From: Sean Nyekjaer
Based on poky master, but for version 1.35
Signed-off-by: Sean Nyekjaer
Signed-off-by: Armin Kuster
---
.../libgpg-error-1.35-gawk5-support.patch | 161 +
.../libgpg-error/libgpg-error_1.35.bb | 1 +
2 files changed, 162
bit
libtool, for example.
Make extended recipes reduce priority by 1 (or 2, 3 ... when there are multiple
variants in MULTILIB_VARIANTS) to fix the problem.
[YOCTO #13418]
Signed-off-by: Robert Yang
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
From: Alexander Kanavin
Previously it was also called on filelists and possibly other items which
broke the parser.
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/lib/oe/buildhistory_analysis.py | 2 +-
1 file changed, 1 insertion(+), 1
From: Andrii Bordunov via Openembedded-core
Signed-off-by: Kevin Weng
Signed-off-by: Armin Kuster
---
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 47 ++
meta/recipes-core/glib-2.0/glib-2.0_2.58.0.bb | 1 +
2 files changed, 48 insertions(+)
create mode
fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-1
binutils: Security fix for CVE-2019-12972
bind: update to latest LTS 9.11.5
go: update to 1.11.13, minor updates
dhcp: fix issue with new bind changes
Bartosz Golaszew
d-off-by: Armin Kuster
---
...error-messages-when-qemi_cpu_kick_thread-.patch | 19 +-
...fix-to-handle-variably-sized-SIOCGSTAMP-w.patch | 336 +
meta/recipes-devtools/qemu/qemu_3.0.0.bb | 1 +
3 files changed, 346 insertions(+), 10 deletions(-)
create mode 100644
From: Andrii Bordunov via Openembedded-core
Signed-off-by: Kevin Weng
Signed-off-by: Armin Kuster
---
.../libcomps/libcomps/CVE-2019-3817.patch | 97 ++
meta/recipes-devtools/libcomps/libcomps_git.bb | 1 +
2 files changed, 98 insertions(+)
create mode
From: Andrii Bordunov via Openembedded-core
Signed-off-by: Kevin Weng
Signed-off-by: Armin Kuster
---
meta/recipes-core/dbus/dbus/CVE-2019-12749.patch | 127 +++
meta/recipes-core/dbus/dbus_1.12.10.bb | 1 +
2 files changed, 128 insertions(+)
create mode
From: Armin Kuster
Source: gcc.org
MR: 99120
Type: Security Fix
Disposition: Backport from
https://gcc.gnu.org/viewcvs?rev=273794&root=gcc&view=rev
ChangeID: 28ab763c18f1543607181cd9657f45f7752b6fcb
Description:
Affects < 9.2
Signed-off-by: Armin Kuster
Signed-off-by: Armin Kuster
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../patch/patch/CVE-2019-13636.patch | 113 +
meta/recipes-devtools/patch/patch_2.7.6.bb | 1 +
2 files changed, 114 insertions(+)
create mode 100644 meta/recipes-devtools
From: Anuj Mittal
CVE-2019-9947 is same as CVE-2019-9740 and mark it as such. See:
https://bugs.python.org/issue30458
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../python/python3/CVE-2019-9740.patch | 155 +
meta/recipes-devtools/python
From: Andrii Bordunov via Openembedded-core
Signed-off-by: Kevin Weng
Signed-off-by: Armin Kuster
---
.../recipes-support/curl/curl/CVE-2018-16890.patch | 50
meta/recipes-support/curl/curl/CVE-2019-3822.patch | 47 ++
meta/recipes-support/curl/curl/CVE
From: Armin Kuster
Source: bind.org
MR: 99750
Type: Security Fix
Disposition: Backport from bind.org
ChangeID: bca5c436229f1b8c7e8eb3e45fc6188ffdb5e224
Description:
includes:
CVE-2018-5738
drop patch for CVE-2018-5740 now included in update
see: https://ftp.isc.org/isc/bind9/9.11.5/RELEASE
From: Armin Kuster
Source: golang.org
MR: 99376
Type: Security Fix
Disposition: Backport from golang.org
ChangeID: 41576ab4a0abdebbc44f1a35a83bf04e5f2fde06
Description:
https://golang.org/doc/devel/release.html
go1.11.11 (released 2019/06/11) includes a fix to the crypto/x509 package. See
the
xes CVE-2019-1
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/binutils/binutils-2.31.inc | 1 +
.../binutils/binutils/CVE-2019-1.patch | 33 ++
2 files changed, 34 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2019-14
be01
Description:
Bugfix-only compared to 9.11.5, mostly CVE fixes.
COPYRIGHT checksum changed due to 2018 -> 2019.
Signed-off-by: Adrian Bunk
Signed-off-by: Richard Purdie
[Included cves:
CVE-2018-5744
CVE-2018-5745
CVE-2019-6465
]
Signed-off-by: Armin Kuster
---
.../recipes-connectivi
Signed-off-by: Armin Kuster
---
...eplace-custom-isc_boolean_t-with-C-standa.patch | 2882
meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb |1 +
2 files changed, 2883 insertions(+)
create mode 100644
meta/recipes-connectivity/dhcp/dhcp/0001-dhcpd-fix-Replace-custom
From: Armin Kuster
Source: git://sourceware.org / binutils-gdb.git
MR: 98770
Type: Security Fix
Disposition: Backport from
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031
ChangeID: 7ced6bffbe01cbeadf50177eb332eef514baa19c
Description:
Fixes
From: Dan Tran
Fixes CVE-2018-20852, CVE-2019-9740, and CVE-2019-9747
Signed-off-by: Dan Tran
Signed-off-by: Armin Kuster
---
.../python/python/bpo-30458-cve-2019-9740.patch| 219 +
.../python/python/bpo-35121-cve-2018-20852.patch | 127
meta/recipes
From: Dan Tran
Fixes CVE-2018-20623, CVE-2018-20651, CVE-2018-20-671, and
CVE-2018-1000876 for binutils 2.31.1.
Signed-off-by: Dan Tran
[fixed up .inc for thud-next context]
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/binutils/binutils-2.31.inc | 4 +
.../binutils/binutils/CVE
From: Dan Tran
Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636,
CVE-2019-9740, and CVE-2019-9747.
Signed-off-by: Dan Tran
Signed-off-by: Armin Kuster
---
.../python/python3/CVE-2018-14647.patch| 95 +
.../python/python3/CVE-2018-20406.patch
From: Muminul Islam
Signed-off-by: Muminul Islam
Signed-off-by: Armin Kuster
---
.../libxslt/libxslt/CVE-2019-11068.patch | 128 +
meta/recipes-support/libxslt/libxslt_1.1.32.bb | 1 +
2 files changed, 129 insertions(+)
create mode 100644 meta/recipes
From: Anuj Mittal
(From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
[Fixup for thud context]
Signed-off-by: Armin Kuster
---
.../libxslt/files/CVE-2019-13117.patch | 33 ++
.../libxslt/files/CVE-2019
From: Anuj Mittal
The original fix for CVE-2018-1000156 was incomplete. Backport more
fixes done later for a complete fix.
Also see:
https://savannah.gnu.org/bugs/index.php?53820
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
(cherry picked from commit
From: Trevor Gamblin
(From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781)
Signed-off-by: Trevor Gamblin
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
(cherry picked from commit 555b0642579c00c41bc3daab9cef08452f9834d5)
Signed-off-by: Armin Kuster
---
...ke-ed-directly
From: Bruce Ashfield
Updating to the latest 4.14 -stable. Lightly build and boot tested
on qemu*
Signed-off-by: Bruce Ashfield
Signed-off-by: Armin Kuster
---
meta/recipes-kernel/linux/linux-yocto-rt_4.14.bb | 6 +++---
meta/recipes-kernel/linux/linux-yocto-tiny_4.14.bb | 6 +++---
meta
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
(cherry picked from commit 65631a048f57965745dc8cc23cb80c4c3a71ba94)
[Fix up for thud context]
Signed-off-by: Armin Kuster
---
.../pango/pango/CVE-2019-1010238.patch | 38 ++
meta/recipes
From: Anuj Mittal
(From OE-Core rev: 7dc3048fec88dd62ef49ef16517b7382ab7cf2a5)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../libxslt/files/CVE-2019-13117.patch | 33 ++
.../libxslt/files/CVE-2019-13118.patch | 76
From: Anuj Mittal
See:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395
(From OE-Core rev: cef180de3684491f1ac4180ddbcc102121222181)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/binutils/binutils/CVE-2019-9071.patch | 1
From: Anuj Mittal
(From OE-Core rev: 093f0914f261a27d58ecba9c1e9d3b78a35af012)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/binutils/binutils-2.32.inc | 2 +
.../binutils/binutils/CVE-2019-12972.patch | 51
gstreamer1.0-vaapi: backport jpeg encode/decode fixes
patch: fix CVE-2019-13636
python3: fix CVE-2019-9740
rsync: fix CVEs for included zlib
patch: backport fixes
binutils: fix CVE-2019-14250 CVE-2019-1
pango: fix CVE-2019-1010238
glib-2.0: fix CVE-2019-13012
Armin Kuster (4):
qemu
From: Anuj Mittal
See:
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
https://www.securityfocus.com/bid/107160
(From OE-Core rev: 7e90506534ed2a70680382cf28614f02fdb98409)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc
From: Ross Burton
(From OE-Core rev: d06d6910d1ec9374bb15e02809e64e81198731b6)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../libtiff/tiff/CVE-2019-7663.patch | 77 ++
meta/recipes-multimedia/libtiff/tiff_4.0.10
From: Anuj Mittal
(From OE-Core rev: 8eddac3305b7b428565103cde88cba444e3f0dd0)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../python/python/CVE-2019-9740.patch | 215 +
meta/recipes-devtools/python/python_2.7.16
From: Ross Burton
(From OE-Core rev: 7293e417dd9bdd04fe0fec177a76c9286234ed46)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../libtiff/tiff/CVE-2019-6128.patch | 52 ++
meta/recipes-multimedia/libtiff/tiff_4.0.10
From: Ross Burton
(From OE-Core rev: 5090afc1b07e62f70ebcf63a7abb75b8552f0a52)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../libid3tag/libid3tag/unknown-encoding.patch | 39 ++
.../libid3tag/libid3tag_0.15.1b.bb
From: Ross Burton
(From OE-Core rev: 0663e5f8f906803685f018061d51fd6277916e50)
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-multimedia/libid3tag/libid3tag/10_utf16.patch | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes
From: Anuj Mittal
Backport patches from 1.15 to fix JPEG encode/decode issues when
using VAAPI with Intel media-driver. See for details:
https://bugzilla.gnome.org/show_bug.cgi?id=796705
https://bugzilla.gnome.org/show_bug.cgi?id=796505
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
From: Naveen Saini
Signed-off-by: Naveen Saini
Signed-off-by: Armin Kuster
---
.../ghostscript/CVE-2019-3839-0008.patch | 440 +
.../ghostscript/ghostscript_9.26.bb| 1 +
2 files changed, 441 insertions(+)
create mode 100644
meta/recipes
From: Anuj Mittal
CVE-2019-9947 is same as CVE-2019-9740 and mark it as such. See:
https://bugs.python.org/issue30458
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../python/python3/CVE-2019-9740.patch | 151 +
meta/recipes-devtools/python
he default
configuration.
To fix this problem add the missing Before=shutdown.target and
Conflicts=shutdown.target to have systemd stop the unit on shutdown.
Signed-off-by: Alban Bedel
Signed-off-by: Armin Kuster
---
meta/recipes-support/rng-tools/rng-tools/rngd.service | 3 ++-
1 file
From: Anuj Mittal
Fixes CVE-2019-7572, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576,
CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7637,
CVE-2019-7638.
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../libsdl/libsdl-1.2.15/CVE-2019-7572.patch | 114
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../patch/patch/CVE-2019-13636.patch | 113 +
meta/recipes-devtools/patch/patch_2.7.6.bb | 1 +
2 files changed, 114 insertions(+)
create mode 100644 meta/recipes-devtools
From: Richard Purdie
Its possible in cases with multiple shlib providers we were not being
deterministic. Add in a couple of sorted() calls to fix the shlibs and
pkgconfig cases with this potential issue.
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes
Signed-off-by: Jason Wessel
Signed-off-by: Richard Purdie
Signed-off-by: Adrian Bunk
Signed-off-by: Armin Kuster
---
meta/recipes-extended/psmisc/psmisc.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/psmisc/psmisc.inc
b/meta/recipes-extended/ps
since the
19.0.1 release.
Full log:
https://www.mesa3d.org/relnotes/19.0.2.html
Signed-off-by: Fabio Berton
Signed-off-by: Armin Kuster
---
meta/recipes-graphics/mesa/{mesa-gl_19.0.1.bb => mesa-gl_19.0.8.bb} | 0
meta/recipes-graphics/mesa/{mesa_19.0.1.bb => mesa_19.0.8.bb}
having a distinct call to create the directory
and to set the permissions.
Signed-off-by: Jean-Tiare Le Bigot
Signed-off-by: Armin Kuster
---
meta/classes/package.bbclass | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
From: Bartosz Golaszewski
The build fails on qemu-native if we're using kernels after commit
0768e17073dc527ccd18ed5f96ce85f9985e9115. This adds an upstream
patch that fixes the issue.
Signed-off-by: Bartosz Golaszewski
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
From: Bruce Ashfield
Updating the linux-yocto 4.19 recipe to the latest -stable and -rt
releases.
We also integrate a configuration change to support ptests on scsci
targets:
scsi-debug: include core scsi support for standalone inclusion
The -stable changes comprise the following commits:
https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3agnu%3azlib%3a1.2.8
(From OE-Core rev: a55fbb4cb489853dfb0b4553f6e187c3f3633f48)
Signed-off-by: Anuj Mittal
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../rsync/files/CVE-20
Signed-off-by: Naveen Saini
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/qemu/qemu.inc| 1 +
.../qemu/qemu/CVE-2018-20815.patch | 38 ++
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2018
From: Anuj Mittal
The original fix for CVE-2018-1000156 was incomplete. Backport more
fixes done later for a complete fix.
Also see:
https://savannah.gnu.org/bugs/index.php?53820
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
...k-temporary-file-on-failed-ed-style-patch.patch
From: Trevor Gamblin
(From OE-Core rev: b59b1222b3f73f982286222a583de09c661dc781)
Signed-off-by: Trevor Gamblin
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
...ke-ed-directly-instead-of-using-the-shell.patch | 44 ++
meta/recipes-devtools/patch
1c181e6ba0 netfilter: nft_flow_offload: don't offload when sequence
numbers need adjustment
48f611ecea0e netfilter: nft_flow_offload: set liberal tracking mode for tcp
3b2734bc839d netfilter: nf_flow_table: ignore DF bit setting
869eec894663 md/raid0: Do not bypass blocking queue e
From: "Bedel, Alban"
Like for ARM bjam need some hints about the ABI to properly build on
aarch64. While at it also enable context and coroutine as these are
supported on aarch64.
Signed-off-by: Alban Bedel
Signed-off-by: Armin Kuster
---
meta/recipes-support/boost/boost.inc | 2
returned error exit
status 127
Signed-off-by: Ricardo Ribalda Delgado
Signed-off-by: Richard Purdie
Signed-off-by: Richard Leitner
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/dpkg/dpkg/pager.patch | 21 +
meta/recipes-devtools/dpkg/dpkg_1.19.4.bb | 1 +
2 files
From: Martin Jansa
Signed-off-by: Martin Jansa
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/meson/meson.inc | 1 +
...-return-statements-that-are-seen-with-Wer.patch | 84 ++
2 files changed, 85 insertions(+)
create mode 100644
meta/recipes
en
touch "${ICECC_VERSION}.done"
elif ! wait_for_file "${ICECC_VERSION}.done" 30
then
# locking failed so wait for ${ICECC_VERSION}.done to appear
bbwarn "Timeout waiting for ${ICECC_VERSION}.done"
return
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../pango/pango/CVE-2019-1010238.patch | 38 ++
meta/recipes-graphics/pango/pango_1.42.4.bb| 4 ++-
2 files changed, 41 insertions(+), 1 deletion(-)
create mode 100644 meta
From: Martin Jansa
Signed-off-by: Martin Jansa
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../0001-wakeup_xxx.h-include-limits.h.patch | 55 ++
meta/recipes-kernel/powertop/powertop_2.10.bb | 1 +
2 files changed, 56 insertions(+)
create
; binaries.
Signed-off-by: Nathan Rossi
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
.../0010-Change-default-emulation-for-mips64-linux.patch | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git
a/meta/recipes-devtools/binutils/binutils/0010-Change-defa
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/binutils/binutils-2.32.inc | 2 ++
.../binutils/binutils/CVE-2019-14250.patch | 33 ++
.../binutils/binutils/CVE-2019-1.patch | 28
From: Zhixiong Chi
Backprot CVE patch from the upstream:
https://github.com/gcc-mirror/gcc.git [commit f98495d]
https://nvd.nist.gov/vuln/detail/CVE-2018-12886
Signed-off-by: Zhixiong Chi
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/gcc/gcc-8.3.inc
sr/lib" != "/usr/lib" ]; then
* yes multilibs no usrmerge
if [ "/usr/lib64" != "/usr/lib" ] && [ "/lib" != "/usr/lib" ]; then
* yes multilibs yes user merge
if [ "/usr/lib64" != "/usr/lib" ]
walk.
Signed-off-by: Zhixiong Chi
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/gcc/gcc-8.3.inc | 1 +
.../gcc/gcc-8.3/0042-PR-debug-86964.patch | 94 ++
2 files changed, 95 insertions(+)
create mode 100644 meta/rec
fix is to prune the empty directory.
Signed-off-by: Jason Wessel
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc/glibc-locale.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-core/glibc/glibc-locale.inc
b/meta/recipes-core/glibc
ted_locale, but the purpose of this
patch is make it 100% consistent between the build types and fix the
builds.
Signed-off-by: Jason Wessel
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc/glibc-package.inc | 19 +--
1 file changed, 13 insert
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../glib-2.0/glib-2.0/CVE-2019-13012.patch | 40 ++
meta/recipes-core/glib-2.0/glib-2.0_2.58.3.bb | 1 +
2 files changed, 41 insertions(+)
create mode 100644 meta/recipes-core/glib
_cpu (const unsigned char *buf)
| ^~~
| ../git/lib/alg-des.c:81:13: note: called from here
|rawkey1 = be32_to_cpu (&key[4]);
| ^
Signed-off-by: Adrian Bunk
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-core/libxcrypt/
From: Armin Kuster
Affects < 9.2
Signed-off-by: Armin Kuster
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/gcc/gcc-8.3.inc | 1 +
.../gcc/gcc-8.3/CVE-2019-14250.patch | 44 ++
2 files changed, 45 insertions(+)
create mode 100644 m
y: Jason Wessel
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-core/glibc/glibc-package.inc | 40 ++-
meta/recipes-core/glibc/glibc_2.29.bb | 1 -
2 files changed, 24 insertions(+), 17 deletions(-)
diff --git a/meta/recipes-core/glibc/gl
From: Jun Nie
u-boot.bin with dtb & signature should be placed in ${B} so that
it can be deployed by u-boot as expected. Otherwise, the version
without signature is installed.
Signed-off-by: Jun Nie
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/u
sstate to be rebuilt.
Signed-off-by: Richard Purdie
(cherry picked from commit 0384622f72a6c0bd8225cf06f692340fdef67d4a)
Signed-off-by: Armin Kuster
---
meta/classes/staging.bbclass | 2 +-
meta/classes/useradd.bbclass | 6 --
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/meta
From: Sean Nyekjaer
Based on poky master, but for version 1.35
Signed-off-by: Sean Nyekjaer
Signed-off-by: Armin Kuster
---
.../libgpg-error-1.35-gawk5-support.patch | 161 +
.../libgpg-error/libgpg-error_1.35.bb | 1 +
2 files changed, 162
From: Armin Kuster
Affects <= 9.2.0
Dropped Changelog changes
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/gcc/gcc-8.3.inc | 3 +
.../gcc/gcc-8.3/CVE-2019-15847_p1.patch| 521 +
.../gcc/gcc-8.3/CVE-2019-15847_p2.patch|
From: Armin Kuster
Source: curl.org
MR: 99905
Type: Security Fix
Disposition: Backport from
https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d
ChangeID: e0c807da8937f687a4b2e28eaa6b4b5a51845bc5
Description:
Fixes CVE-2019-5482
- Affected versions: libcurl >= 7.19.4
build file. So we now leave the copy of Documention/'s Kbuild
in the devsrc.
Signed-off-by: Bruce Ashfield
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-kernel/linux/kernel-devsrc.bb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/me
bit
libtool, for example.
Make extended recipes reduce priority by 1 (or 2, 3 ... when there are multiple
variants in MULTILIB_VARIANTS) to fix the problem.
[YOCTO #13418]
Signed-off-by: Robert Yang
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
suring the code is deterministic.
[YOCTO #13232]
Signed-off-by: Richard Purdie
(cherry picked from commit 37d0382a3c67f47f8cfdd977a041069bf912b8c3)
Signed-off-by: Armin Kuster
---
meta/classes/useradd.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/useradd.bbclass b/me
://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement
Signed-off-by: Ross Burton
Signed-off-by: Armin Kuster
---
meta/classes/cve-check.bbclass | 142 --
meta/conf/distro/include/maintainers.inc | 1 +
meta/recipes-core/glibc/glibc-locale.inc
ve useless
special casing of arm64 Image) from master. Both commit were melted
into one to avoid some useless churn.
Signed-off-by: Alban Bedel
Signed-off-by: Armin Kuster
---
meta/classes/kernel-uboot.bbclass | 4
1 file changed, 4 deletions(-)
diff --git a/meta/classes/kernel-uboot.bbcla
onkey-patches overrides.
Closes https://bugzilla.yoctoproject.org/show_bug.cgi?id=13469 .
Signed-off-by: Will Page
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/classes/uboot-extlinux-config.bbclass | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
diff --
-XXX name is set
earlier so the kvm code can use it.
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
scripts/runqemu | 22 +-
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/scripts/runqemu b/scripts/runqemu
index 19fd521..af90c01 100755
--- a
These two commits fix the qemuarm64-ptest failures on the arm host
The following changes since commit 8c87e78547c598cada1bce92e7b25d85b994e2eb:
cve-check: backport rewrite from master (2019-09-29 21:38:22 -0700)
are available in the git repository at:
git://git.openembedded.org/openembedde
he autobuilders CPU type here.
Signed-off-by: Richard Purdie
(cherry picked from commit f13788541f64774a586971ed57699e4397b38b32)
Signed-off-by: Armin Kuster
---
meta/conf/machine/qemuarm64.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/conf/machine/qemuarm64.conf b/meta/conf/ma
1.0/include/qemu/osdep.h:90,
from
TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20:
/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’
was here
34 | extern __pid_t gettid (void) __THROW;
|^~
Signed-off-by: Armin Kus
From: Alexander Kanavin
License-update: copyright years
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
[ Backported patches removed. ]
Signed-off-by: Adrian Bunk
[Bug fix only update]
Signed-off-by: Armin Kuster
---
...ysconfig-append-STAGING_LIBDIR-python-sys.patch | 2
-off-by: Armin Kuster
---
.../python/python3/CVE-2019-9740.patch | 151 -
.../python/{python3_3.7.3.bb => python3_3.7.4.bb} | 5 +-
2 files changed, 2 insertions(+), 154 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/CVE-2019-9740.pa
drand was added in an upgrade to a new upstream
version without mentioning any reason.
[YOCTO #13534]
Signed-off-by: Adrian Bunk
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/json-c/json-c_0.13.1.bb | 2 --
1 file changed, 2 deletions(-)
diff --git a
asses/image-live.bbclass: Don't hardcode cpio.gz
Anuj Mittal (1):
python3: upgrade 3.7.3 -> 3.7.4
Armin Kuster (2):
qemu: Fix CVE-2019-8934
qemu: fix build issue on new hosts with glibc 2.30
Dan Tran (1):
unzip: Fix CVE-2019-13232
Jan Klare (1):
systemd: update SRCREV for
From: Andrii Bordunov via Openembedded-core
There's INITRAMFS_FSTYPES that can be set differently.
Signed-off-by: Böszörményi Zoltán
Signed-off-by: Armin Kuster
---
meta/classes/image-live.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/
/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20:
/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’
was here
34 | extern __pid_t gettid (void) __THROW;
|^~
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/qemu
Signed-off-by: Dan Tran
[Fix up against lastest warrior]
Signed-off-by: Armin Kuster
---
meta/recipes-devtools/qemu/qemu.inc| 1 +
.../recipes-devtools/qemu/qemu/CVE-2019-8934.patch | 215 +
2 files changed, 216 insertions(+)
create mode 100644 meta
branch
v241-stable, but currently in warrior an old version of that branch is pulled
in.
This patch updates the SRCREV to the latest commit from that branch and
therefore pulls in the needed fix to run systemd 241 on 5.2+ kernels.
Signed-off-by: Jan Klare
Signed-off-by: Armin Kuster
---
meta
From: Dan Tran
Signed-off-by: Dan Tran
Signed-off-by: Armin Kuster
---
.../unzip/unzip/CVE-2019-13232_p1.patch| 33 ++
.../unzip/unzip/CVE-2019-13232_p2.patch| 356 +
.../unzip/unzip/CVE-2019-13232_p3.patch| 121 +++
meta/recipes
/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20:
/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’
was here
34 | extern __pid_t gettid (void) __THROW;
|^~
Signed-off-by: Armin Kuster
---
...nux-user-assume-__NR_gettid
From: Sean Nyekjaer
Based on poky master, but for version 1.35
Signed-off-by: Sean Nyekjaer
Signed-off-by: Armin Kuster
[backported to thud
yocto# 13580]
Signed-off-by: Armin Kuster
---
.../libgpg-error-1.35-gawk5-support.patch | 161 +
.../libgpg-error/libgpg
636
python3: fix CVE-2019-9740
libxslt: fix CVE-2019-13117 CVE-2019-13118
patch: backport fixes
pango: fix CVE-2019-1010238
Armin Kuster (6):
gcc: Security fix for CVE-2019-14250
binutils: Security fix for CVE-2019-1
binutils: Security fix for CVE-2019-12972
bind: update to latest
From: Alexander Kanavin
Previously it was also called on filelists and possibly other items which
broke the parser.
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/lib/oe/buildhistory_analysis.py | 2 +-
1 file changed, 1 insertion(+), 1
From: Anuj Mittal
Signed-off-by: Anuj Mittal
Signed-off-by: Armin Kuster
---
.../patch/patch/CVE-2019-13636.patch | 113 +
meta/recipes-devtools/patch/patch_2.7.6.bb | 1 +
2 files changed, 114 insertions(+)
create mode 100644 meta/recipes-devtools
301 - 400 of 2282 matches
Mail list logo