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-05-20 14:38:15 +01:00
Adrian Bunk d00d95924b gnutls: upgrade 3.6.5 -> 3.6.7
This is a new upstream release from the same stable branch
bringing new features and bugfixes (including CVE fixes).

COPYING changed http -> https.

configure no longer has a --without-libunistring-prefix option.

(From OE-Core rev: 93993fe8ffd31e3e94946023b2cd8927ae595fc3)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[includes: CVE-2019-3836 CVE-2019-3829]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-05-12 09:13:38 +01:00
Oleksandr Kravchuk bb65c8094c curl: update to 7.64.1
(From OE-Core rev: 61433a177c5ce19a0c560a6e1062bad8194cecc8)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Bug fix only update]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-05-12 09:13:38 +01:00
Richard Purdie 41136dd0cf Revert "nettle: fix ptest failure"
This reverts commit 83faaf7b2a5f4fc4ae504b300134409e90389770.

This should never have merged as the change was rejected upstream and adding a library
to the ptest package resulted in it providing that SONAME which led to being
included in images like core-image-sato.

This in turn led to a ton of ptest failures in the 2.7 r1 QA report.

(From OE-Core rev: 039e7b25f0018e6923d14b40c35252f99e1d3ea3)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-12 23:01:22 +01:00
Mingli Yu 861e0ad2a3 nettle: fix ptest failure
Remove dlopen-test.patch which originally used
to fix the test dlopen-test, but autually the
patch didn't resolve the issue as dlopen-test.patch
supposes the file /usr/lib/libnettle.so exists.
Instead deploy ${D}${PTEST_PATH}/libnettle.so to
fix the dlopen-test failure.

Update the initialization for the salt to fix
below Segmentation fault and also nettle-pbkdf2-test
failure.
 # echo -n passwd| nettle-pbkdf2 -i 1 -l 16 salt
 [65534.886509] nettle-pbkdf2[708]: segfault at 1f594260 ip 00007f3332256998 sp 00007fff60d44410 error 4 in libnettle.so.6.5[7f3332244000+1d00]
 [65534.887525] Code: e8 6d db fe ff 44 01 6d 68 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 49 89 dc e9 68 ff f
 Segmentation fault

(From OE-Core rev: 83faaf7b2a5f4fc4ae504b300134409e90389770)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-12 13:40:21 +01:00
Andreas Müller b977cccc16 libsoup-2.4: use gobject-introspection.bbclass on/off mechanism
(From OE-Core rev: 951b8394a7665902ec9b0572585c605251beb002)

Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-11 21:15:56 +01:00
Andreas Müller 7e6ad79554 atk: use gobject-introspection.bbclass on/off mechanism
(From OE-Core rev: 9fca94a4fe8e6f884689accc7d35c453811b6654)

Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-11 21:15:56 +01:00
Andreas Müller 3c0db0fa69 at-spi2-core: use gobject-introspection.bbclass on/off mechanism
(From OE-Core rev: 7d2d1a45e0d6fe0dba289d686a510f844151df2f)

Signed-off-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-11 21:15:56 +01:00
Richard Purdie 65b37734c7 ptest-runner: Add several logging fixes
This change adds three patches to improve the handling of stdout/stderr and child
processes to try and improve logging reliability in ptest-runner.

(From OE-Core rev: 1c0fffc401cdb581a93d16d225f53c83359ff209)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-09 13:44:39 +01:00
Ross Burton d79ab95065 libxslt: update for new catalog path
The XML catalogue is now at the canonical path, ${sysconfdir}/xml/catalog.

(From OE-Core rev: 2c91c3ef14269b7b329b3008e5b3a8e65ea4f494)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-05 17:32:50 +01:00
Ross Burton f7db0478d2 sqlite3: fix CVE-2019-9936 and CVE-2019-9937
(From OE-Core rev: 4ec161ea684b305b303f32e96ce23f472c82e1a1)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-04-01 14:48:44 +01:00
Ross Burton 3d05a87df7 libexif: fix CVE-2016-6328 and CVE-2018-20030
(From OE-Core rev: 037b544431076b94e85281c7deb527a44a600f5a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-29 08:28:53 +00:00
Alexander Kanavin d0a661fbcb bmap-tools: fix upstream version check
(From OE-Core rev: c03172749018e2d9fae85b35ff9176ba922857e6)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-29 08:28:53 +00:00
Alexander Kanavin 1fadb5d387 db: fix upstream version check
The new regex excludes the 5.3.28+dfsg1 which is a Debian
repackaging of the original tarball:

* Repack the .orig tarball to eliminate prebuilt binaries that need a
    Visual Studio plugin to build from source. (Closes: #898215)

https://metadata.ftp-master.debian.org/changelogs/main/d/db5.3/unstable_changelog

(From OE-Core rev: 0bba7bbdb9600095f367bbe2f6926e216a7b56ce)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-29 08:28:53 +00:00
Alex Kiernan a94bb35808 libpsl: Extend with native, nativesdk
To allow wget with libpsl to build native/nativesdk versions we need
those variants here.
(From OE-Core rev: e2df6087694af09715141c5cb38af3e7db4ad758)

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-25 23:19:53 +00:00
Ross Burton 928b20e705 libexif: disable documentation neatly
No need to sed the Makefile as we can just pass --disable-docs.

(From OE-Core rev: 72e8597562fa7d8b0f19ed5c8727ebdf172c96a9)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-24 17:00:52 +00:00
Ross Burton 0775bf2147 libcroco: fix CVE-2017-7961
(From OE-Core rev: 480f15850820746cecdfe0b8450b2be484c1f8f9)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-24 17:00:52 +00:00
Ross Burton 95661a102d libpcre: update patch status
(From OE-Core rev: 3e06fc90f8c3e657db471e4d6eb20b0059d3f690)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-24 17:00:52 +00:00
Otavio Salvador 15f2cefac4 openssl: Remove the c_rehash shell re-implementation
We had a c_rehash shell re-implementation being used for the native
package however the ca-certificates now uses the openssl rehash
internal application so there is no use for the c_rehash anymore.

(From OE-Core rev: 672b076158247f823a518b7c33b50c82272d6388)

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-19 23:50:41 +00:00
Tom Rini 9d6a429f58 vim: Update to 8.1.1017
The most current release of vim is now 8.1.1017.  The only problem
currently is that the disable_acl_header patch is still not upstream.

Cc: Wenzong Fan <wenzong.fan@windriver.com>
Cc: Changqing Li <changqing.li@windriver.com>
(From OE-Core rev: 791b278c513abb6587d4efcf2e4e974a0bf280ae)

Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-18 23:47:43 +00:00
Armin Kuster 84b89105c3 nspr: update 4.21
(From OE-Core rev: f0083af1bba06fbf7aa4ed524f6a34a42555a8bd)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-11 05:36:37 -07:00
Armin Kuster 623e56c349 nss: update to 3.42.1
remove nss-fix-SHA_HTONL-bug-for-arm-32be.patch now included

(From OE-Core rev: 0de293ce514c24305a520b2291158477f77cb3ac)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-03-11 05:36:37 -07:00