summaryrefslogtreecommitdiffstats
path: root/meta-oe
Commit message (Collapse)AuthorAgeFilesLines
...
* dlt-daemon: update from 2.18.6 to 2.18.7Gianfranco2021-09-052-3/+47
| | | | | | | | | | | | - add an upstream proposed patch 317.patch to fix a build failure with enabled systemd binding Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 01fa60898c2fe65f327bea2f84aaca00aef3f371) [Stable version, bug fix only] Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: update to new release 2.18.6Gianfranco Costamagna2021-09-054-146/+1
| | | | | | | | | | | | | | - drop patches 241 245 275: upstream Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> Stable version, bug fix only] (cherry picked from commit 8c17cac68473f98e663f05bc08b7505c0529e495) [ Stable version, bug fix only Fixup for Dunfell context] Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: superseed upstream pr #238 patch with pr #245 due to unexpected ↵Gianfranco Costamagna2021-09-052-8/+47
| | | | | | | | | | | | | | behaviour Upstream commented to use the second one Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c32d2eb448ce343463dc75cc6120f395e32f0177) [Fixup for Dunfell context] Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: fix build with upstream-proposed patch for MUSL libcGianfranco Costamagna2021-09-052-0/+31
| | | | | | | | | Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a7c9aa13dd94712ea49f535fbbf38d2db54cf7e2) Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: fix build failure when dlt-dbus is enabled, due to missing ↵Gianfranco2021-09-051-1/+2
| | | | | | | | | | | service file. Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit b2fe766703e94cee2e3d1e21f3274789d6cd0c57) Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* dlt-daemon: update to 2.18.5Gianfranco2021-09-053-150/+37
| | | | | | | | | | | | | - drop patch 204: upstream - add gcc-10 build fix proposed upstream 238.patch Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 97092276dd453a4ef67aaec7bdcb0fb3cf1a5ca5) [Stable version, bug fix only] Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xterm: Security fix for CVE-2021-27135Armin Kuster2021-08-242-0/+69
| | | | | | | | | | | | | | | | Source: Debian.org MR: 108848 Type: Security Fix Disposition: Backport from https://sources.debian.org/data/main/x/xterm/344-1%2Bdeb10u1/debian/patches/CVE-2021-27135.diff ChangeID: 00f53def87b8b95e62908581f8fb56a69118dd32 Description: xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence. This fixes CVE-2021-27135. Leverage a patch from Debian. Signed-off-by: Armin Kuster <akuster@mvista.com>
* backport: xmlsec1: Fix configure QA error caused by host lookup pathAnatol Belski2021-08-152-0/+23
| | | | | | | | | | | | The configure script contains hardcoded lookup paths to /usr and other paths that might interfere with the host. These are overwritten with the staging dir locations for Poky compatibility. Backport from meta-oe master rev. 74b66d1911118bac53033f77ba6d3923f4809d5a Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
* php: move to version 7.4.21Joe Slater2021-08-141-1/+2
| | | | | | | | | | | | | | Lots of bug fixes. CVE: CVE-2021-21704 CVE-2021-21705 Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 69dcf5bac8adfd55f1a40cff1e989ed8806607cb) [Stable bug fix only updates] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* fvwm: Fix build time paths in target perl/python scriptsKhem Raj2021-08-141-0/+7
| | | | | | | | | Add rdeps as needed Fixes shebang-size QA warnings Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8cc64128c70c5b6a41b050332abb1d73a10ef4fa) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* fvwm: Package extra files and man pagesKhem Raj2021-08-141-6/+12
| | | | | | | | Avoids using installed-vs-shipped Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 566049b4f1ddc049c1f89a5838d1a71bb429faa3) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libdbi-perl: fix CVE-2014-10402Kai Kang2021-08-142-1/+59
| | | | | | | | | | | | | | Backport patch to fix CVE-2014-10402. CVE: CVE-2014-10402 Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972180#12 Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c80b3757ffc762a1577bcf7d0da41ebf1954b3f1) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: Upgrade to 7.4.16Mingli Yu2021-07-263-187/+2
| | | | | | | | | | | | | License-Update: License updated (year updated) Fix some security issues such as CVE-2021-21702 and remove two cve patches which already included in the new version. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e418ee4657e084c8b4d42aabf76ff6df99253e91) [Bug fix only updates plus: CVE-2020-7071 ] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: allow php as emptyChangqing Li2021-07-261-0/+2
| | | | | | | | | | | Since commit c4ffcaa2[php: split out phpdbg into a separate package], package php is empty, we might met error: nothing provides php needed by php-cli-7.4.9-r0.corei7_64 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9be6b4f5a2ec857475626c74457a94b8d9236fd5) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* php: split out phpdbg into a separate packageDiego Santa Cruz2021-07-261-1/+2
| | | | | | | | | | | Since PHP 7.0 the phpdbg debugger is built by default and gets shipped in the main php package, increasing its size by several MB; split it out into a php-phpdbg package, following Debian naming. Signed-off-by: Diego Santa Cruz <Diego.SantaCruz@spinetix.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit c4ffcaa2ab3fbdef1ce58c253b32d82a57a3e2a8) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ostree: Do not check for meta-pythonNicolas Dechesne2021-07-251-1/+1
| | | | | | | | | | | | It is a (non trivial) cherry pick from (cherry picked from commit b9ede0cb182ab095c863a6a5154bbe259a33f5c0) python3-pyyaml was moved from meta-python to meta-oe, so that we could apply this specific patch which breaks basic YP compatible check script. Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* python3-{pyyaml,cython,pyparsing}: move from meta-python to meta-oeNicolas Dechesne2021-07-254-0/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | This specific statement in ostree recipe breaks the YP compatible status (yocto-check-layer): RDEPENDS_${PN}-ptest += " \ ... ${@bb.utils.contains('BBFILE_COLLECTIONS', 'meta-python', 'python3-pyyaml', '', d)} \ ... " Recently python3-pyyaml was moved to OE-core (0a8600f9cec0), and the ostree recipe was fixed with: b9ede0cb182a (python3-pyyaml: Do not check for meta-python) In dunfell, moving python3-pyyaml to OE-core is not a great idea, but moving it from meta-python to meta-oe allows us to fix ostree YP compatible issue. Since meta-python depends on meta-oe, it should not be a change with any visible effect. python3-cython and python3-pyparsing are collateral damages since they are dependency for python3-pyyaml, so needed to be moved too. Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libdevmapper,lvm2: Do not inherit licenseKhem Raj2021-07-251-3/+2
| | | | | | | | | | | | | | | inheriting license class which brings in AVAILABLE_LICENSES into do_configure task checksums class since it wants to enable thin-provisioning-tools if distro allows GPL-3 automatically, but this brings issues when other layers which have additional licenses are provided which ends up in signature mismatches so leave that setting to end-user and keep it disabled by default with a comment in recipes stating that if needed then the user should enable it via config metadata or bbappends. Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f592e81f11d455546447ddff35b2f89e18c0cc0c) Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* mariadb: update to 10.4.20Armin Kuster2021-07-213-2/+2
| | | | | | | | | | | | | | | | | | Source: mariadb.org MR: 109670, 110757, 110768 Type: Security Fix Disposition: Backport from mariadb ChangeID: 82a82ba3623ff39ca17443d0117d36bcee73e612 Description: LTS version https://mariadb.com/kb/en/mariadb-10420-release-notes/ CVE-2021-2166: MariaDB 10.4.19 CVE-2021-2154: MariaDB 10.4.19 CVE-2021-27928: MariaDB 10.4.18 Signed-off-by: Armin kuster <akuster@mvista.com>
* vboxguestdrivers: add a fix for build failure with kernel 5.13Gianfranco2021-07-192-0/+277
| | | | | | | | | | | | Its already upstream and also used in Debian and Ubuntu Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d0f2d7c954b9f3befd9470d97de581fe5b1fb2a8) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 2e15d7eb66624c1755e8670f8c5448e3a9be0a21) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.20 -> 6.1.22Gianfranco2021-07-191-2/+2
| | | | | | | | | | | Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 319490178b999a74a82d092320de5d9d2e5c67bd) [Stable branch] Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 97a5a4b40c143f71c8bff403c51a061a0d5e8b6f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.18 -> 6.1.20Gianfranco2021-07-192-26/+2
| | | | | | | | | | | | | Drop all patches, now part of upstream codebase Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 37537bda8c4775ce1c390d1a9a5b2f5fab89bfc7) [Stable branch] Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 703daeb65f49c60636e835ad53fc354ca641ab3f) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: Add __divmoddi4 builtin supportKhem Raj2021-07-192-0/+37
| | | | | | | | gcc 11 needs it on i686 Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 57f7692e8ef707535ffa1683aa711de442736ec1) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: Add patch proposed upstream to fix a build failure on i386Gianfranco2021-07-192-0/+24
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 09eb0ad187fb14ac1bb83a5a8d1ac4e9e9fdb305) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.16 -> 6.1.18Gianfranco2021-07-194-491/+2
| | | | | | | | | | Drop kernel 5.10 build fixes patches, now part of upstream codebase Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f8f2331158b33436bd53142e0e1b4b94f78b37e6) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: fix build against kernel v5.10+Bruce Ashfield2021-07-194-0/+489
| | | | | | | | | | | | | We need to adjust the vboxguest drivers to build against kernels 5.10+. These are backports from the virtual box SVN repository and can be dropped in future uprevs. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 22eaac640f80df44108a5565127181c94645a032) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.14 -> 6.1.16Gianfranco Costamagna2021-07-191-2/+2
| | | | | | | | Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 7839164921ddb340a1bff322a1274c6022cb8565) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.12 -> 6.1.14 Drop kernel 5.8 compatibility ↵Gianfranco Costamagna2021-07-192-5049/+2
| | | | | | | | | | | patch, now part of upstream codebase Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 1cd14bf12472970d75df3172a2b9b0dff71da655) [Stable branch] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: Fix build with kernel 5.8Khem Raj2021-07-196-303/+5047
| | | | | | | | | | | | Remove patches which are already covered in this new patch Fixes step1b: ERROR: modpost: "__get_vm_area_caller" [/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/qemux86_64-poky-linux/vboxguestdrivers/6.1.12-r0/vboxguestdrivers-6.1.12/vboxguest/vboxguest.ko] undefined! step1b: ERROR: modpost: "map_kernel_range" [/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/qemux86_64-poky-linux/vboxguestdrivers/6.1.12-r0/vboxguestdrivers-6.1.12/vboxguest/vboxguest.ko] undefined! Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5efb06176add13c4b8287c9972651dcac94adf79) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: fix failed to compile with kernel 5.8.0Hongxu Jia2021-07-195-1/+305
| | | | | | | | | | | | | | Backport patches from upstream [1] to fix the issue It also requires to apply a patch on 5.8 kernel [2] [1] https://www.virtualbox.org/ticket/19644 [2] https://www.virtualbox.org/raw-attachment/ticket/19644/local_patches Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9c10ed4baa95648b7735757121e3af8b0aeb8e06) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* vboxguestdrivers: upgrade 6.1.6 -> 6.1.12Gianfranco Costamagna2021-07-191-2/+2
| | | | | | | | | Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 21bc66202e18a7b214869e3654b8547ea0ea9cbd) [Stable branch] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* postgresql: update to 12.7Armin kuster2021-07-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Source: MontaVista Software, LLC MR: 111582, 111965, 111974, 110084 Type: Security Fix Disposition: Backport from postgres.org ChangeID: f1e8c58bedd5dd60404e3a0eb120888ad83fdc42 Description: Bug fix only update. https://www.postgresql.org/docs/12/release-12-7.html LIC_FILES_CHKSUM changed do to yr update Includes these CVEs: CVE-2021-32027 CVE-2021-32028 CVE-2021-32029 12.6: CVE-2021-3393 Signed-off-by: Armin kuster <akuster@mvista.com>
* nss: add CVE-2006-5201 to allowlistMasaki Ambai2021-07-101-0/+3
| | | | | | | | | | | | CVE-2006-5201 affects only using an RSA key with exponent 3 on Sun Solaris. Signed-off-by: Masaki Ambai <ambai.masaki@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 44113dcb5feea5522696d43d00909db41e5e6dbc) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit ace5cd9a8bb6ba0058caf8a148437820a9336b9c) [Fixup for Dunfell context] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nss: Fix build on Centos 7Marek Vasut2021-06-061-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | Centos 7 has glibc 2.18 and nss-native build fails due to implicit declaration of function putenv during build. This is because of the Feature Test Macro Requirements for glibc (see feature_test_macros(7)): putenv(): _XOPEN_SOURCE || /* Glibc since 2.19: */ _DEFAULT_SOURCE || /* Glibc versions <= 2.19: */ _SVID_SOURCE and because nss coreconf/Linux.mk only defines -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE So on such system with glibc 2.18, neither macro makes putenv() available. Add -D_XOPEN_SOURCE for the Centos 7 and glibc 2.18 native build case. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Armin Kuster <akuster808@gmail.com> Cc: Armin Kuster <akuster@mvista.com> Cc: Khem Raj <raj.khem@gmail.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Ross Burton <ross.burton@arm.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* opencv: Add fix for CVE-2019-5063 and CVE-2019-5064akash.hadke2021-05-252-0/+79
| | | | | | | | | | | Added fix for below CVE's CVE-2019-5063 CVE-2019-5064 Link: https://github.com/opencv/opencv/commit/f42d5399aac80d371b17d689851406669c9b9111.patch Signed-off-by: akash hadke <akash.hadke@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix building with CONFIG_TLS=internalAlexander Vickberg2021-05-222-0/+46
| | | | | | | | | | | The patch recently added for CVE-2021-30004 broke compilation with CONFIG_TLS=internal. This adds the necessary function to let it compile again. Signed-off-by: Alexander Vickberg <wickbergster@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit d6ef4170747d6668fa940328334055eef3e1e1d6) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libsdl: Fix CVE-2019-13616wangmy2021-05-222-0/+28
| | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13616 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/97fefd050976bbbfca9608499f6a7d9fb86e70db] CVE: CVE-2019-13616 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29473wangmy2021-05-222-0/+22
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473 The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1587/commits/e6a0982f7cd9282052b6e3485a458d60629ffa0b] CVE: CVE-2021-29473 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit a9aecd2c32fc8f238f62ef70813e032b6b52c2f2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29470wangmy2021-05-222-0/+33
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29470 The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1581/commits/6628a69c036df2aa036290e6cd71767c159c79ed] CVE: CVE-2021-29470 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit bb1400efda77a7289ca20782172bfbe1f457f161) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29464wangmy2021-05-222-0/+73
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29464 The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/f9308839198aca5e68a65194f151a1de92398f54] CVE: CVE-2021-29464 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8c9470bdfaa1d33347ffaf25b3e18d2163667e18) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-3482wangmy2021-05-222-1/+56
| | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482 Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1523/commits/22ea582c6b74ada30bec3a6b15de3c3e52f2b4da] CVE: CVE-2021-3482 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 9e7c2c9713dc2824af2a33b0a3feb4f29e7f0269) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29463wangmy2021-05-222-1/+122
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29463 The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b] CVE: CVE-2021-29463 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8e63ac6c86852a12408c2415be073c71420758ff) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29458wangmy2021-05-222-1/+39
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29458 The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/pull/1536/commits/06d2db6e5fd2fcca9c060e95fc97f8a5b5d4c22d] CVE: CVE-2021-29458 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f0d83c14d9064ce1ee19b92d95c8daf790fe7488) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* exiv2: Fix CVE-2021-29457wangmy2021-05-222-1/+28
| | | | | | | | | | | | | | | | | References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457 The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Upstream-Status: Accepted [https://github.com/Exiv2/exiv2/commit/0230620e6ea5e2da0911318e07ce6e66d1ebdf22] CVE: CVE-2021-29457 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5be72693096cef671bf54bf1dd6ee8125614d064) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* linuxptp: Fix cross buildKhem Raj2021-05-143-32/+30
| | | | | | | | | | | | Adjust incdefs.sh to use cross tools to poke for system functionality Re-enable using incdefs.sh export KBUILD_OUTPUT to point to recipe sysroot (From meta-oe rev: b6022761d6880382c5e6ffa4b3dc6f1ec2ae1e73) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Denys Dmytriyenko <denis@denix.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: 12.20.2 -> 12.21.0Clément Péron2021-05-141-1/+1
| | | | | | | | | | | | | Fixes : - CVE-2021-22883 - CVE-2021-22884 - CVE-2021-23840 Signed-off-by: Clément Péron <peron.clem@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 02feb1d9324fba08c5d3055fa34bb6200ee91520) [12.x LTS version] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nodejs: 12.20.1 -> 12.20.2Sean Nyekjaer2021-05-141-1/+1
| | | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 6322c63987b1422d5a8c5e30077780b38011c89d) [12.x is LTS version] Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ostree: switch from default master branch to main to fix do_fetch failureMartin Jansa2021-05-131-1/+1
| | | | | | | * branch was renamed in upstream repo Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix CVE-2021-30004Stefan Ghinea2021-04-232-0/+124
| | | | | | | | | | | | | | | | | | | | | In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. References: https://nvd.nist.gov/vuln/detail/CVE-2021-30004 Upstream patches: https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e2bd6a52bf689b77b237eaee3067d2b0b6eee3d5) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 98c5cddf677addcb9aa296a7437b92100a478566) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 730de4763a508234d09c755c838cdc4c8dd49493) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* hostapd: fix CVE-2021-0326 and CVE-2021-27803Mingli Yu2021-04-233-0/+99
| | | | | | | | | | | Backport 2 patches to fix two CVEs. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 5a085c588adaf79bb2bca7921c82d893877b28a1) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 845bd5a5f15bd80cecbf5c0716af3eaca5669632) Signed-off-by: Armin Kuster <akuster808@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-06 03:57:42 +0000