eb70e899c4
ruby: Security fix for CVE-2017-14064
...
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1
(From OE-Core rev: 8d53b03e8fa1bc20c0d77d6cd7869bd7f7325987)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
ecd6e7d101
ruby: Security fix for CVE-2017-14033
...
affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1
(From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
32c81fb55d
ruby: Security fix for CVE-2017-9229
...
affects ruby < 2.4.1
(From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
7039d1ad32
ruby: Secruity fix for CVE-2017-9226
...
affects ruby < 2.4.1
(From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
7f7e00483a
ruby: Security fix for CVE-2017-9228
...
affects ruby < 2.4.1
(From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
5899c6b77c
ruby: Security fix for CVE-2017-9227
...
affects ruby < 2.4.1
(From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
cab5a620ac
ruby: Security fix for CVE-2016-7798
...
affectes ruby < 2.3.1
(From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
fe8a56109b
curl: Security fix for CVE-2017-1000101
...
Affected versions: curl 7.34.0 to and including 7.54.1
Not affected versions: curl < 7.34.0 and >= 7.55.0
(From OE-Core rev: 3cd67ae472cf163a592aac6ca783e451068fca0c)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
dc96e5ae3f
curl: Security fix for CVE-2017-1000100
...
Affected versions: libcurl 7.15.0 to and including 7.54.1
Not affected versions: libcurl < 7.15.0 and >= 7.55.0
(From OE-Core rev: 2ad0d34313b30f3f18d2f15879294fab310aa874)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
6131edc2c9
curl: Security fix for CVE-2016-9586
...
Affected versions: libcurl 7.1 to and including 7.51.0
Not affected versions: libcurl >= 7.52.0
(From OE-Core rev: 559ccc284987846c5b266cc2bc5ecd91c1c155f9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:55 +00:00
c4339c0e74
curl: Security fix for CVE-2016-8624
...
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 26e464767ab53cb78e4ede10c77fe12907a7daad)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
5affd0af1f
curl: Security fix for CVE-2016-8617
...
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 3b73976716ee71a8040221f22c5fbda79512a958)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
b0827cbb4b
curl: Security fix for CVE-2016-8623
...
Affected versions: curl 7.10.7 to and including 7.50.3
Not affected versions: curl < 7.10.7 and curl >= 7.51.0
(From OE-Core rev: 2da99dc9f7f3d8373cc3108c18300723ad4a243a)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
d8353bdb23
curl: Security fix for CVE-2016-8621
...
Affected versions: curl 7.12.2 to and including 7.50.3
Not affected versions: curl < 7.12.2 and curl >= 7.51.0
(From OE-Core rev: d664a1372c3322093038fc8443026e3499e977ec)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
00c963cfa3
curl: Security fix for CVE-2016-8620
...
Affected versions: curl 7.34.0 to and including 7.50.3
Not affected versions: curl < 7.34.0 and curl >= 7.51.0
(From OE-Core rev: daeb0f5369f7c9ff470c9db3ba6ae42ac5abea2c)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
5d93f6b23b
curl: Security fix for CVE-2016-8619
...
Affected versions: curl 7.3 to and including 7.50.3
Not affected versions: curl < 7.3 and curl >= 7.51.0
(From OE-Core rev: 3b97fc78d9cfee6586f3d55f04f20f72fd1af8dd)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
b29b1bc1d7
curl: Security fix for CVE-2016-8618
...
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: 1fc1c9a11eee2f5ba727b18300a92949b166b035)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
c8ebaaaf8d
curl: Security fix for CVE-2016-8615
...
Affected versions: curl 7.1 to and including 7.50.3
Not affected versions: curl >= 7.51.0
(From OE-Core rev: b754be84206b454789fbd6d444d00a4e422cb3e9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
a5cbc746fa
tiff: Security fix for CVE-2017-7593
...
(From OE-Core rev: ff3904dec584daf627c267bf639d69aca13a1227)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
c505c12a07
tiff: Security fix for CVE-2017-7602
...
(From OE-Core rev: 12325a8ebb5cab1837a6f6092eaa623a1a784eb6)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
9e658d2462
tiff: Security fix for CVE-2017-7601
...
(From OE-Core rev: ade8551d6a6810e87e83af72ea217aeca55c65c4)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
e963d34b7f
tiff: Security fix for CVE-2017-7598
...
(From OE-Core rev: 7e367796d4bf97e299ee966b120f924de0f2bb04)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
3c0fab47bc
tiff: Security fix for CVE-2017-7596
...
(From OE-Core rev: 94daee02cad9930d4ada648fd4bfdb63510643c0)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
dc293a78fc
tiff: Security fix for CVE-2017-7595
...
(From OE-Core rev: 6536bfecb13b06765fdf6cb6fd70ce64f9077b8e)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:54 +00:00
f8db77f490
tiff: Security fix for CVE-2017-7594
...
(From OE-Core rev: 7bdb52d06a46ad659fc85db1992f9c6ab2fcf065)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
8192fe8abe
tiff: Security fix for CVE-2017-7592
...
(From OE-Core rev: 75e953388fa1973cdbd0897894a3e5398de16a10)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
de7d5146bc
tiff: Security fix for CVE-2016-10270
...
(From OE-Core rev: eeb7197d85435ec73be8b77accc0feea7e1536bb)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
dcb2fc9d7c
tiff: Security fix for CVE-2016-10269
...
(From OE-Core rev: 46504a224a9f33f1f8752bbcd51a285d19920524)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
7b108a757b
tiff: Security fix CVE-2016-10267
...
(From OE-Core rev: 87aebc2b02131d2fce0621faf399916c4789c293)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
1ca6c2afe8
tiff: Security fix CVE-2016-10266
...
(From OE-Core rev: 3a604aa5cb0d35a9df10a5b958eb4a871de76c26)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
60d8855b3e
tiff: Security fix CVE-2016-10268
...
(From OE-Core rev: 24b62c84102116e6531babc68d8d2fb33e3f2d5c)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
776791238d
tiff: Secruity fix CVE-2016-10093
...
(From OE-Core rev: 6e39b24d003fb4e702097a01142fcfe2861593dd)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
bef8d0ed39
tiff: Security fix for CVE-2016-10271
...
(From OE-Core rev: 8fb9a143e93de5a2de4b7d5fe2712c29d7ca4263)
Signed-off-by: Rajkumar Veer <rveer@mvista.com >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
9b6e00b7d7
tiff: Security fixes
...
Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-9147
https://nvd.nist.gov/vuln/detail/CVE-2017-9936
https://nvd.nist.gov/vuln/detail/CVE-2017-10668
https://nvd.nist.gov/vuln/detail/CVE-2017-11335
Patches from:
CVE-2017-9147:
https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06
CVE-2017-9936:
https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a
CVE-2017-10688:
https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1
CVE-2017-11355:
https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556
(From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3)
(From OE-Core rev: eaf72d105bed54e332e2e5c0c5c0a0087ecd91dd)
(From OE-Core rev: dc7573cd330d1fc2e4bd50c1ba171906e1d5d5c0)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
minor fixes to get to apply
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
b35a4b34dd
libtiff: Security Advisory - libtiff - CVE-2017-5225
...
Libtiff is vulnerable to a heap buffer overflow in the tools/tiffcp
resulting in DoS or code execution via a crafted BitsPerSample value.
Porting patch from <https://github.com/vadz/libtiff/commit/
5c080298d59efa53264d7248bbe3a04660db6ef7> to solve CVE-2017-5225.
(From OE-Core rev: 434990304bdfb70441b399ff8998dbe3fe1b1e1f)
(From OE-Core rev: d26ea3b9b698fcb059aaa34c2408e3b95ca4f31d)
Signed-off-by: Li Zhou <li.zhou@windriver.com >
Signed-off-by: Ross Burton <ross.burton@intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Signed-off-by: Armin Kuster <akuster@mvista.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
0d44dbdaa8
ruby: fix build of ruby-native with gcc7
...
Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change
fix in Ruby SVN r57410 to apply to ruby 2.2.5:
https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410
Fixes [YOCTO #12271 ]
(From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-21 14:43:53 +00:00
1b231d7b06
documentation: Updated Doc set to 2.2.3
...
Poky.ent - variables changed
<manual>.xml - Updated manual revision table
mega-manual.sed - updated 2.2.2 to 2.2.3
(From yocto-docs rev: 4566d401f58f4532b71747c8fe8a486d1091a371)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-12 06:51:03 +00:00
6da3e0a0ab
bitbake: Replace deprecated git branch parameter "--set-upstream"
...
Since 2017-08-17 (git version 2.14.1.473.g3ec7d702a) using deprecated
git branch parameter "--set-upstream" causes a fetcher error. Replace
it by "--set-upstream-to".
https://git.kernel.org/pub/scm/git/git.git/commit/?id=52668846ea2d41ffbd87cda7cb8e492dea9f2c4d
says, it's deprecated since 2012-08-30 so hopefully all still supported
host distributions have new enough git to support "--set-upstream-to".
ERROR: PACKAGE do_unpack: Fetcher failure: ...;
git -c core.fsyncobjectfiles=0 branch --set-upstream master origin/master failed with exit code 128, output:
fatal: the '--set-upstream' option is no longer supported. Please use '--track' or '--set-upstream-to' instead.
ERROR: PACKAGE do_unpack: Function failed: base_do_unpack
(Bitbake rev: 991b533f1d61042a7b3edd1fbf3dea0bf9991606)
Signed-off-by: Andre Rosa <andre.rosa@lge.com >
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-11-07 13:38:57 +00:00
1d92cb1a20
wpa_supplicant: fix WPA2 key replay security bug
...
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
(From OE-Core rev: c79b479ab4b129007c6679bb0bdd8e2ec7ecb6ad)
Signed-off-by: Ross Burton <ross.burton@intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-16 23:47:06 +01:00
577c91d706
linux-yotoc/4.1: update to 4.1.43 plus CVE-2017-1000251
...
(From meta-yocto rev: 95560bdc6414069ad2679f366fbf3a9946815d72)
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:32:38 +01:00
21daf5cdc3
hostap-utils: use w1.fi for SRC_URI
...
epitest.fi is down and hostap-utils source is now available in
w1.fi. So, move SRC_URI to https://w1.fi
Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards,
this recipe will be removed from oe-core in future (most likely to
meta-handheld)
[YOCTO #12051 ]
(From OE-Core rev: 541b14c58132e8460a762617889bd5e3d736c1a4)
(From OE-Core rev: 0bc03289b775fefcb7f03e5463c79e4f96cd0b12)
Signed-off-by: Maxin B. John <maxin.john@intel.com >
Signed-off-by: Ross Burton <ross.burton@intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:32:38 +01:00
46a8c07a84
linux-yotoc/4.8: update to 4.8.25 plus CVE-2017-1000251
...
(From meta-yocto rev: 3a7bbdd637481afd6da47a4084c2dc7cac5836f4)
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:30:53 +01:00
640b9c6080
linux-yotoc/4.4: update to 4.4.87 plus CVE-2017-1000251
...
(From meta-yocto rev: d642307afcc35f1ba01af5e5c3acd0848c93090b)
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:30:53 +01:00
49ace39866
diffstat: use HTTP mirror for SRC_URI
...
The Invisible Mirror FTP service is currently down, and FTP is horrible, so
switch to the HTTP mirror.
(From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d)
(From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df)
Signed-off-by: Ross Burton <ross.burton@intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:30:53 +01:00
9be3cc6eaa
v86d: take tarball from debian
...
Gentoo is removing the package due to dead upstream;
Debian might carry it for a while longer.
(From OE-Core rev: 5026730a2f0701ebad4ddf57990b1ae3b484ae72)
(From OE-Core rev: ac16b6d3a734de2e2ea3e491d23817774a3e57f6)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:30:53 +01:00
09c7d32f2d
libpng: lsb version 1.2.56 url fix
...
The mirrors are not working so remove them. Simplify the SRC_URI as the archive in only in the older-releases dir.
(From OE-Core rev: 889cc3404255e9ba920909e90fbf3ab846a5d97a)
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:27:40 +01:00
068c1a2c22
libpng: use SourceForge mirror
...
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com >.
(From OE-Core rev: 791a3493c88c9c249f21f6d893b2061e1d8a0af6)
(From OE-Core rev: 16af873638830477a435574f1fedc643af2e2661)
Signed-off-by: Ross Burton <ross.burton@intel.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
Hand applied to work with morty version
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:27:40 +01:00
6ba57ee8b8
sign_rpm.bbclass: force rpm serial signing
...
Newer versions of gpg (at least 2.1.5 and 2.2.1) have issues when signing occurs in parallel
so (unfortunately) the signing must be done serially. Once the upstream problem is fixed,
this patch must be reverted, otherwise we loose all the intrinsic parallelism from
bitbake.
[YOCTO #12022 ]
(From OE-Core rev: 3aced3783b808449cd50f12684c061151861a1a5)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:27:39 +01:00
913b20f799
selftest/cases/signing: ignore removal errors when cleaning temporary gpg directory
...
The high-level method tempfile.TemporaryDirectory give us no way to
ignore erros on removal thus use tempfile.mkdtemp instead. Ignoring possible issues
on removal is neccesary because it contains gpg sockets that are automatically removed
by the system once the process terminates, otherwise the following log is observed:
..
..
File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd
os.unlink(name, dir_fd=topfd)
FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.browser'
[YOCTO #11821 ]
(From OE-Core rev: e7f139c5d97a3871215c88c5bfc07ecf4e8fd7f3)
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:27:39 +01:00
a0e04be746
lunux-yocto/4.8: update to 4.8.25 plus bluetooth: CVE-2017-1000251
...
(From OE-Core rev: fdb9c64f225eaf94c9087dfac52ed6a7779b0744)
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org >
2017-10-10 17:27:39 +01:00
Rajkumar Veer
Thiruvadi Rajaraman
Yi Zhao
Li Zhou
Joshua Lock
Scott Rifenbark
Andre Rosa
Ross Burton
Armin Kuster
Maxin B. John
Alexander Kanavin
Leonardo Sandoval