Richard,
This is a set of patches that has been through the AB and tested locally
Please review and update the daisy branch.
Thanks
Sau!
The following changes since commit ca2773b19db4881abe5244c373d94ff05cd2684f:
gnutls: patch for CVE-2014-3466 backported (2014-06-06 10:26:56
Richard,
Here is a set up patches and updates that have been run through
the AB and tested locally.
Please merge as you see fit.
Thanks
Sau!
The following changes since commit a3ee9cc7aebaecfa2223552a2c1865a9337de664:
wic: check if BBLAYERS is valid before use (2014-06-06 10:29:22
On 2014年06月07日 02:11, Saul Wold wrote:
On 06/04/2014 12:45 AM, Wenlin Kang wrote:
There was an ignored error while building bash, causing the po/
directory not built out correctly, the log follow:
make[1]: *** No rule to make target `/config.status',
needed by `Makefile'. Stop.
make:
There was an ignored error while building bash, causing the po/
directory not built out correctly, the log follow:
make[1]: *** No rule to make target `/config.status',
needed by `Makefile'. Stop.
make: [installdirs] Error 2 (ignored)
The cause is that some variable,PACKAGE and VERSION don't be
Changes from V1:
1. add Signed-off-by: tag
2. remake the patch, make it can apply correctly
Wenlin Kang (1):
bash: fix to build bash/po/ correctly
.../bash/bash/fix-to-build-po-correctly.patch | 87
meta/recipes-extended/bash/bash_4.3.bb |1 +
2
Currently, setting GLIBC_GENERATE_LOCALES to the empty string means that
all supported binary locales are generated.
Improve the situation by adding a weak assignment to all,
in order to keep current default behaviour when GLIBC_GENERATE_LOCALES
is not set by the user, and change the code to do
Install sed test suite and run it as ptest.
Signed-off-by: Chong Lu chong...@windriver.com
---
meta/recipes-extended/sed/sed-4.2.2/run-ptest | 3 +
.../sed/sed-4.2.2/sed-add-ptest.patch | 66 ++
meta/recipes-extended/sed/sed_4.2.2.bb | 21
root@qemuarm:/usr/lib/sed/ptest# ./run-ptest
make: Entering directory '/usr/lib/sed/ptest/testsuite'
PASS: bug-regex7
PASS: bug-regex8
PASS: bug-regex9
PASS: bug-regex10
PASS: bug-regex11
PASS: bug-regex12
PASS: bug-regex13
..
PASS: file
PASS: quiet
PASS: factor
PASS: binary3
PASS: binary2
Hi there,
On Saturday 07 June 2014 14:27:02 Yao Xinpan wrote:
The following bugs had been fixed in 1.0.1h:
CVE-2014-0224, CVE-2014-0221, CVE-2014-3470
CVE-2014-0198, CVE-2010-5298.
Signed-off-by: Yao Xinpan ya...@cn.fujitsu.com
Signed-off-by: Lei Maohui leimao...@cn.fujitsu.com
---
On 7 June 2014 11:50, Khem Raj raj.k...@gmail.com wrote:
On Fri, Jun 6, 2014 at 8:48 AM, Ross Burton ross.bur...@intel.com wrote:
-PACKAGES += gawk-common pgawk dgawk
would it make sense to have RPROVIDES
dgawk and pgawk were debugging and profiling gawk frontends, and
whilst the new gawk
-Original Message-
From: Stefan Stanacar [mailto:sst...@gmail.com]
Sent: Saturday, June 07, 2014 3:39 PM
To: Stoicescu, CorneliuX
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH V2 6/7] controllers/masterimage.py: Make
testimage kernel naming pattern
-Original Message-
From: Stefan Stanacar [mailto:sst...@gmail.com]
Sent: Saturday, June 07, 2014 5:09 PM
To: Stoicescu, CorneliuX
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH V2 7/7] scripts/test-remote-image: Add script
for running runtime tests on
After chatting with some colleagues in the graphics team I've decided
that we should have support for DRI3, but not enable it by default
(there's presently regressions compared to DRI2).
Ross
On 6 June 2014 16:31, Valentin Popa valentin.p...@intel.com wrote:
Don't let xorg-xserver to
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Peter Kjellerstedt
Sent: den 23 maj 2014 12:38
To: OE Core (openembedded-core@lists.openembedded.org)
Subject: Re: [OE-core] Using
On Mon, Jun 09, 2014 at 03:39:46PM +0200, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Peter Kjellerstedt
Sent: den 23 maj 2014 12:38
To: OE Core
Hi,
This series is mostly based on Valentin's Mesa upgrade with some tweaks to the
Python, a build fix, and changing DRI3 to be disabled rather than enabled. I
spoke to a few colleagues who work on the graphics system and the conclusion was
that DRI3 isn't ready to replace DRI2 just yet.
Ross
glapi/gen needs the libxml2 Python module, but this isn't listed as a build
dependency.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-graphics/mesa/mesa.inc |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/mesa/mesa.inc
Add a PACKAGECONFIG for DRI3 but don't enable it yet.
Based on a patch by Valentin Popa valentin.p...@intel.com.
[YOCTO #6402]
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-graphics/xorg-xserver/xserver-xorg.inc |1 +
1 file changed, 1 insertion(+)
diff --git
From: Valentin Popa valentin.p...@intel.com
libdricore was removed and replaced with a megadriver with hardlinks from the
old driver names.
Add PACKAGECONFIG for DRI3 but disable by default as there are currently
regressions compared to DRI2.
License is unchanged.
Signed-off-by: Valentin Popa
This recipe will create 1 package for config files, we could optionally add
a bbclass file to ensure consistency with RRECOMMENDS_ = =conf
This is a work in progress, the do_install might even beable to automagically
generated. We don't want to create a bbclass for these since it will cause
the
On 6/9/14, 8:39 AM, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Peter Kjellerstedt
Sent: den 23 maj 2014 12:38
To: OE Core
On 6/9/14, 8:52 AM, Martin Jansa wrote:
On Mon, Jun 09, 2014 at 03:39:46PM +0200, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Peter Kjellerstedt
Sent: den 23
On Mon, Jun 09, 2014 at 09:50:23AM -0500, Mark Hatle wrote:
On 6/9/14, 8:52 AM, Martin Jansa wrote:
On Mon, Jun 09, 2014 at 03:39:46PM +0200, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
OpenSSL upgrade for master including a number of CVE fixes, plus a fix
for some of the ptest tests.
The following changes since commit a3ee9cc7aebaecfa2223552a2c1865a9337de664:
wic: check if BBLAYERS is valid before use (2014-06-06 10:29:22 +0100)
are available in the git repository at:
The tests are installed to $libexecdir not $libdir/gdk-pixbuf. By default these
are the same location but they can be changed independently.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.7.bb |2 +-
1 file changed, 1 insertion(+), 1
The tests are installed to $libexecdir not $libdir/glib-2.0. By default these
are the same location but they can be changed independently.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-core/glib-2.0/glib.inc |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
Fixes the following security issues:
* CVE-2014-0224
* CVE-2014-0221
* CVE-2014-0195
* CVE-2014-3470
The patch for CVE-2010-5298, CVE-2014-0198 and a fix for building the
documentation are integrated upstream in this release and so were
dropped. Additionally, a patch from upstream was added in
Add some missing dependencies and fix the Makefile in order to get most
of the ptest tests working (specifically test_bn, test_verify, test_cms,
test_srp and test_heartbeat). test_verify still fails for unknown
reasons (perhaps some of the now expired certificates weren't meant to
have expired as
NOTE: These patches needs to be applied *after* the OpenSSL
CVE-2010-5298 patch fix in Saul's pending daisy series (which is in
the branch for this pull request or it would not work otherwise.)
The following changes since commit:
openssl: add openssl-CVE-2010-5298.patch SRC_URI (2014-06-09
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora,
which is the same as the patch which was actually applied upstream for
the issue, i.e.:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b107586c0c3447ea22dba8698ebbcd81bb29d48c
Signed-off-by: Paul Eggleton
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.
Only applications using
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.
(Patch borrowed from Fedora.)
Signed-off-by:
From: Yue Tao yue@windriver.com
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
attackers to inject data across sessions or cause a denial of service
(use-after-free and parsing error) via an SSL
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.
(Patch borrowed from Fedora.)
Signed-off-by:
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.
Only applications using
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora,
which is the same as the patch which was actually applied upstream for
the issue, i.e.:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b107586c0c3447ea22dba8698ebbcd81bb29d48c
Signed-off-by: Paul Eggleton
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a
The following changes since commit 68da848e0f7f026bf18707d8d59143177ff66f9b:
gnutls: patch for CVE-2014-3466 backported (2014-06-06 10:27:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib paule/openssl-dora
These are the exact same patches as in the dora series, so for the sake
of people's inboxes I won't repeat them.
The following changes since commit 7ff1924674871d604f9656f3928b91dc417c7246:
gnutls: patch for CVE-2014-3466 backported (2014-06-06 10:27:23 +0100)
are available in the git
Fontconfig doesn't need to be passed large file flags through CPPFLAGS because
it's configure script uses AC_SYS_LARGEFILE.
This reverts commit 5a49a24d35794fcf9e3895469a67db992a52305e.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-graphics/fontconfig/fontconfig_2.11.1.bb |
From: Khem Raj raj.k...@gmail.com
It seems that 585324fee380109acd9986388f857f413a60b896 is no
longer there in git and it has been rewritten to
ffc3ad4945da69f3caa2b40e4eed715a9a8d9526
Change-Id: I9ffe8bd9bcef0d2dc5e6f6d3a6e4317bada8f4be
(From OE-Core rev:
The following changes since commit 68da848e0f7f026bf18707d8d59143177ff66f9b:
gnutls: patch for CVE-2014-3466 backported (2014-06-06 10:27:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib paule/x264-dora
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Mark Hatle
Sent: den 9 juni 2014 16:47
To: Peter Kjellerstedt; OE Core (openembedded-
c...@lists.openembedded.org)
Subject: Re: [OE-core]
On 6/9/14, 11:47 AM, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-core-boun...@lists.openembedded.org
[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
Mark Hatle
Sent: den 9 juni 2014 16:47
To: Peter Kjellerstedt; OE Core (openembedded-
Changelog since 2014-06-01 until 2014-06-08. Projects included in this report:
bitbake: git://git.openembedded.org/bitbake
openembedded-core: git://git.openembedded.org/openembedded-core
meta-openembedded: git://git.openembedded.org/meta-openembedded
meta-angstrom:
Saul,
I found a fix from cups.org to address this. I have back ported the
patch and will submit a v2 cups patch
thanks,
- Armin
On 06/07/2014 09:02 PM, Saul Wold wrote:
On 06/07/2014 07:30 AM, Armin Kuster wrote:
The follwing error was seen when no crypt dependency was included.
In file
backported patch from cups.org to address the cryto dependency issue I am
seeing.
http://www.cups.org/str.php?L4399
Signed-off-by: Armin Kuster akus...@mvista.com
---
meta/recipes-extended/cups/cups.inc| 1 +
.../cups/cups/cups-no-gcrypt.patch | 40
On 06/09/2014 01:26 PM, Armin Kuster wrote:
backported patch from cups.org to address the cryto dependency issue I am
seeing.
http://www.cups.org/str.php?L4399
Signed-off-by: Armin Kuster akus...@mvista.com
---
meta/recipes-extended/cups/cups.inc| 1 +
[CUPS Ticket #4399] -- http://www.cups.org/str.php?L4399
Upstream-Status: Backport
Backported from http://www.cups.org/strfiles.php/3308/cups-no-gcrypt.patch
This addresses the cryto dependency seen during build.
Signed-off-by: Armin Kuster akus...@mvista.com
---
Saul,
Thanks. I have booked marked
http://openembedded.org/wiki/Commit_Patch_Message_Guidelines
and maybe I will to remember to review that.
- Armin
On 06/09/2014 01:43 PM, Saul Wold wrote:
On 06/09/2014 01:26 PM, Armin Kuster wrote:
backported patch from cups.org to address the cryto
On 06/09/2014 02:01 PM, Armin Kuster wrote:
[CUPS Ticket #4399] -- http://www.cups.org/str.php?L4399
Upstream-Status: Backport
Sorry, I was not clear, this should be in the .patch file itself, not in
the commit message. Also the .patch file needs your Signed-off-by (so
its in 2 places,
* some kernels depends on newt, some on slang and some on boths
* changing TUI_DEFINES is not necessary, because NO_NEWT is
compatible with all kernels
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold henn...@itconsulting-heinold.de
---
meta/recipes-kernel/perf/perf.bb | 2
This series improves the packaging of perf,
by splitting it up. So only the scripts
which needs python, perl or bash have the needed dependencies.
One minor bug in shell comparsion was fixed.
Slang was added for tui so it will work with older and newer kernels.
I tested the series for perf top
* some fundamental perf commands can work
without the dependency on perl, python or bash
make them separate packages and RSUGGEST them
* bump PR
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold henn...@itconsulting-heinold.de
---
meta/recipes-kernel/perf/perf.bb | 22
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold henn...@itconsulting-heinold.de
---
meta/recipes-kernel/perf/perf.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb
index adbecfd..74686ca
I'd like to make sure everyone is aware this meeting takes place. Also,
if you have an interest in the next release, be sure to look at:
https://wiki.yoctoproject.org/wiki/Yocto_Project_v1.7_Status
If you see any features you'd like to help with, I am sure RP would like
to talk to you.
Philip
When describing something as broken in the short log, it's typically a good
idea to also include the symptoms, and the fix. That way the log will tell
someone experience a particular problem that this change indeed addresses
their problem.
Bruce
On Mon, Jun 9, 2014 at 5:21 PM, Henning Heinold
Backported from http://www.cups.org/strfiles.php/3308/cups-no-gcrypt.patch
This addresses the cryto dependency seen during build.
Signed-off-by: Armin Kuster akus...@mvista.com
---
meta/recipes-extended/cups/cups.inc| 1 +
.../cups/cups/cups-no-gcrypt.patch | 49
This commit detects the root home directory dynamically with changes to
the opcontrol script and the oprofile gui app source.
The commit replaces an earlier fix that detected and adjusted a
'non-standard' root home directory at build time. The advantage of this
patch is that the oprofile tools
62 matches
Mail list logo
