A vulnerability was found in Avahi. A reachable assertion
exists in the avahi_alternative_host_name() function.
(From OE-Core rev: 3a9b67f222d6e004a8b56eedca6ff869e9aba710)
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in Avahi. A reachable assertion
exists in the avahi_rdata_parse() function.
(From OE-Core rev: 1b699ac1e8519cd488ee033919b9205283b7b465)
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in Avahi, where a reachable assertion
exists in avahi_dns_packet_append_record.
(From OE-Core rev: 8bd1980fd4175be3dd68987f8c5653409b76f544)
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in Avahi. A reachable assertion exists
in the avahi_escape_label() function.
(From OE-Core rev: bc211ae0e597d40f938f9a25bfc0fcbb228d90b6)
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A vulnerability was found in Avahi. A reachable assertion exists
in the dbus_set_host_name function.
(From OE-Core rev: f4286c3a3070fd50e334a48f1b7c068d34747115)
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In commit ceda3238 (meta/meta-selftest/meta-skeleton: Update LICENSE
variable to use SPDX license identifiers) all LICENSE variables were
updated to only use SPDX license identifiers.
This does the same for comments and other variables where it is
appropriate to use the official SPDX license identifiers. There are
still references to, e.g., "GPLv3", but they are then typically in
descriptive text where they refer to the license in a generic sense.
(From OE-Core rev: 165759dced7fbe73b1db2ede67047896071dc6d0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2021-36217 is treated as a duplicate of CVE-2021-3502.
Update the local-ping.patch to mark it resolve both.
(From OE-Core rev: 4d75d6c39f1faeb38191b55f1fa9311b63fcfb29)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
intltool was replaced with gettext in the 0.8 release.
(From OE-Core rev: 0438c8e73419c0a81bbb42f777eb3e36f4878e79)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Repo-wide replacement to use newer variable to represent systemd
system unitdir directory.
(From OE-Core rev: 5ace3ada5c54500c71becc8e0c6eddeb8bc053e3)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch isn't yet upstream but it has been submitted and other distros
are shipping it.
(From OE-Core rev: ea33a4a2df4600a55b268e9d57e7396c30f3d123)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This should greatly reduce dependency chains on the autobuilder;
the only affected recipe is remmina, where avahi support will be
disabled by default.
(From OE-Core rev: 5f68f2e72accecaad6210c71d7f1ffb069edf011)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue only affects Debian and SUSE.
(From OE-Core rev: 72522fa1a5f3b9b2855043fe6b421886d641385f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
According to the PACKAGES variable, LICENSE_avahi-client is misspelled.
Additionally, the libavahi-client package actually only includes
LGPLv2.1+ software (as opposed to the global LICENSE variable).
(From OE-Core rev: d8837b4735b5e96ae0f5542319e711dbda8c3849)
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Systemd service avahi-dnsconfd.service requires avahi-daemon.socket
and avahi-daemon.service which are from avahi-daemon. So make
avahi-dnsconfd rdepends on avahi-daemon.
(From OE-Core rev: 0a7277fda81d48960937ee91ceebc528aaf4272e)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The example service files are placed into /etc/avahi/services when we
run `make install` for avahi. This results in ssh and sftp-ssh services
being announced by default even if no ssh server is installed in an
image.
These example files should be moved away to another location such as
/usr/share/doc/avahi (taking inspiration from Arch Linux).
(From OE-Core rev: cd237348221457ec5bd31da19668a68bb911edc8)
Signed-off-by: Paul Barker <pbarker@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This ensures that avahi can compile for EGLFS distros (headless)
(From OE-Core rev: d3f6ffb148e8837f2f6ba81f07dbfd6bbec64726)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The split was building the same code twice, awkward to maintain,
and causing issues with upgrades.
Disabling the gtk bits can be easily done through the standard
PACKAGECONFIG mechanism when needed.
(From OE-Core rev: 33cfebfed51166e409cbb05ab7bbc3fff7c7f36d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes [YOCTO #13609]
avahi_0.7.bb defines 9 PACKAGES. However, avahi.inc generically sets
LICENSE to "GPLv2+ & LGPLv2.1+". The library specific
packages should be LGPLv2.1+ only.
(From OE-Core rev: bd10fa54a94e9ae44defddae573ce67d33a11979)
Signed-off-by: Matthew Zeng <matthew.zeng@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
(From OE-Core rev: 5f4875b950ce199e91f99c8e945a0c709166dc14)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When connman installed to image, /etc/resolv.conf is link to
/etc/resolv-conf.connman. So launch avahi-daemon after connman too
just same as after systemd-resolved.service.
(From OE-Core rev: b4673b5befa339b2ffc3c274b105ab96d730ea2d)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to fix CVE-2017-6519.
CVE: CVE-2017-6519
(From OE-Core rev: 979e3f4ac1e12228d368315169a32d5ab0209e91)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When built without D-Bus, libavahi-client is not build:
Building libavahi-client: no (You need avahi-daemon and D-Bus!)
which causes avahi-dev RDEPENDS failing when creating an image
containing development-tools:
* - nothing provides libavahi-client = 0.7-r0 needed by avahi-dev-0.7-r0.cortexa8hf-neon
(From OE-Core rev: 319532792435be73e96c8319e90336e1298ac2a1)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following error messages appear now and then at boot time.
avahi-daemon/chroot.c: open() failed: No such file or directory
Failed to open /etc/resolv.conf: Invalid argument
The problem is about /etc/resolv.conf. In Yocto's systemd based
systems, it's a symlink to /etc/resolv-conf.systemd which in turn
is a symlink to /run/systemd/resolve/resolv.conf. The systemd-resolved
service handles creation of /run/systemd/resolve/resolv.conf file.
So if avahi-daemon is started before systemd-resolved, the error messages
appear.
Fix this problem by making avahi-daemon start after systemd-resolved.
(From OE-Core rev: 647db1d9eb65b225ffbb6953f796232026bfa935)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch does nothing but reorganizing codes.
avahi.inc is shared by avahi and avahi-ui recipes. Move common things
into it, and move uncommon things out of it.
(From OE-Core rev: 75529d384bfeaf52befccb892cf41f22dc02668b)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: 6c0329389ffd82552c9302d70c8b2a1dfc94ce00)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These were added to the avahi-dev package back in 2011 before avahi-ui existed
at all. The problem of GTK+ being pulled in via avahi-dev was finally solved
with the avahi-ui split, so these explicit (and by being manually maintained,
incomplete) dependencies can be removed.
This also results in gettext-dev being removed from the dependency tree (the
gettext library API is provided by glibc/musl), which means that for a standard
image we don't need to build target gettext at all anymore.
(From OE-Core rev: 00ae3e03185f1044f3610dc7ba7da7bd3beb868a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Delete the unneeded patch, because the upstream contains the needed changes.
The new version of avahi 0.7 use "/run" directory to place some run-time
variable data, not /var/run, so in avahi.inc, we should remove the "/run"
not "/var/run".
Remove PACKAGECONFIG for pygtk which already dropped in upstream.
(From OE-Core rev: 80b408ae48eb091fc2af8b1570a7aac3cdc0b009)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.
uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.
(From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There's no way to ensure that files owned by the users aren't left
on the system at postrm time: Removing the user would mean those
files are now owned by a non-existing user, and later may be owned
by a completely unrelated new user.
[YOCTO #10442]
(From OE-Core rev: c1be2196e7ffb23b7b243ecd8aca1827cbdfa443)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The commit "054ea20 avahi-ui: Build with Gtk+3"
enabled gtk3 and disabled gtk2, which causes failure on
some package depends on gtk2, like gnome-disk-utility
in meta-openembedded/meta-gnome:
| checking for GTK2... yes
| checking for AVAHI_UI... no
| configure: error: Package requirements (avahi-ui >= 0.6.25) were not met:
|
| No package 'avahi-ui' found
The gtk2 and gtk3 feature for avahi-ui is not exclusive, so change
to use PACKAGECONFIG for them so we can easily enable/disable one
of them or both of them as needed.
(From OE-Core rev: bb44ef79c1ea9fb1d2e37978bcf964e62caaf4cd)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
