| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Set CVE_PRODUCT to 'node.js' for nodjs recipe
Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport from https://github.com/php/php-src/commit/789a37f14405e2d1a05a76c9fb4ed2d49d4580d5
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command "bitbake universe -c fetch" currently throws a ton of warnings
as there are many 'impossible' dependencies.
In some cases these variants may never have worked and were just added by copy
and paste of recipes. In some cases they once clearly did work but became
broken somewhere along the way. Users may also be carrying local bbappend files
which add further BBCLASSEXTEND.
Having universe fetch work without warnings is desireable so clean up the broken
variants. Anyone actually needing something dropped here can propose adding it
and the correct functional dependencies back quite easily. This also then
ensures we're not carrying or fixing things nobody uses.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9962d57f7c235873de0a0bb192b5f56747762fc7)
Backport:
* Updated paths to follow PV changes
* Adapted modified recipes to the ones generating warnings
* NB: cups-filter needs poppler-native but its not available. To fix
this, 5fa0188b8c could be backported.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport from [https://github.com/php/php-src/commit/80316123f3e9dcce8ac419bd9dd43546e2ccb5ef]
CVE: CVE-2023-3824
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The usage of nobranch=1 in SRC_URI allows using unprotected branches.
This change updates the real branch name in place of nobranch=1.
Signed-off-by: Sourav Kumar Pramanik <pramanik.souravkumar@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes nodejs-native build with gcc-13 on host:
http://errors.yoctoproject.org/Errors/Details/728221/
nodejs-12 doesn't need it yet and nodejs-16 doesn't need it as well
'-DV8_TYPED_ARRAY_MAX_SIZE_IN_HEAP=64' '-D__STDC_FORMAT_MACROS' '-DOPENSSL_NO_PINSHARED' '-DOPENSSL_THREADS' '-DV8_TARGET_ARCH_X64' '-DV8_EMBEDDER_STRING="-node.84"' '-DENABLE_DISASSEMBLER' '-DV8_PROMISE_INTERNAL_FIELD_COUNT=1' '-DENABLE_MINOR_MC' '-DOBJECT_PRINT' '-DV8_INTL_SUPPORT' '-DV8_CONCURRENT_MARKING' '-DV8_ARRAY_BUFFER_EXTENSION' '-DV8_ENABLE_LAZY_SOURCE_POSITIONS' '-DV8_USE_SIPHASH' '-DDISABLE_UNTRUSTED_CODE_MITIGATIONS' '-DV8_WIN64_UNWINDING_INFO' '-DV8_ENABLE_REGEXP_INTERPRETER_THREADED_DISPATCH' '-DV8_SNAPSHOT_COMPRESSION' -ITOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -I../deps/v8 -I../deps/v8/include -I.//Release/obj/gen/torque-output-root -I.//Release/obj/gen/generate-bytecode-output-root -pthread -Wno-unused-parameter -m64 -Wno-return-type -fno-strict-aliasing -m64 -O3 -fno-omit-frame-pointer -fdata-sections -ffunction-sections -O3 -fno-rtti -fno-exceptions -std=gnu++1y -MMD -MF .//Release/.deps/Release/obj.host/v8_initializers/gen/torque-output-root/torque-generated/../../deps/v8/src/builtins/array-find-tq-csa.o.d.raw -isystemTOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -isystemTOPDIR/tmp-glibc/work/x86_64-linux/nodejs-native/14.18.1-r0/recipe-sysroot-native/usr/include -O2 -pipe -c
In file included from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/bits/move.h:37,
from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/bits/stl_function.h:60,
from /usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/functional:49,
from ../deps/v8/src/codegen/code-stub-assembler.h:8,
from ../deps/v8/src/builtins/builtins-promise-gen.h:8,
from ../deps/v8/src/builtins/builtins-async-gen.h:8,
from ../deps/v8/src/builtins/builtins-async-function-gen.cc:5:
/usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/type_traits: In instantiation of ‘struct std::is_convertible<v8::internal::Cell, v8::internal::Object>’:
../deps/v8/src/codegen/tnode.h:262:72: required from ‘const bool v8::internal::is_subtype<v8::internal::Cell, v8::internal::Cell>::value’
../deps/v8/src/codegen/tnode.h:346:75: required by substitution of ‘template<class U, typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> > v8::internal::TNode<v8::internal::Cell>::TNode(const v8::internal::TNode<T>&) [with U = v8::internal::Cell; typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> = <missing>]’
../deps/v8/src/codegen/code-stub-assembler.h:1868:33: required from here
/usr/lib/gcc/x86_64-pc-linux-gnu/13/include/g++-v13/type_traits:1417:30: error: invalid use of incomplete type ‘class v8::internal::Cell’ [-fpermissive]
1417 | : public __bool_constant<__is_convertible(_From, _To)>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../deps/v8/src/objects/objects.h:26,
from ../deps/v8/src/objects/fixed-array.h:10,
from ../deps/v8/src/objects/contexts.h:8,
from ../deps/v8/src/execution/thread-local-top.h:10,
from ../deps/v8/src/execution/isolate-data.h:12,
from ../deps/v8/src/execution/isolate.h:24,
from ../deps/v8/src/codegen/interface-descriptors.h:14,
from ../deps/v8/src/codegen/callable.h:8,
from ../deps/v8/src/codegen/code-factory.h:8,
from ../deps/v8/src/compiler/code-assembler.h:17,
from ../deps/v8/src/codegen/code-stub-assembler.h:15:
../deps/v8/src/objects/object-list-macros.h:19:7: note: forward declaration of ‘class v8::internal::Cell’
19 | class Cell;
| ^~~~
In file included from ../deps/v8/src/codegen/interface-descriptors.h:12:
../deps/v8/src/codegen/tnode.h: In instantiation of ‘const bool v8::internal::is_subtype<v8::internal::Cell, v8::internal::Cell>::value’:
../deps/v8/src/codegen/tnode.h:346:75: required by substitution of ‘template<class U, typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> > v8::internal::TNode<v8::internal::Cell>::TNode(const v8::internal::TNode<T>&) [with U = v8::internal::Cell; typename std::enable_if<v8::internal::is_subtype<U, v8::internal::Cell>::value, int>::type <anonymous> = <missing>]’
../deps/v8/src/codegen/code-stub-assembler.h:1868:33: required from here
../deps/v8/src/codegen/tnode.h:262:72: error: ‘value’ is not a member of ‘std::is_convertible<v8::internal::Cell, v8::internal::Object>’
262 | std::is_convertible<T, Object>::value);
| ^~~~~
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* MJ: remove AUTHORS modification from the original patch from
nodejs-16, so that the same patch does apply for both 14 and 12
versions used in dunfell
* MJ: gcc-13 isn't used for target builds in dunfell, but can be used
on host, so this is useful backport for nodejs-native
* MJ: this fixes default nodejs-native-12, nodejs-native-14 with negative
D_P might need additional fix on top
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Upstream-Status: Backport from https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Chromium 112 needs nodejs-native version 14 or later.
Add the nodejs_14.18.1 recipe from kirkstone:
246b20b92 nodejs: Upgrade to 14.18.1
but, use DEFAULT_PREFERENCE to make sure that the default version of nodejs
remains 12.x.
7 patches which were modified between nodejs 12 & nodejs 14 were renamed by
adding the suffix "-nodejs14". Note there are some common patches used by
nodejs 12 & 14 so, that will require attention during future maintenance.
In addition, there were 3 CVE-2022* patches which applied cleanly to nodejs
14 so, they were added to the nodejs 14 recipe. One patch, CVE-llhttp.patch
conflicted so, it has not been applied in nodejs 14 yet.
Nodejs 14 compile for qemux86-64 but, no run-time testing has been performed.
For chromium, we would either require users to modify the local.conf file or
we may create a dunfell specific branch in meta-browser.
See: https://github.com/OSSystems/meta-browser/pull/709
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applying this backported patch from upstream fixes the following
BAT test failure:
jsoncpp.jsoncpp_system_tests.TestJsoncpp.test_run_jsoncpp_test
(from systemtests--bmt--BAT) :
* Detail of EscapeSequenceTest/writeEscapeSequence test failure:
/usr/src/debug/jsoncpp/1.9.2-r0/git/src/test_lib_json/main.cpp(3370): expected == result
Expected: '["\"","\\","\b","\f","\n","\r","\t","\u0278","\ud852\udf62"]
'
Actual : '["\"","\\","\b","\f","\n","\r","\t","ɸ","𤭢"]
This test failure happens because aarch64 uses unsigned char as
default type for char, while x86 uses signed char. Also, there
is another bug in the code that is fixed by this upstream patch:
"static_cast<unsigned char>(*cur) < 0x80" should be:
"static_cast<unsigned char>(*cur) >= 0x80"
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add patch file CVE-llhttp.patch to fix CVE-2022-32213,
CVE-2022-32214, CVE-2022-32215, CVE-2022-35256 of nodejs.
Link: https://sources.debian.org/src/nodejs/12.22.12~dfsg-1~deb11u3/debian/patches/cve-llhttp.patch
Signed-off-by: Poonam Jadhav <Poonam.Jadhav@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2022-43548
Link: https://sources.debian.org/src/nodejs/12.22.12~dfsg-1~deb11u3/debian/patches/cve-2022-43548.patch
Signed-off-by: Poonam Jadhav <Poonam.Jadhav@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2022-35255
Link: https://sources.debian.org/src/nodejs/12.22.12~dfsg-1~deb11u3/debian/patches/cve-2022-35255.patch
Signed-off-by: Poonam Jadhav <Poonam.Jadhav@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2022-32212
Link: https://sources.debian.org/src/nodejs/12.22.12~dfsg-1~deb11u3/debian/patches/cve-2022-32212.patch
Signed-off-by: Poonam Jadhav <Poonam.Jadhav@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update php from 7.4.28 to 7.4.33
Fixes below CVEs:
CVE-2021-21708
CVE-2022-31626
CVE-2022-31625
CVE-2022-31628
CVE-2022-31629
CVE-2022-31630
CVE-2022-37454
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This patch contains a fix for CVE-2022-46149
Patch backported from :
https://github.com/capnproto/capnproto/commit/25d34c67863fd960af34fc4f82a7ca3362ee74b9
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Flatbuffers contains a library and a schema compiler. The package
contains cmake files to discover the libraries and the compiler tool.
Currently, all of these cmake files are installed into the target
sysroot. However, the compiler utility isn't installed into the sysroot
(as it is not runnable on the build machine).
When an application that depends on flatbuffers gets built, it uses
flatbuffers' exported cmake targets to configure the project. One of the
exported targets is FlatcTarget.cmake which expects to see flatc binary
in /usr/bin of the sysroot. Since binaries for target don't end up in
target sysroot, cmake configuration fails.
This patch addresses this problem of flatbuffers' build infrastructure
in cross-compiling environments. By removing FlatcTarget.cmake for
target builds from the sysroot we essentially skip this step of
flatbuffers' configuration.
Signed-off-by: Ivan Stepic <Ivan.Stepic@bmw.de>
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per the below release note, it should be a last release for 12.x
stable LTS series.
Link: https://github.com/nodejs/node/releases/tag/v12.22.12
Remove CVE-2021-44532 fix as it already available in this release
v12.22.12
License-Update: src/gtest additional file in the LICENSE
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Akash Hadke <akash.hadke@kpit.com>
|
| |
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 92441f9d6a958c245a03f89ec44ef2c17dd6b0ee)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
CVE: CVE-2021-21703 CVE-2021-21706 CVE-2021-21707 CVE-2021-21708
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
[Didn't apply cleanly, corrected.]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* hardknott and newer branches don't need this as upb repo was removed in:
commit 15cff67fd6cdb34e3621368fe9ce94a98356f27a
Author: Anatol Belski <anbelski@linux.microsoft.com>
Date: Fri Feb 19 12:39:55 2021 +0000
grpc: Upgrade 1.24.3 -> 1.35.0
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup
call, leading to a heap-based buffer over-read that might affect a system that
compiles untrusted Lua code.
https://nvd.nist.gov/vuln/detail/CVE-2022-28805
(From OE-Core rev: d2ba3b8850d461bc7b773240cdf15b22b31a3f9e)
Signed-off-by: Sana Kazi <sana.kazi@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91e14d3a8e6e67267047473f5c449f266b44f354)
Signed-off-by: Omkar Patil <omkar.patil@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
upgrading to next maintainence LTS version
Signed-off-by: Nisha Parrakat <nishaparrakat@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The commit 4fe018038f87 is in the main branch, so the do_fetch task failed.
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b8bb7dc157b248802218fcf80215f80a6c7cd6f3)
[Fix up for Dunfell context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Applying patch CVE-2021-22570.patch
patching file src/google/protobuf/descriptor.cc
Hunk #1 succeeded at 2603 with fuzz 1 (offset -23 lines).
Hunk #2 succeeded at 2817 with fuzz 1 (offset -14 lines).
Hunk #3 succeeded at 4006 (offset -17 lines).
Hunk #4 succeeded at 4050 (offset -18 lines).
Hunk #5 succeeded at 4368 (offset -18 lines).
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix CVE-2021-22570.
Link: https://koji.fedoraproject.org/koji/buildinfo?buildID=1916865
Link: https://src.fedoraproject.org/rpms/protobuf/blob/394beeacb500861f76473d47e10314e6a3600810/f/CVE-2021-22570.patch
Remove first and second hunk because the second argument in
InsertIfNotPresent() function is of type const char* const& but the
first and second hunk makes the type of second argument as const string
which is not compatible with the type of second argument in
InsertIfNotPresent().
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add patch to fix CVE-2021-44532
Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
Signed-off-by: virendra thakur <thakur.virendra1810@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Since it uses multiple fetch URIs make it explicit to define SRCREV_FORMAT
Signed-off-by: Andreas Weger <weger@hs-mittweida.de>
Change-Id: Ib24fce16b3986a465f1c5854166b8f28446b5186
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Since it uses multiple fetch URIs make it explicit to define SRCREV_FORMAT
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Lots of bug fixes.
CVE: CVE-2021-21704 CVE-2021-21705
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 69dcf5bac8adfd55f1a40cff1e989ed8806607cb)
[Stable bug fix only updates]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport patch to fix CVE-2014-10402.
CVE: CVE-2014-10402
Ref:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972180#12
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c80b3757ffc762a1577bcf7d0da41ebf1954b3f1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: License updated (year updated)
Fix some security issues such as CVE-2021-21702 and remove two
cve patches which already included in the new version.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e418ee4657e084c8b4d42aabf76ff6df99253e91)
[Bug fix only updates plus: CVE-2020-7071 ]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since commit c4ffcaa2[php: split out phpdbg into a separate package],
package php is empty, we might met error:
nothing provides php needed by php-cli-7.4.9-r0.corei7_64
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9be6b4f5a2ec857475626c74457a94b8d9236fd5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since PHP 7.0 the phpdbg debugger is built by default and gets shipped
in the main php package, increasing its size by several MB; split it
out into a php-phpdbg package, following Debian naming.
Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c4ffcaa2ab3fbdef1ce58c253b32d82a57a3e2a8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This specific statement in ostree recipe breaks the YP compatible
status (yocto-check-layer):
RDEPENDS_${PN}-ptest += " \
...
${@bb.utils.contains('BBFILE_COLLECTIONS', 'meta-python', 'python3-pyyaml', '', d)} \
...
"
Recently python3-pyyaml was moved to OE-core (0a8600f9cec0), and the
ostree recipe was fixed with:
b9ede0cb182a (python3-pyyaml: Do not check for meta-python)
In dunfell, moving python3-pyyaml to OE-core is not a great idea, but
moving it from meta-python to meta-oe allows us to fix ostree YP
compatible issue. Since meta-python depends on meta-oe, it should not
be a change with any visible effect.
python3-cython and python3-pyparsing are collateral damages since they are
dependency for python3-pyyaml, so needed to be moved too.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes :
- CVE-2021-22883
- CVE-2021-22884
- CVE-2021-23840
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 02feb1d9324fba08c5d3055fa34bb6200ee91520)
[12.x LTS version]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6322c63987b1422d5a8c5e30077780b38011c89d)
[12.x is LTS version]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
commit hash for version 3.9.7 is invalid
because previous commit hashes
chagned by git filter-branch command are restored
Signed-off-by: Peace Lee <iipeace5@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fdbfb6ce9943a1739220c87c3f8b5ea7bdfabd84)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Peace Lee <iipeace5@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93c9a20bf358bc10c2d99fc1d3c7247145344c29)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport upstream patch for CVE-2019-15133.
Set CVE_PRODUCT to "giflib_project:giflib" which is used
in NVD. https://nvd.nist.gov/vuln/detail/CVE-2019-15133
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 4.19.23:
- Added some missing quotes to configure.py
- Fixed a race condition when calling the PyQt5-specific meta-call
helper.
- Fixed the wrapping of methods that return a Py_Ssize_t.
- The code generator now distinguishes between the copy/assignment
helper and the array helper when determining which helpers can
be generated.
- Fixed the code generation when making a copy of C++ object on
the stack to the heap when the class has no suitable ctor.
- Check there is a public copy ctor when we can't using an
assigment operator as a workaround.
- Preserve any current exception in the implementation of the
wrapper dealloc functions.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 358b3982583c93fdc0a4cebdab31f923d77b7f8b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Consolidate inc and bb files into a single bb file.
Fix the broken link for HOMEPAGE.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2bc281393aa6c6b83218f2996c32b793ac79a42a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade SRCREV to latest as it fixes the below issue:
Running UndefinedBehaviorSanitizer on projects that use
rapidjson triggers 'applying non-zero offset <NN> to null
pointer' findings in 'internal/stack.h' which are hard
to suppress by library users.
Removed "0001-CMake-remove-hardcoded-CMAKECONFIG_INSTALL_DIR-path.patch"
as the changes are already incorporated in the latest
codebase.
As per abi-compliance-checker report the source compatibility
and binary compatibility between previous SRCREV
6a905f9311f82d306da77bd963ec5aa5da07da9c and current
SRCREV 0ccdbf364c577803e2a751f5aededce935314313
is 100% and this patch is already tested on 64bit
ARM (aarch64) in a product with on target CI tests.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 04d9ea0ba7ece968244bf049893dd5636675b76f)
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2020-35864 is for the rust crate for flatbuffers, not
flatbuffers itself.
https://security-tracker.debian.org/tracker/CVE-2020-35864
"NOT-FOR-US: flatbuffers rust crate"
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cde1019804c2f7b67bf89d178eec9f4efafea414)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit ac6bc96e7da6b3c9d5b9c9272b487a926fbb462e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
