| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
5915b0ea6746 Linux 5.4.159
abc49cc45d0a rsi: fix control-message timeout
64e6632ab4c1 media: staging/intel-ipu3: css: Fix wrong size comparison imgu_css_fw_init
6c382b63658e staging: rtl8192u: fix control-message timeouts
f66258cb60e4 staging: r8712u: fix control-message timeout
88a252ff782c comedi: vmk80xx: fix bulk and interrupt message timeouts
1ae4715121a5 comedi: vmk80xx: fix bulk-buffer overflow
199acd8c110e comedi: vmk80xx: fix transfer-buffer overflows
b0156b7c9649 comedi: ni_usb6501: fix NULL-deref in command paths
3efb7af8ac43 comedi: dt9812: fix DMA buffers on stack
6e80e9314f8b isofs: Fix out of bound access for corrupted isofs image
adc56dbfc4aa printk/console: Allow to disable console output by using console="" or console=null
589ac131b3ab binder: don't detect sender/target during buffer cleanup
b60e89b63eb9 usb-storage: Add compatibility quirk flags for iODD 2531/2541
5c3eba290479 usb: musb: Balance list entry in musb_gadget_queue
161571745de1 usb: gadget: Mark USB_FSL_QE broken on 64-bit
d6013265a779 usb: ehci: handshake CMD_RUN instead of STS_HALT
6d000e1c1625 Revert "x86/kvm: fix vcpu-id indexed array sizes"
(From OE-Core rev: 9c37c738a645b472175b93431deb47b47a1442e7)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When boot with "init=/sbin/bootchartd" as below:
# runqemu qemux86 bootparams="init=/sbin/bootchartd"
There are two bootchartd process after boot [1].
# ps -ef | grep bootchart
root 101 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd
root 103 101 8 03:27 ? 00:00:02 /lib64/bootchart/bootchart-collector 50
root 106 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd
root 792 106 0 03:27 ? 00:00:00 /lib64/bootchart/bootchart-collector --usleep 1000000
root 794 725 0 03:27 ttyS0 00:00:00 grep bootchart
# /sbin/bootchartd stop
[bootchart] bootchart-collector started as pid 596 with 2 args:
[bootchart] '--dump'
[bootchart] '/tmp/bootchart.3lXpVDAq3v'
[bootchart] Extracting profile data from pid 204
[bootchart] map 0xbed9a000 -> 0xbedbb000 size: 132k from 'bed9a000' 'bedbb000'
[bootchart] read 135168 bytes of 135168
[bootchart] reading 150 chunks (of 150) ...
[bootchart] wrote 18760 kbB
[bootchart] bootchart-collector pid: 596 unmounted proc / clean exit
But there still one process exist after the above stop command finish.
# ps -ef | grep bootchartd
root 202 1 0 09:09 ? 00:00:00 /bin/sh /sbin/bootchartd
root 629 516 0 09:10 ? 00:00:00 grep bootchartd
Remove the wait_boot which used to wait the boot process to finish to
make sure only one bootchartd process and meanwhile we don't need the
wait_boot logic because we either use "/sbin/bootchartd stop" to stop
the bootchartd manually or install package bootchartd-stop-initscript
altogether with bootchart2 to stop bootchartd automatically after boot.
After patch:
# ps -ef | grep bootchart
root 101 1 0 03:36 ? 00:00:00 /bin/sh /sbin/bootchartd
root 103 101 6 03:36 ? 00:00:04 /lib64/bootchart/bootchart-collector 50
root 596 592 0 03:37 ttyS0 00:00:00 grep bootchart
[1] https://github.com/xrmx/bootchart/issues/94
(From OE-Core rev: 058d6f5e6186c136c834fdb1303e28c6b9402ccd)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cc34e3bdedc045baf97ebc2258295d9433cb332e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Dropbear shares a lot of code with other SSH implementations, so this is
a port of CVE-2018-20685 to dropbear by the dropbear developers.
Reference:
https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff
CVE: CVE-2020-36254
Upstream-Status: Backport
(From OE-Core rev: 10712b736d7cbde897c5aab30e969c04740dce34)
Signed-off-by: Ernst Sjöstrand <ernst.sjostrand@verisure.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server
address. This is similar to CVE-2020-8284 for curl.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-40491
Patch from:
https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd
(From OE-Core rev: 22de3b937dda28a6aa4113549f32f36d67b6751d)
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Use After Free in vim/vim
Upstream-Status: Backport [https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9]
CVE: CVE-2021-4069
(From OE-Core rev: 9db3b4ac4018bcaedb995bc77a9e675c2bca468f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whitelist CVE-2016-20012 as the upstream OpenSSH developers
see this as an important security feature and do not intend to
'fix' it.
Link: https://security-tracker.debian.org/tracker/CVE-2016-20012
https://ubuntu.com/security/CVE-2016-20012
(From OE-Core rev: 79c677e994399611819e1e382b3e1b0be16eb6e1)
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2021-41617
Link: https://bugzilla.suse.com/attachment.cgi?id=854015
(From OE-Core rev: a4e272700e18ca7e86e24ce4e24031ce7745c87b)
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improper access control in BlueZ may allow an authenticated user to
potentially enable information disclosure via adjacent access.
This issue can be fixed in the kernel, in BlueZ or both. This patch
fixes it on the BlueZ side, so that the configuration no longer
depends on the kernel fix.
https://nvd.nist.gov/vuln/detail/CVE-2021-012
(From OE-Core rev: 573ff24c5ba7836b4dd7f95b6e7c7244b80f9d00)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
| |
(From OE-Core rev: 90a07178ea26be453d101c2e8b33d3a0f437635d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
With the sdl frontend, qemu isn't able to even boot fully,
so let's skip the test early.
(From OE-Core rev: 74bb94a7d249b5c53f3e1d15688a3a323fc8e828)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The commit 'meta/scripts: Manual git url branch additions (dc53fe75cc)'
forget the url branch= parameter in the devtool git fetch test.
(From OE-Core rev: 7d26bdcfef6473f64c73e8507bce334e010c3cad)
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1419168a58a5caf99e24ada08c9ab639344a78b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The commit 'meta/scripts: Manual git url branch additions (dc53fe75cc)'
sets the branch= parameter too early to master and thereby breaks the
-B/--srcbranch option.
ERROR: branch= parameter and -B/--srcbranch option cannot both be specified - use one or the other
(From OE-Core rev: 2bc6deb34aee7542d7086c24b166083c562a6a01)
Signed-off-by: Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 34ece8030e7a6a100b5e3e7b94e6c786c0e199a6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If runqemu is killed, check that we have a valid PID for the qemu before
sending a kill() to it.
[ YOCTO #14651 ]
(From OE-Core rev: 7f95eb486a2d07cf0c821d5301fd670de34fe2d1)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0f3afbd3a6a6bef668612f818517df7543c0a683)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When CONFIG_TRACEPOINTS is not enabled in kernel config - module
compilation is skipped, which causes the ${D}/${nonarch_base_libdir} not
to be created.
This fails later in do_install:append() due to the fact that find
command in executed for non-existing folder.
Check for folder existence before find command in executed.
(From OE-Core rev: db8a8b53f440f37731c7c5db9561ac46ef59d891)
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de0aa1700ed4e6f04b0a233eb1f6d2ac598e7ed8)
Signed-off-by: Aníbal Limón <anibal.limon@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wic fstab-update creates invalid entries for partitons that are not supposed to
be mounted from userspace eg u-boot partitions.
The following lines were added to fstab on a rock-pi-4:
/dev/mmcblk1p1 loader1 vfat defaults 0 0
/dev/mmcblk1p2 reserved1 vfat defaults 0 0
/dev/mmcblk1p3 reserved2 vfat defaults 0 0
/dev/mmcblk1p4 loader2 vfat defaults 0 0
/dev/mmcblk1p5 atf vfat defaults 0 0
/dev/mmcblk1p6 /boot vfat defaults 0 0
With this patch only valid entries should be added
/dev/mmcblk1p6 /boot vfat defaults 0 0
(From OE-Core rev: 3c8e50b073a1505cc3586ca51dfe1e75338feafc)
Signed-off-by: MarkusVolk <f_l_k@t-online.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7aa678ce804c21dc1dc51b9be442671bc33c4041)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2021-423xx-awk.patch fixes below listed CVEs for busybox:
CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381,
CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386
(From OE-Core rev: 37a92e6d4399cdb36d24b988d77aa41b1e205a90)
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The CVE applies to binutils 2.26 and not to gcc so ignore there.
(From OE-Core rev: 71a6d3c31775c6b2db38e194992e0ffce637c827)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change fixes patches for two issues reported in a research
paper [1]: a side channel attack (*) and a cross-configuration
attack (**).
In this commit we add a fix for (*) that wasn't marked as a CVE
initially upstream. A fix of (**) previosly available in OE
backports is in fact fixing CVE-2021-40528, not CVE-2021-33560
as marked in the commit message.
We commit the accual fix for CVE-2021-33560 and rename the
existing fix with the correct CVE-2021-40528.
For details of the mismatch and the timeline see [2] (fix of the
documentation) and [3] (the related ticket upstream).
[1] https://eprint.iacr.org/2021/923.pdf
[2] https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13
[3] https://dev.gnupg.org/T5328#149606
(From OE-Core rev: 0ce5c68933b52d2cfe9eea967d24d57ac82250c3)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with
supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed.
(From OE-Core rev: 15ccac9307a8a3a69ea7e9e611688dbb63df32aa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 679fc70f907fb221f4541ebf30c1610e937209b7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From meta-yocto rev: fab607a8c53b419fa7109394edbf4e2e9d3c8b8a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
No longer defined in BitBake
(From yocto-docs rev: c00596374d2c6ddd1b81e536972aa8fc807e60b9)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix reference to the latest 3.0.x version
Aligning releases.rst and sphinx-static/switchers.js
with the contents in master-next
(From yocto-docs rev: 77db6738d58ba4bdc68deb74775c00a332fcc86c)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
| |
(From yocto-docs rev: e8d6b264f1093f47822ebffc117cb67656fd7e03)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Reported-by: Quentin Schulz <foss@0leil.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update URLs to what they actually redirect to.
Cc: Quentin Schulz <foss+yocto@0leil.net>
(From OE-Core rev: f788765e1b9832d0da8ec4ce49aa811115864b0e)
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ec2131070cae6c3933e5b08986e8245fcd9deb99)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: eee2103640d15011cb40d719769ecb4ce42095fb)
Signed-off-by: Dhruva Gole <goledhruva@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8ea17456ae5318ed7a3b4c8f75c8441456d8b979)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`googlemock` has been absorbed into the
[googletest](https://github.com/google/googletest) project and is built
and installed from the same source tree.
`googletest` has provided a CMake Config-file Package starting with
GTest 1.8.1. `find_package(GTest ...)` by default dispatches first to
CMake Find Module. Starting with CMake commit
2327b4330cce157d616ff8b611b3e77568d00351 in CMake v3.20.0 the module
dispatches onward to the Config-file Package so that the same targets
are available. In pre v3.20.0 versions of CMake however the Find Module
masks the targets provided by the upstream `GTest` package.
Update `Modules/FindGTest.cmake` to provide the same targets as the
CMake Config-file Package and backwards compatible targets and result
variables.
(From OE-Core rev: 3b05fb01ec0e51c85d8ed62618467e57be91b928)
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix deprecation warnings about invalid escape sequences.
(From OE-Core rev: 3f23e40581f90b6a7c5a280e049a0188b8be8d75)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 43542614395150e8fa34133ba0fc7ee90f215bcb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code was assuming that the a recipe with only one srcrev wouldn't "name"
it. This isn't the case as the glibc or bzip2 recipes show, you can have
a single srcrev which is named.
We can pull the data from the fetcher and in fact we already have it, we just
need to handle the "default" case and make that code the default for all srcrev
regardless of length.
[YOCTO #14017]
(From OE-Core rev: 9a7ea10660d0efd87e8cadf866e6dbed112b7f94)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 45ae567932ba52b758eb41754453e9828d9533a1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[Khem Raj]
defaults for gcc is to use -fno-common this ensures that it keeps
building with gcc -fno-common
Fixes
src/arm/Ginit.c:60: multiple definition of `_U_dyn_info_list'; mi/.libs/dyn-info-list.o:/usr/src/debug/libunwind/1.4.0-r0/build/src/../../libunwind-1.4.0/src/mi/dyn-info-list.c:28: first defined here
[Philippe Coval]
Change and related patch ported to dunfell branch on 1.3.1 version
(From OE-Core rev: 0c12a3a3008ec1202dff3b4986029dd1a4e8f9a7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Origin: https://github.com/openembedded/openembedded-core/commit/6cd2cf6525bcb241b3a2538e559fcef2a2084a7e
Signed-off-by: Philippe Coval <philippe.coval@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Keep installed packages in upgrade job
This prevents duplicate identical packages from being reinstalled
with each upgrade
(From OE-Core rev: 87c413d2a9554412d02dee4534febfafdbe4a4c1)
Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Mark goal.upgrade with sltr as targeted
This allows a bugfix in dnf to work
(From OE-Core rev: f17edb6854985ffb1a43b8288253f9618334fc3f)
Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notes for BIND 9.11.35
Security Fixes
named failed to check the opcode of responses when performing zone refreshes,
stub zone updates, and UPDATE forwarding. This could lead to an assertion
failure under certain conditions and has been addressed by rejecting responses
whose opcode does not match the expected value. [GL #2762]
(From OE-Core rev: ede9176c53d2de5559a15f48f2a0a3a31a331d1b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Notes for BIND 9.11.34
This maintenance release of BIND 9.11 contains no significant changes,
although some minor updates have been made (for example, to fix build
issues on Solaris 11).
(From OE-Core rev: ec9d6b2dc3e64715286bd93c789887b3ea0d4e3c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Notes for BIND 9.11.33
This maintenance release of BIND 9.11 contains no significant changes,
although some minor updates have been made (for example, to eliminate
compiler warnings emitted by GCC 11).
(From OE-Core rev: ee9986b305250b5940e38c1aeac69ec0c958d923)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems like CVE-2021-33928, CVE-2021-33929, CVE-2021-33930 and
CVE-2021-33938 are pointing to same patch as CVE-2021-3200
So add CVE tag inside the patch file which is the remedy for
CVE-2021-33928, CVE-2021-33929, CVE-2021-33930 and CVE-2021-33938
Link:
https://ubuntu.com/security/CVE-2021-3200
https://ubuntu.com/security/CVE-2021-33928
https://ubuntu.com/security/CVE-2021-33929
https://ubuntu.com/security/CVE-2021-33930
https://ubuntu.com/security/CVE-2021-33938
(From OE-Core rev: 371c247a78da64fefb0daa166e90c4fdd0745eed)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add patch to fix CVE-2021-39537
Link: http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/Attic/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
(From OE-Core rev: abe9e7aec3b3363927eed014775145c55710fa07)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport a fix for -3972, and whitelist -3968: it isn't valid as it
fixes a bug which was introduced after 8.2.
(From OE-Core rev: ba1ae7dcd2eeb57a6e288449a26a6121c6ccac5c)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bec5caadfb53638748d8c41ce7230c2bf7808d27)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A NULL pointer dereference in Busybox's hush applet leads to denial of service
when processing a crafted shell command, due to missing validation after
a \x03 delimiter character.
This may be used for DoS under very rare conditions of filtered command input.
Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42376
(From OE-Core rev: 58e49c94d5305875188110aecdefe77c0afdfcb7)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An out-of-bounds heap read in unlzma leads to information leak and
denial of service when crafted LZMA-compressed input is decompressed.
This can be triggered by any applet/format that internally supports
LZMA compression.
Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42374
(From OE-Core rev: 297719989ebe8ce7d50e3991cba3e268938690ce)
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add patches for below CVE issues:
CVE-2021-27218
CVE-2021-27219
CVE-2021-28153
Link: https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz
Also, add regression patchs for CVE-2021-27219.
CVE-2021-27219-reg1-3.patch is not relevant for glib2.0 v2.64
(From OE-Core rev: 4fb30dd540b1fb56a14237e21e84b22f8b515dc5)
Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When adding a layer, parse error can occur, raising BBHandledException.
Catch this and error, aborting the layer add to meet user expectations.
[YOCTO #14054]
(Bitbake rev: f18b65d0b9a6b983d53bde491e1bf2ca56949444)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ceddb5b3d229b83c172656053cd29aeb521fcce0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
>From tinfoil, if you edit bblayers.conf and break it, then call
parseConfiguration (e.g. by adding a bad layer with bitbake-layers),
the system doens't show any parse error yet it should.
Add in a call to the updateCache function so that things really
are reparsed when requested.
Partially fixes [YOCTO #14054]
(Bitbake rev: a6ad6eaf4cddbe45077d1e6cb667f71602b8a49d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e655f9361b9c3b77906b8e06b5cc76bc5180640e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The license statement already includes BSD-2-Clause and BSD-3-Clause, so
remove the redundant and ambiguous BSD license.
(From OE-Core rev: 5c0b03cda19bcebfc71e1e601a4336fcda4bfc2b)
(From OE-Core rev: f61fcb6e176f19f1e768ce63a693f238713c8887)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
(cherry picked from commit 7eaab4b261017ae49926b4f18228a3af9906c19c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update LICENSE to show that BSD-2-Clause, BSD-3-Clause and BSD-4-Clause
are all present.
(From OE-Core rev: d17938953fc2524bc5f04db4409a47aa400e756a)
(From OE-Core rev: efe0bb929bb6e480110ceae567bf3c8d5ca5f379)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
(cherry picked from commit e42870e233a85bc0d55395ef110b7445dfe784f8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the distro does not include the group 'wheel' systemd will
complain when trying to parse ACL rules for tmpfiles.d.
systemd-tmpfiles[273]: Failed to parse ACL "d:group:adm:r-x,d:group:wheel:r-x": Invalid argument. Ignoring
Systemd has a configuration parameter to avoid using 'wheel'
group in the standard config files for tmpfiles. Add this as
a PACKAGECONFIG and enable it by default to keep default.
(From OE-Core rev: 1b5648e6aeb9837cb807ce086c26fbfaa16f6f8b)
(From OE-Core rev: 88d2c3d807a5f6bdd858de39506762aaca834aa9)
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 457cc45f51e78a532930d0347de271f24ae0a2ee)
Upstream-Status: Backport
Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Sana Kazi <sanakazisk19@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
| CALL /OE/poky-master/build/tmp/work-shared/qemuarm64/kernel-source/scripts/checksyscalls.sh
| CALL /OE/poky-master/build/tmp/work-shared/qemuarm64/kernel-source/scripts/atomic/check-atomics.sh
| LDS arch/arm64/kernel/vdso/vdso.lds
| CC arch/arm64/kernel/vdso/vgettimeofday.o
| AS arch/arm64/kernel/vdso/note.o
| AS arch/arm64/kernel/vdso/sigreturn.o
| LD arch/arm64/kernel/vdso/vdso.so.dbg
| VDSOSYM include/generated/vdso-offsets.h
| OBJCOPY arch/arm64/kernel/vdso/vdso.so
| objcopy: Unable to recognise the format of the input file `arch/arm64/kernel/vdso/vdso.so.dbg'
| /OE/poky-master/build/tmp/work-shared/qemuarm64/kernel-source/arch/arm64/kernel/vdso/Makefile:61: recipe for target 'arch/arm64/kernel/vdso/vdso.so' failed
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
Cc: Nishanth Menon <nm@ti.com>
(From OE-Core rev: 225ae178fc5fcdca17d9afab74193f8bd451b46a)
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ddad8183490c725062626fa52985da2b04a2aa8f)
Reported-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
(From OE-Core rev: c8c0757f06a8cfa2159575e0b98530b899a889b1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 938e4dfb68a465f61cb754b2cd28d0728616b5a9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
(From OE-Core rev: 392d9878e9a195503bbc66e5ed2fadce9d632902)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f2504115f08b173d919d9abe507a0ba440b0d4df)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Current code hardcodes archiver to be 'ar' from build host
(From OE-Core rev: 99435486248731700d11144c909a9d688e35dd1d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 74ed1d10434213ad3fcf54ded49879090f979e1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
DISTRO_CODENAME is part of VERSION variable but not used as dependency
for do_compile task. Append it to the vardeps list to rebuild in case it
changes.
(From OE-Core rev: f73a0fbe29434e26285b220964a0d0567c87dbf0)
Signed-off-by: Daniel Gomez <daniel@qtec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee0345057459c6d77fb64902a955e836c6c1e8e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
