summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
...
* gnu-config: update SRC_URIMinjae Kim2022-03-311-1/+1
| | | | | | | | | | | The git repo for gnu-config was changed, so update the SRC_URI accordingly with the new link. (From OE-Core rev: 4ee75d865b34f615bc649004e9dd0460eaf42dbf) Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apt: backport patch fix for CVE-2020-3810Davide Gardenal2022-03-312-0/+175
| | | | | | | | | | | | | Upstream commit: https://salsa.debian.org/apt-team/apt/-/blob/dceb1e49e4b8e4dadaf056be34088b415939cda6/apt-pkg/contrib/arfile.cc CVE: CVE-2020-3810 (From OE-Core rev: 2c58d4691b07230616272f2727e0ad0a345064be) Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: backport patch fix for CVE-2020-13791Davide Gardenal2022-03-312-0/+45
| | | | | | | | | | | | | Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html CVE: CVE-2020-13791 (From OE-Core rev: 6d4e6302fa21b1c663b94b05088ecf9b9d544c0a) Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: ignore CVE-2022-26488Ross Burton2022-03-311-1/+1
| | | | | | | | | | | | This CVE is specific to Microsoft Windows, so we can ignore it. (From OE-Core rev: d966a07d1f04aa76a4970d4af141f817197be0d2) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 2bd3c5a93988140d9927340b3af68785ae03db65) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.8.12 -> 3.8.13Tim Orling2022-03-232-22/+26
| | | | | | | | | | | | | | | | | | | | Security and bug fixes (including upgrades for security and bug fixes to bundled components). For changes see: https://docs.python.org/release/3.8.13/whatsnew/changelog.html#python-3-8-13-final CVE: CVE-2022-26488 License-Update: Add 2022 to copyright years * Update bpo-36852 patch to apply after change in 3.8.13 (From OE-Core rev: bcad36b6d34b3176dc313ed6af99897cc442bf2b) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: backport fix for CVE-2020-13253Davide Gardenal2022-03-236-0/+446
| | | | | | | | | | | | | | | | Backport commits from the following MR: https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6 Two other commits have been backported in order to be able to correctly apply the patches. CVE: CVE-2020-13253 (From OE-Core rev: b258b0deccde2d8fd2c4372dd0f376c7b95945f5) Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml-parser-perl: Add missing RDEPENDSRichard Purdie2022-03-091-0/+1
| | | | | | | | | | | | Running the ptest package in an image alone highlighted missing module dependencies. Add them to fix those errors. (From OE-Core rev: 6e98fdf7832fed3d93645ed69f62c8df5e89b96b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3859f49db2d694c7b63fdbe25be0018afba5c738) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bootchart2: Add missing python3-math dependencyMarek Vasut2022-03-091-1/+1
| | | | | | | | | | | | | | | | Without this dependency, generating the bootchart may fail with: " ModuleNotFoundError: No module named 'random' " (cherry picked from commit 487e9f16a00f895159b79f1865fe8b626b47ddc2) (From OE-Core rev: 123d4a673dadfee14d5ad8bbc503405da9602bb0) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Mingli Yu <mingli.yu@windriver.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: fix CVE-2022-23772Minjae Kim2022-03-092-0/+51
| | | | | | | | | | | | | | | math/big: prevent large memory consumption in Rat.SetString An attacker can cause unbounded memory growth in a program using (*Rat).SetString due to an unhandled overflow. Upstream-Status: Backport [https://go.dev/issue/50699] CVE: CVE-2022-23772 (From OE-Core rev: e4d15040f62744265b9236ad7276f3371a9172da) Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* go: fix CVE-2022-23806Minjae Kim2022-03-092-0/+143
| | | | | | | | | | | | | | | | | crypto/elliptic: fix IsOnCurve for big.Int values that are not valid coordinates Some big.Int values that are not valid field elements (negative or overflowing) might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid curve operation. Note that Unmarshal will never return such values. Upstream-Status: Backport [https://go.dev/issue/50974] CVE: CVE-2022-23806 (From OE-Core rev: eb7aa0929ecd712aeeec0ff37dfb77c3da33b375) Signed-off-by:Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: 2.7.4 -> 2.7.5Chee Yang Lee2022-03-021-2/+2
| | | | | | | | | | | | | This release includes security fixes. CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods CVE-2021-41816: Buffer Overrun in CGI.escape_html CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse (From OE-Core rev: a7935c9c4a47098f0c1b2eefdf7773bd85891945) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix DEPENDS appendKonrad Weihmann2022-02-231-1/+1
| | | | | | | | | | | | | | | | | | recent change create a blank scope of DEPENDS for class-target, basically leaving out all general dependencies, leading to the effect that ruby will be shipped without the runtime dependencies of zlib, openssl and libffi, making the corresponding gems unusable at runtime. As the class-target scope should be appended only the correct override is append:class-target (From OE-Core rev: 81fab225daf798792c139f669f5bfd96d9fd25a8) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8f92444d388d2406be7d317578908975784d3f22) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: correctly set native/target dependenciesAlexander Kanavin2022-02-231-2/+2
| | | | | | | | | | | | | In particular libffi was missing from native, which led to linking with host libffi instead. (From OE-Core rev: 61e38b71566183e329d980e26fe8ffe8d331c3a1) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 293c9f879252a814107579542e8fca9af9dde599) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain fileMartin Beeger2022-02-231-1/+0
| | | | | | | | | | | | | | | | | | As discussion in [YOCTO #14717] cmake contains a OEToolchainConfig.cmake file to configure the toolchain correctly in cross-compile build for recipes using cmake. The variable CMAKE_LDFLAGS_FLAGS is spelled incorrectly, cmake expects CMAKE_SHARED_LINKER_FLAGS, CMAKE_STATIC_LINKER_FLAGS, CMAKE_EXE_LINKER_FLAGS and CMAKE_MODULE_LINKER_FLAGS to be set instead. As cmake already correctly initializes these from environment there is no need to specify the linker flags in the toolchain file at all. So this just removes the variable, as its value was also set wrong. (From OE-Core rev: cf17fc284bcffe1d5b0797c733bcc2eb293a5d8f) Signed-off-by: Martin Beeger <martin.beeger@online.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 52e59a5b37f55905ee693a99f9ffc34ed41b4283) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: fix intermittent compression failure in do_package_write_rpmbkylerussell@gmail.com2022-02-232-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | rpmbuild can start processing random memory when processing the value provided by XZ_THREADS, and unintentionally disable encoding for a file descriptor that in fact requires encoding to be enabled in order for lzwrite() to actually create an rpm. *** Fdopen(0x7f2030002b30,w6T16.xzdio) | fdio 23 fp (nil) ==> lzopen_internal("w6T16", 23, 1) ==> lzopen_internal set encoding ==> lzopen_internal clear encoding ==> Fdopen(0x7f2030002b30,"w6T16.xzdio") returns fd 0x7f2030002b30 | xzdio 0x7f2030004e30 fp 23 | fdio -1 fp (nil) ==> lzwrite(0x7f2030004e30, 0x7f20789d8070, 6) encoding 0 ==> Fwrite(0x7f2030002b30,0x7f20789d8070,6) rc -1 | xzdio 0x7f2030004e30 fp 23 | fdio -1 fp (nil) error: create archive failed: cpio: write When the encoding bit gets cleared on the LZFILE* struct, lzwrite() then rightfully complains when it detects !lzfile->encoding, which then gets bubbled up as a write failure when we go to create the archive. This fix is available in the rpm 4.17-release. (From OE-Core rev: b093005d31467d89b00af621f86eb5cac7f845af) Signed-off-by: Kyle Russell <bkylerussell@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix CVE-2021-45078Sundeep KOKKONDA2022-02-232-0/+258
| | | | | | | | | | | | | | | | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=161e87d12167b1e36193385485c1f6ce92f74f02] (From OE-Core rev: be665a2279795c522cb3e3e700ea747efd885f95) (From OE-Core rev: 9793eac0988f10ec2e4cbe0e4fc494ff4dd29585) Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 823d25f5218836fb4298482366fbc5d05d822907) Signed-off-by: Purushottam Choudhary <purushottam.choudhary@kpit.com> Signed-off-by: Purushottam Choudhary <purushottamchoudhary29@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: Use specific BSD license variantJoshua Watt2022-02-161-1/+1
| | | | | | | | | | | | | | | | Make the license more accurate by specifying the specific variant of BSD license instead of the generic one. This helps with SPDX license attribution as "BSD" is not a valid SPDX license. (From OE-Core rev: 966fb77981e4fed0ab7998439940b1e05dd0ee43) (From OE-Core rev: a7fe869c49bdc2e9a2b69b763779a642dc0c6e35) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Nisha Parrakat <nisha.m.parrakat@bmw.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Backport Include members in the variable table used when resolving ↵Marek Vasut2022-02-162-0/+33
| | | | | | | | | | | | | | | | | | | | DW_AT_specification tags. Backport binutils upstream patch fixing sporadic link errors in c++ code. This triggers at least on arm32 and aarch64 with qt5 based applications. The ChangeLog part of the patch as well as space change is omitted. Binutils bug report for this problem is here: https://sourceware.org/bugzilla/show_bug.cgi?id=26520 (From OE-Core rev: 4aa6f775cd6c20c7296a2aab25ff462d581499d0) Signed-off-by: Marek Vasut <marex@denx.de> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Steve Sakoman <steve@sakoman.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* valgrind: skip flakey ptest (gdbserver_tests/hginfo)Steve Sakoman2022-01-222-0/+2
| | | | | | | | | | | | This ptest was already disabled in master branch with: valgrind: skip broken ptests for glibc 2.34 https://git.openembedded.org/openembedded-core/commit/?id=c177c7f9ef6f90ca49074f003accb8e9a1a645aa (From OE-Core rev: ead8809ab3182cda04495915551cf3f9b4f5d1f6) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bootchart2: remove wait_boot logicMingli Yu2021-12-302-0/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When boot with "init=/sbin/bootchartd" as below: # runqemu qemux86 bootparams="init=/sbin/bootchartd" There are two bootchartd process after boot [1]. # ps -ef | grep bootchart root 101 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd root 103 101 8 03:27 ? 00:00:02 /lib64/bootchart/bootchart-collector 50 root 106 1 0 03:27 ? 00:00:00 /bin/sh /sbin/bootchartd root 792 106 0 03:27 ? 00:00:00 /lib64/bootchart/bootchart-collector --usleep 1000000 root 794 725 0 03:27 ttyS0 00:00:00 grep bootchart # /sbin/bootchartd stop [bootchart] bootchart-collector started as pid 596 with 2 args: [bootchart] '--dump' [bootchart] '/tmp/bootchart.3lXpVDAq3v' [bootchart] Extracting profile data from pid 204 [bootchart] map 0xbed9a000 -> 0xbedbb000 size: 132k from 'bed9a000' 'bedbb000' [bootchart] read 135168 bytes of 135168 [bootchart] reading 150 chunks (of 150) ... [bootchart] wrote 18760 kbB [bootchart] bootchart-collector pid: 596 unmounted proc / clean exit But there still one process exist after the above stop command finish. # ps -ef | grep bootchartd root 202 1 0 09:09 ? 00:00:00 /bin/sh /sbin/bootchartd root 629 516 0 09:10 ? 00:00:00 grep bootchartd Remove the wait_boot which used to wait the boot process to finish to make sure only one bootchartd process and meanwhile we don't need the wait_boot logic because we either use "/sbin/bootchartd stop" to stop the bootchartd manually or install package bootchartd-stop-initscript altogether with bootchart2 to stop bootchartd automatically after boot. After patch: # ps -ef | grep bootchart root 101 1 0 03:36 ? 00:00:00 /bin/sh /sbin/bootchartd root 103 101 6 03:36 ? 00:00:04 /lib64/bootchart/bootchart-collector 50 root 596 592 0 03:37 ttyS0 00:00:00 grep bootchart [1] https://github.com/xrmx/bootchart/issues/94 (From OE-Core rev: 058d6f5e6186c136c834fdb1303e28c6b9402ccd) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cc34e3bdedc045baf97ebc2258295d9433cb332e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Add CVE-2021-37322 to the list of CVEs to ignoreRichard Purdie2021-12-141-0/+3
| | | | | | | | | | | The CVE applies to binutils 2.26 and not to gcc so ignore there. (From OE-Core rev: 71a6d3c31775c6b2db38e194992e0ffce637c827) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: FindGTest: Add target for gmock libraryEero Aaltonen2021-12-082-0/+256
| | | | | | | | | | | | | | | | | | | | | | | | `googlemock` has been absorbed into the [googletest](https://github.com/google/googletest) project and is built and installed from the same source tree. `googletest` has provided a CMake Config-file Package starting with GTest 1.8.1. `find_package(GTest ...)` by default dispatches first to CMake Find Module. Starting with CMake commit 2327b4330cce157d616ff8b611b3e77568d00351 in CMake v3.20.0 the module dispatches onward to the Config-file Package so that the same targets are available. In pre v3.20.0 versions of CMake however the Find Module masks the targets provided by the upstream `GTest` package. Update `Modules/FindGTest.cmake` to provide the same targets as the CMake Config-file Package and backwards compatible targets and result variables. (From OE-Core rev: 3b05fb01ec0e51c85d8ed62618467e57be91b928) Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dnf: Backport bugfix for upgradeJate Sujjavanich2021-12-082-0/+61
| | | | | | | | | | | | | Keep installed packages in upgrade job This prevents duplicate identical packages from being reinstalled with each upgrade (From OE-Core rev: 87c413d2a9554412d02dee4534febfafdbe4a4c1) Signed-off-by: Jate Sujjavanich <jatedev@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libdnf: Backport bugfix for upgrade calcJate Sujjavanich2021-12-082-0/+59
| | | | | | | | | | | | Mark goal.upgrade with sltr as targeted This allows a bugfix in dnf to work (From OE-Core rev: f17edb6854985ffb1a43b8288253f9618334fc3f) Signed-off-by: Jate Sujjavanich <jatedev@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: fix CVE-2021-40330Minjae Kim2021-12-022-1/+111
| | | | | | | | | | | | | | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. Upstream-Status: Backport [https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473] CVE: CVE-2021-40330 (From OE-Core rev: ea0d7ef4a8c9bba94bd603ebd19e502faa86293b) Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.8.11 -> 3.8.12Marta Rybczynska2021-12-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release Date: Aug. 30, 2021 This is a security release of Python 3.8 Note: The release you're looking at is Python 3.8.12, a security bugfix release for the legacy 3.8 series. Python 3.10 is now the latest feature release series of Python 3. Get the latest release of 3.10.x here. Security content in this release contains four fixes. There are also four additional fixes for bugs that might have lead to denial-of-service attacks. Finally, while we're not providing binary installers anymore, for those users who produce installers, we upgraded the OpenSSL version used to 1.1.1l. Take a look at the change log for details. According to the release calendar specified in PEP 569, Python 3.8 is now in the "security fixes only" stage of its life cycle: 3.8 branch only accepts security fixes and releases of those are made irregularly in source-only form until October 2024. Python 3.8 isn't receiving regular bug fixes anymore, and binary installers are no longer provided for it. Python 3.8.10 was the last full bugfix release of Python 3.8 with binary installers. This release includes a fix for CVE-2021-29921. References: https://docs.python.org/release/3.8.12/whatsnew/changelog.html#changelog (From OE-Core rev: ff52cf448c5e26246f8637d0b8957c5c479fa389) Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add fcntl64 wrapperRichard Purdie2021-11-151-1/+1
| | | | | | | | | | | | Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find command in the libtool removal code when built with LFS compile flags on Gentoo. (From OE-Core rev: c87d2dd8ec10d8164b0bff4307ea66f41b3360d4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Add in ability to flush database with shutdown requestRichard Purdie2021-11-151-1/+1
| | | | | | | | | | | | | Pulls in: pseudo_db: Flush DB if there is a shutdown request fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix) (From OE-Core rev: 649333a0d1bd5be4d5fb8a494e06686e08d291be) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-magic: add missing DEPENDSSteve Sakoman2021-11-151-0/+2
| | | | | | | | | | | | | | Since file-native is ASSUME_PROVIDED magic.mgc is not being staged. As a result diffoscope-native is failing with: magic.MagicException: b'could not find any valid magic files! Fix this by adding dependency on file-replacement-native (From OE-Core rev: dcd8294f826f6e061cdd01c6c3594789ed46732e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-magic: add the missing rdependsMingli Yu2021-11-151-1/+4
| | | | | | | | | | | | | | | | | | Add the missing rdepends to fix below error: # python3 [snip] >>> import magic [snip] ModuleNotFoundError: No module named 'ctypes' ModuleNotFoundError: No module named 'tempfile' (From OE-Core rev: ba5562d34653fa6b5819dbc8ca80a42167c38c96) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 115791844124bdddfbaec9d75bb887ef35c41f20) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Add explict branch to git SRC_URIs, handle github url changesSteve Sakoman2021-11-1123-23/+23
| | | | | | | | | | | | | | | | | | | | This update was made with the convert-scruri.py script in scripts/contrib This script handles two emerging issues: 1. There is uncertainty about the default branch name in git going forward. To try and cover the different possible outcomes, add branch names to all git:// and gitsm:// SRC_URI entries. 2. Github are dropping support for git:// protocol fetching, so remap github urls as needed. For more details see: https://github.blog/2021-09-01-improving-git-protocol-security-github/ (From OE-Core rev: 827a805349f9732b2a5fa9184dc7922af36de327) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Fix determinism issueRichard Purdie2021-11-032-1/+37
| | | | | | | | | (From OE-Core rev: 3b517d9e05d95c4a2ceb50f4bc07205f1b8f1e14) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9ae740939f8315c64fe7571f912404127a29dc89) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Deterministically set vendor macro entryRichard Purdie2021-10-291-1/+2
| | | | | | | | | | | | | | | | On an aarch64 build host, vendor is found to be "unknown", on x86 systems it is "pc". This filters through to the PLATFORM tag in target rpms. We saw reproducibility test failures where the PLATFORM tags in noarch rpms were changing depending upon which host built them. Forcing the vendor value to a consistent one makes things deterministic. (From OE-Core rev: b7dfe230b9b40145f43fa0bd42be82ae41a3ef3e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f6434075b2bdfc23c683d22281b674b1e6abde77) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Add a fix for a make install raceRichard Purdie2021-10-232-0/+24
| | | | | | | | | | | | Add a fix for reproducibility issues where pyc files for python-config.py may not always be generated. (From OE-Core rev: 917f800368c6d452670d3ccf74057afae98013b0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d1c3a87c48b598b6e5624d0affe8bd89320631bf) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtool: Allow libtool-cross to reproduceRichard Purdie2021-10-232-1/+2
| | | | | | | | | | | | The hostname removal from the script is useful to make libtool-cross reproduce. Apply the patch everywhere as it doesn't cause any issues. (From OE-Core rev: f1cc4b8d7503331f04d3f217ae67d0fd4cc483c5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3c61c6f20187154d677085fc9ccdcd762d4cdf3a) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtool: Fix lto option passing for reproducible buildsRichard Purdie2021-10-232-0/+23
| | | | | | | | | | | | If lto is enabled, we need the prefix-map variables to be passed to the linker. Add these to the list of options libtool passes through. (From OE-Core rev: 3dcc84e37ce7e94e746304ee2a4437251af0ae41) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2c26d2c00b47df856fb2d9c35486b135094d46ac) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nativesdk-pseudo: Fix to work with glibc 2.34 systemsHongxu Jia2021-10-232-15/+26
| | | | | | | | | | | | | | | | | | | | | | | Since commit [df313aa810 pseudo: Fix to work with glibc 2.34 systems] applied, it fixed native only. And nativesdk has the similar issue Tweak library search order, make prebuilt lib ahead of recipe lib, after apply the fix: ... $ readelf -a lib/pseudo/lib64/libpseudo.so | grep 'Shared library' 0x0000000000000001 (NEEDED) Shared library: [libdl.so.2] 0x0000000000000001 (NEEDED) Shared library:[libpthread.so.0] 0x0000000000000001 (NEEDED) Shared library: [libc.so.6] ... (From OE-Core rev: b7d269c84838f646b2915e7ff66d81db0bc16b9e) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d6d116b5db78645958ea30be3d0572e0f6d7bd92) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Update with fcntl and glibc 2.34 fixesRichard Purdie2021-10-231-1/+1
| | | | | | | | | | | | | | | | | | | Pull in the following changes: * ports/linux/guts: Add closefrom support for glibc 2.34 * pseudo_client: Make msg static in pseudo_op_client * ports/linux/guts: Add close_range wrapper for glibc 2.34 * pseudo_client: Do not pass null argument to pseudo_diag() * test-openat: Consider device as well as inode number * test: Add missing test-statx test case * fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (From OE-Core rev: 63afcafef78f3d3b95c0d0c9746f9d627b6291c3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 71b549924a7fa7973a8e03e11f3db45fdc29889d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Fix to work with glibc 2.34 systemsRichard Purdie2021-10-233-0/+73
| | | | | | | | | | | | The merge of libdl into libc in glibc 2.34 causes problems for pseudo. Add a fix that works around this issue. (From OE-Core rev: 449bb53b3ebfc838ba674c1c3a39407620103c8d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dd3e46a043c81cd4d81731a0f691868d3c059742) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* m4: Do not use SIGSTKSZKhem Raj2021-10-232-0/+85
| | | | | | | | | | | | | | | Fixes ../../m4-1.4.18/lib/c-stack.c:55:26: error: missing binary operator before token "(" 55 | #elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384 | ^~~~~~~~ (From OE-Core rev: 6417148072640000b119a59aeb70e904ffa5e5d7) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44ca8edd622782733d507e20a3d5ee9e44eb8be4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: fix missing dependencies for selftestsSteve Sakoman2021-10-232-0/+46
| | | | | | | | | | | Building GCC with multiple make jobs appears to trigger a race condition. The build fails with: /bin/bash: TOPDIR/tmp/work/x86_64-linux/gcc-cross-i686/9.3.0-r0/gcc-9.3.0/build.x86_64-linux.i686-poky-linux/./gcc/xgcc: No such file or directory (From OE-Core rev: 5690d18bb6a9a61a81ccd0bc28d1ace4181d1921) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: Fix a missing break in case statementChristian Eggers2021-10-231-13/+13
| | | | | | | | | | | | This was missed during patch forward porting its only effective when printing options (From OE-Core rev: a4983b98782122e097c3597248f69db3e858c0d2) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: upgrade 1.45.6 -> 1.45.7Wang Mingyu2021-10-231-1/+1
| | | | | | | | | | | | | 0001-fix-up-check-for-hardlinks-always-false-if-inode-0xF.patch removed since it is included in 1.45.7 (From OE-Core rev: d4ec2802306b901d00bc88ea1452c21c00d0914f) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f51835e022731d1c0e8e18209e48f1a718048977) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: update to 1.45.6Alexander Kanavin2021-10-237-230/+3
| | | | | | | | | | | | | Drop backports, and also 0001-misc-create_inode.c-set-dir-s-mode-correctly.patch as upstream code has been refactored. (From OE-Core rev: 53947537ed5ab5f9fd213a6fb4295740b5a2ca6b) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit da9fec8592db913d13af3a936ab518e93496be3e) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mtd-utils: upgrade 2.1.2 -> 2.1.3Stefano Babic2021-10-071-4/+2
| | | | | | | | | | | | | | | | Drop also --enable-install-tests from configuration options because this was removed in 2.1.3. (cherry picked from commit c95c852b84f02f5e2ad5c575ab683bba0471f221) (From OE-Core rev: 809b3a22a56d794c3ae5f82d4a4a6a5c889ed42e) Signed-off-by: Stefano Babic <sbabic@denx.de> CC: David Oberhollenzer <david.oberhollenzer@sigma-star.at> CC: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mtd-utils: upgrade 2.1.1 -> 2.1.2Richard Purdie2021-10-072-66/+3
| | | | | | | | | | | Drop backported patch. (cherry picked from commit e38fd1ac331d824b2db94a7ae46026b111257e83) (From OE-Core rev: 721a0e475d4ce5054a74e2a7408d49470264bd29) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Handle proper return value to avoid major issuesRanjitsinh Rathod2021-09-301-11/+14
| | | | | | | | | | | | | | | | | 0001-rpm-rpmio.c-restrict-virtual-memory-usage-if-limit-s.patch changed to avoid critical issues Handled return values of getrlimit() and lzma_cputhreads() functions to avoid unexpected behaviours like devide by zero and potential read of uninitialized variable 'virtual_memory' Upstream-Status: Pending [merge of multithreading patches to upstream] (From OE-Core rev: ad080aadbc409c99511d602e0531952b96c06bbf) Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5aae9c2cb464350bc443a0f60fd6602942e61f46) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: fix CVE-2021-40153Kai Kang2021-09-302-0/+254
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: http://git.yoctoproject.org/poky.git MR: 113126 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=hardknott&id=cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 ChangeID: cfc17a7ab5d3b0d6354a7194b8c8746c501959d9 Description: Backport patch to fix CVE-2021-40153, and remove version update in unsquashfs.c for compatible. CVE: CVE-2021-40153 Ref: * https://security-tracker.debian.org/tracker/CVE-2021-40153 (From OE-Core rev: 09de4ef3f33540069a37e9fe6e13081984b77511) (From OE-Core rev: 48303d1c93cfcadf80830d07597805cc41d5f7e9) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2021-3682Sakib Sajal2021-09-302-0/+42
| | | | | | | | | | | | | | | | | | | | Source: https://git.yoctoproject.org/git/poky MR: 112369 Type: Security Fix Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?id=48960ce56265e9ec7ec352c0d0fcde6ed44569be ChangeID: 799afc7adf3f2c915751744b618e38cccb01d854 Description: (From OE-Core rev: e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036) (From OE-Core rev: f515c00c995b90a6d583f0e6162aa8fba8005a67) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 48960ce56265e9ec7ec352c0d0fcde6ed44569be) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix for CVE-2020-28916Armin Kuster2021-09-302-0/+49
| | | | | | | | | | | | | | | | | Source: qemu.org MR: 107262 Type: Security Fix Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a ChangeID: 3024b894ab045c1a74ab2276359d5e599ec9e822 Description: Affects qemu < 5.0.0 (From OE-Core rev: 55aa94e9185ecd93612c64cdd982a89d633284e2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-08 09:25:54 +0000