Currently, BAD_RECOMMENDATIONS on the opkg backed relies on editing the
opkg status file (it sets BAD_RECOMMENDATIONS pkg want state to
deinstalled and pinned). This is brittle, and not consistent across the
different solver backends. Use new --add-ignore-recommends flag instead.
(From OE-Core rev: 0d11e813ba9b4e8de9e6e5099ff85f5d914243bc)
(From OE-Core rev: bfb0acb6bc6bc11e4aa2c9527916359e1a763e85)
(From OE-Core rev: 13ba66338d16cc07cb0129de932f090d0edb7760)
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The imp module is deprecated, port the code over to use importlib
as recently done for bb.utils as well.
(From OE-Core rev: f3ba6cee5927c7475c3dc47658fa0548aec52115)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport the fixes for several CVEs from the 2.28 stable branch:
- CVE-2016-10739
- CVE-2018-19591
(From OE-Core rev: 950a60c0e4183037a807031ddc9167b1a81a5348)
Signed-off-by: Ross Burton <ross.burton@intel.com>
[Dropped CVE-2019-9169 as its in my contrib already]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The 2.6 release contains both libcrypt.so.1 and libcrypt.so.2 which fixes
compatibility with recent fedora/suse releases.
The difference is one is built with obsolete APIs enabled and one disabled.
We now ship both in uninative for compatibility regardless of which distro
a binary is built on.
(From OE-Core rev: 352ab80333096df92ef0f4cd331baea98e71aa21)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I goofed up the scissor line on the last attempt. Not sure how much it matters,
but here it is correct this time.
Here it is, updated to work with wpa-supplicant_2.6.bb.
-- >8 --
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy=
When building root filesystems with any of the wpa_supplicant systemd
template service files enabled (current default is to have them disabled) the
systemd-native-fake script would not process the line:
Alias=multi-user.target.wants/wpa_supplicant@%i.service
appropriately due the the use of "%i."
According to the systemd documentation "WantedBy=foo.service in a service
bar.service is mostly equivalent to Alias=foo.service.wants/bar.service in
the same file." However, this is not really the intended purpose of install
Aliases.
All lines of the form:
Alias=multi-user.target.wants/*%i.service
Were replaced with the following lines:
WantedBy=multi-user.target
(From OE-Core rev: d05e98cdccbe36be8906c31249adeb0f0bc13ac5)
Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The crosssdk dependencies are handled using the virtual/ namespace so
this name doesn't matter in the general sense. We want to be able to provide
recipe maintainer information through overrides though, so this standardises it
with the behaviour from gcc-crosssdk and ensures the maintainer overrides work.
(From OE-Core rev: 025cd45d4129266d34a919573c02a8504f092c1b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Go binaries were installed to ${libdir}/go/bin, and create symlink
in ${bindir}, while enabling multilib, libdir was extended (such as
/usr/lib64), but BASELIB was not (still /lib), so use
baselib (such as /lib64)) to replace
(From OE-Core rev: fca74928bf2002daf526ad8c1446c8d9ba891a78)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: OpenEmbedded.org
MR: 97351
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-extended/cups?h=warrior&id=fbe7a0c9bab7c9be7fd2c0da8b2af61e66de1ebd
ChangeID: fbe7a0c9bab7c9be7fd2c0da8b2af61e66de1ebd
Description:
(From OE-Core rev: 85541b9ae8cff770e2c20a9132c0867a25d190c2)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CUPS 2.2.10 is a bug fix release that addresses issues in the scheduler, IPP Everywhere support, CUPS library, and USB printer support. Changes include:
CVE-2018-4300: Linux session cookies used a predictable random number seed.
The lpoptions command now works with IPP Everywhere printers that have not yet been added as local queues (Issue #5045)
Added USB quirk rules (Issue #5395, Issue #5443)
The generated PPD files for IPP Everywhere printers did not contain the cupsManualCopies keyword (Issue #5433)
Kerberos credentials might be truncated (Issue #5435)
The handling of MaxJobTime 0 did not match the documentation (Issue #5438)
Incorporated the page accounting changes from CUPS 2.3 (Issue #5439)
Fixed a bug adding a queue with the -E option (Issue #5440)
Fixed a crash bug when mapping PPD duplex options to IPP attributes (rdar://46183976)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: OpenEmbedded.org
MR: 97351
Type: Integration
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-extended/cups?h=warrior&id=ee57d79aec06e9b160cf2713636cda650ba68d5a
ChangeID: ee57d79aec06e9b160cf2713636cda650ba68d5a
Description:
The following patch is rebased.
0001-don-t-try-to-run-generated-binaries.patch
(From OE-Core rev: 3c76b6660fc21a987e960dedb2631dcd27b87d07)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CUPS 2.2.9 is a bug fix release that addresses issues in the scheduler,
IPP Everywhere support, CUPS library, and USB printer support. Changes include:
Localization changes (Issue #5348, Issue #5362, Issue #5408)
Documentation updates (Issue #5369)
The lpadmin command would create a non-working printer in some error cases
(Issue #5305)
The scheduler would crash if an empty AccessLog directive was specified
(Issue #5309)
Fixed a regression in the changes to ippValidateAttribute (Issue #5322,
Issue #5330)
Fixed a crash bug in the Epson dot matrix driver (Issue #5323)
Automatic debug logging of job errors did not work with systemd (Issue #5337)
The web interface did not list the IPP Everywhere "driver" (Issue #5338)
The IPP Everywhere "driver" now properly supports face-up printers
(Issue #5345)
Fixed some typos in the label printer drivers (Issue #5350)
Multi-file jobs could get stuck if the backend failed (Issue #5359,
Issue #5413)
The IPP Everywhere "driver" no longer does local filtering when printing to
a shared CUPS printer (Issue #5361)
The lpadmin command now correctly reports IPP errors when configuring an
IPP Everywhere printer (Issue #5370)
Fixed some memory leaks discovered by Coverity (Issue #5375)
The PPD compiler incorrectly terminated JCL options (Issue #5379)
The cupstestppd utility did not generate errors for missing/mismatched
CloseUI/JCLCloseUI keywords (Issue #5381)
The scheduler now reports the actual location of the log file (Issue #5398)
Added a USB quirk rule (Issue #5420)
The scheduler was being backgrounded on macOS, causing applications to spin
(rdar://40436080)
The scheduler did not validate that required initial request attributes were
in the operation group (rdar://41098178)
Authentication in the web interface did not work on macOS (rdar://41444473)
Fixed an issue with HTTP Digest authentication (rdar://41709086)
The scheduler could crash when job history was purged (rdar://42198057)
Dropped non-working RSS subscriptions UI from web interface templates.
Fixed a memory leak for some IPP (extension) syntaxes.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There was a typo in the BBMULTICONFIG variable description.
It appeared as "BBMULTIFONFIG". I fixed it.
(From yocto-docs rev: 2ef4ab6d93ccb6208169db9757f9ca2c2551a6d2)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I accidently submitted this with a build error.
(From yocto-docs rev: 44b659aa7fa1dca96cb38cd272ea96e20b94aadb)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I ran fresh commands for several output examples where
repositories are cloned. I also dumped the really detailed
listing of the Raspberry Pi BSP. Rather, I provided a link
to the layer itself and sent the reader there to do their
own exploring.
(From yocto-docs rev: d6976296f237420cae7c9f157a4e3a868b0ac588)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
I ran the examples against the latest poky repo to get updated
example output.
(From yocto-docs rev: c2b272f10b731e744f0ecddab6ad37dc13579dcf)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the system had previously fetched a source repository for use by gitsm,
and then the SRCREV was updated and the new commit already existed, the system
would not re-evaluate the submodules and update them accordingly.
The cause of this issue was that need_update was being used, unmodified, from
the base git fetcher. It did not have any knowledge, nor did it care if we
were moving commits and needed to re-evaluate what was happening due to this
switch.
To fix the issue, during the download process we add all processed (by
gitsm) srcrevs to the git config file, as bitbake.srcrev. This allows us to
use a new need_update function that not only checks if the git commit is
present, but if we have previously processed this commit to ensure all of the
submodule components are also present.
This approach is used, instead of iterating over the submodules in need_update
to avoid a potential race condition that has affected us in the past. The
need_update is called only with the parent locking. Any time we need to dive
into the submodules, we need to lock, and unlock them, at each stage. This
opens the possibility of errors in either the code, or unintended race
conditions with rm_work.
This issue was discovered by William A. Kennington III <wak@google.com>. The
included test case was also written by him, and included unmodified.
(Bitbake rev: 4ce92f43eeac6a4bfd06e8567fa6891614b5b3b0)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Because we are trying to avoid network activity and use our own fetcher,
the system emulates the behavior of 'git submodule init'.
git submodule init uses the .gitmodules file, where typically the module
name and path are the same. However, in this case the module name and
path (in the tree) were different. i.e.:
[submodule "edgelet/hsm-sys/azure-iot-hsm-c/deps/azure-c-shared-utility"]
path = edgelet/hsm-sys/azure-iot-hsm-c/deps/c-shared
url = https://github.com/Azure/azure-c-shared-utility.git
Previously the code assumed the 'path' was both the checkout location
under .git/modules, as well as the path to extract the components. This
proved to be incorrect as the .git/modules path needs to match the submodule
'name'. This causes the components that were fetched to be initialized in
the wrong location, which later caused the 'git submodule update' process to
skip not properly initialized modules.
A test case was added for this specific case to ensure a regression does
not appear in the future.
(Bitbake rev: ffd7ed530a17d22df576d986ac78428a6979e79c)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie
Anuj Mittal
Ross Burton
Ovidiu Panait
Alejandro del Castillo
Robert Yang
Armin Kuster
Joshua DeWeese
Khem Raj
Hongxu Jia
Chen Qi
Armin Kuster
Martin Jansa
Scott Rifenbark
Mark Hatle