mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-25 15:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
62,391 Commits 38 Branches 623 Tags
hardknott
Commit Graph

6627 Commits

Author SHA1 Message Date
Mingli Yu
32eb0d2eb1 python3-numpy: fix CVE-2021-41496 
Backport patch [1] to fix CVE-2021-41496.

[1] 271010f103

(From OE-Core rev: 9a69897f464432e0b6ef9b8ad5d8110d78a1162a)

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-04-03 20:49:03 +01:00
Chee Yang Lee
c009c20ef2 go: update to 1.16.15 
go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. See the Go 1.16.15 milestone on our issue tracker for detai
ls.

(From OE-Core rev: 3462c7680137a9ef5f683161d39caf19f87a932a)

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-04-03 20:49:03 +01:00
Minjae Kim
e9a9e6f5b9 gnu-config: update SRC_URI 
The git repo for gnu-config was changed, so update the
SRC_URI accordingly with the new link.

(From OE-Core rev: ad18c905273fee91b9b41bbdf32b9e6dbc9cdfd8)

Signed-off-by:Minjae Kim <flowergom@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-04-03 20:49:03 +01:00
Changqing Li
b3f1442221 unfs3: correct configure option 
On some new distro like ubuntu21.04, unfs3-native compile failed with
error: undefined reference to `xdr_uint32', since new distro has new
glibc.

>From glibc 2.27 rpc support is dropped, so unfs3 need to link to
libtirpc.

Here is defination of ac_link:
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'

Depended library should be added into LIBS, not LDFLAGS, otherwise,
gcc may not load the lib since it is before conftest.$ac_ext during
configure. Finally, it results in compile failed.

(From OE-Core rev: d0b1807edc10835beff9a55a105ac191b6ac2fe7)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 27867862c1fee6c0e649286500fa1ab015d57faf)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-10 16:39:45 +00:00
Lee Chee Yang
b2bd31b9cc ruby : update to 3.0.3 
Do not tweak a file that is no longer installed.

Ruby 3.0.3 includes security fixes.
CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
CVE-2021-41816: Buffer Overrun in CGI.escape_html
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse

Ruby 3.0.2 release includes security fixes.
CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
CVE-2021-31799: A command injection vulnerability in RDoc

(From OE-Core rev: edb6df08cb47a39918d28c709675d995c9e10031)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-10 16:39:45 +00:00
Sakib Sajal
cec2ca666a go: upgrade 1.16.13 -> 1.16.14 
go 1.16.14 release includes fix for CVE-2022-23806.

(From OE-Core rev: 7b5723ae41b7fcdc73a24f04ec0cda4fba8f8622)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-10 16:39:45 +00:00
wangmy
9a053c2090 ccache: upgrade 4.2 -> 4.2.1 
License-Update: add license information of src/third_party/win32/winerror_to_errno.h

(From OE-Core rev: f153f42c910c06dd8e812fa9c803964c60e6cfcc)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 12f0aa9533edc7ac5a65b1c165797b049349b19e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-02 00:22:13 +00:00
Changqing Li
1e1c0d60ac e2fsprogs: backport to fix one regression 
Backport a patch in 1.46.3 which fix one regression:
This is what the changelog says:
    Fix e2fsck so that the if the s_interval is zero, and the last mount
    or write time is in the future, it will fix invalid last mount/write
    timestamps in the superblock. (This was a regression introduced in
    v1.45.5.)

(From OE-Core rev: 9fe70a643a2d8723001421a18b5736e70a1eaa34)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-03-02 00:22:12 +00:00
Sakib Sajal
b1bb20b5c0 qemu: fix CVE-2021-20196 
(From OE-Core rev: 3014cb660e7128f65ee2aec004ede39e80cd891d)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-02-10 13:25:48 +00:00
Sakib Sajal
83e7e63458 qemu: fix CVE-2021-3930 
(From OE-Core rev: f0504578174f77ba231c72801fb5a295869a40d1)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-02-10 13:25:48 +00:00
Sakib Sajal
21d669e125 qemu: fix CVE-2021-3748 
(From OE-Core rev: 6fe3b1002a273808fe4caf6f2e1ecd54729b954d)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-02-10 13:25:48 +00:00
Sakib Sajal
1bcca21e33 qemu: fix CVE-2021-3713 
(From OE-Core rev: 7879ba4406eb9633079275c57abeee9e738b1c99)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-02-10 13:25:48 +00:00
Pgowda
8e1796eef4 gcc: upgrade to gcc-10.3 version 
gcc-10.2 in Hardknott branch has been upgraded to gcc-10.3 version
that includes many bug fixes.
Regression tested on X86-64, Arm and Aarch64 without issues.

(From OE-Core rev: 87fbe11fbe04a6f2d3e798d282935b26fbc43e77)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-31 21:56:01 +00:00
Pgowda
082458b897 binutils: upgrade binutils-2.36 to latest version 
binutils-2.36 in Hardknott branch has been upgraded to latest version
that includes many bug fixes.
Regression tested on X86-64, Arm and Aarch64 without any new issues.

(From OE-Core rev: ea7fed669193a20587adfe7b0bcb5b1f7594cc0a)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-31 21:56:01 +00:00
Sakib Sajal
15cf3075b6 go: upgrade 1.16.10 -> 1.16.13 
Release 1.16.13 includes fixes for CVE-2021-44716 and CVE-2021-44717.

(From OE-Core rev: c5bf7094c707f536389f9bf0f477440bd4aff12b)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-25 12:07:01 +00:00
Anuj Mittal
94fa217429 python3-pyelftools: fix the override syntax 
An earlier patch cherry-picked from master used : for override. Change
it to use _ for hardknott.

(From OE-Core rev: 7e569186820163d731cbb14f8c25ce6a2cc45dc9)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-14 09:34:04 +00:00
Pgowda
a0681701f8 gcc: add support for Neoverse N2 CPU 
This patch backports the AArch32 support for Arm's Neoverse N2 CPU.

Upstream-Status: Backport
[https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=d7e8411f6a333d4054894ad3b23f23415a525230]

(From OE-Core rev: 2f5f021dc576b2fcf38c8203992ee86d25f53f30)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-14 09:34:04 +00:00
pgowda
e31641c608 gcc: Fix CVE-2021-42574 
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=004bb936d6d5f177af26ad4905595e843d5665a5]
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=bd5e882cf6e0def3dd1bc106075d59a303fe0d1e]
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=51c500269bf53749b107807d84271385fad35628]
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3]
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=bef32d4a28595e933f24fef378cf052a30b674a7]

(From OE-Core rev: d0f4614e2c6e9090a0c45052c36d0c7f3215de10)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-14 09:34:04 +00:00
pgowda
c03cf58a20 gcc: add aarch64 support for Arm's Neoverse N2 CPU 
The patch backports the AArch64 support for Arm's Neoverse N2 CPU
Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=9428e9267435a62f672e2ba42df46432c021a9cf]

(From OE-Core rev: ae9b3b5a57682d9de93f3171cdb448a8f5cbc536)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-14 09:34:04 +00:00
Sundeep KOKKONDA
823d25f521 binutils: Fix CVE-2021-45078 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=161e87d12167b1e36193385485c1f6ce92f74f02]
(From OE-Core rev: be665a2279795c522cb3e3e700ea747efd885f95)

Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-07 23:21:34 +00:00
Chaitanya Vadrevu
8408aad5e7 python3-pyelftools: Depend on debugger, pprint 
python3-pyelftools uses python3-debugger, python3-pprint.
So add dependencies on these packages.

(From OE-Core rev: 66211faf4724b2c88eb4595e41fe98f5da96c3ee)

Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 22e84cdd05870f1a19c6389b66c4dfd5e9b418f7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-07 23:21:34 +00:00
pgowda
f54df0078e binutils: CVE-2021-42574 
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5]

(From OE-Core rev: 944a60cd74ea90dcced7684492a808fbfd6710af)

Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-01-07 23:21:34 +00:00
Chen Qi
708090f64e patchelf: fix PT_PHDR program header corruption 
Backport patch and tweak it to fix PT_PHDR program header corruption.

(From OE-Core rev: a980aa5696a98c5b97f9a117df4c82ea525f6e4f)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-15 07:40:30 +00:00
Richard Purdie
ad4f6f337c gcc: Add CVE-2021-37322 to the list of CVEs to ignore 
The CVE applies to binutils 2.26 and not to gcc so ignore there.

(From OE-Core rev: 86e9e812f4ec61a4430658b7c06852a32ca8abb1)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fea2726663a3db03170c49fceaffc632c509aeea)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-15 07:40:30 +00:00
Anuj Mittal
c3023e3cf6 python3: upgrade 3.9.7 -> 3.9.9 
(From OE-Core rev: 75510b97d965c72c77f5b4b6ad9fe55bf26b4cdb)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-15 07:40:29 +00:00
Oleksandr Kravchuk
0f1040405e python3: update to 3.9.7 
(From OE-Core rev: a61a9cf73baf4020a6dce90acb0edb08364aaded)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 9612bb0639c13571e661f208aa7b28789953d9ec)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-05 12:35:43 +00:00
zhengruoqin
1aa567e3a9 python3: upgrade 3.9.5 -> 3.9.6 
0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch
removed since it is included in 3.9.6

(From OE-Core rev: 3b721c28543df9e4d899ea1efdf445319c88ae92)

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1a12d978f2046fc5d3abc96db3753e378f29ecae)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-05 12:35:43 +00:00
Pavel Zhukov
87fd2dceb1 go: upgrade 1.16.8 -> 1.16.10 
The release includes fixes for CVE-2021-41771 and CVE-2021-41772

(From OE-Core rev: 0df36f324a2dc17f18066efc5c130231158b5d24)

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

This release also contains a fix for CVE-2021-38297 and the changes are
minor, so backport the uprev rather than manually backporting individual
commits.

CVE: CVE-2021-38297

Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-12-05 12:35:43 +00:00
Kai Kang
a0745dce6b squashfs-tools: fix CVE-2021-41072 
Backport patches to fix CVE-2021-41072. And update context for verison
4.4 at same time.

CVE: CVE-2021-41072

Ref:
* https://nvd.nist.gov/vuln/detail/CVE-2021-41072

(From OE-Core rev: e95ccf6f7fe5a42fffcfa5e43087ff964622e26c)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-24 21:12:46 +00:00
Changqing Li
097c86071e rpm: fix CVE-2021-3521 
(From OE-Core rev: 68c20b12fca2c20439b18c5fd9757c2c1f1746a1)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-24 21:12:46 +00:00
Pgowda
24b0ee2be7 gcc: Fix CVE-2021-35465 
source : https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102035

Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f]
Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7]

(From OE-Core rev: 2dae3da5dbb0c8293927f0676fff08437f75d0d2)

Signed-off-by: Pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-24 21:12:46 +00:00
Andrej Valek
82077a92b2 mklibs-native: drop deprecated cpp17 exceptions 
gcc11 has -std=gnu++17 as default. Remove deprecated C++17 exceptions based
on http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html.

(From OE-Core rev: 5f310b5ba647196ad42c3c54b9459db0e22d5b41)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit ef8b7946b4793db653ef7dd716e1d3f919a84725)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-24 21:12:46 +00:00
Anuj Mittal
fbd5ce2c50 llvm: bump HASHEQUIV_HASH_VERSION 
llvm embeds the repository location in a header file. We just changed
the SRC_URI to fetch using https instead of git. This has started giving
errors in reproducibility testing when one of the RPMs to be compared is
fetched from sstate.

Bump HASHEQUIV_HASH_VERSION and PR so its rebuilt.

(From OE-Core rev: 2fd327ae5b3da8841ebed00bfc60b7bb8d6a64c5)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-21 11:40:35 +00:00
Anuj Mittal
d64469d524 meta: add explicit branch and protocol to SRC_URI 
Add branch name explicitly to SRC_URI where it's not defined and switch
to using https protocol for Github projects.

The change was made using convert-srcuri script in scripts/contrib.

(From OE-Core rev: ab781d4e3fa7425d96ea770ddfd0f01f62018c5b)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-21 11:40:35 +00:00
Richard Purdie
cd880dd543 pseudo: Add fcntl64 wrapper 
Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find
command in the libtool removal code when built with LFS compile flags on Gentoo.

(From OE-Core rev: 64b68a7e2ebc1a7775f5fda64d7024879181aa7f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-21 11:40:34 +00:00
Richard Purdie
8ebbf15fdc pseudo: Add in ability to flush database with shutdown request 
Pulls in:
  pseudo_db: Flush DB if there is a shutdown request
  fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix)

(From OE-Core rev: 7b9123cac297275245c2fef78c286c17ca3690cf)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-21 11:40:34 +00:00
Richard Purdie
d9002aa374 bootchart2: Don't compile python modules 
"make install" may attempt to compile the python modules but it uses the host python
and host paths which means the binaries are not reproducbile. Make things consistent.
If anyone needs compiling, it will beed to be fixed to be cross compile compatible.

(From OE-Core rev: b06105ec1a33bb37d42a10222e07b7f8eb69baff)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1189f95e05c80286e009e1ab46a603ee5b7ca239)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-03 11:19:04 +00:00
Ross Burton
5e975a66e1 strace: show test suite log on failure 
If the tests fail, dump the log so we can see the failures.

(From OE-Core rev: f59a20574046a2027746010311129342442857f0)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3154a65039831b1e041217707fdd6ca042f588fb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-03 11:19:04 +00:00
Pgowda
452df8f85f binutils: Fix CVE-2021-3530 
Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=25162c795b1a2becf936bb3581d86a307ea491eb]
Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=999566402e3]

(From OE-Core rev: b9c13f5bc6be0fa63640caeef4947c4c2ca1d290)

Signed-off-by: Pgowda <pgowda.cve@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-11-03 11:19:04 +00:00
Richard Purdie
6769bb83f9 rpm: Deterministically set vendor macro entry 
On an aarch64 build host, vendor is found to be "unknown", on x86 systems
it is "pc". This filters through to the PLATFORM tag in target rpms.

We saw reproducibility test failures where the PLATFORM tags in noarch
rpms were changing depending upon which host built them. Forcing the
vendor value to a consistent one makes things deterministic.

(From OE-Core rev: ef37fca2f434eba22918e5eab4f2d5e2d499fc14)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6434075b2bdfc23c683d22281b674b1e6abde77)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Sakib Sajal
9ac0dc544f go: upgrade 1.16.7 -> 1.16.8 
(From OE-Core rev: 5b6c68759f28fd684be316b3a5e33f41e4107f7b)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 97a2f406635f51bad1ab070f018a6466209f257b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Thomas Perrot
09a260e5d4 ruby: fix the reproducibility issue 
Apply some changes on the Ruby makefiles in order to fix the reproducibility:
- use a fixed timestamp,
- sort linked objects,
- doesn't use the current date,
- and use UTC date.

[YOCTO #14268]

(From OE-Core rev: eea2f854fdd0f036dae2671ae52ba4695a83df68)

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 59b07ab51ff932a4632a31675445ba4192bae36b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Richard Purdie
d2c08874ee pseudo: Update with fcntl and glibc 2.34 fixes 
Pull in the following changes:

* ports/linux/guts: Add closefrom support for glibc 2.34
* pseudo_client: Make msg static in pseudo_op_client
* ports/linux/guts: Add close_range wrapper for glibc 2.34
* pseudo_client: Do not pass null argument to pseudo_diag()
* test-openat: Consider device as well as inode number
* test: Add missing test-statx test case
* fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ

(From OE-Core rev: 190ed5d766b6a3922c3f841eb5fd04cf603cf76f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 71b549924a7fa7973a8e03e11f3db45fdc29889d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Hongxu Jia
bd0f56c861 nativesdk-pseudo: Fix to work with glibc 2.34 systems 
Since commit [df313aa810 pseudo: Fix to work with glibc 2.34
systems] applied, it fixed native only. And nativesdk has
the similar issue

Tweak library search order, make prebuilt lib ahead of recipe lib,
after apply the fix:
...
$ readelf -a lib/pseudo/lib64/libpseudo.so | grep 'Shared library'
 0x0000000000000001 (NEEDED)             Shared library: [libdl.so.2]
 0x0000000000000001 (NEEDED)             Shared library:[libpthread.so.0]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so.6]
...

(From OE-Core rev: 1cbf45e39e6a9d043691fb236946c6717dd666b7)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d6d116b5db78645958ea30be3d0572e0f6d7bd92)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Richard Purdie
0ba87580d0 pseudo: Fix to work with glibc 2.34 systems 
The merge of libdl into libc in glibc 2.34 causes problems for pseudo. Add a fix
that works around this issue.

(From OE-Core rev: c9203671d638edb6a063d7522b29b8a8e776c2f3)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dd3e46a043c81cd4d81731a0f691868d3c059742)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:21 +01:00
Khem Raj
b202d5e92e m4: Do not use SIGSTKSZ 
Fixes
../../m4-1.4.18/lib/c-stack.c:55:26: error: missing binary operator before token "("
   55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384
      |                          ^~~~~~~~

(From OE-Core rev: 4d350d458fa4ec75bf6f40da9c3a7c43403f3dbd)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44ca8edd622782733d507e20a3d5ee9e44eb8be4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:20 +01:00
Richard Purdie
fddca7b07e python3: Add a fix for a make install race 
Add a fix for reproducibility issues where pyc files for python-config.py
may not always be generated.

(From OE-Core rev: 94aedf7d2b43ecdf0da1cf6b848f6e95ee253abf)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d1c3a87c48b598b6e5624d0affe8bd89320631bf)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:20 +01:00
Richard Purdie
0e75ef8e28 rpm: Ensure compression parallelism isn't coded into rpms 
We don't want the compression thread numbers to be encoded into the rpm
since this results in the rpm not being deterministic. Add a patch
from Alex Kanavin which addresses this issue (was queued for rpm 4.17
but we need to fix this with 4.16 too).

(From OE-Core rev: 16d6f01eced9e6de5068056aea07a08ec9dfb659)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1ba0bf50c72f2506dfa507559c49a70e16cd5124)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-29 11:17:20 +01:00
Sakib Sajal
a8857b4955 qemu: fix CVE-2021-3682 
(From OE-Core rev: 14783d10fb43d10a91d5e61ad9811ad469a0fb46)

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-10-07 15:10:40 +01:00
Richard Purdie
44e80e4edc go: Exclude CVE-2021-29923 from report list 
Upstream don't believe it is a signifiant real world issue and will only
fix in 1.17 onwards. Therefore exclude it from our reports.

https://github.com/golang/go/issues/30999#issuecomment-910470358

(From OE-Core rev: 573337b8432677fa3a7643e74045ae7d7b331b3f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2021-09-17 21:31:37 +01:00