summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* nostromo: Blacklist and exclude from world buildsArmin Kuster2021-05-141-0/+3
| | | | | | Host site is dead. Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ostree: switch from default master branch to main to fix do_fetch failureMartin Jansa2021-05-131-1/+1
| | | | | | | * branch was renamed in upstream repo Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libupnp: Fix CVE-2020-13848Andrej Kozemcak2021-04-232-1/+77
| | | | | | | | | | | Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13848 Upstream-Status: Accepted [https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0] CVE: CVE-2020-13848 Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix CVE-2021-30004Stefan Ghinea2021-04-232-0/+124
| | | | | | | | | | | | | | | | | | | | | In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. References: https://nvd.nist.gov/vuln/detail/CVE-2021-30004 Upstream patches: https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e2bd6a52bf689b77b237eaee3067d2b0b6eee3d5) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 98c5cddf677addcb9aa296a7437b92100a478566) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 730de4763a508234d09c755c838cdc4c8dd49493) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix CVE-2021-0326 and CVE-2021-27803Mingli Yu2021-04-233-0/+99
| | | | | | | | | | | Backport 2 patches to fix two CVEs. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5a085c588adaf79bb2bca7921c82d893877b28a1) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 845bd5a5f15bd80cecbf5c0716af3eaca5669632) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix CVE-2019-5061Mingli Yu2021-04-232-0/+855
| | | | | | | | | | | | Backport a patch to fix CVE-2019-5061. Reference: https://security-tracker.debian.org/tracker/CVE-2019-5061 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 04ba527e94c8ecd7a95a9ed16cc27c2f5833f849) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libyui: switch to libyui-old repo which still has this SRCREVMartin Jansa2021-04-231-1/+1
| | | | | | | | | | | | | | | | * 8459235919f592b1bc099ecf9a947cb6344b6fa5 doesn't exist in current repo: libyui$ git branch -a --contains 8459235919f592b1bc099ecf9a947cb6344b6fa5 error: no such commit 8459235919f592b1bc099ecf9a947cb6344b6fa5 * there are no common commits in the new libyui repo, but luckily old repo is kept as https://github.com/libyui/libyui-old similarly libyui-ncurses now contains only README about being obsolete in: https://github.com/libyui/libyui-ncurses but at least it wasn't rewritten to have the new content Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* telepathy-glib: respect GI_DATA_ENABLED when enabling vala-bindingsMartin Jansa2021-04-231-1/+3
| | | | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* uml-utilities: fix installed-vs-shipped with usrmergeMartin Jansa2021-04-231-3/+2
| | | | | | | | | | | | | | | * fixes: ERROR: uml-utilities-20040406-r1 do_package: QA Issue: uml-utilities: Files/directories were installed but not shipped in any package: /usr/lib/uml/port-helper Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. uml-utilities: 1 installed and not shipped files. [installed-vs-shipped] * pass LIB_DIR instead of using default value from Makefile: $ grep LIB_DIR.*= tools/port-helper/Makefile LIB_DIR ?= /usr/lib/uml Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireguard: fix build issue with updated 5.4 kernelArmin Kuster2021-04-072-1/+34
| | | | | | | | error: static declaration of 'icmp_ndo_send' follows non-static declaration | 959 | static inline void icmp_ndo_send(struct sk_buff *skb_in, int type, int code, __be32 info) | | ^~~~~~~~~~~~~ Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-meta-oe: add guiderMartin Jansa2021-04-071-1/+1
| | | | | | | * now when it's not depending on meta-python2 we can add it without conditional Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-meta-oe: move the packages depending on meta-python2 to ↵Martin Jansa2021-04-071-5/+25
| | | | | | | separate packages Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* packagegroup-meta-oe: include nodejs without meta-python2 conditionalMartin Jansa2021-04-071-3/+2
| | | | | | | | | | | | | | | * it doesn't depend on meta-python2 since: commit eaf9cfb01864a7a64c6ba4142283a8cf76cadd9a Author: Martin Jansa <martin.jansa@gmail.com> Date: Thu Jan 23 17:44:06 2020 +0100 nodejs: use python3native Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ceres-solver: prevent fetching git hook during do_configureMartin Jansa2021-04-071-0/+8
| | | | | | | | | | | | | | | | | | | | | | * today I've found 2 jenkins jobs stuck way too long sitting in this do_configure Bitbake still alive (5000s) Bitbake still alive (10000s) Bitbake still alive (15000s) Bitbake still alive (20000s) Bitbake still alive (25000s) Bitbake still alive (30000s) ... manually killed, the CMake ... ERROR: ceres-solver-1.14.0-r0 do_configure: Execution of 'ceres-solver/1.14.0-r0/temp/run.do_configure.39438' failed with exit code 143: ... | -- Detected Ceres being used as a git submodule, adding commit hook for Gerrit to: ceres-solver/1.14.0-r0/git/.git | ceres-solver/1.14.0-r0/temp/run.do_configure.39438: line 213: 39485 Terminated cmake -G 'Ninja' -DCMAKE_MAKE_PROGRAM=ninja ... I've seen it with dunfell and gatesgarth, but master has the same ADD_GERRIT_COMMIT_HOOK function (just in newer ceres-solver release), so probably needs the same. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* Update commit for version 3.9.7Peace Lee2021-04-071-1/+1
| | | | | | | | | | | commit hash for version 3.9.7 is invalid because previous commit hashes chagned by git filter-branch command are restored Signed-off-by: Peace Lee <iipeace5@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit fdbfb6ce9943a1739220c87c3f8b5ea7bdfabd84) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* guider: Upgrade to 3.9.7Peace Lee2021-04-072-39/+19
| | | | | | | Signed-off-by: Peace Lee <iipeace5@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 93c9a20bf358bc10c2d99fc1d3c7247145344c29) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opencv: refresh patches with devtool to apply cleanlyMartin Jansa2021-04-0711-118/+126
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes: WARNING: opencv-4.1.0-r0 do_patch: Fuzz detected: Applying patch CVE-2019-14491.patch patching file modules/objdetect/src/cascadedetect.cpp Hunk #1 succeeded at 46 with fuzz 1 (offset -1 lines). Hunk #2 succeeded at 540 (offset -1 lines). Hunk #3 succeeded at 552 (offset -1 lines). Hunk #4 succeeded at 613 (offset -1 lines). Hunk #5 succeeded at 774 (offset -1 lines). Hunk #6 succeeded at 825 (offset -1 lines). Hunk #7 succeeded at 1470 (offset -36 lines). patching file modules/objdetect/src/cascadedetect.hpp The context lines in the patches can be updated with devtool: devtool modify opencv devtool finish --force-patch-refresh opencv <layer_path> Don't forget to review changes done by devtool! WARNING: opencv-4.1.0-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* neon: Add ptestAditya.Tayade2021-04-072-1/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | Reused below test suites from neon source package: BASIC_TESTS: auth basic request session socket string-tests stubs uri-tests util-tests DAV_TESTS: acl3744 lock oldacl props xml xmlreq Overall execution time of above test suite is approximately 15sec. Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* freerdp: Add missing libxkbcommon WL dependencyMarek Vasut2021-04-071-1/+1
| | | | | | | | | The WL build depends on libxkbcommon, so add the dependency. Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 88348389707b488d5fa8e81f91267874b2fb82c4) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opencv: Security fixesNeetika Singh2021-03-165-0/+619
| | | | | | | | | | | | | | | | | | | Added patches to fix below CVE's: 1. CVE-2019-14491, CVE-2019-14492 Link: https://github.com/opencv/opencv/commit/ac425f67e4c1d0da9afb9203f0918d8d57c067ed 2. CVE-2019-14493 Link: https://github.com/opencv/opencv/commit/5691d998ead1d9b0542bcfced36c2dceb3a59023 3. CVE-2019-15939 Link: https://github.com/opencv/opencv/commit/5a497077f109d543ab86dfdf8add1c76c0e47d29 4. CVE-2019-19624 Link: https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418 Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mdns: Whitelisted CVE-2007-0613 for mdnsSana Kazi2021-03-161-0/+13
| | | | | | | | | | | | | | | | | | | | CVE-2007-0613 is not applicable as it only affects Apple products i.e. ichat,mdnsresponder, instant message framework and MacOS. Also, https://www.exploit-db.com/exploits/3230 shows the part of code affected by CVE-2007-0613 which is not preset in upstream source code. Hence, CVE-2007-0613 does not affect other Yocto implementations and is not reported for other distros can be marked whitelisted. Links: https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613 https://security-tracker.debian.org/tracker/CVE-2007-0613 https://ubuntu.com/security/CVE-2007-0613 https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f37e5423da984b7dc721d52f04673d3afc0879a1) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nghttp2: Add fix for CVE-2020-11080Rahul Taya2021-03-163-0/+341
| | | | | | | | | | | Added below two patches to fix CVE-2020-11080: 1. CVE-2020-11080-1.patch 2. CVE-2020-11080-2.patch Signed-off-by: Rahul Taya <Rahul.Taya@kpit.com> [Refreshed patches to apply] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix warnings generated by getcwdAndrei Gherzan2021-03-161-1/+5
| | | | | | | | | | | | | | | | | getcwd() conforms to POSIX.1-2001 which leaves the behaviour when the buf argument is NULL, undefined. This makes gcc 10+ throw the following warning: argument 1 is null but the corresponding size argument 2 value is 4096 Initially, this was fixed by disabling NSS_ENABLE_WERROR. This patch re-enables NSS_ENABLE_WERROR (by leaving it to its default value) and takes advantage of the existing functionality in nss that wraps the getcwd call into a function making sure that the buf argument is always properly allocated. Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* thin-provisioning-tools: switch branch from master to mainchangqing.li@windriver.com2021-03-161-1/+1
| | | | | | | | Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> [cherry picked from commit 260809cffdaad4fcd42b0977090f2c467a5474ef to dunfell] Signed-off-by: Praneeth Bajjuri <praneeth@ti.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-pykwalify: Do not unset _PYTHON_SYSCONFIGDATA_NAMEKhem Raj2021-02-191-1/+1
| | | | | | | | | | | its been shoved out of setuptools3 in oe-core now Signed-off-by: Khem Raj <raj.khem@gmail.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> (cherry picked from commit 50bbf80abf570d1d652ec2f4bc5878e939c688d3) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit fbe2e79ab0dd4e0b2fd6433d0cfe10d66c7c7181) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: Inherit python3targetconfigKhem Raj2021-02-191-1/+1
| | | | | | | | | | | | | | it now ends up searching native python shared libraries and tries to link with it and fails on non-host architectures recipe-sysroot-native/usr/lib/libpython3.9.so: file not recognized: file format not recognized collect2: error: ld returned 1 exit status Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c499aaeef80b5af8d20521658449c4148f3d0806) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 572d4148267c6ff1b43dd3498020349cb0aa77c7) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libplist: Inherit python3targetconfigKhem Raj2021-02-191-1/+1
| | | | | | | | | | | | | | | | Fixes configure: error: Could not link test program to Python. Maybe the main Python library has been installed in some non-standard library path. If so, pass it to configure, via the LIBS environment variable. Example: ./configure LIBS="-L/usr/non-standard-path/python/lib" Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit be7d2286bfe80835e8e014114aaf587e2930c683) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit a0c26ca2b4c5e18a22b8d6f3c952fb00caf2bd34) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openipmi: Inherit python3targetconfigKhem Raj2021-02-191-1/+1
| | | | | | | | | | | | | | | | Fixes configure: error: Could not link test program to Python. Maybe the main Python library has been installed in some non-standard library path. If so, pass it to configure, via the LIBS environment variable. Example: ./configure LIBS="-L/usr/non-standard-path/python/lib" Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 59f817bbe374799e4398766c2a444692d932d979) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 59d3d64e902d4d2e7ea9c3d2e1fec442912bcdd5) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gedit: Inherit python3targetconfigKhem Raj2021-02-191-1/+1
| | | | | | | | | | This is needed to find _PYTHON_SYSCONFIGDATA_NAME Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a06cdf5a4cd3769982ca861aa9aaff312277df51) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 4a5719ffb1fee9ee7657d93994e3ac880396c048) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-aiohttp: added missing RDEPENDsVyacheslav Yurkov2021-02-161-1/+3
| | | | | | | | | | | | | | aiohttp implicitly RDEPENDs on html, json, and socketserver modules, which are part of python3 recipe. They can't be properly imported if they are missing from RDEPENDS Signed-off-by: Vyacheslav Yurkov <uvv.mail@gmail.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry-picked from commit 8e7c57bd8f8250251e54fcbe149dc81743c0e30a) Signed-off-by: Enrico Jorns <ejo@pengutronix.de> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* graphviz: use git fetcher instead of gitlab archivesMartin Jansa2021-02-161-11/+7
| | | | | | | | | | | | | | | | | | * fixes: graphviz-2.40.1-r0 do_package_qa: QA Issue: graphviz: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol [src-uri-bad] * it's already fixed in gatesgarth and newer with new version from: commit 985be3901e79c9e45cd5d23774e3cfdaab476b44 Author: Khem Raj <raj.khem@gmail.com> Date: Mon Nov 2 18:33:34 2020 -0800 graphviz: Upgrade to 2.44.1 release - Refresh patches to apply on new sources - Switch away from gitlab archives - Bypass pdf documentation generation Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* python-grpcio-tools: Add missing space for appendKhem Raj2021-02-151-1/+1
| | | | | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> (cherry picked from commit 6b3e3bdaf878881bd6dee09ae369e379fd7b8149) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit c3a9e5b9907279043bb7b270e9c6b4e587881d9a) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dnsmasq: Fix systemd serviceMario Schuknecht2021-02-151-1/+1
| | | | | | | | | | | | | | Systemd service file option 'ExecStopPre' is warned and ignored by systemd. By replacing 'ExecStopPre' with 'ExecStop', the intended behavior is realized. The 'ExecStop' commands are executed one after the other. Signed-off-by: Mario Schuknecht <mario.schuknecht@dresearch-fe.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 55c94cb3196f53d0c1c76bbd74136d1b5d51802d) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 83842c9150fdead52dc7b0913ffac32677720f98) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* celt051: update SRC_URIchangqing.li@windriver.com2021-02-151-1/+1
| | | | | | | | | | | | original SRC_URI is not valid now, offical CELT repository moved to gitlab Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5450c958bf66afd560fd8dff5b432ea71f10165c) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 1de0f4c33b92b9bbd885044df505154c177db59e) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* meta-oe/README: add Ubuntu prerequisite informationakuster2021-02-151-0/+3
| | | | | | | | | | | When building on Ubuntu 20.04, luajit needs 32bit support so install 'gcc-multilib' Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 973fe410d238e0c361f8bc4d9ba7915464217e22) [Minor fixup for Dunfell] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* enca: Fix SRC_URIakuster2021-02-151-4/+3
| | | | | | | | | | | | | | The project appears to have moved. Update HOMEPAGE and SRC_URI. bz2 is not available, use gz Update HASH accordingly. Fixes: WARNING: enca-1.9-r0 do_fetch: Failed to fetch URL http://www.sourcefiles.org/Networking/Tools/Miscellanenous/enca-1.9.tar.bz2, attempting MIRRORS if available Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 460077d30ffedca4c794f60cd0f21404fc1736d7) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireguard-module: remove PKG assignmentMartin Jansa2021-02-101-7/+0
| | | | | | | | | | | | | | | * it's not clear why it was added in first place and it's causing issues since: "package: get_package_mapping: avoid dependency mapping if renamed package provides original name" commit in oe-core as discussed in: https://lists.openembedded.org/g/openembedded-core/message/143672 https://github.com/openembedded/meta-openembedded/issues/285 Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 304f660f880bdf7dd5c51695875ab0a73aaed8b2) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit f9502868169715ee4945f5d8bef7c845dbb7b9e0) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python-urllib3/python3-urllib3: fix CVE-2020-7212Haiqing Bai2021-02-042-0/+57
| | | | | | | | | | | | Optimize _encode_invalid_chars for a denial of service (CPU consumption) CVE: CVE-2020-7212 Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com> [Add CVE: CVE-2020-7212 to the patch itself] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libuv: fix CVE-2020-8252Andrej Kozemcak2021-02-042-1/+43
| | | | | Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openldap: upgrade 2.4.56 -> 2.4.57zhengruoqin2021-02-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: meta-openembedded MR: 108384, 108398, 108412, 108426, 108440, 108454, 108468, 108482, 108496, 108510 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/openldap?id=0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a ChangeID: 0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a Description: -License-Update: Copyright year updated to 2021. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 0282b8ce6a5a5f082a37cb0863b3e62ad8e56a5a) [Maintance update only] Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit cef93b7b00e620d90a610112ee574fa60b691cf8) [Fixes CVE: CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 Signed-off-by: Armin Kuster <akuster@mvista.com>
* openldap: upgrade 2.4.51 -> 2.4.56zangrc2021-02-041-2/+2
| | | | | | | | | | | | | | | | | | Source: meta-openembedded MR: 107249 Type: Security Fix Disposition: Backport from https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/openldap?id=768345053e83623e286ce3140756036e75c023bc ChangeID: fbcadc7f563891b4aa489557c8d518ed46de5e9d Description: Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 768345053e83623e286ce3140756036e75c023bc) [Maintenance update only] Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit e615c6fceff7275d93e462f4cd4a14cc55b2d656) [Fixed CVE-2020-25692] Signed-off-by: Armin Kuster <akuster@mvista.com>
* openldap: upgrade 2.4.50 -> 2.4.51Zang Ruochen2021-02-031-2/+2
| | | | | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 70860d99bf4e8036af1adccced8f9066f6dd50a6) [Bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* gpsd: mark CLEANBROKENSean Nyekjaer2021-01-311-0/+2
| | | | | | | Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 04afc692a3c82a93da0f079b1a3f90c8188e8c86) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mariadb: Fix 64bit builds if pam is enabledDan Murphy2021-01-291-2/+6
| | | | | | | | | | | | Fix the installation of the pam.so for 64bit builds. This is an indirect backport of commit 8fa0a3ace6b8835ba623fac118e0bdb4ea0f1f24 ("mariadb: upgrade to 10.5.4") from the master branch. Signed-off-by: Dan Murphy <dmurphy@ti.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* networkd-dispatcher: use git fetcherMartin Jansa2021-01-281-3/+4
| | | | | | | | | * now the gitlab QA check was backported to dunfell as well in: https://git.openembedded.org/openembedded-core/commit/?h=dunfell&id=72f2c45880afbba1745e5e0cbd841d7fd666f374 and this started failing with: ERROR: networkd-dispatcher-2.0.1-r0 do_package_qa: QA Issue: networkd-dispatcher: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol [src-uri-bad] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* giflib: apply patch for CVE-2019-15133 and set CVE_PRODUCTMikko Rapeli2021-01-282-1/+29
| | | | | | | | | | Backport upstream patch for CVE-2019-15133. Set CVE_PRODUCT to "giflib_project:giflib" which is used in NVD. https://nvd.nist.gov/vuln/detail/CVE-2019-15133 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sip3: Upgrade 4.19.19 -> 4.19.23Leon Anavi2021-01-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 4.19.23: - Added some missing quotes to configure.py - Fixed a race condition when calling the PyQt5-specific meta-call helper. - Fixed the wrapping of methods that return a Py_Ssize_t. - The code generator now distinguishes between the copy/assignment helper and the array helper when determining which helpers can be generated. - Fixed the code generation when making a copy of C++ object on the stack to the heap when the class has no suitable ctor. - Check there is a public copy ctor when we can't using an assigment operator as a workaround. - Preserve any current exception in the implementation of the wrapper dealloc functions. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 358b3982583c93fdc0a4cebdab31f923d77b7f8b) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* sip3: Consolidate in a single fileLeon Anavi2021-01-282-39/+39
| | | | | | | | | | | Consolidate inc and bb files into a single bb file. Fix the broken link for HOMEPAGE. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 2bc281393aa6c6b83218f2996c32b793ac79a42a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* zram: fix sourcing of zram parametersSøren Andersen2021-01-281-1/+1
| | | | | | | | Signed-off-by: Søren Andersen <san@skov.dk> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3c8ad9192c1c9f4323bdc7ff28456f11db689adb) Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* rapidjson: Upgrade SRCREV to latestHarpritkaur Bhandari2021-01-281-3/+2
| | | | | | | | | | | | | | | | | | | | | | Upgrade SRCREV to latest as it fixes the below issue: Running UndefinedBehaviorSanitizer on projects that use rapidjson triggers 'applying non-zero offset <NN> to null pointer' findings in 'internal/stack.h' which are hard to suppress by library users. Removed "0001-CMake-remove-hardcoded-CMAKECONFIG_INSTALL_DIR-path.patch" as the changes are already incorporated in the latest codebase. As per abi-compliance-checker report the source compatibility and binary compatibility between previous SRCREV 6a905f9311f82d306da77bd963ec5aa5da07da9c and current SRCREV 0ccdbf364c577803e2a751f5aededce935314313 is 100% and this patch is already tested on 64bit ARM (aarch64) in a product with on target CI tests. Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 04d9ea0ba7ece968244bf049893dd5636675b76f) Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 10:01:48 +0000