mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-04-23 18:32:12 +02:00

Author	SHA1	Message	Date
Yue Tao	7e7f6efa05	gst-ffmpeg: fix for Security Advisory CVE-2013-0849 The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0849 (From OE-Core rev: 1a43a8054f51fbd542f3f037dc35f8b501e455bf) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:21 +01:00
Yue Tao	c884618ff7	gst-ffmpeg: fix for Security Advisory CVE-2013-0850 The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0850 (From OE-Core rev: 69f3f0f94f4fd224e5a6b275207adf0539d085c3) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:21 +01:00
Yue Tao	f52f366f5d	gst-ffmpeg: fix for Security Advisory CVE-2013-0856 The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0856 (From OE-Core rev: 571ccce77859435ff8010785e11627b20d8b31f4) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:21 +01:00
Yue Tao	e510fe69dc	gst-ffmpeg: fix for Security Advisory CVE-2013-0854 The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0854 (From OE-Core rev: b3d9c8f603ebdbc21cb2ba7e62f8b5ebb57c40c1) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:21 +01:00
Yue Tao	34e1e94df1	gst-ffmpeg: fix for Security Advisory CVE-2013-0851 The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0851 (From OE-Core rev: 8c9868d074f5d09022efc9419ee09eb805f68394) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	dda4671867	gst-ffmpeg: fix for Security Advisory CVE-2013-0858 The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0858 (From OE-Core rev: 0ee8754c973f5eff3ba4d00319a5308888c12b17) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	0255fd5917	gst-ffmpeg: fix for Security Advisory CVE-2013-0852 The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0852 (From OE-Core rev: 37f9371b44bd914fdd64e4c4e4448a2908512203) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	35773420b4	gst-ffmpeg: fix for Security Advisory CVE-2013-0845 libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0845 (From OE-Core rev: cc6e2ee53c49206aa3377c512c3bd1de2e14a7b7) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	6a134113db	gst-ffmpeg: fix for Security Advisory CVE-2013-0868 libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) len==0 cases. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0868 (From OE-Core rev: 29dcc2c8e834cf43e415eedefb8fce9667b3aa40) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	e1134f7a27	gst-ffmpeg: fix for Security Advisory CVE-2014-2099 The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2099 (From OE-Core rev: 3e27099f9aad1eb48412b07a18dcea398c18245b) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	7721eac43a	gst-ffmpeg: fix for Security Advisory CVE-2013-0865 The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0865 (From OE-Core rev: 4a93fc0a63cedbebfdc9577e2f1deb3598fb5851) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Yue Tao	46a9ffc167	gst-ffmpeg: fix for Security Advisory CVE-2014-2263 The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2263 (From OE-Core rev: 70bf8c8dea82e914a6dcf67aefb6386dbc7706cd) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Sebastian Wiegand	1532ea067d	distro_features_check.bbclass: fix wrong indentation To fix check of REQUIRED_DISTRO_FEATURES fix indentation in python code. [YOCTO #6349] Reported and written by: Sebastian Wiegand <sebastian.wiegand@gersys.de> (From OE-Core rev: 986db87a3931edce8be79f309d07497e4179a810) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 19:50:20 +01:00
Saul Wold	bb86520cb2	cups: fix for cups not building without avahi Backport upstream patch for CUPS issue: STR #4402 [YOCTO #6325] (From OE-Core rev: 7decf9dce56868e39902dac5957eb72f6e1e9acd) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:03 +01:00
Cristian Iorga	5eb03b6773	harfbuzz: upgrade to 0.9.28 (From OE-Core rev: 8462728aef78debaa15e33121b3ae733049a96ab) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:03 +01:00
Paul Eggleton	ac9707c501	libav: upgrade 9.x version to 9.13 (From OE-Core rev: 937a0da0861abb7656762b2a3fb69eb275dd4a9a) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:02 +01:00
Paul Eggleton	646fd85652	libav: upgrade 0.8.x version to 0.8.11 (From OE-Core rev: 206f34ac0c0b65768ec2b553a0cb8b93fe7e5ae3) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:02 +01:00
Chong Lu	250b58aa91	quilt: Update to 0.63 version Upgrade quilt to 0.63 version and add perl-module-text-parsewords to RDEPENDS of ptest. (From OE-Core rev: 48c09163db18634e3071009b94645812ade285f4) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:01 +01:00
Chong Lu	0a23586271	libpcre: Update to 8.35 version Upgrade libpcre to 8.35 version. (From OE-Core rev: 32c007bfc4fe7a0ba75644584bb80f8bdff09a01) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:01 +01:00
Yue Tao	00846f62a7	openssl: fix for CVE-2010-5298 Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298 (From OE-Core rev: 751f81ed8dc488c500837aeb3eb41ebf3237e10b) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:01 +01:00
Yue Tao	7719f580b6	tiff: fix for Security Advisory CVE-2013-4231 Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231 (From OE-Core rev: 19e6d05161ef9f4e5f7277f6eb35eb5d94ecf629) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:01 +01:00
Li Wang	058ce93c7e	nss: CVE-2013-1740 the patch comes from: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740 https://bugzilla.mozilla.org/show_bug.cgi?id=919877 https://bugzilla.mozilla.org/show_bug.cgi?id=713933 changeset: 10946:f28426e944ae user: Wan-Teh Chang <wtc@google.com> date: Tue Nov 26 16:44:39 2013 -0800 summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls changeset: 10945:774c7dec7565 user: Wan-Teh Chang <wtc@google.com> date: Mon Nov 25 19:16:23 2013 -0800 summary: Bug 713933: Declare the \|falseStart\| local variable in the smallest changeset: 10848:141fae8fb2e8 user: Wan-Teh Chang <wtc@google.com> date: Mon Sep 23 11:25:41 2013 -0700 summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org changeset: 10898:1b9c43d28713 user: Brian Smith <brian@briansmith.org> date: Thu Oct 31 15:40:42 2013 -0700 summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc (From OE-Core rev: 11e728e64e37eec72ed0cb3fb4d5a49ddeb88666) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Li Wang	64f817458a	nss: CVE-2014-1492 the patch comes from: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492 https://bugzilla.mozilla.org/show_bug.cgi?id=903885 changeset: 11063:709d4e597979 user: Kai Engert <kaie@kuix.de> date: Wed Mar 05 18:38:55 2014 +0100 summary: Bug 903885, address requests to clarify comments from wtc changeset: 11046:2ffa40a3ff55 tag: tip user: Wan-Teh Chang <wtc@google.com> date: Tue Feb 25 18:17:08 2014 +0100 summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie changeset: 11045:15ea62260c21 user: Christian Heimes <sites@cheimes.de> date: Mon Feb 24 17:50:25 2014 +0100 summary: Bug 903885, fix IDNA wildcard handling, r=kaie (From OE-Core rev: a83a1b26704f1f3aadaa235bf38094f03b3610fd) Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	09f471bfd0	subversion: fix for Security Advisory CVE-2013-4277 Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277 (From OE-Core rev: e0e483c5b2f481240e590ebb7d6189a211450a7e) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	ab6c3223a6	subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847 (From OE-Core rev: 3962b76185194fa56be7f1689204a1188ea44737) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	128adcb714	subversion: fix for Security Advisory CVE-2013-1845 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845 (From OE-Core rev: 432666b84b80f8b0d13672aa94855369f577c56d) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	722ff438b3	subversion: fix for Security Advisory CVE-2013-4131 The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4131 (From OE-Core rev: ce41ed3ca5b6ef06c02c5ca65f285e5ee8c04e7f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	e8d6c874a7	subversion: fix for Security Advisory CVE-2013-4505 The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505 (From OE-Core rev: 02314673619f44e5838ddb65bbe22f9342ee6167) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	4fc1cff43b	subversion: fix for Security Advisory CVE-2013-1849 Reject operations on getcontentlength and getcontenttype properties if the resource is an activity. (From OE-Core rev: 94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:08:59 +01:00
Yue Tao	210460d0f0	screen: fix for Security Advisory CVE-2009-1215 Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file. (From OE-Core rev: be8693bf151987f59c9622b8fd8b659ee203cefc) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:08:59 +01:00
Yue Tao	27aba0a8d9	Screen: fix for Security Advisory CVE-2009-1214 GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with world-readable permissions, which might allow local users to obtain sensitive session information. (From OE-Core rev: 25a212d0154906e7a05075d015dbc1cfdfabb73a) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:08:59 +01:00
Martin Jansa	901a28b661	lttng-modules: Fix build with older kernels for 2.3.3 as 2.4.0 Apply the change "lttng-modules: Fix 3.14 bio tracepoints" to 2.3.3 as well as 2.4.0. (From OE-Core rev: a419ad43a5b3aa5bc3aa095af4d79abe4c24b0d7) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:08:59 +01:00
Chen Qi	8293f56468	initrdscripts: fix for /run/media mount.sh in udev-extraconf was modified to use /run/media instead of /media. Unfortunately, our scripts in initrdscripts have some dependency on the auto-mounting mechanism proviced by udev-extraconf. So these scripts should also be fixed to use /run/media instead /media, otherwise, our live image cannot work correctly. (From OE-Core rev: be0327b6a900be5434b6b1f08277faf2f65d5da8) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:12 +01:00
Chen Qi	77b4b25c36	init-live.sh: list block devices correctly Instead of using 'ls /dev/sd*' command to list block devices, we should rather use 'cat /proc/partitions'. (From OE-Core rev: fc5dfad6490d0b3f2529f84ae9dfbd6b00b5c380) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:12 +01:00
Chen Qi	1899511918	udev-extraconf: fix the misuse of /run/media The error was introduced by the following commit. acfe3014d41de5e87cdbc58d0396349c6b9c3ffd udev-extraconf: update mount.sh to use /run/media instead of /media It accidently replaced 'device/media' by 'device/run/media' which causes error for live images to be unable to boot up correctly, complaining "Cannot find rootfs.img in /media/*". This patch fixes the above problem. (From OE-Core rev: 62ae16c40252f39ba28e072218d67f47b26b3535) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:12 +01:00
Cristiana Voicu	438b8661ad	packagegroup-core-lsb: fix warning text There should be just one warning thrown, instead of 3. (From OE-Core rev: 7c4fefcd7836c4f94836b96a07ad414f5ac1ca11) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:12 +01:00
Ross Burton	31c338c767	pango: enable ptest Install the test suite for ptest. The test suite needs some fonts to be present to depend on liberation-fonts. (From OE-Core rev: af387e788ed73130331536c7b22c6237e7c23c71) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:11 +01:00
Chong Lu	a62e952b81	syslinux-native: fix parallel building issue There might be an error when parallel build: [snip] cp: cannot create directory `tmp/sysroots/x86_64-linux/usr/share/ syslinux/com32/include/gplinclude': No such file or directory make[4]: * [install] Error 1 make[3]: * [gpllib] Error 2 [snip] This is a potential issue. In ${S}/com32/gpllib/Makefile file, install target wants to copy $(SRC)/../gplinclude to $(INSTALLROOT)$(COM32DIR)/include/ directory, but in ${S}/com32/lib/Makefile file, the install target will remove $(INSTALLROOT)$(COM32DIR)/include directory. We need to do com32/lib first. The patch make com32/gpllib depends on com32/lib to fix this issue. (From OE-Core rev: cae1a039658cfb47390650ad5b56536ff19e1217) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 14:53:11 +01:00
Saul Wold	b664c86187	libusb1: disable floating dependency on udev libusb added support for udev, but this causes a circular dependecny between udev and libusb, so hardcode the disable here. Also remove the patch that is no longer used. (From OE-Core rev: 5c0f8111f9ec5a2c3b2826946af5132aaa13a9b9) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-20 12:23:10 +01:00
Richard Purdie	874d81a5eb	gstreamer/lame: Better gcc 4.9 fix gstreamer/lame does runtime detection to enable/disable things like SSE code. Unfortunately it is broken and will try and use this even with i586 compiler flags. This change forces it back to the approach with gcc 4.8 by disabling the problematic headers. Its suboptimal but less so that the proposed previous forced enabling of SSE on x86 everywhere. (From OE-Core rev: e273301efa0037a13c3a60b4414140364d9c9873) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:27:45 +01:00
Gary S. Robertson	4152ac00e7	rt-tests: restore erroneously deleted patch files Commit "rt-tests: bump version 0.87 => 0.89" (SHA1 ID: 7996ca) erroneously deleted several patch files which were still required for proper function of the rt-tests recipe. These missing patches adversely affected builds of the hwlatdetect and hackbench utilities as well as other components. This commit restores the missing patches and allows the recipe to properly generate all the components once more. hwlatdetect and hackbench are built properly and the /usr/src/backfire directory is properly populated on the target system. (From OE-Core rev: 66daa92582a5a5643fd2e45aace1f5c009b2ded3) Signed-off-by: Gary S. Robertson <gary.robertson@linaro.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:44 +01:00
Tudor Florea	ac1acabc99	curl: remove inapporpriate file from curl release This is the adaptation for the a bugfix upstream The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release interfered with the upstream fix for https://sourceforge.net/p/curl/bugs/1350/ (From OE-Core rev: c5a52f5b5ae7c5528bc59ee7fb69a2f460a89b81) Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:44 +01:00
Saul Wold	67448158c7	libusb1: Update to 1.0.18 (From OE-Core rev: 62bccaa7979213555fced945b1b09e92683d4213) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:44 +01:00
Andrea Adami	85f51bb754	mips: add tune file for mips32r2 (only hard-float) Kernel and initramfs built and tested on GCW Zero (jz4770) (From OE-Core rev: 149885560e2fbc91c7f60226d015ba9842373e26) Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:44 +01:00
Paul Eggleton	2134fe8297	libsdl2: upgrade to 2.0.3 License checksum changed only because copyright year changed; the actual license text remains the same. (From OE-Core rev: 4abf6bb14f8f374e1dca31edc5edfbc1841904ca) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00
Paul Eggleton	113d53a233	dropbear: add missing patch header * Add a brief subject mentioning what the patch is for * Add Upstream-Status (From OE-Core rev: ce01282b24c6715c85f8dfac6df3e750e77a50b8) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00
Paul Eggleton	98c775496c	nfs-utils: upgrade to 1.3.0 (From OE-Core rev: 67787c97438f365564a91eb926900570bc979e41) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00
Paul Eggleton	882f0aac1a	ethtool: upgrade to 3.14 (From OE-Core rev: dffda81a2791165aa4300227d601867d5a82753c) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00
Paul Eggleton	0158dea3a5	openssh: move packaging definitions to the end (From OE-Core rev: 19efeb598c5fb527bd5bc473d7a7d78242ec05a0) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00
Paul Eggleton	944e261839	openssh: update to 6.6p1 (From OE-Core rev: f091dbd6324a89682d29cac0bd0ba40899c8bdd5) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-15 23:24:43 +01:00

1 2 3 4 5 ...

20775 Commits