Richard Purdie [Mon, 28 Jul 2014 16:55:05 +0000 (17:55 +0100)]
populate_sdk_base: Fix grep command usage on old hosts
"man grep" on centos:
-R, -r, --recursive
Read all files under each directory, recursively; this is equivalent to the -d recurse option.
"man grep" on a more recent ubuntu system:
-r, --recursive
Read all files under each directory, recursively, following symbolic links only if they are on the command line. This
is equivalent to the -d recurse option.
So we have an issue when the SDK installer (even with
buildtools-tarball) is used on old hosts since it may try and
dereference paths which it should not. This is caused by differences in
the behaviour of grep -r on older systems.
The fix is to wrap this in find so that only real files are found (as
elsewhere in the script.
Martin Jansa [Sun, 3 Aug 2014 16:59:26 +0000 (18:59 +0200)]
cairo: explicitly disable LTO support by backporting patch which removes it
* cairo-native was failing to build in gentoo with gcc-4.9 and LTO
enabled, more details in upstream bug
https://bugs.freedesktop.org/show_bug.cgi?id=77060
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Sat, 9 Aug 2014 09:11:16 +0000 (11:11 +0200)]
kernel: don't copy .so.dbg files into kernel source install
In 3.16+ x86-64 kernel builds produce a vdso64.so.dbg file. If this file is
copied into the kernel source install multiple QA failures are triggered.
Specifically, this file triggers a debug package split that results in
files installed but not shipped, and invalid .debug file errors.
By ensuring that .so files are not copied, we avoid this incorrect split
with no impact on future build phases.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 26 Jul 2014 09:13:21 +0000 (10:13 +0100)]
populate_sdk_deb: Fix non x86_64 SDK builds
If building with SDKMACHINE=i686 and using the deb backend, populate_sdk
would fail. Its clear when looking at the options that the 32 bit values
were overwritten.
Replace this code with code similar to that used in package_deb itself.
[YOCTO #6458]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
udev: update init script for conditional probing of platform bus
Make probing of "platform" bus conditional based on PROBE_PLATFORM_BUS
variable from /etc/default/udev-cache on subsequent boots when udev
cache is used. PROBE_PLATFORM_BUS has to be set to "yes" in order to
force probing on every boot, otherwise it uses the old default behaviour
of probing it just the first time.
This is helpful on modern SoCs where most of the low level peripheral
drivers are registered on the platform bus and need to be probed to load
the necessary modules and enable the connected buses and subsystems.
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
non-PIC references to __ehdr_start in pie and shared
Rather than hacking every backend to not discard dynamic relocations
against an undefined hidden __ehdr_start, make it appear to be defined
early. We want __ehdr_start hidden before size_dynamic_sections so
that it isn't put in .dynsym, but we do need the dynamic relocations
for a PIE or shared library with a non-PIC reference. Defining it
early is wrong if we don't actually define the symbol later to its
proper value. (In some cases we want to leave the symbol undefined,
for example, when the ELF header isn't loaded, and we don't have this
infomation available in before_allocation.)
So replace the existing patches with this one.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Darren Hart [Fri, 18 Jul 2014 23:01:52 +0000 (23:01 +0000)]
kernelshark: Remove trace-cmd from the kernelshark package
Fixes [YOCTO 6550]
Images installing both trace-cmd and kernelshark would fail with:
error: file /usr/bin/trace-cmd conflicts between attempted installs of
kernelshark-1.2+git0+7055ffd37b-r3.core2_32 and
trace-cmd-1.2+git0+7055ffd37b-r3.core2_32
This patch removes ${bindir}/trace-cmd from the install prior to
packaging, as is already done with the ${datadir}.
Reported-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Darren Hart <dvhart@linux.intel.com>
(cherry picked from commit eb08ae8f729ef77329892d19b23ddfdaa7953de0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Henning Heinold [Mon, 16 Jun 2014 20:02:45 +0000 (22:02 +0200)]
perf: add slang to the dependencies
* TUI/GUI support was added in 2.6.35 based on libnewt
* since 3.10 slang replaced libnewt completly
* changing TUI_DEFINES is not necessary, because NO_NEWT is
still respected with newer kernels
* add comment about the gui history to the recipe
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Tue, 17 Jun 2014 05:39:05 +0000 (13:39 +0800)]
rootfs.py: change the logic in _uninstall_unneeded
Previously, if we have 'package-management' and 'read-only-rootfs'
both in IMAGE_FEATRUES, we would meet the following error at system
start-up.
rm: can't remove '/etc/rcS.d/S99run-postinsts': Read-only file system
However, what's really expected is that when there's no postinstall
script at system start-up, the /etc/rcS.d/S99run-postinsts should not
even be there.
Whether or not to remove the init script symlinks to run-postinsts should
not depend on whether we have 'package-management' in IMAGE_FEATURES; rather,
it should only depend on whether we have any postinstall script left to run
at system start-up.
This patch changes the _uninstall_unneeded function based on the logic
stated above.
[YOCTO #6257]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 6 May 2014 13:48:37 +0000 (14:48 +0100)]
ptest: Work from PTEST_ENABLED, not DISTRO_FEATURES
Some classes of recipe disable ptest even though its in DISTRO_FEATURES
(e.g. nativesdk). We shouldn't attempt to build ptest packages when
its disabled. This replaces some DISTRO_FEATURE checks with PTEST_ENABLED
checks instead.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Richard Purdie [Fri, 30 May 2014 12:32:54 +0000 (13:32 +0100)]
gcc: Clean up configure_prepend and fix for mingw
The do_configure_prepend was duplicated in gcc-4.X.inc and
gcc-configure-common.inc leading to confusion when reading the resulting
do_configure task where the file was processed twice.
The only difference was the removal of the include line for gcc 4.8/4.9.
On mingw were were seeing two issues, firstly that the if statements meant
the values we wanted weren't being set, the second that the include
paths were still wrong as there was no header path set.
To fix the first issue, the #ifdef conditionals were removed, we want
to set these things unconditionally. The second issue is addressed by
setting the NATIVE_SYSTEM_HEADER_DIR variable here (it was already
set in t-oe).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 8 Apr 2014 03:30:56 +0000 (11:30 +0800)]
dbus: fix a hard dependency about dbus-ptest
If image contains dbus and ptest is in DISTRO_FEATURES, dbus-ptest package
is installed, regardless of whether ptest-pkgs is in IMAGE_FEATURES. This
issue will increase size for most small images.
This patch fixes this problem.
Richard Purdie [Tue, 10 Jun 2014 16:32:16 +0000 (17:32 +0100)]
rpm: Fix cpio 32 bit overflow issues on 64 bit inode filesystems
When building on XFS filesystems, the resulting rpms can be corrupted
with the same inode number being used for multiple hardlinked files.
There are two fixes, one to stop rpm crashing when accessing a broken
binary rpm, the other to stop generating them in the first places. Full
descriptions in the patch headers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 9 Jun 2014 15:51:19 +0000 (16:51 +0100)]
openssl: fix CVE-2014-0224
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and
modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Paul Eggleton [Mon, 9 Jun 2014 15:51:17 +0000 (16:51 +0100)]
openssl: use upstream fix for CVE-2014-0198
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora,
which is the same as the patch which was actually applied upstream for
the issue, i.e.:
Paul Eggleton [Mon, 9 Jun 2014 15:51:16 +0000 (16:51 +0100)]
openssl: fix CVE-2014-0195
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-connectivity/openssl/openssl_1.0.1g.bb
Saul Wold [Fri, 6 Jun 2014 00:09:02 +0000 (17:09 -0700)]
update-rc.d/useradd: Add additional dependecies
These dependcies are needed to ensure that thier packages are created
correctly since these classes have runtime dependiences in their packages
but they are not actually created yet at rootfs time.
Chen Qi [Wed, 4 Jun 2014 09:47:08 +0000 (17:47 +0800)]
systemd: update a uclibc specific patch to avoid segment fault
The alloca() function allocates space in the stack frame of the caller,
so using alloca(new_size - old_size) would possibly crash the stack,
causing a segment fault error.
This patch fixes the above problem by avoiding using this function in
journal-file.c.
Richard Purdie [Tue, 3 Jun 2014 12:51:24 +0000 (12:51 +0000)]
image_types: Fix ubi filesystem return codes
If the first command returns an error, it will not cause the image generation
step to fail. Simply split up the statement into multiple lines to avoid
this issue, they no longer need to be one line expressions.
Richard Purdie [Mon, 2 Jun 2014 20:08:34 +0000 (21:08 +0100)]
sanity.bbclass: Add libsdl-native check
If libsdl-native is in ASSUME_PROVIDED, check for it in the sanity tests.
This warns the user if they've said its being provided but it isn't and
prevents silent build issues.
Richard Purdie [Tue, 3 Jun 2014 09:09:22 +0000 (09:09 +0000)]
libfm: Ensure m4 directory exists
configure.ac references the m4 directory so things like gtkdocize
will try and place m4 files there. We need to ensure the directory
exists or the builds can fail.
Cristian Iorga [Fri, 30 May 2014 17:11:11 +0000 (20:11 +0300)]
v86d: fix for SeaBIOS VGA BIOS compatibility
This fixes a compatibility issue between v86d
and SeaBIOS VGA BIOS where the leal instruction
is not decoded properly. Read the
http://thread.gmane.org/gmane.comp.emulators.qemu/271806
thread for more details.
Patch taken from upstream.
Saul Wold [Thu, 29 May 2014 22:00:54 +0000 (15:00 -0700)]
util-linux: add sulogin to alternatives list
sulogin is provided by both busybox in /sbin/sulogin and util-linux provides one
in /usr/sbin/sulogin, so move util-linux's to sbin and setup ALTERNATIVE_LINK.
Dan McGregor [Fri, 30 May 2014 21:39:48 +0000 (15:39 -0600)]
gzip: Avoid host contamination during build
On systems with /bin and /usr/bin merged the gzip recipe may find grep
in /usr/bin, while OE puts it in /bin. Force the recipe to find grep in
the correct place.
Richard Purdie [Fri, 30 May 2014 12:31:47 +0000 (13:31 +0100)]
classextend: Fix crosssdk remapping for multilib
Multilib builds only require one crosssdk toolchain. We therefore shouldn't
be remapping crosssdk names. This resolves build failures looking for
weird multilib crosssdk toolchains.
combo-layer: fix revlist taking into account file_filter
If file_filter is set, git format-patch takes account but git rev-list
does not. So revlist is going to get with wrong revisions. And last_revision
will be updated with wrong revision. The next time that user run
combo-layer it complain about applying patches.
So ensure that 'git rev-list' are using file_filter as 'git format-patch'.
Chen Qi [Thu, 29 May 2014 01:50:53 +0000 (09:50 +0800)]
update-rc.d: fix to handle priority numbers correctly
The update-rc.d treated priority numbers begin with '0' as octal
numbers. This led to problems of update-rc.d being unable to handle
priorities like '08' or '09' correctly.
Saul Wold [Fri, 6 Jun 2014 00:09:05 +0000 (17:09 -0700)]
fontconfig: enable 64 bit file support
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Fri, 6 Jun 2014 00:09:04 +0000 (17:09 -0700)]
freetype: enable 64 bit file support
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 28 Apr 2014 03:12:34 +0000 (11:12 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0849
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 13:02:51 +0000 (21:02 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0850
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:24:18 +0000 (20:24 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0856
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:04:19 +0000 (20:04 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0854
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:51:12 +0000 (19:51 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:44:28 +0000 (19:44 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0858
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:37:10 +0000 (15:37 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0852
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:10:15 +0000 (15:10 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0845
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 03:56:19 +0000 (11:56 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0868
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 25 Apr 2014 08:26:00 +0000 (16:26 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2099
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:58:29 +0000 (18:58 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:38:34 +0000 (18:38 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2263
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)
muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,
allows remote attackers to have unspecified impact and vectors, which
trigger an out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 07:00:38 +0000 (15:00 +0800)]
openssl: fix for CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
attackers to inject data across sessions or cause a denial of service
(use-after-free and parsing error) via an SSL connection in a
multithreaded environment.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 06:32:13 +0000 (14:32 +0800)]
tiff: fix for Security Advisory CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers
to cause a denial of service (out-of-bounds write) via a crafted (1)
extension block in a GIF image or (2) GIF raster image to
tools/gif2tiff.c or (3) a long filename for a TIFF image to
tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which
states that the input cannot exceed the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple
buffer overflows in libtiff before 4.0.3 allow remote attackers to cause
a denial of service (out-of-bounds write) via a crafted (1) extension
block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3)
a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1
and 3 are disputed by Red Hat, which states that the input cannot exceed
the allocated buffer size.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:53 +0000 (13:42 +0800)]
nss: CVE-2013-1740
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933
changeset: 10946:f28426e944ae
user: Wan-Teh Chang <wtc@google.com>
date: Tue Nov 26 16:44:39 2013 -0800
summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
changeset: 10945:774c7dec7565
user: Wan-Teh Chang <wtc@google.com>
date: Mon Nov 25 19:16:23 2013 -0800
summary: Bug 713933: Declare the |falseStart| local variable in the smallest
changeset: 10848:141fae8fb2e8
user: Wan-Teh Chang <wtc@google.com>
date: Mon Sep 23 11:25:41 2013 -0700
summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
changeset: 10898:1b9c43d28713
user: Brian Smith <brian@briansmith.org>
date: Thu Oct 31 15:40:42 2013 -0700
summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Thu, 8 May 2014 10:16:24 +0000 (18:16 +0800)]
subversion: fix for Security Advisory CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:22:17 +0000 (15:22 +0800)]
subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21
and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of
service (NULL pointer dereference and crash) via a LOCK on an activity URL.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20
and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via an anonymous LOCK for a URL that does
not exist.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 05:21:25 +0000 (13:21 +0800)]
subversion: fix for Security Advisory CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:57:31 +0000 (15:57 +0800)]
subversion: fix for Security Advisory CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause
a denial of service (assertion failure or out-of-bounds read) via a
certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision
root.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 02:49:03 +0000 (10:49 +0800)]
subversion: fix for Security Advisory CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 05:01:16 +0000 (13:01 +0800)]
screen: fix for Security Advisory CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or
overwrite arbitrary files via a symlink attack on the
/tmp/screen-exchange temporary file.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/screen/screen_4.0.3.bb
Yue Tao [Mon, 14 Apr 2014 04:41:17 +0000 (12:41 +0800)]
Screen: fix for Security Advisory CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with
world-readable permissions, which might allow local users to obtain
sensitive session information.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/screen/screen_4.0.3.bb
Chen Qi [Tue, 13 May 2014 07:46:27 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and
earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking
by presenting an unacceptable HostCertificate.
Chen Qi [Tue, 13 May 2014 07:46:26 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2532
sshd in OpenSSH before 6.6 does not properly support wildcards on
AcceptEnv lines in sshd_config, which allows remote attackers to
bypass intended environment restrictions by using a substring located
before a wildcard character.
Joe Slater [Mon, 12 May 2014 18:54:04 +0000 (11:54 -0700)]
qemu: define PACKAGECONFIG[] for ssh2
qemu configure will search for libssh2 if we do not enable or
disable it's use, resulting in non-deterministic builds. We
define PACKAGECONFIG[] to avoid this.
Chen Qi [Tue, 13 May 2014 02:54:26 +0000 (10:54 +0800)]
gdb: add PACKAGECONFIG for babeltrace
Add PACKAGECONFIG for 'babeltrace' so that we don't have the implicit
dependency which might lead to problems when building images.
As an example of showing what problem we might have without this patch,
see the following steps which would lead to a failure.
1. IMAGE_INSTALL_append = " gdb"
2. bitbake babeltrace
3. bitbake gdb
4. bitbake babeltrace -ccleansstate
5. bitbake core-image-minimal
The rootfs process would fail with the following error message.
error: Can't install gdb-7.7-r0@i586: no package provides babeltrace >= 1.2.1+git0+66c2a20b43
Richard Purdie [Mon, 12 May 2014 10:04:26 +0000 (11:04 +0100)]
git: Fix various makefile flags
We need to pass CFLAGS and LDFLAGS to the makefile correctly so we
need to list them as part of EXTRA_OEMAKE.
We also have a problem where git hardlinks binaries in bindir with
those in its libexecdir. If we change the RPATH in one of them, it
breaks the other. We therefore set the no cross dir hardlinking flag
git already has for this kind of issue. This ensures the RPATHS for
the git-core binaries works correctly. Its pure luck this has
sometimes worked so far.
Koen Kooi [Tue, 13 May 2014 10:16:29 +0000 (12:16 +0200)]
ca-certificates: generate CAfile for -native in do_install
Git-replacement-native needs the generated files in place for https:// URIs:
WARNING: Failed to fetch URL git://github.com/kernelslacker/trinity.git;protocol=https, attempting MIRRORS if available
ERROR: Fetcher failure: Fetch command failed with exit code 128, output:
Cloning into bare repository '/build/linaro/build/build/downloads/git2/github.com.kernelslacker.trinity.git'...
fatal: unable to access 'https://github.com/kernelslacker/trinity.git/': error setting certificate verify locations:
CAfile: /build/linaro/build/build/tmp-eglibc/sysroots/x86_64-linux/etc/ssl/certs/ca-certificates.crt
CApath: none
ERROR: Function failed: Fetcher failure for URL: 'git://github.com/kernelslacker/trinity.git;protocol=https'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /build/linaro/build/build/tmp-eglibc/work/aarch64-oe-linux/trinity/1.3-r0/temp/log.do_fetch.7843
ERROR: Task 1378 (/build/linaro/build/meta-linaro/meta-linaro/recipes-extra/trinity/trinity_1.3.bb, do_fetch) failed with exit code '1'
Tudor Florea [Mon, 5 May 2014 22:40:11 +0000 (00:40 +0200)]
curl: remove inapporpriate file from curl release
This is the adaptation for the a bugfix upstream
The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release
interfered with the upstream fix for
https://sourceforge.net/p/curl/bugs/1350/
Ross Burton [Wed, 14 May 2014 10:13:19 +0000 (11:13 +0100)]
freetype: disable harfbuzz
Freetype has an automatically detected dependency on Harfbuzz, which has a
dependency on Freetype.
To produce deterministic builds and avoid link failures when rebuilding freetype
with harfbuzz present add a PACKAGECONFIG for Harfbuzz and disable it by
default.
Chong Lu [Thu, 15 May 2014 08:54:32 +0000 (16:54 +0800)]
syslinux-native: fix parallel building issue
There might be an error when parallel build:
[snip]
cp: cannot create directory `tmp/sysroots/x86_64-linux/usr/share/
syslinux/com32/include/gplinclude': No such file or directory
make[4]: *** [install] Error 1
make[3]: *** [gpllib] Error 2
[snip]
This is a potential issue. In ${S}/com32/gpllib/Makefile file,
install target wants to copy $(SRC)/../gplinclude to
$(INSTALLROOT)$(COM32DIR)/include/ directory, but in ${S}/com32/lib/Makefile
file, the install target will remove $(INSTALLROOT)$(COM32DIR)/include
directory. We need to do com32/lib first.
The patch make com32/gpllib depends on com32/lib to fix this issue.
Chen Qi [Mon, 19 May 2014 08:03:28 +0000 (16:03 +0800)]
runqemu-internal: add "console=ttyS0" to ramfs image kernel parameters
We need this kernel command parameter so that when we start a ramfs
image, we can actually get some output. Although we can make this
happen by specifying the 'bootparams' for the 'runqemu' command, it's
better to make this the default behaviour.
Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
