mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-03-02 21:39:40 +01:00

Author	SHA1	Message	Date
Manjunath S Matti	2dcc1db01d	Fix seg-fault in the linker when examining a corrupt binary. Source: https://sourceware.org/ MR: 74244 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=531336e3a0b79ed60cfc36ad2d6579b6a71175da ChangeID: 69cc8699fcb0655f3a48778e514552dfaea7229c Description: Fix seg-fault in the linker when examining a corrupt binary. PR ld/20909 * aoutx.h (aout_link_add_symbols): Fix off-by-one error in check for an illegal string offset. CVE: CVE-2017-7300 Affects: < 2.27-r0.9.1 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c1b259c5fef13e1ecff9a68d82cde49c777ffa4d) Signed-off-by: Manjunath S Matti <mmatti@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:08 +00:00
Thiruvadi Rajaraman	f98a25139e	binutils: CVE-2017-8397 Source: git://sourceware.org/git/binutils-gdb.git MR: 74114 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d55e7590c08c4db483bba2fa35df8fbb6283686e Description: Fix a seg-fault when processing a corrupt binary containing reloc(s) with negative addresses. PR binutils/21434 * reloc.c (bfd_perform_relocation): Check for a negative address in the reloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 6dd9179c4208c8d13f7e9c784d9993606416ab97) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:08 +00:00
Thiruvadi Rajaraman	70f2d42e84	binutils: CVE-2017-8395 Source: git://sourceware.org/git/binutils-gdb.git MR: 74153 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 27dce214c561f9ae6f874990432f9d76a7de29d4 Description: Fix seg-fault attempting to compress a debug section in a corrupt binary. PR binutils/21431 * compress.c (bfd_init_section_compress_status): Check the return value from bfd_malloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: addac2e8f6f6132807a590a032a4292079542fbe) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:08 +00:00
Thiruvadi Rajaraman	a36d21557b	binutils: CVE-2017-8393 Source: git://sourceware.org/git/binutils-gdb.git MR: 74179 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 976156cd25454143883090ca42010c38c6d6af0f Description: PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA. This patch fixes an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. I'm also modifying the interface for elf_backend_get_reloc_section, so any backend function just needs to handle name mapping. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 24124406a2a1657b80ba2933bef40ccf798c8097) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	951aea1f7b	binutils: CVE-2017-7304 Source: git://sourceware.org/git/binutils-gdb.git MR: 74192 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 9a4c249becded1b479c0b9e9f175aebb80294317 Description: Fix seg-fault in strip when copying a corrupt binary. PR binutils/20931 * elf.c (copy_special_section_fields): Check for an invalid sh_link field before attempting to follow it. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	d827c87635	binutils: CVE-2017-7303 Source: git://sourceware.org/git/binutils-gdb.git MR: 74205 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: db5bfb63661d39846c3b03353e1383c621759d48 Description: Fix seg-fault attempting to strip a corrupt binary. PR binutils/20922 * elf.c (find_link): Check for null headers before attempting to match them. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ef1a98976886560396a514458edb80a21f09b808) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	742b9c8a28	binutils: CVE-2017-7302 Source: git://sourceware.org/git/binutils-gdb.git MR: 74218 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 11677f4fb24c7a49efc23ea7d54de1bf85e74b12 Description: Fix seg-fault running strip on a corrupt binary. PR binutils/20921 * aoutx.h (squirt_out_relocs): Check for and report any relocs that could not be recognised. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	10e74c42ad	binutils: CVE-2017-7301 Source: git://sourceware.org/git/binutils-gdb.git MR: 74231 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 1fbae9f71e3ad90f930f8b25d550de964e05c259 Description: Fix seg-fault in linker parsing a corrupt input file. PR ld/20924 (aout_link_add_symbols): Fix off by one error checking for overflow of string offset. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 315608a626f9e21d198d1600ded69114ac1e16d1) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	a880a7f8d7	binutils: CVE-2017-7227 Source: git://sourceware.org/git/binutils-gdb.git MR: 74270 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: e4e88f56ba13671afb5b3194ca4c1c59601e5fd5 Description: Fix seg-fault in linker when passed a bogus input script. PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 650a5b69c4ae7cf91d13993225877d0187bcb65e) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	24a6fa6184	binutils: CVE-2017-7225 Source: git://sourceware.org/git/binutils-gdb.git MR: 74296 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8 Description: Fix seg-fault running addr2line on a corrupt binary. PR binutils/20891 * aoutx.h (find_nearest_line): Handle the case where the main file name and the directory name are both empty. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ba01ee6899c8d36e6469f6d02d40866fb0502af9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	f85b35f63a	binutils: CVE-2017-7224 Source: git://sourceware.org/git/binutils-gdb.git MR: 74309 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 640c2ad711ead368a65079a464c55368851e8744 Description: Fix a seg-fault disassembling a corrupt binary. PR binutils/20892 * aoutx.h (find_nearest_line): Handle the case where the function name is empty. Affects: <= 2.29 (From OE-Core rev: 54992e752e396fc5b3bc5b067cfc4741f1176bb3) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	39722ae3c6	binutils: CVE-2017-7223 Source: git://sourceware.org/git/binutils-gdb.git MR: 74322 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: c7e14cdaab09996e736a6294834d3470ac9ddb6c Description: Fix seg fault attempting to unget an EOF character. PR gas/20898 * app.c (do_scrub_chars): Do not attempt to unget EOF. Affects: <= 2.29 (From OE-Core rev: b35c5c25947daf47b5cbccd8836e22234baa6f0f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	281b2e20bf	binutils: CVE-2017-12450_12452_12453_12454_12456 Source: git://sourceware.org/git/binutils-gdb.git MR: 73854, 73827, 73814, 73801, 73775 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5 Description: Fix address violation errors parsing corrupt binary files. PR 21813 binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty string whilst concatenating symbol names. bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address of the relocs to the canonicalize_one_reloc routine. * mach-o.h (struct bfd_mach_o_backend_data): Update the prototype for the _bfd_mach_o_canonicalize_one_reloc field. * mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add res_base parameter. Use to check for corrupt pair relocs. * mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc): Likewise. * mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc): Likewise. * mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc): Likewise. * vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is enough data in the record before attempting to parse it. (_bfd_vms_slurp_eeom): Likewise. (_bfd_vms_slurp_egsd): Check for an invalid section index. (image_set_ptr): Likewise. (alpha_vms_slurp_relocs): Likewise. Affects: <= 2.29 (From OE-Core rev: 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	c2b6a93e14	binutils: CVE-2017-12451 Source: git://sourceware.org/git/binutils-gdb.git MR: 73840 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 582c686f18c059d665189a6a09df3a8cc4a3b093 Description: Fix address violation when attempting to read a corrupt field in a COFF archive header structure. PR 21786 * coff-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (EQ_VALUE_IN_FIELD): new macro. (_bfd_xcoff_slurp_armap): Use new macros. (_bfd_xcoff_archive_p): Likewise. (_bfd_xcoff_read_ar_hdr): Likewise. (_bfd_xcoff_openr_next_archived_file): Likewise. (_bfd_xcoff_stat_arch_elt): Likewise. Extend previous fix to coff-rs6000.c to coff64-rs6000.c PR 21786 * coff64-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (xcoff64_slurp_armap): Use new macros. Affects: <= 2.29 (From OE-Core rev: 62eeac8e4684c129af6f36aa7c2b91270a5dacde) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	1ffd39135a	binutils: CVE-2017-12449, CVE-2017_12455, CVE-2017-12457, CVE-2017-12458, CVE-2017-12459 Source: git://sourceware.org/git/binutils-gdb.git MR: 73867, 73788, 73762, 73749, 73734 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 29a1fd75a879d40560b3891305b7d9577e26ffe5 Description: Fix address violation issues encountered when parsing corrupt binaries. PR 21840 * mach-o.c (bfd_mach_o_read_symtab_strtab): Fail if the symtab size is -1. * nlmcode.h (nlm_swap_auxiliary_headers_in): Replace assertion with error return. * section.c (bfd_make_section_with_flags): Fail if the name or bfd are NULL. * vms-alpha.c (bfd_make_section_with_flags): Correct computation of end pointer. (evax_bfd_print_emh): Check for invalid string lengths. Fix address violations when reading corrupt VMS records. PR binutils/21618 * vms-alpha.c (evax_bfd_print_emh): Check for insufficient record length. (evax_bfd_print_eeom): Likewise. (evax_bfd_print_egsd): Check for an overlarge record length. (evax_bfd_print_etir): Likewise. Affects: <= 2.29 (From OE-Core rev: 62c4dc16dd8fe99cba970c5e7d8dfc063855d4b9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	7963e14e40	binutils: CVE-2017-12448 Source: git://sourceware.org/git/binutils-gdb.git MR: 73880 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f Description: Fix use-after-free error when parsing a corrupt nested archive. PR 21787 * archive.c (bfd_generic_archive_p): If the bfd does not have the correct magic bytes at the start, set the error to wrong format and clear the format selector before returning NULL. Affects: <= 2.29 (From OE-Core rev: 996e7af41b48107bab5eca0ea26f507541382bd5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Thiruvadi Rajaraman	7296c9fbd6	binutils: CVE-2017-7226 Source: git://sourceware.org/git/binutils-gdb.git MR: 74283 Type: Security Fix Disposition: Backport from binutils_v2_28 ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909 Description: Use strnlen to avoid running over the end of the string buffer. Affects: <= 2.28 (From OE-Core rev: abc9e4eebafac084bee054954bd93288cd1d0a8c) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Armin Kuster	34041f58fd	binutils: Security Fix CVE-2017-9041 Source: binutils-gdb.git MR: 72791 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=919383ac718c2a3187ee2a9ad659daa22da26258 ChangeID: 7b4588368a367a4d57efbfdcd9c00fcc0875af7b Description: Affects: <= 2.28 (From OE-Core rev: d445a9abe7af0a1a54e466bdae8978f6ffb5f6bc) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Armin Kuster	4bca7db53e	binutils: Security fix for CVE-2017-9040 and 2017-9042 Source: binutils-gdb.git MR: 72756, 72805 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf ChangeID: af83ec9e8322e0e051bb684bd2fee5fe8a506fbc Description: excluded some changes as the code does not exist in our version. Does not affect fix. Affects: <= Binutils 2017-04-12 (From OE-Core rev: 2dfdc0ceac466a4b80ece01a970cb5cfdc08d7ab) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Armin Kuster	4be76c16e3	binutils: Security Fix CVE-2017-9039 Source: binutils-gbd.git MR: 72742 Type: Security Fix Disposition: Backport from git://sourceware.org/binutils-gdb.git ChangeID: 280f36838862ea67fdcd65b162c1a4835cf924dc Description: Affects: <= 2.28 (From OE-Core rev: 9d5c9ad603947136e23325b123bc37c4b939d783) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Armin Kuster	0251f82c13	binutis: Security fix CVE-2017-9038 Source: Binutils.org MR: 72728 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d ChangeID: 7e242783945a87af0a821b924bd16624a0f18fb3 Description: Affects: <= 2.28 (From OE-Core rev: 8df5d5d7809381a6e9b93bb6f772b1fd77046da9) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Armin Kuster	a69088e788	binutis: Security fix CVE-2017-7614 Source: binutils-gbd.git MR: 71732 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456 ChangeID: 44d3f2d902013f6e8faf485bf736106a11603e16 Description: minor change to get changelog to apply Affects: binutils < 2.28 (From OE-Core rev: 72dc7aa95afb64bc9ff070e5c2b372d2db6ac5c6) Signed-off-by: Armin Kuster <akuster@mvista.com> Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-01-07 17:10:07 +00:00
Alexander Kanavin	38961fcfcb	python3: do not hardcode "lib" into site-packages search path This was not working in multilib or x32 setups and amazingly, was not noticed until now. The actual modification is in Lib/site.py, the rest is just devtool moving things around in the patch. (From OE-Core rev: 0713d2a325adf87d97ef5936061ff44274d5a913) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-12-09 14:34:35 +00:00
Jose Lamego	b8d413eed6	python-3.3-multilib.patch: Fixes getpath on multilib configurations When using multilib configurations either on arm/arm64 and x86/x86-64 python3 failed to execute due to a failure when looking for its platform independent and dependent libraries. This patch fixes this issue by assigning lib_python to the appropriate macro. [YOCTO #10812] (From OE-Core rev: 8ef5c0511e51b82eaa45865df42ecbb2deeb7350) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:56 +00:00
Jan Kiszka	7e357238ef	tcf-agent: Fix daemon termination The upstream init script uses SIGUSR2 to terminate that daemon because SIGTERM is ignored. As the killproc function does not support specifying a signal, switch to start-stop-daemon. Drop the retry loop because SIGUSR2 is lethal for agent. (From OE-Core rev: 1e6235de0a3f6302cee37332f03b1ba403c789d1) Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Martin Kelly	3961ab82dd	tcf-agent: kill with USR2 in systemd stop tcf-agent ignores SIGTERM, so upstream uses USR2 instead. This issue was noticed by Jan Kiszka and Brian Avery around the same time: https://patchwork.openembedded.org/patch/139546/ https://patchwork.openembedded.org/patch/139560/ However, these patches fixed only the init scripts, not the systemd service file. This patch fixes the systemd file. (From OE-Core rev: f3c9d850af1c8dab9d46ddb136d84710e7f73fa2) Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Ross Burton	51d3a57bc8	opkg: fix conffile errors in 'opkg status' calls If a conffile has been deleted (common when building a debugfs) the status command will throw errors instead of handling that situation. Stop the code being executed in the first place if it wasn't asked for, and handle errors gracefully. [ YOCTO #10761 ] (From OE-Core rev: c32bca840d262ebc5ac93b06d0bce79729a178b1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Rajkumar Veer	eb70e899c4	ruby: Security fix for CVE-2017-14064 Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 (From OE-Core rev: 8d53b03e8fa1bc20c0d77d6cd7869bd7f7325987) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Rajkumar Veer	ecd6e7d101	ruby: Security fix for CVE-2017-14033 affects ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 (From OE-Core rev: 6033983453ff7b39d9d0d0a64353611128e26fae) Signed-off-by: Rajkumar Veer <rveer@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Thiruvadi Rajaraman	32c81fb55d	ruby: Security fix for CVE-2017-9229 affects ruby < 2.4.1 (From OE-Core rev: a636bf8cb5063f349b2af6594b131af6852b3076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Thiruvadi Rajaraman	7039d1ad32	ruby: Secruity fix for CVE-2017-9226 affects ruby < 2.4.1 (From OE-Core rev: 0c1eec0c6a789e1e9dbfcc66c3fb8c7d1d8b4e99) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Thiruvadi Rajaraman	7f7e00483a	ruby: Security fix for CVE-2017-9228 affects ruby < 2.4.1 (From OE-Core rev: cdfb60a7b573c034868ef27d8eb2c667f2a7ad1d) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Thiruvadi Rajaraman	5899c6b77c	ruby: Security fix for CVE-2017-9227 affects ruby < 2.4.1 (From OE-Core rev: d83f18936a0eb470e8faf7adbd7c580c23fa3370) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Thiruvadi Rajaraman	cab5a620ac	ruby: Security fix for CVE-2016-7798 affectes ruby < 2.3.1 (From OE-Core rev: 6af2319008dc16c61092f71ff227c285aac51288) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:55 +00:00
Joshua Lock	0d44dbdaa8	ruby: fix build of ruby-native with gcc7 Marsalling is broken when ruby-2.2.x is built with gcc7, backport the change fix in Ruby SVN r57410 to apply to ruby 2.2.5: https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57410 Fixes [YOCTO #12271] (From OE-Core rev: b9de98cdc816904583970369848181c2c79f1dc5) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 14:43:53 +00:00
Ross Burton	49ace39866	diffstat: use HTTP mirror for SRC_URI The Invisible Mirror FTP service is currently down, and FTP is horrible, so switch to the HTTP mirror. (From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d) (From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-10-10 17:30:53 +01:00
Richard Purdie	f8dd325b85	python3-native: Avoid use of getentropy/getrandom getentropy/random() is only available in glibc 2.25+ and uninative may relocate binaries onto systems that don't have this function. For now, force the code to the older codepaths until we can come up with a better solution for this kind of issue. (From OE-Core rev: 92bda0024d85ae78345665cc2f9646c9881ed61b) (From OE-Core rev: 2dc6ee0c520442418fa14cf3fe12b059209e9ab7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-06 16:54:37 +01:00
Richard Purdie	d47a5f1a15	python-numpy: Fix issues with recent glibc versions Fix issues building on recent glibc versions (for python*-numpy-native). (From OE-Core rev: 08a46b2477c1ea0e76695b51b59dc1bb46b1b521) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-06 16:53:39 +01:00
Richard Purdie	17597d2213	qemu: Backport a patch for recent glibc versions This fixes compile failures of qemu-native with new versions of glibc. Patch is taken from upstream. (From OE-Core rev: b1b7a46f0febe7ac17ec46ecdf88b4120a7d75c4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-06 16:53:39 +01:00
Armin Kuster	a746a4c171	docbook-utils: update SRC_URI from fedora to osl WARNING: docbook-utils-native-0.6.14-r3 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/docbook-utils-0.6.14.tar.gz, attempting MIRRORS if available (From OE-Core rev: ef47f682034f591c90572c082a753787aa1a8b9c) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:53 +01:00
Armin Kuster	b8987f1a23	sgml-common: update SRC_URI from fedora to OSL WARNING: sgml-common-native-0.6.3-r1 do_fetch: Failed to fetch URL ftp://sources.redhat.com/pub/docbook-tools/new-trials/SOURCES/sgml-common-0.6.3.tgz, attempting MIRRORS if available (From OE-Core rev: cdb32a75b935985e5e86184d97b5a05c8f3ff21a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:53 +01:00
Marek Vasut	4f064564fd	automake: Backport perl 5.22 fix Backport 13f00eb4493c "automake: port to Perl 5.22 and later" from automake upstream to fix build with perl 5.22 . (From OE-Core rev: 7fa044e799db651d45e4732e2527acfc2bc7cd47) (From OE-Core rev: 139d15f4af282eeef0a7f368eef518f400a4471a) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Ross Burton <ross.burton@intel.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:53 +01:00
Cody P Schafer	72084f7513	elfutils: fix building elfutils-native with GCC7 This is heavily based on the oe-core master commit with the same subject, but includes a backport of upstream's fix for the fallthrough warnings rebased to 0.166 (the oe-core patch which targeted 0.168 did not apply), a rebase of the format-truncation patch, and a backport of the upstream format-length patch. Info from OE-Core master patch follows: From OE-Core rev: aaf4c4f3d09ac3897205417eb15e19d54e0c0d05 From: Joshua Lock <joshua.g.lock@intel.com> Backport a fix from upstream for a -Wformat-truncation=2 warning and implement a simple fix for a -Wimplicit-fallthrough warning. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (From OE-Core rev: 3b91be97ae8c36cd6bad86fed992efc9800f4c9e) Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:53 +01:00
Joshua Lock	5f7d84821f	gcc-6.2: backport fix of check for empty string in ubsan.c Building gcc-cross-initial with GCC7 on the host fails due to the comparison of a pointer to an integer in ubsan_use_new_style_p, which is forbidden by ISO C++: ubsan.c:1474:23: error: ISO C++ forbids comparison between pointer and integer [-fpermissive] \|\| xloc.file == '\0' \|\| xloc.file[0] == '\xff' Backport the fix from upstream GCC to enable the build with GCC 7 (From OE-Core rev: 7a7fcbab0365b9501c737dbc02715be14dda72a3) (From OE-Core rev: ad685600d52b2e8b6f4cdbf46baa9f14b51565dd) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Cody P Schafer <dev@codyps.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:52 +01:00
Yuanjie Huang	1188ce3e3f	binutils: fix CVE-2017-7210 CVE: CVE-2017-7210 [BZ 21157] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21157 PR binutils/21157: Fix handling of corrupt STABS enum type strings. (From OE-Core rev: 066a7acc4c19a4ef3428d0a7c695a2b08f45bc14) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:52 +01:00
Yuanjie Huang	5d6e240db6	binutils: fix CVE-2017-7209 in readelf CVE: CVE-2017-7209 [BZ 21135] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21135 PR binutils/21135: Fix invalid read of section contents whilst processing a corrupt binary. (From OE-Core rev: fd7a91e2a6db1fb806c57c137f72efcffbf1f26b) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:52 +01:00
Yuanjie Huang	c7e48934c9	binutils: fix CVE-2017-6969 in readelf CVE: CVE-2017-6969 [BZ 21156] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21156 PR binutils/21156: Fix illegal memory accesses in readelf when ing a corrupt binary. PR binutils/21156: Fix another memory access error in readelf when parsing a corrupt binary. (From OE-Core rev: 565d4b9432c898e4483f392a91f4b4aaebb4b184) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:52 +01:00
Daniel Schultz	e6a1c94eef	e2fsprogs: Fix wrong error code after optimization fsck.ext will return an error code of 1 if a file systems was checked and successfully repaired. Even when an optimization was performed it will return this error code. This patch will change the error code to 0 if only optimizations had changed the file systems. The reason for this patch is a question I asked at the ext4 ML: http://www.spinics.net/lists/linux-ext4/msg55700.html Backport from git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git Based on commit bf9f3b6d5b10d19218b4ed904c12b22e36ec57dd (From OE-Core rev: 34ccb6b66162400c3a3164cbdcca02fc1b42c92b) Signed-off-by: Daniel Schultz <d.schultz@phytec.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-08-29 16:50:52 +01:00
Richard Purdie	4a48386e91	elfutils: update homepage and upstream souce In git://sourceware.org/git/elfutils.git: ---------------- commit 1700fd25e6caf26663af2bd994d1d99fab9df59f Author: Mark Wielaard <mark@klomp.org> Date: Sat Dec 24 22:31:41 2016 +0100 http://elfutils.org/ is now hosted at http://sourceware.org/elfutils/ fedorahosted used to be our home, but we are now hosted at sourceware. Change the elfutils project home to http://elfutils.org/ Point hosted services (email, release, git, bug tracker and web pages) to https://sourceware.org/elfutils/ Move design notes from README to NOTES. Add URLs for home, releases, bugs, git and mailinglist to README. Make the --version output of all tools the same by using a common print_version function and update the publicly shown copyright holder to the elfutils developers. Signed-off-by: Mark Wielaard <mark@klomp.org> ------------------ Based on a patch from Hongxu Jia <hongxu.jia@windriver.com> (From OE-Core rev: 4ee8ad29e0eb3584eb8c6e1ba21a5a18d7a59714) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-06-05 18:00:02 +01:00
Choong YinThong	61b729a3a8	xmlto: replace fedorahosted.org SRC_URI with pagure.io source fedorahosted.org was retired on March 1st, 2017. This is to update the SRC_URI to point to pagure.io. pagure.io is a replacement for fedorahosted. [YOCTO #11226] (From OE-Core rev: 79ae1e98a7c3fd4c732ea4cd0b3099d4e319a111) (From OE-Core rev: 6785157e7b30ca112ec5c65487a9e7e65b9dd5de) Signed-off-by: Choong YinThong <yin.thong.choong@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-06-05 18:00:02 +01:00

1 2 3 4 5 ...

3771 Commits