| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability in Outline.cc for Poppler prior to 23.06.0
allows a remote attacker to cause a Denial of Service (DoS)
(crash) via a crafted PDF file in OutlineItem::open.
Reference:
https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using the image type:
IMAGE_FSTYPES += " wic.sparse"
IMAGE_CLASSES += " image_types_sparse"
The following error arises:
Syntax error: Bad function name
So need to remove function in favor of variable.
Signed-off-by: Chris Dimich <chris.dimich@boundarydevices.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* testing ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR} existence
doesn't really work in cross compilation and on some hosts was causing:
ERROR: QA Issue: libcyusbserial: Files/directories were installed but not shipped in any package:
/usr/lib/libcyusbserial.so.1
/usr/lib/libcyusbserial.so
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
libcyusbserial: 2 installed and not shipped files. [installed-vs-shipped]
with multilib using /usr/lib32 or /usr/lib64 when the same didn't
exist on host.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* this causes 2 issues:
lib32-opengl-es-cts depending on 64bit wayland and wayland-protocols:
$ bitbake-getvar -r lib32-opengl-es-cts DEPENDS
#
# $DEPENDS [14 operations]
# set /OE/build/oe-core/openembedded-core/meta/conf/bitbake.conf:309
# ""
# set /OE/build/oe-core/openembedded-core/meta/conf/documentation.conf:137
# [doc] "Lists a recipe's build-time dependencies (i.e. other recipe files)."
# :prepend /OE/build/oe-core/openembedded-core/meta/classes-global/base.bbclass:57
# "${BASEDEPENDS} "
# :prepend /OE/build/oe-core/openembedded-core/meta/classes-recipe/pkgconfig.bbclass:7
# "pkgconfig-native "
# :prepend /OE/build/oe-core/openembedded-core/meta/classes-recipe/cmake.bbclass:10
# "cmake-native "
# :append /OE/build/oe-core/openembedded-core/meta/classes-recipe/python3native.bbclass:11
# " python3-native "
# append /OE/build/oe-core/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc:28
# "python3-lxml-native libpng zlib virtual/libgles2 qemu-native"
# :append[libc-musl] /OE/build/oe-core/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc:38
# " libexecinfo"
# rename (to) classextend.py:108 [map_depends_variable]
# "DEPENDS_NONML"
# set classextend.py:109 [map_depends_variable]
# "${@oe.classextend.get_depends('DEPENDS', d)}"
# append classextend.py:110 [map_depends_variable]
# [vardeps] " DEPENDS_NONML"
# append cmake.bbclass:25 [__anon_30__OE_build_oe_core_openembedded_core_meta_classes_recipe_cmake_bbclass]
# " ninja-native"
# append khronos-cts.inc:77 [__anon_80__OE_build_oe_core_meta_openembedded_meta_oe_recipes_graphics_vk_gl_cts_khronos_cts_inc]
# " wayland-native wayland wayland-protocols"
# append khronos-cts.inc:79 [__anon_80__OE_build_oe_core_meta_openembedded_meta_oe_recipes_graphics_vk_gl_cts_khronos_cts_inc]
# " virtual/libx11 virtual/egl "
# pre-expansion value:
# "${@oe.classextend.get_depends('DEPENDS', d)} ninja-native wayland-native wayland wayland-protocols virtual/libx11 virtual/egl "
DEPENDS="cmake-native lib32-libpng pkgconfig-native python3-lxml-native python3-native qemu-native virtual/lib32-arm-oemllib32-linux-gnueabi-compilerlibs virtual/arm-oemllib32-linux-gnueabi-gcc virtual/lib32-libc virtual/lib32-libgles2 lib32-zlib ninja-native wayland-native wayland wayland-protocols virtual/libx11 virtual/egl "
* lib32-opengl-es-cts-dev runtime depending on 64bit wayland-dev wayland-protocols-dev
as caught by multilib QA check:
ERROR: QA Issue: lib32-opengl-es-cts package lib32-opengl-es-cts-dev - suspicious values 'wayland-dev wayland-protocols-dev' in RRECOMMENDS [multilib]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* see https://jira.mongodb.org/browse/SERVER-30893
* fixes:
aarch64-oe-linux-gcc -fstack-protector-strong -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=TOPDIR/BUILD/work/mach-oe-linux/mongodb/4.4.13-r0/recipe-sysroot -o build/opt/third_party/wiredtiger/src/checksum/arm64/crc32-arm64.o -c -std=c11 -fno-omit-frame-pointer -fno-strict-aliasing -fasynchronous-unwind-tables -ggdb -pthread -Wall -Wsign-compare -Wno-unknown-pragmas -Winvalid-pch -O2 -Wno-unused-local-typedefs -Wno-unused-function -Wno-deprecated-declarations -Wno-unused-const-variable -Wno-unused-but-set-variable -Wno-missing-braces -Wno-exceptions -fstack-protector-strong -fPIE -DNDEBUG -D_XOPEN_SOURCE=700 -D_GNU_SOURCE -D_FORTIFY_SOURCE=2 -DBOOST_THREAD_VERSION=5 -DBOOST_THREAD_USES_DATETIME -DBOOST_SYSTEM_NO_DEPRECATED -DBOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS -DBOOST_ENABLE_ASSERT_DEBUG_HANDLER -DBOOST_LOG_NO_SHORTHAND_NAMES -DBOOST_LOG_USE_NATIVE_SYSLOG -DBOOST_LOG_WITHOUT_THREAD_ATTR -DABSL_FORCE_ALIGNED_ACCESS -DHAVE_VERBOSE -DHAVE_FALLOCATE -DHAVE_SYNC_FILE_RANGE -DHAVE_ARM_NEON_INTRIN_H -D_GNU_SOURCE -DHAVE_BUILTIN_EXTENSION_ZLIB -DHAVE_BUILTIN_EXTENSION_SNAPPY -DHAVE_BUILTIN_EXTENSION_ZSTD -Isrc/third_party/zstandard-1.4.3/zstd/lib -Isrc/third_party/snappy-1.1.7 -Ibuild/opt/third_party/wiredtiger -Isrc/third_party/wiredtiger -Ibuild/opt/third_party/wiredtiger/src/include -Isrc/third_party/wiredtiger/src/include -Ibuild/opt/third_party/wiredtiger/build_linux -Isrc/third_party/wiredtiger/build_linux src/third_party/wiredtiger/src/checksum/arm64/crc32-arm64.c
cc1: warning: command-line option '-Wno-exceptions' is valid for C++/ObjC++ but not for C
/tmp/ccGvwFgu.s: Assembler messages:
/tmp/ccGvwFgu.s:45: Error: selected processor does not support `crc32cb w2,w2,w3'
/tmp/ccGvwFgu.s:77: Error: selected processor does not support `crc32cx w2,w2,x4'
/tmp/ccGvwFgu.s:103: Error: selected processor does not support `crc32cb w2,w2,w0'
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
* the branch was renamed upstream
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2
and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote
authenticated user can trigger a kadmind crash. This occurs because
_xdr_kadm5_principal_ent_rec does not validate the relationship
between n_key_data and the key_data array count.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-36054
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c
and /elf/elf.c, which allows the attacker to cause a denial of service via a
crafted file.
References:
https://github.com/yasm/yasm/issues/233
https://nvd.nist.gov/vuln/detail/CVE-2023-37732
Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause
a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-47022
https://github.com/open-mpi/hwloc/issues/544
Upstream patches:
https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to latest release of latest LTS 18 release
License-Update: [1] [2] [3]
The following CVEs are fixed in this release:
CVE-2023-32002
CVE-2023-32006
CVE-2023-32559
[1] https://github.com/nodejs/node/commit/0cfdb3affa518bf55cfd8120f0286099fabfb22a
[2] https://github.com/nodejs/node/commit/2ea6e030038d86376dea748f702ed14018f99aba
[3] https://github.com/nodejs/node/commit/261e1d23d11053b373ea51745f6c1187440c2b08
https://github.com/nodejs/node/releases/tag/v18.17.1
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Drop unneeded autotools-brokensep class inherit, this package has
traditional makefile build.
This change also fixes the below buildpaths issue altogether.
WARNING: mcelog-191-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/mcelog in package mcelog-dbg contains reference to TMPDIR [buildpaths]
(cherry picked from commit 29e6c4928cfbfe3a00921b956938781d53563582)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Khronos-cts.inc is used for building vulkan-cts or opengl-es-cts. Even
though vulkan-cts depends on vulkan-loader, which automatically
requires vulkan distro feature, it is more explicitly stated if written
here next to opengl.
Some systems do not support a windowing service (like wayland) but still
might use standard khronos GPU libraries. For these cases, wayland
dependancy is invalid.
Patch replaces the invalid wayland distro feature dependancy with
vulkan for clarity.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
php 8.2.7 is a security release and the php 8.2.8 is a bug fix release
and more details at [1].
[1] https://www.php.net/ChangeLog-8.php#8.2.7
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Handle null return from iniparser_getstring to fix CVE-2023-33461.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport 2 patches [1] [2] to fix CVE-2023-33460.
[1] https://github.com/openEuler-BaseService/yajl/commit/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf
[2] https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Refer:
https://github.com/redis/redis/releases/tag/7.0.12
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Refer:
https://github.com/redis/redis/releases/tag/6.2.13
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
yasm v1.3.0 was discovered to contain a memory leak via the function
yasm_intnum_copy at /libyasm/intnum.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-31975
https://github.com/yasm/yasm/issues/210
Upstream patches:
https://github.com/yasm/yasm/commit/b2cc5a1693b17ac415df76d0795b15994c106441
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Update the SRC_URI to fix the do_fetch warning.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
Update the SRC_URI to fix the do_fetch error.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh 0001-Disable-running-gyp-files-for-bundled-deps.patch against 18.16.1
License-Update: Add missing licenses for Ada [1] BSD, Simduf [2] BSD, posteject
[3] MIT
[1] https://github.com/nodejs/node/commit/0bc4c17e5705ea042cda392343d7301bb91873ed
[2] https://github.com/nodejs/node/commit/c9845fc3341fcdce298ad7f1630e329d71a6e746
[3] https://github.com/nodejs/node/commit/4aaec0726694ad0d3cb05d7f2593a90363c32f32
The list of the CVEs are fixed in this relase:
CVE-2023-30581
CVE-2023-30585
CVE-2023-30588
CVE-2023-30589
CVE-2023-30590
https://github.com/nodejs/node/releases/tag/v18.16.1
https://github.com/nodejs/node/releases/tag/v18.16.0
https://github.com/nodejs/node/releases/tag/v18.15.0
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current use of RDEPENDS to add a dependency on bats results
in the QA warning/error
lib32-libgpiod package lib32-libgpiod-ptest-dev - suspicious values
'bats-dev' in RRECOMMENDS [multilib]
when building lib32-libgpiod with ptest not enabled. We add the
dependency only if ptest is enabled.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9904bd6a24ed9327bd05926ba28f9c2ea49e34dd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://c-ares.org/changelog.html
c-ares version 1.19.1 - May 22 2023
Security:
CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS
query IDs
CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during
cross compilation
Bug fixes:
Fix uninitialized memory warning in test
Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses
ares_getaddrinfo() should allow a port of 0
Fix memory leak in ares_send() on error
Fix comment style in ares_data.h
Remove unneeded ifdef for Windows
Fix typo in ares_init_options.3
Re-add support for Watcom compiler
Sync ax_pthread.m4 with upstream
Windows: Invalid stack variable used out of scope for HOSTS path
Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
affects <= 0.13.0
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A vulnerability classified as problematic was found in OpenCV
wechat_qrcode Module up to 4.7.0. Affected by this vulnerability
is the function DecodedBitStreamParser::decodeByteSegment of the
file qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation
leads to null pointer dereference. The attack can be launched
remotely. The exploit has been disclosed to the public and may
be used. It is recommended to apply a patch to fix this issue.
The associated identifier of this vulnerability is VDB-228547.
Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit 0abf5af3ffd3d13c009a8ffcd5a6f045c36be837
libopencv-ts package is not empty and libopencv_ts libraries are
not all installed in the -dev package, these libraries are needed
for sdk development listed in opencv4.pc file.
Signed-off-by: Sandeep Gundlupet Raju <sandeep.gundlupet-raju@amd.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Look for level transitions when testing toggling
values because using fixed delays to assume value
changes is not reliable.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
cherry-pick from meta-oe/master 45a8bb2620...
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you try to build libblockdev with an empty PACKAGECONFIG then the
configure fails.
Add autoconf-archive, glib-2.0, and udev; these were implicitly pulled
in via other dependencies. Move kmod to DEPENDS as it's a hard
requirement.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f14663746bd519650c8654bbf91971a0a96c109e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This can be satisfied via transitive dependencies, but make it an
explicit DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5fca30d672c291b1af8284d6d5cbfc520c95d4fc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This can be satisfied via transitive dependencies, but make it an
explicit DEPENDS.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit dbbafeceb4f84625d6eab59c50500b6b8347c613)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recipes are not expected to set FILESPATH directly, they are
expected to use FILESEXTRAPATH.
I can see the seting of FILESPATH in this recipe only wants to
find redis-7 specific patches and files. This could be easily achieved by
using redis-7.0.11/ directory to hold all those files.
Using FILESPATH in this way removes the possibility of overriding
some files (e.g., the redis service file) from other layers via
FILESEXTRAPATH:prepend, which is kind of a common practice and is
actually working for basically all other recipes.
This is because we have:
meta/classes-global/base.bbclass:FILESPATH = "${@base_set_filespath(["${FILE_DIRNAME}/${BP}", "${FILE_DIRNAME}/${BPN}", "${FILE_DIRNAME}/files"], d)}"
And FILESEXTRAPATH is handled in base_set_filespath.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
c-ares is an asynchronous resolver library. c-ares is vulnerable
to denial of service. If a target resolver sends a query, the attacker
forges a malformed UDP packet with a length of 0 and returns them to
the target resolver. The target resolver erroneously interprets the 0
length as a graceful shutdown of the connection. This issue has been
patched in version 1.19.1.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-32067
https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
pahole need to line up with kernel's architectures bitsize,
so add it to NON_MULTILIB_RECIPES.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
| |
using libbpf-native provided headers for pahole-native or other application.
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Ensures that we do not apply empty sed expression which might happen
when building native recipe
Cc: jan vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit fcdb991b8015e77353517fb327d0def2a23b0173)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per gnulib_2018-03-07 recipe information,
SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3"
This revision was committed on "2018-12-18".
There is a discrepancy between SRCREV and the recipe version.
Which reports "CVE-2018-17942" as unpatched.
To report "CVE-2018-17942" as patched,
We need to align a recipe name with SRCREV commit date.
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9edbe7033cc41f4a49f74717cd3146b52588ce22)
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use sed to change scripts to reference ${baselib}. The
former set of scripts modified was incomplete.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1cc72c41af0c6a55a10be9158a2f856b02a56282)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
| |
Ensures all compiler options are passed to build
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit eb0878eccffa9e644c5e5a9563353ab1007b5ecd)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Configure emits HAVE_CC variable to be used in sourcecode and its built
from CC env var, CC in OE contains buildpaths in --sysroot option,
therefore edit this option out in configure.ac itself and remove all
other workarounds to fix this issue in recipe
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c0a344ab713d213933d59875f74ce89612c877c3)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Do not add builddir to search paths for cgdb.txt
Fixes
WARNING: cgdb-0.8.0-r0 do_package_qa: QA Issue: File /usr/bin/cgdb in package cgdb contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ee2f57c7c3b489ddaab3343b9501f6257c65dcee)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes
File /usr/lib/libwinpr2.so.2.10.0 in package libfreerdp contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f523a41888cc0958115aaf762ae397d559f47725)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
bison/flex emits line directives which can be safely removed from
generated files.
agent_version.h is generated by cmake which has build information like
compiler and cflags etc. which contains buildpaths too, therefore
replace real workdir with <WORKDIR>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 0d2df1e4c404fd93ee0095a15db00d17f2321e18)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
| |
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d9fb985b87cd8a8057f77801dde3c556e41e7294)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Pass CFLAGS from environment
Fixes
WARNING: uml-utilities-20040406-r1 do_package_qa: QA Issue: File /usr/lib/uml/.debug/port-helper in package uml-utilities-dbg contains reference to TMPDIR
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a1d047bae79fb2a747b204b941aa5af5ada28d6e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes
WARNING: libnice-0.1.21-r0 do_package_qa: QA Issue: File /usr/src/debug/libnice/0.1.21-r0/agent/agent-enum-types.h in package libnice-src contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e34fa43eece60c60b0732ec7a2726ec6489794b9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
