mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-02-13 04:03:03 +01:00

Author	SHA1	Message	Date
Richard Purdie	47925dc5f9	build-appliance-image: Update to thud head revision (From OE-Core rev: bace400528115927ed0efa3cd941c9f9f128a555) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 16:53:51 +01:00
Richard Purdie	795af97c45	poky.conf: Bump version for 2.6.4 thud release (From meta-yocto rev: 591984ed1d9f371af0410a91786c60b7cf8e3a5c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 16:53:32 +01:00
Muminul Islam	ebf1cc65a9	curl: Security fix for CVE-2019-5482 (From OE-Core rev: 57d30f26c3dbba720079e98d429dfcb53d527d54) Signed-off-by: Muminul Islam <muislam@microsoft.com> [Fixup for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:01 +01:00
Muminul Islam	507434199d	libsolv: Security fix for CVEs: <CVE-2018-20532, CVE-2018-20533, CVE-2018-20534> (From OE-Core rev: 82a9850d6ef8cca816f9e0a53a8d20b056f95320) Signed-off-by: Muminul Islam <muislam@microsoft.com> CVE: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 Upstream-Status: Backport Cherry picked from https://github.com/openSUSE/libsolv/pull/291/commits Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:01 +01:00
Dan Tran	ab318acf53	gnutls: Fix CVE-2019-3829 and CVE-2019-3836 (From OE-Core rev: 54c6892543319c4b8f7248e95966e956053c97b7) Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:01 +01:00
c-thaler	dba05668f7	kernel-devsrc: check for localversion files in the kernel source tree localversion files are ignored. This might lead to a bad version magic when building out-of-tree modules via SDK. (Backport from master https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-kernel/linux/kernel-devsrc.bb?id=59fcee90de0cbb5b6b8333ab2b0e36214b174e52) (From OE-Core rev: 85da4ccfff2103815eb3cd9a0b0f1af122b05567) Signed-off-by: Christian Thaler <christian.thaler@tes-dst.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:01 +01:00
Muminul Islam	7e20a2238c	glibc: Security fix for cve <CVE-2019-6488, CVE-2019-7309> (From OE-Core rev: d68441ed80fd43f091baf01bfdb47c3ec010c662) Signed-off-by: Muminul Islam <muislam@microsoft.com> CVE: CVE-2019-6488, CVE-2019-7309 Upstream-Status: Backport Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:00 +01:00
Peter Kjellerstedt	01d107f5c1	arch-arm64.inc: Lower the priority of aarch64 in MACHINEOVERRIDES This makes sure, e.g., ${SOC_FAMILY} and ${MACHINE} have higher priorities than aarch64. (From OE-Core rev: 3b8db95973fc144b00d59c4797adb405a935cd7c) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:00 +01:00
Dmitry Eremin-Solenikov	9257748714	kernel.bbclass: fix installation of modules signing certificates If one has provided external key/certificate for modules signing, Kbuild will skip creating signing_key.pem and will write only signing_key.x509 certificate. Thus we have to check for .x509 file existence rather than .pem one. (From OE-Core rev: 4972582767a3325d22a16db9a5479c2d0001964b) Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2527e731eba43bd36d0ea268aca6b03155376134) Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-15 15:54:00 +01:00
Joshua Watt	c272ecd65b	bitbake: cookerdata: Add mc conffiles hashes to cache hash The variable values that result from parsing multiconfig should be included in the cooker data hash, otherwise changes to these files won't be detected, which will allow the parsing cache to be loaded with the old values for the multiconfigs. This can either manifest as the variable values simply not updating, or getting basehash changed errors when building. This bug was previously undetected because all of the multiconfig base files were a direct file dependency in all parsed recipes. This was fixed in 34137a00f60 ("bitbake: bitbake: cooker: Rename __depends in all multiconfigs"), exposing this bug. [YOCTO #13541] (Bitbake rev: 6b045e074c6fea97d4e305a5a3c8bf82135d95eb) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:53:26 +01:00
Michael Halstead	8e23315bda	uninative: Update to 2.7 release The 2.7 release updates glibc to version 2.30. Recently added to openSUSE Tumbleweed and needed for Fedora Core 31. (From OE-Core rev: e6728a873f1eef335a9e21bdface304f13f0c952) Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Khem Raj	d31a23609c	gnupg: Do not apply -Woverride-init guard for gcc >= 9 (From OE-Core rev: e40c38afc1747d1ed71c9bd2ab3189bbb1efcee9) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Sean Nyekjaer	0077503ed8	libgpg-error: Fix build with gawk 5.x Based on poky master, but for version 1.35 (From OE-Core rev: ff3b021136d7af66f05475da8475495fe7c653ee) Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> [backported to thud yocto# 13580] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Armin Kuster	f3a4b20850	qemu: fix build issue on new hosts with glibc 2.30 This fixes the following error: TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:254:16: error: static declaration of ‘gettid’ follows non-static declaration 254 \| _syscall0(int, gettid) \| ^~~~~~ TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:185:13: note: in definition of macro ‘_syscall0’ 185 \| static type name (void) \ \| ^~~~ In file included from /usr/include/unistd.h:1170, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/include/qemu/osdep.h:90, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20: /usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here 34 \| extern __pid_t gettid (void) __THROW; \| ^~~~~~ (From OE-Core rev: 5b5ca76cc5dd424248c7e687e562597a2c85df57) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Andrii Bordunov via Openembedded-core	93cde08301	wget: Security fixes CVE-2018-20483 Source: http://git.savannah.gnu.org/cgit/wget.git/ Type: Security Fix Disposition: Backport from http://git.savannah.gnu.org/cgit/wget.git/ Description: Fixes CVE-2018-20483 (From OE-Core rev: c901bc8cd9de5853185af2059c6f1efeb4ccdd60) Signed-off-by: Aviraj CJ <acj@cisco.com> [Affects Wget before 1.20.1] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Shubham Agrawal	6d5867a94c	sqlite3: Security fix for CVE-2019-8457 (From OE-Core rev: c0c66d213b4b6deb0a5e9a688810d2e9674d3ecf) Signed-off-by: Shubham Agrawal <shuagr@microsoft.com> [Cleaned up patch] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Dan Tran	bda26ff31c	perl: Fix CVE-2018-18311 to 18314 (From OE-Core rev: cffd085ef77d055e5e837887b0eaf820aa982f00) Signed-off-by: Dan Tran <dantran@microsoft.com> [Perl before 5.26.3 and 5.28.x before 5.28.1] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Adrian Bunk	cc0605bad6	json-c: Don't --enable-rdrand In recent years AMD CPUs have had various problems with RDRAND giving either non-random data or no result at all, which is problematic if either build or target machine has a CPU with this problem. The fallback is /dev/urandom, and I'd trust the kernel here. --enable-rdrand was added in an upgrade to a new upstream version without mentioning any reason. [YOCTO #13534] (From OE-Core rev: fad633eb5c464d4e2a984b9259625bcd150ee357) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Dan Tran	b15ffd14ac	unzip: fix CVE-2019-13232 (From OE-Core rev: 7857d85db69bcb2cb94399a22de6903263e52965) Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Shubham Agrawal	2d699f84a3	elfutils: CVE fix for elfutils CVE: CVE-2019-7664.patch CVE: CVE-2019-7665.patch Sign off: Shubham Agrawal <shuagr@microsoft.com> (From OE-Core rev: 8ca80002aa21897834b8c9869137461221e50225) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Dan Tran	7d0a5058e6	qemu: Fix 4 CVEs Fixes CVE-2018-18954, CVE-2019-3812, CVE-2019-6778, and CVE-2019-8934. Also deleted duplicated patch and cleanup. (From OE-Core rev: e4b6a39bdf1b660233a7145599cd4fc3e971fc8f) Signed-off-by: Dan Tran <dantran@microsoft.com> [fixup for thud-next] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Chen Qi	70f57755d7	oeqa/selftest/context: ensure log directory exists Ensure log directory exists to avoid the following error. FileNotFoundError: [Errno 2] No such file or directory: '/.../build-selftest/tmp/log/oe-selftest-results-20181207043431.log' (From OE-Core rev: c54411d0e03fe1cea8b6bb0c80dea029dd264f36) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Bruce Ashfield	87d0be72e7	linux-yocto/4.14: update to v4.14.143 Updating to the latest 4.14 -stable. Lightly build and boot tested on qemu* (From OE-Core rev: f5be8c8309a932cde507ba24d042880a922df0b6) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Anuj Mittal	d8b63d9ad6	pango: fix CVE-2019-1010238 (From OE-Core rev: 20b23cb40917b1c83b862817b13f0eefc8fa7a64) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 65631a048f57965745dc8cc23cb80c4c3a71ba94) [Fix up for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Anuj Mittal	65ba01d602	patch: backport fixes The original fix for CVE-2018-1000156 was incomplete. Backport more fixes done later for a complete fix. Also see: https://savannah.gnu.org/bugs/index.php?53820 (From OE-Core rev: e2869ff2f76adb2b1ba6f003d6d02d242afe49e8) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 12f9689cba740da6b8c7d9292c74c3992c2e18f2) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Trevor Gamblin	6fc3dc1af5	patch: fix CVE-2019-13638 (From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781) (From OE-Core rev: 308c44fd8f1d7d348c6c7cf9054f9c8403d8e8bd) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 555b0642579c00c41bc3daab9cef08452f9834d5) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Anuj Mittal	d59f2b0a74	libxslt: fix CVE-2019-13117 CVE-2019-13118 (From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5) (From OE-Core rev: 07cd0d606fea63e683c7de7ebfaa6a55170b8318) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixup for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Muminul Islam	94ac57739c	libxslt: Cve fix CVE-2019-11068 (From OE-Core rev: c9c3fabddb4e1779ef330f2073f85dce83cb460b) Signed-off-by: Muminul Islam <muislam@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Dan Tran	26ab554fd5	python3: Fix CVEs Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636, CVE-2019-9740, and CVE-2019-9747. (From OE-Core rev: 5862716f22ca9f5745d3bca85c6ed0d8c35c437b) Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Dan Tran	90e5385568	python: Fix 3 CVEs Fixes CVE-2018-20852, CVE-2019-9740, and CVE-2019-9747 (From OE-Core rev: 3f1c02aa7b7d485e64503d601124c335d4b7299f) Signed-off-by: Dan Tran <dantran@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Dan Tran	45cebeda6e	binutils: Fix 4 CVEs Fixes CVE-2018-20623, CVE-2018-20651, CVE-2018-20-671, and CVE-2018-1000876 for binutils 2.31.1. (From OE-Core rev: 981eeec0f26f25db444782f40a86c558a2358215) Signed-off-by: Dan Tran <dantran@microsoft.com> [fixed up .inc for thud-next context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Adrian Bunk	36fa7fce02	dhcp: Replace OE specific patch for compatibility with latest bind with upstream patch This also fixes a dhcp breakage noticed by Enrico Scholz. (From OE-Core rev: 5deab12cdcf1d7372634324e1fd70145ff59f9f9) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Ruslan Bilovol	458009f31a	dhcp: drop lost patch Commit 7cb42ae87ef9 "dhcp: update 4.4.1" dropped 0008-tweak-to-support-external-bind.patch from recipe, but left the patch itself in source tree. Remove this patch since nobody uses it. Cc: Armin Kuster <akuster808@gmail.com> (From OE-Core rev: 109e8420c8a4e94dccb3c83e2b0b7fc6ceb66b04) Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	5f125a31e1	dhcp: fix issue with new bind changes (From OE-Core rev: d0e2babdab1625e86d0abc7fa7dab25caa73ccb6) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	6518c248e6	go: update to 1.11.13, minor updates Source: golang.org MR: 99376 Type: Security Fix Disposition: Backport from golang.org ChangeID: 41576ab4a0abdebbc44f1a35a83bf04e5f2fde06 Description: https://golang.org/doc/devel/release.html go1.11.11 (released 2019/06/11) includes a fix to the crypto/x509 package. See the Go 1.11.11 milestone on our issue tracker for details. go1.11.12 (released 2019/07/08) includes fixes to the compiler and the linker. See the Go 1.11.12 milestone on our issue tracker for details. go1.11.13 (released 2019/08/13) includes security fixes to the net/http and net/url packages. See the Go 1.11.13 milestone on our issue tracker for details. Includes CVE: CVE-2019-14809 (From OE-Core rev: 6018e9755dce3eaa22a1fe691dc18546c43c9cbe) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Adrian Bunk	6eaf69d732	bind: upgrade 9.11.5 -> 9.11.5-P4 Source: OE.org MR: 99751, 99752, 99753 Type: Security Fix Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-connectivity/bind?h=warrior&id=5d286da0fbe1a7ded2f84eec990e49d221bdeab4 ChangeID: ce3719ea11bd03af3baeca51a22115badf84be01 Description: Bugfix-only compared to 9.11.5, mostly CVE fixes. COPYRIGHT checksum changed due to 2018 -> 2019. (From OE-Core rev: b24447b40e4988e337bdd4b5cf194df0827f9887) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Included cves: CVE-2018-5744 CVE-2018-5745 CVE-2019-6465 ] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	3d3a165925	bind: update to latest LTS 9.11.5 Source: bind.org MR: 99750 Type: Security Fix Disposition: Backport from bind.org ChangeID: bca5c436229f1b8c7e8eb3e45fc6188ffdb5e224 Description: includes: CVE-2018-5738 drop patch for CVE-2018-5740 now included in update see: https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html Add RECIPE_NO_UPDATE_REASON for lts (From OE-Core rev: 25b2f2c6fc67eabb0e7f0b7c5ffe08c554613c10) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Also includes CVE-2018-5740] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	176dc6eb01	binutils: Security fix for CVE-2019-12972 Source: git://sourceware.org / binutils-gdb.git MR: 98770 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031 ChangeID: 7ced6bffbe01cbeadf50177eb332eef514baa19c Description: Fixes CVE-2019-12972 (From OE-Core rev: 16f4520f5cb581eb93bd3f0e3aa1feecc5c567ba) Signed-off-by: Armin Kuster <akuster@mvista.com> [v2] forgot to refresh inc file before sending Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	d39b67e491	binutils: Security fix for CVE-2019-14444 Source: git://sourceware.org / binutils-gdb.git MR: 99255 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 ChangeID: 67ad4ab1ec34b941bdcfbb4f55d16176bbbd3d72 Description: Affects: <= 2.32.0 Fixes CVE-2019-14444 (From OE-Core rev: a367928942411b36a0b0bbb95055d01548430e8e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Armin Kuster	09d46e9131	gcc: Security fix for CVE-2019-14250 Source: gcc.org MR: 99120 Type: Security Fix Disposition: Backport from https://gcc.gnu.org/viewcvs?rev=273794&root=gcc&view=rev ChangeID: 28ab763c18f1543607181cd9657f45f7752b6fcb Description: Affects < 9.2 (From OE-Core rev: 79205966072bb6179d96b3af5aabc521da83e841) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Bartosz Golaszewski	0f7e6681a8	qemu: add a patch fixing the native build on newer kernels The build fails on qemu-native if we're using kernels after commit 0768e17073dc527ccd18ed5f96ce85f9985e9115. This adds an upstream patch that fixes the issue. (From OE-Core rev: fac2d3846dadfda256e94500bdf33f546a8d1fb4) Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Refactoried for thud context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Andrii Bordunov via Openembedded-core	4e6a44598f	libcomps: fix CVE-2019-3817 (From OE-Core rev: 2cebc7faa10c7ac6f60437658702f7adce3b3a89) Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Andrii Bordunov via Openembedded-core	9da2eb4bef	glib-2.0: fix CVE-2019-13012 (From OE-Core rev: 51f7ecf2259e1fb669cd84c5317cbd8810d731b7) Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Andrii Bordunov via Openembedded-core	fe27c50545	dbus: fix CVE-2019-12749 (From OE-Core rev: 144363decc922ed03a584eb9b29cf9808a469d08) Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:28 +01:00
Andrii Bordunov via Openembedded-core	1b62838428	curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 (From OE-Core rev: 75a4b4d8fb14414bbe2e38be8ccda0af94ef9b40) Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:27 +01:00
Anuj Mittal	20ee17a579	python3: fix CVE-2019-9740 CVE-2019-9947 is same as CVE-2019-9740 and mark it as such. See: https://bugs.python.org/issue30458 (From OE-Core rev: ad90312adabbad951f62e3bd4ad95fcc763ad0c4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:27 +01:00
Anuj Mittal	d581f111db	patch: fix CVE-2019-13636 (From OE-Core rev: bd367f58d9d6b5f0ce213e1be36763c5a9e425b6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:27 +01:00
Alexander Kanavin	fa4683a484	buildhistory: call a dependency parser only on actual dependency lists Previously it was also called on filelists and possibly other items which broke the parser. (From OE-Core rev: f965ecbf558b6db1959e4ba8e599d65a5c8022b2) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-08 22:52:27 +01:00
Armin Kuster	e694933647	bitbake: tests/fetch: Resolve fetch error in bitbake-selftest FAIL: test_wget_latest_versionstring (bb.tests.fetch.FetchLatestVersionTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/home/pokybuild/yocto-worker/oe-selftest/build/bitbake/lib/bb/tests/fetch.py", line 1229, in test_wget_latest_versionstring self.assertTrue(verstring, msg="Could not find upstream version for %s" % k[0]) AssertionError: '' is not true : Could not find upstream version for db [YOCTO #13496] The Oracle UPSTREAM_CHECK_URI used changed and does not work with logic in wget. Update UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX to match the ones used in the recipe. Also change the version being checked. (Bitbake rev: 8a58c3c64240c6ab14858d18e6b89febdb315311) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-09-09 09:58:09 +01:00
Scott Rifenbark	55e9d7c1e4	YP Docs: Set up the August 2019 date for 2.6.3 release. (From yocto-docs rev: 49abb21ec1728a8794c69997316a95ed0251a1e2) Signed-off-by: Scott Rifenbark <srifenbark@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-09-06 11:59:53 +01:00

1 2 3 4 5 ...

52829 Commits