mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-25 06:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
52,541 Commits 38 Branches 623 Tags
f89486cda1508dcf5e4704eec4e44e45c0d1a66e
Commit Graph

2034 Commits

Author SHA1 Message Date
Alexander Kanavin
a384248938 boost: update to 1.69.0 
Drop upstreamed reproducibility-add-file-directive-to-assembler.patch

Drop signals library as upstream has removed it:
https://www.boost.org/users/history/version_1_69_0.html

(From OE-Core rev: 894d2867275e72caac9181ea3b859d7595268f7f)

(From OE-Core rev: 4f14eacc4806d9b824045b5b782746c5954dbe2d)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-02-06 16:38:30 +00:00
Khem Raj
8ae70ff876 gnupg: Upgrade to 2.2.12 release 
(From OE-Core rev: af3e1bbcc615adfc1f915448afe9c794ad938522)

(From OE-Core rev: e3ef28a7a131f89b9718ef7039d85ef481c7b1de)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-02-06 16:38:30 +00:00
Anuj Mittal
e1ade036e8 libatomic-ops: upgrade 7.6.6 -> 7.6.8 
For changes, see:

https://github.com/ivmai/libatomic_ops/compare/v7.6.6...v7.6.8

Also switch to using tarball release instead.

(From OE-Core rev: a33170ff9a7abc5689e266e093069fd716c62622)

(From OE-Core rev: 88581ac9f694e950bdbe6f26eb164b23d3b5530c)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-02-06 16:38:30 +00:00
Zheng Ruoqin
bb2d4def8d nss: Fix SHA_HTONL bug for arm 32be. 
Rpm use nss as digest crypto library and which will cause an error as follows:

error: test-manual-1.2.3-20181012.noarch.rpm: Header SHA1 digest: BAD (Expected
f1deb7dc4a10742d88ccd1e967dbc62ae45095a5 !=4ad9d7dad6d70d6086eefec62612ad5d77f2fe81)  => this value is wrong
error: test-manual-1.2.3-20181012.noarch.rpm: not an rpm package (or package manifest)

The error is caused by SHA_HTONL in nss, for there is no need to reverse the host value for arm 32be, so fix it.

(From OE-Core rev: 257a1ccd16928dff64aa4d2e1553f52e910edbb2)

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:44 +00:00
Ross Burton
72c040ef58 libtasn1: no need to inherit binconfig 
This recipe doesn't ship a *-config binary, so don't inherit binconfig.

(From OE-Core rev: 8b7d74aa7bb73daf84593fafde3eef4595918b63)

(From OE-Core rev: 8fd1b5fb464a3b72c94dffb3535e244b72c18b02)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:43 +00:00
Mingli Yu
06558e8263 nspr: improve reproducibility 
Remove _BUILD_STRING and _BUILD_TIME in _pl_bld.h
to avoid introducing timestamp in the .so library
such as libnspr4.so as below:
 $ readelf --wide --decompress --hex-dump=.rodata libnspr4.so
 [snip]
  0x00004000 32303138 2d31312d 31352030 353a3439 2018-11-15 05:49
 [snip]

[YOCTO #12639]

(From OE-Core rev: a3ca6272845c33f48430210470f133034ad8399d)

(From OE-Core rev: af18be423ead8a5aabf29dcf2fa5fcb874edd24d)

Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:43 +00:00
Hongxu Jia
26750a75dc libgcrypt: upgrade 1.8.3 -> 1.8.4 
(From OE-Core rev: 1100e7f1519be91c90b139c337799c7ea635a8b3)

(From OE-Core rev: 6187f5eff556d5f308fa6812dc5335a2769cb249)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:42 +00:00
Hongxu Jia
ce93ac6395 gnupg: upgrade 2.2.10 -> 2.2.11 
(From OE-Core rev: 4a373ce7d718ee3299bcf7f9fa62e7337d41e40a)

(From OE-Core rev: 65134404a6572f126e159503a079d5b8d3e1c1d5)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:42 +00:00
Hongxu Jia
98d689400d gnupg: upgrade 2.2.9 -> 2.2.10 
(From OE-Core rev: 5efe9eb79ac325f55fc52f67b522afaf7ebb847a)

(From OE-Core rev: 5c8a8465d24b33f53a7e3bc4dc1d0dfbb14685d6)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:42 +00:00
Armin Kuster
6b673012d9 gnutls: update to 3.6.4 
Notable change:

libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
see: https://lists.gnupg.org/pipermail/gnutls-help/2018-September/004457.html

(From OE-Core rev: 0697141e7be0b755db600aa0d5a975eac62cc7b8)

(From OE-Core rev: 7c062c9d2c48cd758b3ca9a4c7a5b26d74b9c1e3)

Signed-off-by: Armin Kuster <akuster808@gmail.com>

--
[v2]
Fix typo in version in subject

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:42 +00:00
Douglas Royds
d513b1d6bb boost-context: Reproducibility: Set .file section for all *_elf_gas.S files 
Add a .file directive explicitly for all *_elf_gas.S files to prevent the linker
adding a host build-system path as a FILE symbol to the object file.

This replaces the existing patch that added the .file directive to a small
subset of these files.

Upstream-Status: Submitted [https://github.com/boostorg/context/issues/91]
(From OE-Core rev: 5ff5f89f2db079a6baf0275ebf1333b4b9642504)

(From OE-Core rev: 763398b87c257ab672430bedd01004b9317d02b2)

Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-01-08 20:14:42 +00:00
Ross Burton
eddff2b361 curl: actually apply latest CVE patches 
(From OE-Core rev: f0394e80a37f1da47042a1aa0487594f390603f9)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-09 17:46:18 +00:00
Serhey Popovych
e1f8c4dac8 libgpg-error: Support build for native on ppc64/ppc64le hosts 
Both RHEL and SLES uses ppc64/ppc64le for powerpc 64 bit big/little
endian targets instead of powerpc64/powerpc64le in libgpg-error.

Also libgpg-error provides common target system names in form like
<arch>-unknown-linux-gnu.

Add mapping for ppc64/ppc64le targets to their libgpg-error equivalents
to fix native builds.

Cross build for arm64 tested on IBM Power 8 machine with RHEL7 for
ppc64le variant only, but should work for ppc64 as well.

(From OE-Core rev: f1af780769477f06eb925fd87c844baba04ada2d)

Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:55 +00:00
Chen Qi
ade79d7799 gdbm: fix ptest failure 
Some of gdbm's ptest cases require gdbmtool, which is packaged into
${PN}-bin. So extend the RDEPENDS_${PN}-ptest to include the package.

(From OE-Core rev: e188a75aa882efc98b8390f43f18279c3707314a)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:55 +00:00
Peter Kjellerstedt
6b15bfed10 libgpg-error: Trim license info extracted from init.c & gpg-error.h.in 
License-Update: Only extract relevant parts from init.c & gpg-error.h.in
(From OE-Core rev: a5c1ff6deb6393666745889eee8297112848ba28)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:54 +00:00
Peter Kjellerstedt
73868d36be apr-util: Trim license info extracted from apu_version.h 
Two unrelated lines were extracted from apu_version.h for the license
information.

License-Update: Only extract the relevant part from apu_version.h
(From OE-Core rev: 2edb0f24a13f27b2fae94fb447221ad2ddb924a0)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:54 +00:00
Peter Kjellerstedt
90b25e48d1 apr: Trim license info extracted from apr_lib.h 
Two unrelated lines were extracted from apr_lib.h for the license
information.

License-Update: Only extract the relevant part from apr_lib.h
(From OE-Core rev: 90ab83ecc509c2fdc1f6083d771031decdcaad63)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:54 +00:00
Changqing Li
c67e7d1eb3 curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842 
(From OE-Core rev: 0f0db9fc8512a0ecd0cdba3304a195cd925a5029)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:54 +00:00
Armin Kuster
7e3e19064d nss: update to 3.39 includes CVE-2018-12384 
see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes

(From OE-Core rev: 9d5d19cee30ac73b9fbf75308e5729857384983e)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-11-07 23:08:54 +00:00
Grygorii Tertychnyi
3ca7d58e6f curl: extend CVE_PRODUCT 
There are both "curl" and "libcurl" CPEs in NVD.
All "curl" CVEs are now missed in the reports.

Hence, switch "CVE_PRODUCT" to a space separated list
of the items.

(From OE-Core rev: 69ff709c2450c42139fd9705e3a74464221ad754)

Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-29 17:01:45 +00:00
Alexey Brodkin
06aa8ccade mpfr: Fix compilation for ARC 
MPFR has a couple of things implemented in assembly and in case of
ARC those parts were written long ago when ARC GCC port was not yet
upstreamed. On upstreaming of GCC some constraints were changed and
so we can no longer build MPFR for ARC with up-to-date tools seeing
something like that:
| In file included from ../../mpfr-4.0.1/src/mpfr-impl.h:112,
|                  from ../../mpfr-4.0.1/src/mul.c:24:
| ../../mpfr-4.0.1/src/mul.c: In function 'mpfr_mul':
| ../../mpfr-4.0.1/src/mpfr-longlong.h:415:3: error: impossible constraint in 'asm'
|    __asm__ ("add.f\t%1, %4, %5\n\tadc\t%0, %2, %3"   \
|    ^~~~~~~

(From OE-Core rev: 887a062ca139014ae6dfd1919e0ff9a5ef4db35e)

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-18 23:26:35 +01:00
Alexey Brodkin
e95caf1ebd libgpg-error: Add ARC support 
(From OE-Core rev: 2d9dbcc638cc39b935b89b6e66ed216ea9b05d62)

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-18 10:56:55 +01:00
Kai Kang
9e958c9023 nss: fix non-determinism when create a blank certificate 
It uses certutil from nss to create a blank certificate. But the
checksum of database file key4.db changes every time:

$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906  cert9.db
b892c5ff7c1977d4728240b0cf628377  key4.db
7b9136cb03f07ae62eb213a5239fda71  pkcs11.txt
$ rm *

$ certutil -N -d sql:. --empty-password
$ md5sum *
f9dac2cfcb07cc8ca6db442a9a570906  cert9.db
405d55178e866a115c1aa975fccfa764  key4.db
7b9136cb03f07ae62eb213a5239fda71  pkcs11.txt

Provide pre-created databases with a blank certificate to fix
non-determinism issue. And these database files are from nss qemux86-64
build.

(From OE-Core rev: e64a30f7af87fa960b012ace92c51b88e8abae68)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-12 16:57:21 +01:00
Ross Burton
55fe5156ea libproxy: correctly disable the KDE module 
The configuration option is WITH_KDE now, as it supports both KDE4 and KDE5.

(From OE-Core rev: 2a5d1db6643482dd06a456e303c6f6bc88059813)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-11 23:06:35 +01:00
Pascal Bach
814be37428 libproxy: disable python2 and python3 support 
The option WITH_PYTHON got replaced by
WITH_PYTHON2 and WITH_PYTHON3.

(From OE-Core rev: 91fe0fb4c7d48cf8fb02fbde26fe5657d5d9a491)

Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-11 23:06:35 +01:00
Peter Kjellerstedt
c7bd5c98dd acl: Make it compatible with externalsrc 
Make the subdir fetch path for configure.ac relative. This avoids the
following error after having done `devtool modify acl`:

ERROR: acl-2.2.52-r0 do_unpack: Unpack failure for URL:
'file://configure.ac;subdir=.../builds/qemux86-64/workspace/sources/acl'.
subdir argument isn't a subdirectory of unpack root
.../builds/qemux86-64/tmp/work/core2-64-poky-linux/acl/2.2.52-r0

(From OE-Core rev: 8a12bb7349bce29403077e18875563a9b0770838)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-10 17:59:09 +01:00
Peter Kjellerstedt
ba6e02c195 libgcrypt: Add the LICENSES file to LIC_FILES_CHKSUM 
The LICENSES file contains references to source files with other
licenses than GPL/LGPL that stipulate that they shall be mentioned in
any documentation accompanying a product including this library.

License-Update: Add missing LICENSES file
(From OE-Core rev: 67bc0b3babd922c800a03c1370d6d33a75f273c1)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-09 19:04:02 +01:00
Peter Kjellerstedt
bea58aea43 curl: Include the complete license information 
For some reason, the copyright part was left out of the license
information included in LIC_FILES_CHKSUM, preventing it from being
used in, e.g., documentation to satisfy the requirements of the
license.

License-Update: Include the complete license information
(From OE-Core rev: 390becd2dcf4fe791ec3715a74e34a46bd457e7a)

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-09 19:04:02 +01:00
Ross Burton
d89034988e libsoup: upgrade to 2.62.3 
Freeze-breaking upgrade for a security bug fix involving cookie URLs, and a
number of static analysis fixes.

Drop CVE-2018-12910.patch as this is merged in 2.62.3.

(From OE-Core rev: a8098782fab87498026a09c06716b631c77c5ad6)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-09 19:04:02 +01:00
Maksym Kokhan via Openembedded-core
74d8acaa0f libusb: ptest: don't skip debug output and fix failures processing 
Current run-ptest script prints nothing, when stress tests fail.
Fix it in new implementation, discarding external dependency on sed.
Also leave in place all stress output, just add standard ptest result.

Fixes: 3f0106bf2e41 ("libusb: Add ptest")
(From OE-Core rev: cd05029c78dea48c20f9acb2c5fee56b19193f22)

Signed-off-by: Maksym Kokhan <maksym.kokhan@globallogic.com>
Reviewed-by: Andrii Bordunov <andrii.bordunov@globallogic.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-08 14:13:54 +01:00
Kai Kang
0ceeae575b libcheck: avoid multilib install file conflict 
The first line of output of '$CC --version' is written to check_stdint.h
as a comment line. It causes multilib install file conflict.

Do not echo compiler version info to check_stdint.h to fix the issue.

(From OE-Core rev: f9db6ac8044495f9299fb0e962d3d6838bbce08f)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-10-04 14:21:41 +01:00
Vernon Mauery
22cbd08cb1 boost: build context and coroutine for arm 
When cross-compiling for arm architecture, bjam fails to properly
detect the abi, which causes a failed conditional to omit the
assembly code that supports the platform.

(From OE-Core rev: 920f2c479c3cf30d92f79dc9098e5915c05cc5e1)

Signed-off-by: Vernon Mauery <vernon.mauery@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-26 15:13:46 +01:00
Alexey Brodkin
d5354055a6 icu: Add ARC support 
(From OE-Core rev: 7b7b0fb8c27d06919f537a272107fc3f0b9cf9e5)

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:47 -07:00
Antoine Tenart
3efeb11bd6 nspr: Add ARC support 
[Alexey: Rebased on top of other patches like RiscV, NIOS2 etc]

(From OE-Core rev: bc9259fad8f90f0cbabd3db7509c401b071e4ff3)

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:47 -07:00
Alex Kiernan
1ad1a557cb p11-kit: Add PACKAGECONFIG for trust paths 
Add trust-paths PACKAGECONFIG item which enables support for default
trust-paths in /etc/ssl/certs/ca-certificates.crt

(From OE-Core rev: d63f16f03ad60ab77fd5c78de1bbf1f248c51c6e)

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:47 -07:00
Alex Kiernan
e7e081aa2a p11-kit: Upgrade from 0.22.1 -> 0.23.14 
p11-kit is no longer doing odd/even for development/stable releases, so
drop the custom UPSTREAM_CHECK_GITTAGREGEX.

(From OE-Core rev: 1a38f27342c5a40f81e579b2d0feb7b6e9880ac7)

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:47 -07:00
Alex Kiernan
784a3f8198 gpgme: Inherit from distutils-common-base 
Inherit from distutils-common-base and pythonnative/python3native to
avoid runtime dependency on Python, whilst still fixing clang builds.

Fixes: 8bfb54edc6fa ("gpgme: Inherit distutils3-base")
Suggested-by: Khem Raj <raj.khem@gmail.com>
(From OE-Core rev: 4e1e914101146149cbfd70ff00cfcd0fdcf1a88c)

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:46 -07:00
Ross Burton
4569d6163d fribidi: use Meson instead of autotools 
Upstream is moving to Meson, so backport a patch to use that instead of
autotools.

(From OE-Core rev: d297f7ebf3f62528d055e1938a9693d6f3a61935)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:46 -07:00
Ross Burton
51749fb8db fribidi: rename directory to match recipe 
(From OE-Core rev: 979b247c558eeb151fce925ee6600700ef20f869)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-21 18:45:46 -07:00
Zhixiong Chi
7796602c95 curl: CVE-2018-14618 
Backport the CVE patch from the upstream
57d299a499.patch
https://curl.haxx.se/docs/CVE-2018-14618.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14618

(From OE-Core rev: b76903b4b7bfec71be0a8a14e2cab4e2ec852222)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-20 05:41:32 -07:00
Ross Burton
932e5c6e59 gnupg: patch gnupg-native to allow path relocation 
GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as
gpg-agent.  This breaks if gnupg-native is reused from sstate for a different
build directory and GPG signing of packages is required.

Patch in getenv() checks for gnupg-native when returning the hardcoded paths,
and create a wrapper script which overrides GNUPG_BINDIR. There are more paths
that can be overridden, but this one is sufficient to make GnuPG work.

(From OE-Core rev: dfd69ff889ed78bf137116583d8ae351859ee203)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-20 05:41:32 -07:00
Changqing Li
f564b44515 apr-util: fix ptest fail problem 
Test suite test_dbm failed after gdbm upgrtade to 13.1,
from 13.1, return value of some function are changed.

* gdbm_fetch, gdbm_firstkey, and gdbm_nextkey behavior

If the requested key was not found, these functions return datum with
dptr pointing to NULL and set gdbm_errno to GDBM_ITEM_NOT_FOUND (in
prior releases, gdbm_errno was set to GDBM_NO_ERROR),

(From OE-Core rev: 0952c190fc6aec333676ce3883e8232fa8595551)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-13 17:38:07 +01:00
Kai Kang
d577afd930 multilib: fix install file conflicts 
Fix install files conflicts between multlib packages by inherit multilib_script:

| file /usr/bin/cairo-trace conflicts between attempted installs of lib32-libcairo-perf-utils-1.14.12-r0.x86 and libcairo-perf-utils-1.14.12-r0.core2_64
| file /usr/bin/icu-config conflicts between attempted installs of lib32-icu-dev-62.1-r0.x86 and icu-dev-62.1-r0.core2_64
| file /usr/bin/gpgrt-config conflicts between attempted installs of lib32-libgpg-error-dev-1.32-r0.x86 and libgpg-error-dev-1.32-r0.core2_64

(From OE-Core rev: 52f2dd97e9dd20dea0f3cdeb2df490d1a4c646aa)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-13 07:42:28 +01:00
Khem Raj
bbcc6ab93b serf: Document and add upstream status field for 0003-gen_def.patch 
(From OE-Core rev: 60909e5d4ac94ed77699a569960bb689acb432dd)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-11 09:05:35 +01:00
Martin Jansa
b7e3f3ff4b attr: use u-a for setfattr 
setfattr is now provided also by busybox since 1.29.2 upgrade and
do_rootfs is failing with:
update-alternatives: Error: not linking usr/bin/setfattr to /bin/busybox.nosuid since
usr/bin/setfattr exists and is not a link

(From OE-Core rev: d633633f3d83467fe1f946c57e2e75e0e774ec7e)

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-11 09:05:35 +01:00
Yi Zhao
1589ac43db taglib: Security fix CVE-2018-11439 
CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in
oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause
information disclosure (heap-based buffer over-read) via a crafted audio
file.

References:
https://nvd.nist.gov/vuln/detail/CVE-2018-11439

Patch from:
272648ccfc

(From OE-Core rev: a300c4917b6c22ef039158be7ae92055c35658d4)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-10 12:13:06 +01:00
Ross Burton
a81753fff9 libbsd: drop obsolete patch 
This was only needed with old pkg-config, but we have 0.29.2 so this can be
dropped.

(From OE-Core rev: 27605fc88d0dc8021abeccc38bab286f56a92736)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-10 12:13:06 +01:00
Alexander Kanavin
74dacabf15 gdbm: update to 1.18 
(From OE-Core rev: 76ef43b208e3b2bd2616171c7781629e060809cc)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-10 12:13:06 +01:00
Alexander Kanavin
f82ede6363 boost: update to 1.68.0 
(From OE-Core rev: fb646ea311c589a51ef76eea7581e63f8a8f6bbd)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-10 12:13:06 +01:00
Alexander Kanavin
2dcfeb3c6b iso-codes: update to 4.1 
(From OE-Core rev: e54933e41dc7584bb9f30c7992326fbd387088cf)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2018-09-10 12:13:06 +01:00