| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Uprev nodejs in order to fix CVE-2020-8277.
This CVE allows an attacker to trigger a DNS request for a host
of their choice, which could trigger a Denial of Service in
nodejs versions < 12.19.1.
See https://nvd.nist.gov/vuln/detail/CVE-2020-8277 for details.
CVE: CVE-2020-8277
Signed-off-by: Stacy Gaikovaia <Stacy.Gaikovaia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a44015408253d8a4f64055f41fa1f497aeacfc30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7069
https://bugs.php.net/patch-display.php?bug_id=79601&patch=openssl_aes_ccm_iv_fix&revision=latest
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fa80193468745a11bc12d5845f66412a0d62e0e2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security Advisory
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7070
https://bugs.php.net/patch-display.php?bug=79699&patch=fix-urldecode&revision=1600650364
https://github.com/php/php-src/blob/master/main/php_variables.c
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aff8a1fefb9a1a311e5ba14ad69871514270803a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15803
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d259144422bb44af9dbc7397fc4077d0bf3fc83f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Because CVE-2019-14274.patch is included in ice-mcpp.patch, the cve-check-tool fails to correctly judge the CVE of the OSS. CVE-2019-14274.patch is separated from ice-mcpp.patch to fix the problem.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9301b77e3266160ffb7e9bfd69d445f0392076c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commits e2180b00b3b8fcf776c3 and 8edd760e66b48e411d2a added support for
native builds for the opensc and pcsc-lite recipes, but building
opensc-native fails after commit 40b3a5123120da0e4586 (2019-12-04,
"opensc: fix RDEPENDS in pcsc PACKAGECONFIG") with:
ERROR: Required build target 'opensc-native' has no buildable providers.
Missing or unbuildable dependency chain was: ['opensc-native', 'pcsc-lite-lib-native']
The commit in question is correct for target builds, but native builds
don't have packages, therefore there is no pcsc-lite-lib-native package
to depend on – the -lib part is also provided in pcsc-lite-native.
Ideally we would fix this in the opensc recipe. However, using syntax
like "PACKAGECONFIG_class-native[pcsc]" in the opensc recipe is
apparently not possible to overwrite the dependency for a native build,
and using RDEPENDS_remove has no effect either – apparently dependencies
from PACKAGECONFIG are added after RDEPENDS_remove is evaluated.
Therefore let pcsc-lite provide the missing package name for native
builds, even if fixing this unrelated package is not the most elegant
solution.
Fixes: 40b3a5123120da0e4586 (2019-12-04, "opensc: fix RDEPENDS in pcsc PACKAGECONFIG")
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
More information on: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976228
| A buffer overflow in the dlt_filter_load function in dlt_common.c in
| dlt-daemon 2.8.5 (GENIVI Diagnostic Log and Trace) allows arbitrary
| code execution because fscanf is misused (no limit on the number of
| characters to be read in a format argument).
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Appending ${TMPDIR} to ${D} doesn't make any sense, because both are
absolute paths. And additionally, the code fails:
rmdir: failed to remove '/usr/src/oe/tmp-musl/work/core2-64-oe-linux-musl/php/7.1.9-r0/image//usr': Directory not empty
Signed-off-by: Max Kellermann <max.kellermann@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Add nettle and lz4 to DEPENDS to make the minifi extension archive
support crypto and lz4.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
| |
Keep sync with upstream
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit e5d9133800f5c37172a6315d42a99464f9fe1902.
It exists in oe-core/master, but not in oe-core/gatesgarth, so this shouldn't
be included in meta-oe/gatesgarth.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
| |
it now needs libhugetlbfs which is not ported to riscv yet
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
gitlab archives are not consistent and can be regenerated as well like
github, its therefore better to use git fetcher directly
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
| |
Use git fetcher instead of gitlab archives
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
Get fix
https://github.com/pikhq/musl-nscd/commit/ce81a80e30c2041d8260115fac86831ff64c354a
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
The current nanopb recipe is blacklisted due to python2 dependencies.
However, newer releases of nanopb use python3 by default.
This commit updates the used nanopb version to 0.4.3 and removes the
recipe from the blacklist.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
The numactl recipe now exists in openembedded-core, as of commit
dda815792b0939b2f233aa3ec7c140fc114a37d1 to oe-core. It was moved to
facilitate the requirement rt-tests now has on libnuma.
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
One of the ptest was failing as it was missing an RDEPENDS
for its test on documentation.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
- Refresh patches to apply on new sources
- Switch away from gitlab archives
- Bypass pdf documentation generation
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
Do not use lld linker on risc64, since it errors out
riscv64-yoe-linux-ld.lld: error: init.c:(.text+0x0): relocation R_RISCV_ALIGN requires unimplemented linker relaxation; recompile with -mno-relax
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
This bugfix release contains a couple fixes for C++ and Python bindings.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Latest musl shows build failures e.g.
../git/src/profile-handler.cc:275:8: error: no member named '_sigev_un' in 'sigevent'
sevp._sigev_un._tid = sys_gettid();
~~~~ ^
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
https://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=5f6470eb2c1e5b5aa578031830f057d63d4ae230
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
| |
This perhaps is last release in 12.x LTS
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a patch from upstream to take care of build failure e.g.
| ../deps/v8/src/codegen/arm/cpu-arm.cc:38:16: error: write to reserved register 'R7'
| asm volatile("svc 0\n"
| ^
| 1 error generated.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
0001-Tackle-SIGEMT-and-SIGSTKFLT-is-not-glibc-specific.patch
mips-no-STKFLT.patch
Removed since these are included in 0.8.4
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
-License-Update(COPYING):The changes are as follows
version 0.4.9: The cidToUnicode, nameToUnicode and unicodeMap data files
installed by the poppler-data package are under the COPYING.gpl2 license
version 0.4.10: The cidToUnicode, nameToUnicode and unicodeMap data files
installed by the poppler-data package are licensed under the GNU General
Public License (GPL), version 2 (COPYING.gpl2) or version 3 (COPYING.gpl3).
-License-Update(COPYING.adobe):Copyright year updated to 2019.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We encountered a minifi-cpp build error on a self-hosted image:
[snip]
/build/tmp-glibc/work/corei7-64-wrs-linux/minifi-cpp/0.7.0-r0/recipe-sysroot-native/usr/bin/x86_64-wrs-linux/x86_64-wrs-linux-ranlib:
thirdparty/civetweb-1.10/src/libcivetweb-cpp.a(CivetServer.cpp.o): plugin needed to handle lto object
/build/tmp-glibc/work/corei7-64-wrs-linux/minifi-cpp/0.7.0-r0/recipe-sysroot-native/usr/bin/x86_64-wrs-linux/x86_64-wrs-linux-ranlib:
thirdparty/civetweb-1.10/src/libcivetweb.a(civetweb.c.o): plugin needed to handle lto object
[snip]
/build/tmp-glibc/work/corei7-64-wrs-linux/minifi-cpp/0.7.0-r0/recipe-sysroot-native/usr/bin/x86_64-wrs-linux/../../libexec/x86_64-wrs-linux/gcc/x86_64-wrs-linux/10.2.0/ld: DWARF error: could not find variable specification at offset c960f
/build/tmp-glibc/work/corei7-64-wrs-linux/minifi-cpp/0.7.0-r0/recipe-sysroot-native/usr/bin/x86_64-wrs-linux/../../libexec/x86_64-wrs-linux/gcc/x86_64-wrs-linux/10.2.0/ld: DWARF error: could not find variable specification at offset c961d
[snip]
extensions/civetweb/libminifi-civet-extensions.a(ListenHTTP.cpp.o):
in function `org::apache::nifi::minifi::processors::ListenHTTP::WriteCallback::process(std::shared_ptr<org::apache::nifi::minifi::io::BaseStream>)':
/usr/src/debug/minifi-cpp/0.7.0-r0/git/extensions/civetweb/processors/ListenHTTP.cpp:464: undefined reference to `mg_read'
[snip]
When using GCC's link-time optimization with static linked libraries, we
should use gcc-ar and gcc-ranlib to create the static libraries. By
default, it will search gcc-ar and gcc-ranlib in the system. But if the
gcc-ranlib is not found, it will use ranlib instead which causes this
issue.
Specify GCC_AR and GCC_RANLIB in EXTRA_OECMAKE to make sure it can find
the correct gcc-ar/gcc-ranlib.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
The option is prone to unwanted regressions, particularly
new version of python has introduced new deprecations, which
broke the build.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
| |
Emacs-minimal needs disp-table at load time, add it to the minimal package
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
The main difference with squashfs-tools is the availability
of a shared library and a programmatic interface, rather
than just command-line tools.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
| |
clang defines __ILP32__ for rv32 but gcc does not as a result
backtracing gets enabled when using clang but not when using gcc so
clang build exposes a porting error. Therefore add code to return
correct mcontext on rv32
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
| |
Fixes errors like
| riscv32-yoe-linux-ld.lld: error: init.c:(.text+0x0): relocation R_RISCV_ALIGN requires unimplemented linker relaxation; recompile with -mno-relax
| riscv32-yoe-linux-ld.lld: error: testCCompiler.c:(.text+0x0): relocation R_RISCV_ALIGN requires unimplemented linker relaxation; recompile with -mno-relax
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
| |
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|