gen.c uses 512 as the path length which is a little short when build in
deep dir, and cause "too long" error, use PATH_MAX if defined.
(From OE-Core rev: 10e017fd3de3ff1ab0c1b32ac7a9610a04f8ff13)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a variety of problems such as typos, bad punctuations, or incorrect
Upstream-Status values.
(From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This will help one to disable the targets via bbappends if needed
e.g. musl can not compile irdaping since it uses includes
net/if_packet.h, which (on GLIBC) only defines struct sockaddr_pkt but
not in other libc e.g. musl that makes irdaping specific to glibc
(From OE-Core rev: 6369bff034a6ee8fbf7fd47d3f9ba46c3ac1a367)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix the building path is long, when building bind, we would meet the following
error.
".../long/path/to/bind/9.10.2-P3-r0/bind-9.10.2-P3/lib/dns" too long
This is because the in gen.c, DIRNAMESIZE is limited to 256. But in OE, the
path length limit is more than 400. So we change it to 512.
(From OE-Core rev: 2f22eb1ce8083afb929cce432b8dda84682520e8)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
fixes two secruity issues:
CVE-2015-5722 and CVE-2015-5986.
see release notes for more information.
ftp://ftp.isc.org/isc/bind9/9.10.2-P4/RELEASE-NOTES.bind-9.10.2-P4.html
(From OE-Core rev: 0dab62934e69019557ebae392dc8cb25e37748c2)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Makefile for mount and osd_login utilities forces
/sbin as asbindir, however on a merged /usr system this directory
might not exist. Instead sed in the system sbindir.
(From OE-Core rev: da8269ed0fd609699b23c2e3e6c61bc54f7b2832)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building with a merged /usr dir the udev directory
lives at /usr/lib/udev - update the FILES pattern to also
pick up udev files installed two levels below the / to
ensure a merged /usr works.
(From OE-Core rev: 9a55950eee49d1105d3593efed719a0a21dc3da3)
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We want the dep on pkgconfig-native, not pkgconfig, and the convention is to
inherit pkgconfig when running pkg-config at build time.
(From OE-Core rev: db71dca8fea9cb95858f1f1ec4e417a7a5f3aab4)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bind doesn't ship shared libraries only static libraries, so the default
dependency on PN from PN-dev is pointless and means that an image with bind-dev
installed (via dhcp-dev's automatic dependency) ends up with named installed and
started on boot which is rarely intended.
If and when we ship bind's shared libraries we should ensure that the libraries
go into a separate package.
Also remove an old comment about --enable-exportlib which isn't supported by
configure anymore.
[ YOCTO #8216 ]
(From OE-Core rev: f28757a4b89447ea528cba987f0396b92aa0bbfe)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ptests were failing and many more were being silently skipped because
required binaries were not being built.
Build the binaries in regress/ and set SUDO environment variable in
run-ptests: after this all tests in regress/ are now run. Continue to
skip building binaries in regress/unittests/: unittest runtime is
excessive.
On a NUC running intel-corei7-64 core-image-sato, new results are:
PASS: 55, SKIP: 3, FAIL: 0
[YOCTO #8153]
(From OE-Core rev: 1f7aaf76f4aa7875f05f4b838a5ec4594a4c35dc)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The original commit "wpa-supplicant: Fix CVE-2015-4142" included the
patch file but didn't apply it into the recipe, so the backport has
not been effective.
Reported-by: Adam Moore <adam.moore@savantsystems.com>
(From OE-Core rev: 2a8944b63b7249500f1b6b292ce1a87b82699f3d)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
9.10.2-p3 includes the fix for CVE-2015-5477:
BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote
attackers to cause a denial of service (REQUIRE assertion failure
and daemon exit) via TKEY queries.
(From OE-Core rev: 5094354a2811825e6d60963f03959daa349cab23)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Modify the dhcp.inc with using the variable ${PN} instead of direct
packagename, so that the content will not be override after expanding
while we build the lib32-dhcp package with FILES_${PN}-xxxx_append.
(From OE-Core rev: c758dcc3109a5b491d13373073214bf526943497)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
upgrade to fix CVE-2015-4620:
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x
before 9.10.2-P2, when configured as a recursive resolver with DNSSEC
validation, allows remote attackers to cause a denial of service (REQUIRE
assertion failure and daemon exit) by constructing crafted zone data and
then making a query for a name in that zone.
(From OE-Core rev: d12befdf03500a0c72b661caf1a8fe81a20b6163)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The .inc file contains so much version-dependent logic (for example behaviour of
libexecdir and location of installed daemon) that there's not really any point
in having the two split.
(From OE-Core rev: 40ffba7a7f0f32f0c8073a457a393891a31f8555)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Overriding libexecdir was required when neard did funky things in the Makefile,
but it doesn't anymore.
(From OE-Core rev: a01b29fdcf37c5231846265b97ee599e8321cdee)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* add leading space so that it works even with some .bbappend adding
additional files to SRC_URI without trailing space
(From OE-Core rev: 0f282f1d4946ac6e81959c66172c115405632a26)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mostly a bug fix release.
Fixes in several different areas, including OPP,
ATT and advertising (instance number handling in particular).
Fix for handling a sudden disconnect when a connection setup
process hasn’t yet completed.
New feature: ability to select between letting the stack
handle ATT security elevation or doing the respective
error handling in higher layers.
(From OE-Core rev: 705c276caa9d30828887ebc3d85d49ca496d991e)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This upgrade fixes CVE-2015-1793
Removed openssl-fix-link.patch. The linking issue has been fixed in openssl.
(From OE-Core rev: 631632addbc81b06b7accfca8f8a9871d6b09111)
Signed-off-by: Jan Wetter <jan.wetter@mikrom.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add /etc/modules-load.d/nfsd.conf so that the system loads nfsd at start-up.
Add proc-fs-nfsd.mount systemd unit file because it's needed for nfs server
to start correctly.
After this change, in a systemd based image, we can use `systemctl start
nfs-server' to start the nfs server and things would work correctly.
(From OE-Core rev: 3d4380bb36eb108dc75fee7215b615f7800b0990)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
call "exportfs -r" to reexport all directories when start the nfsserver.
This change does follow debian and nfs-utils stardard.
(From OE-Core rev: 967aa21662930fe5584485d820eb7959a29815bb)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
upgrade to fix the CVE: CVE-2015-1788..CVE-2015-1792 and CVE-2014-8176
remove a backport patch
update the c_rehash-compat.patch
(From OE-Core rev: 5a70e45b8c6cb0fa7ea4fe1b326ad604508d00cb)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mostly a bug fix release,
with the the following improvements:
- support for handling BNEP setup response;
- support for setting GATT database security flags;
- support for setting discovery filters interface;
- support for user controlled advertising interface.
(From OE-Core rev: 72bf99d2d9a4a8030cec47b39aa18811752ca254)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Use $libexecdir and $libdir as appropriate so the files are packaged correctly
when libexecdir != $libdir/$BPN.
(From OE-Core rev: 53c5a6b97f254725ae5d19af4977486ab84d1ea5)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The D-Bus config is not systemd-specific. It is required for the D-Bus
communication to be operational.
This reverts commit e658ee16dc026b96f67a4c9666d3eb7bf7027de3.
(From OE-Core rev: 2587b83faabdc8858e8746201805369ed8d53ba8)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream ships a systemd service file now, so we don't need this anymore.
(From OE-Core rev: 9a685d60b0549626cccea5fea8f22a57c2306f81)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix build on Fedora 21 i686.
When building on x32 systems where the default type is 32bit,
make sure that 64bit integers can be represented transparently.
(From OE-Core rev: cd3eddcf2842b9a360f72caf4337ab2968462bb2)
Signed-off-by: Cristian Iorga <cristian.iorga@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The BLUEZ is default to bluez5, but there is only PACKAGECONFIG[bluez4],
no PACKAGECONFIG[bluez5], add a dummy PACKAGECONFIG for bluez5 to avoid
confusing the user, and avoid the warning.
(From OE-Core rev: f2a09e6170e68f4892f3c7cb9d27a4365efa94e8)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The PACKAGECONFIG[alsa] had been removed when upgraded to 5.12 since it
was not supported any more.
(From OE-Core rev: 503c7025522baa1b70336f84a26a15896e3303f3)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bind can fail configure by detecting headers w/o libs, or
it can fail the host contamination check. More details
are within the commit log in the contained patch.
(From OE-Core rev: 6fa5671c5cf8e5e88c5ad1e39742d59453e02695)
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previous patch had a concern as well and this is a direct backport of
the patch fixing the problem.
(From OE-Core rev: 3d48bb6d2d65d0837dcacc262633a55053652e5f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1. upgrade to 2.4
2. update the checksum, and license checksum since date in it is changed
3. Backport a patch to fix CVE-2015-1863
4. remove two deprecated patches
(From OE-Core rev: fd0880c2b0958b72d641a6821ddd6d6790a92b7a)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310
Buffer overflow in the rc_mksid function in plugins/radius/util.c in
Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is
greater than 65535, allows remote attackers to cause a denial of
service (crash) via a start accounting message to the RADIUS server.
oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not
effected, but I found this buggy codes are same between 2.4.6 and
2.4.7, and 2.4.7 should have this issue.
(From OE-Core rev: 5b549c6d73e91fdbd0b618a752d618deb1449ef9)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patch is submitted upstream as well
(From OE-Core rev: 40016c7c19abdbdae4fcd86fab9672631f26712b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
