mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-02 00:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
47,200 Commits 38 Branches 624 Tags
4b202e07201655c65d65842829ddfb33e1edc5e4
Commit Graph

1722 Commits

Author SHA1 Message Date
Robert Yang
d5f2604669 libpcre2: Fix CVE-2017-7186 
A fuzz on libpcre1 through the pcretest utility revealed an invalid read in the
library. For who is interested in a detailed description of the bug, will
follow a feedback from upstream:

This was a genuine bug in the 32-bit library. Thanks for finding it. The crash
was caused by trying to find a Unicode property for a code value greater than
0x10ffff, the Unicode maximum, when running in non-UTF mode (where character
values can be up to 0xffffffff).

(From OE-Core rev: 1b87201784e733f3a9d436f56cb5a6151ba6bdfa)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-31 17:41:41 +01:00
Robert Yang
45f40ea5d9 libpcre2: Fix CVE-2017-8786 
The pcre2test.c in PCRE2 10.23 allows remote attackers to cause a denial of
service (heap-based buffer overflow) or possibly have unspecified other impact
via a crafted regular expression.

(From OE-Core rev: dd63a26fedb8a578d34850ede4c27e26b8876e7e)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-31 17:41:41 +01:00
Dengke Du
b5fc88b3d3 rng-tools: add systemd service file 
Add systemd service file for rng-tools.

(From OE-Core rev: d374897100ae756df72677d47c9c70c7fefca192)

Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-27 22:30:06 +01:00
Yi Zhao
9ec4a4629d taglib: Security fix CVE-2017-12678 
CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678

Patch from:
eb9ded1206

(From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-27 22:30:06 +01:00
Khem Raj
f4e8e9242c db: Add --tag parameter to libtool invocation 
Fix do_configure to be able to regenerate configure files

Use cross libtool as installed by OE, as done in normal autotooled recipes

These changes help in invoking the libtool with proper tags for C
and C++ compiler and linker invocation and not use same tag across all
different invocations

Fixes errors like
libtool: compile: unable to infer tagged configuration
libtool: compile: specify a tag with `--tag'

(From OE-Core rev: afa9f769d62034d4443dfe929422d1d591adf709)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-25 12:08:50 +01:00
Richard Purdie
e2328da344 ca-certificates: Fix postinst dependency issues 
We were relying on running ca-certificates from the -native version. This
meant the host and target path layouts had to match which might not be true,
it certainly isn't true for the sdk builds.

There was a dependency on run-parts which wasn't represented (we can get it
from busybox or debianutils).

Since this is an allarch script, call the script directly, making sure debianutils
and openssl are available as postinst rootfs time to resolve the issues.

(From OE-Core rev: d9575e05f2cb8bf293534c036ddc0d0336701256)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-25 12:08:50 +01:00
Richard Purdie
21073429bc debianutils: Add a native version (for run-parts) 
(From OE-Core rev: 46985e66c193ad2aa9b575aeab5c78740bc5a4ed)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-25 12:08:50 +01:00
Jackie Huang
c8616512b6 boost: add python to default PACKAGECONFIG options 
We want to provide python libs by default, and some other
popular Linux distributions like redhat/fedora does the same.

(From OE-Core rev: 41744c418009dccc5f79c1a4a28419807d67837c)

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-24 13:48:10 +01:00
Juro Bystricky
3a435b7147 acl_2.25: improve reproducibility 
Remove all host build references from the acl-ptest package.

(From OE-Core rev: 6b799e4b315ee5a1eaba9f445b2ba7d37d1e0176)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-24 13:48:10 +01:00
Juro Bystricky
64549ce588 attr: improve reproducibility 
Remove all host build references from the attr-ptest package.

(From OE-Core rev: 0a181e26d09978bff850bc6b303de6053f7c53df)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-24 13:48:10 +01:00
Binghua Guan
487c62b853 bmap-tools: add "python-mmap" to RDEPENDS 
bmap-tools has run-time dependency on "python-mmp" which is missing in
the RDEPENDS. "bmaptool" command in the target will fail without this
patch.

(From OE-Core rev: 1127154b958d0a0e167cefff4bc40dfb86e3378a)

Signed-off-by: Binghua Guan <freebendy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-23 14:13:46 +01:00
Martin Jansa
99d5c5a70f libcheck: fix file-rdeps QA issue 
* Fixes:
  ERROR: nativesdk-libcheck-0.10.0-r0 do_package_qa: QA Issue: /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/checkmk contained in package nativesdk-libcheck requires /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/gawk, but no providers found in RDEPENDS_nativesdk-libcheck? [file-rdeps]

(From OE-Core rev: 71c29b53f1a44430306eeda96dc43cf7d002afe5)

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-23 08:47:03 +01:00
Robert Yang
91def3fdc9 libbsd: 0.8.5 -> 0.8.6 
(From OE-Core rev: 8c53a8c87c509da68d1f423ecd11f6b11186acd1)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-23 08:47:02 +01:00
Hongxu Jia
c55b370612 gnupg: 2.1.20 -> 2.1.23 
1. COPYING.LIB: Rename to COPYING.LGPL3.
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1

2. Rebase patches:
- pkgconfig.patch -> 0001
- use-pkgconfig-instead-of-npth-config.patch -> 0002
- dirmngr-uses-libgpg-error.patch -> 0003
- autogen.sh-fix-find-version-for-beta-checking.patch -> 0004

3. Fix gpg2 not found
...
dnf -vy makecache

|Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature
verification error: gpgme_engine_check_version() error: Invalid crypto
engine.
...

The upstream install gpg by default and no gpg2
...
commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b
Author: Werner Koch <wk@gnupg.org>
Date:   Sat Aug 5 14:39:32 2017 +0200

    gpg: Install gpg by default under the name gpg.
...
Add --enable-gpg-is-gpg2 to revert it.

(From OE-Core rev: f62d844424670967d2d40cd2afc96f5fc597bf1d)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-23 08:47:02 +01:00
Hongxu Jia
0bd2dd08e3 gpgme: remove local m4/python.m4 
While multilib, the local m4/python.m4 incorrectly assigned
am_cv_python_pyexecdir and am_cv_python_pythondir which caused
the following error enabled:
...
ERROR: gpgme-1.9.0-r0 do_package: QA Issue: gpgme: Files/directories
were installed but not shipped in any package:
  /usr/lib/python3.5/site-packages/gpg-1.9.0-py3.5.egg-info
...

(From OE-Core rev: f5c7e236582028638a26a5855d5e7ba0b55bb8f0)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:27 +01:00
Hongxu Jia
26fbd1e3f6 gpgme: 1.8.0 -> 1.9.0 
Rebase patches:
- pkgconfig.patch -> 0001
- python-lang-config.patch -> 0002
- 0001-Correctly-install-python-modules.patch -> 0003
- python-import.patch -> 0004
- 0001-gpgme-config-skip-all-lib-or-usr-lib-directories-in-.patch -> 0005

(From OE-Core rev: b18a7adf8ce194b2dd3ce787228fb87c5ef3efde)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:27 +01:00
Wenzong Fan
3ff394411e sqlite3: upgrade to 3.2.0 
* Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989:

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3,
as used in GDAL and other products, mishandles undersized RTree blobs
in a crafted database, leading to a heap-based buffer over-read or
possibly unspecified other impact.

https://nvd.nist.gov/vuln/detail/CVE-2017-10989

* LIC_FILES_CHKSUM updated for below changes:

  -** 2001 September 15
  +** 2001-09-15

(From OE-Core rev: 95b802bfe74ac6a3f6dc05edb52c87ef90600f40)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:27 +01:00
Hongxu Jia
80cecb6cc9 libgcrypt: 1.7.8 -> 1.8.0 
Rebase patches:
- add-pkgconfig-support.patch -> 0001
- libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch -> 0002
- fix-ICE-failure-on-mips-with-option-O-and-g.patch -> 0003
- fix-undefined-reference-to-pthread.patch -> 0004

(From OE-Core rev: b90037da8754009ca7cf2ab996b46b3dae1eb204)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:27 +01:00
Hongxu Jia
5552c856a7 apr-util: 1.5.4 -> 1.6.0 
Drop backported openssl-1.1.patch

(From OE-Core rev: a67800e01b9b383d2f887a82de3075b2ef234648)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:26 +01:00
Kai Kang
aa4f7c8b14 nss: 3.30.2 -> 3.31.1 
Upgrade nss from 3.30.2 to latest stable version 3.31.1.

* remove 0001-Fix-warnings-found-with-gcc7.patch which is not needed now

(From OE-Core rev: 86838f1c06002a62ded12a9a66d1eb82093c85a9)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-18 10:40:26 +01:00
Juro Bystricky
ac2b82fedc gmp: improve reproducibility 
Remove references to the host build system from generated/packaged
header file gmp.h. The file ends up in two different packages (libgmp-dev,
libgmp-dbg). Rather then modifying the file twice in two different
destinations after the installation, we modify the file gmp.h only once,
but before the installation.

[YOCTO #11922]

(From OE-Core rev: 693b42115e2f61abc9ca6096445dc494648cacb6)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-17 00:21:15 +01:00
Yue Tao
f36bdb503f libtasn1: CVE-2017-10790 
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes
a NULL pointer dereference and crash when reading crafted input that
triggers assignment of a NULL value within an asn1_node structure. It
may lead to a remote denial of service attack.

References:
https://nvd.nist.gov/vuln/detail/CVE-2017-10790
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;
h=d8d805e1f2e6799bb2dff4871a8598dc83088a39

(From OE-Core rev: 6176151625c971de031e14c97601ffd75a29772f)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-17 00:21:14 +01:00
Huang Qiyu
4776599ad2 nspr: 4.14 -> 4.16 
Upgrade nspr from 4.14 to 4.16

(From OE-Core rev: bfc148a40fd5b9936e63e9af901b5c8aaf7e8e5b)

Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-17 00:21:14 +01:00
Alexander Kanavin
04891b31e6 ca-certificates: update to 20170717 
Upstream lacks a tag for this release, so make it a PR bump.

(From OE-Core rev: 0b0a716b243491f026cb7b15e8f546325d6fa760)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-13 09:27:38 +01:00
Alexander Kanavin
65da29a913 libcap: fix build with gperf 3.1 
(From OE-Core rev: e54e367e07ce7c69272693413db7f87a8629c536)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-13 09:27:37 +01:00
Khem Raj
63d5bd0a4e libproxy: Remove PIE flags from SECURITY_PIE_CFLAGS 
External compilers will explicitly pass -fPIE -pie flags
unlike internal toolchain which does not use them, so the build
fails with external toolchains because, its passing these
flags to linker when building shared library, which is not
correct it should just use -fPIC

Fixes errors e.g.
| /mnt/a/oe/build/tmp/work/corei7-64-bec-linux/libproxy/0.4.14-r0/recipe-sysroot-native/usr/bin/x86_64-bec-linux/x86_64-bec-linux-ld: ../libmodman/libmodman.a(module_manager.cpp.o): relocation R_X86_64_PC32 against symbol `_ZNSt8_Rb_treeINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt4pairIKS5_St6vectorIPN9libmodman14base_extensionESaISB_EEESt10_Select1stISE_ESt4lessIS5_ESaISE_EE8_M_eraseEPSt13_Rb_tree_nodeISE_E' can not be used when making a shared object; recompile with -fPIC

(From OE-Core rev: 8c8c01f8e68026228a3b76528a0039acf682c201)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-09 09:24:15 +01:00
Khem Raj
26d043bf26 ossp-uuid, libffi, libgcrypt: Pass --tag=CC option to libtool 
libtool tries to guess the --tag value based on CC/CXX environment
variables and the compile commandline generated by makefiles. This
heuristics however fails when we construct CC variables in OE
and add security flags to it, especially -fPIE -pie which are added
by external compilers e.g. clang particularly. It fails because
libtool removed PIE flags from compiler cmdline intelligently
if it figures out that its building a library, which means that
the CC variable passed from cmdline does not match with the compiler
cmdline constructed by libtool and we end up with errors like

| arm-bec-linux-musleabi-libtool: compile: unable to infer tagged configuration
| arm-bec-linux-musleabi-libtool:   error: specify a tag with '--tag'

This works with internal gcc toolchain because we configure gcc for
PIE when hardening is selected and dont pass -fPIE -pie options explicitly
but this is not an option for clang, and some external gcc toolchains
using older gcc

This patch adds the --tag option to help libtool set correct tags
in packages where it cant get it right via its heuristics

(From OE-Core rev: 0505075ae8d339ba097aebb82b4d0ae62f87c0a9)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-09 09:24:15 +01:00
Ross Burton
7dd7ef3bd2 re2c: fix build race 
(From OE-Core rev: 33bd61e34f0d17841f0817bfdcdf87320a6743ec)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-08-03 11:14:13 +01:00
Khem Raj
e7bb5ae841 re2c: Transfer recipe from meta-oe and upgrade to 0.16 
ninja needs it.

(From OE-Core rev: d7d46209a309735b503cfc543799faea1f794055)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-31 15:13:31 +01:00
Andrej Valek
4c09b7a745 libpcre: upgrade 8.40 -> 8.41 
(From OE-Core rev: 07c5eb7f9232ecd4a094040cbe85af2727bd2bd5)

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-30 08:46:19 +01:00
Jackie Huang
a88d33f47f debianutils: set higher priority than busybox for run-parts 
debianutils-run-parts should have higher priority than
busybox (which is 50), so set the priority to 60 for
debianutils-run-parts.

(From OE-Core rev: 56f6fc7d6de0a46046ea2abcc392b1da88e398ec)

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-30 08:46:19 +01:00
Alexander Kanavin
65080777b1 bash-completion: upgrade to 2.7 
(From OE-Core rev: ec5938795c44163303d8708d3386947567c05f28)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-27 22:36:53 +01:00
Alexander Kanavin
9dd27d7963 icu: update to 59.1 
License checksum change due to copyright year update.

Latest icu will not compile with anything less than C++11, so
drop the enforcement of an earlier C++ version. This should be okay,
as there is now a fix in place for the problem of mixing native gcc 4/5
compiled code:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=c21cec84886d9c70396e9be0ceb9a8ef300b54be

(From OE-Core rev: b002f44ed5a07b42deb8cccdb192e12091cd654f)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-27 22:36:53 +01:00
Mikko Rapeli
b134fda353 sqlite3.inc: set CVE_PRODUCT to sqlite 
It is used in NVD for CVE's like:

https://nvd.nist.gov/vuln/detail/CVE-2016-6153

(From OE-Core rev: cec6f26f4d2f16c9a58fac5a6344e3d43b36ed09)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:31 +01:00
Mikko Rapeli
3e9e96a1f0 nspr_4.14.bb: set CVE_PRODUCT to netscape_portable_runtime 
This is used in NVD database entries like CVE:

https://nvd.nist.gov/vuln/detail/CVE-2016-1951

(From OE-Core rev: c75e5d3f4b9293cf2f2ebdd3a23743b3df7aa3df)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:31 +01:00
Mikko Rapeli
e21383f8e1 libpcre2_10.23.bb: set CVE_PRODUCT to pcre2 
It is used in NVD as product name for CVE's like:

https://nvd.nist.gov/vuln/detail/CVE-2017-8786

(From OE-Core rev: ce32c5b8ee77012b36c74323f298dc561741aebd)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:31 +01:00
Mikko Rapeli
e93cca8add libpcre_8.40.bb: set CVE_PRODUCT to prce 
It is used in NVD for CVE's like:

https://nvd.nist.gov/vuln/detail/CVE-2017-7246

(From OE-Core rev: 523e823988f08679a384a14c4e768b2819f8a6bf)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:31 +01:00
Mikko Rapeli
5d68f0a822 icu.inc: set CVE_PRODUCT to international_components_for_unicode 
NVD uses it for CVE's like:

https://nvd.nist.gov/vuln/detail/CVE-2014-8146

(From OE-Core rev: eaac39100cadc81c89e6eb5ab389cd684699aa90)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:31 +01:00
sweeaun
027f3d0aef libffi: Support musl-x32 build 
Added target musl-x32 in configure.ac to support musl-x32 build in libffi.

(From OE-Core rev: 318e33a708378652edcf61ce7d9d7f3a07743000)

Signed-off-by: sweeaun <swee.aun.khor@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-24 09:13:30 +01:00
Maxin B. John
e25ff31d95 sqlite3: upgrade to 3.19.3 
3.19.2 -> 3.19.3

Fixes a bug associated with auto_vacuum that can lead to database
corruption.

(From OE-Core rev: 2635067901c932888a998ea0fbb45f5d4d3c7c24)

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-21 22:51:38 +01:00
Dengke Du
405f210b4b acl: reduce local pending patches 
(From OE-Core rev: e35a14b28e021dc6db06e4471efbb7b25e45ee91)

Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-21 22:51:38 +01:00
Ross Burton
57f606b12b libgcrypt: upgrade to 1.7.8 
Fixes CVE-2017-7526, 'flush+reload side-channel attack on RSA secret keys dubbed
"Sliding right into disaster"'.

(From OE-Core rev: c4c2fb3732dbb290b7f0ca43af2e8662f99e4582)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-19 15:13:40 +01:00
Ross Burton
9393207bcd libgcrypt: merge bb and inc file 
(From OE-Core rev: 4b48c0afdf24c4fc71479893c262b5f35d8c188a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-19 15:13:40 +01:00
Ross Burton
1884950498 libgcrypt: upgrade to 1.7.7 
(From OE-Core rev: 99392e366047ee14e0ac94ac0ad2d97fed02e097)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-17 14:01:39 +01:00
Robert Yang
73fc26cfcd libbsd: 0.8.3 -> 0.8.5 
* The LIC_FILES_CHKSUM is changed becauses the files updated the date, and added
  a BSD-3-clause-John-Birrell for man/timeradd.3bsd, this license is already
  there for other files.

* Update 0002-Remove-funopen.patch

* Remove 0003-Fix-build-breaks-due-to-missing-a.out.h.patch, the a.out
  code is gone in the source, so this patch is not needed any more.

(From OE-Core rev: 1be785e420c838080ce5dc608192794e46961582)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-17 14:01:39 +01:00
Fan Xin
3c24505d16 apr: 1.5.2 -> 1.6.2 
Update apr from 1.5.2 to 1.6.2

(From OE-Core rev: 88e7f5c25f1e303b9d68fe25d7e785b9412c6138)

Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-17 14:01:39 +01:00
Robert Yang
f7d3f03588 debianutils: 4.8.1 -> 4.8.1.1 
(From OE-Core rev: 2a8a10aead8da0c21e6461c03f038efcfc59e31a)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-17 14:01:38 +01:00
Robert Yang
1501ab0c6e libiconv: remove 0001-Fix-link-error-when-compiling-with-gcc-O0.patch 
The recipe and patches (including this patch) had been moved into meta-mingw,
this dangling patch is useless here, so should be removed.

(From OE-Core rev: b1c4661742d12cfd444043e597d01bd627ee4ca4)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-11 15:57:08 +01:00
Khem Raj
1504f8f09b libunwind: We set -fPIE in security flags now if gcc is not configured for default PIE 
(From OE-Core rev: 24755afceb38530215a59d53f37df31ca77b0b6e)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-08 13:34:45 +01:00
Khem Raj
931430f94c icu: Fix build with glibc 2.26 
(From OE-Core rev: 8906f4dd8e47dbe075125767390f4351a81ae571)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2017-07-06 14:38:14 +01:00