Mingli Yu [Thu, 8 Nov 2018 06:08:16 +0000 (14:08 +0800)]
libsm: extend to nativesdk
After enable tk via PACKAGECONFIG for python3,
there comes below error:
Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-python3-testtools', 'nativesdk-python3-pbr', 'nativesdk-python3', 'nativesdk-tk', 'nativesdk-libxt', 'nativesdk-libsm']
Extend libsm to nativesdk to fix this issue.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Thu, 8 Nov 2018 06:08:17 +0000 (14:08 +0800)]
libice: extend to nativesdk
After enable tk via PACKAGECONFIG for python3,
there comes below error:
Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-python3-git', 'nativesdk-python3-gitdb', 'nativesdk-python3-async', 'nativesdk-python3', 'nativesdk-tk', 'nativesdk-libxt', 'nativesdk-libsm', 'nativesdk-libice']
Extend libice to nativesdk to fix this issue.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Thu, 8 Nov 2018 06:08:15 +0000 (14:08 +0800)]
fontconfig: extend to nativesdk
After enable tk via PACKAGECONFIG for python3,
there comes below error:
Missing or unbuildable dependency chain was: ['nativesdk-packagegroup-sdk-host', 'nativesdk-opkg', 'nativesdk-libsolv', 'nativesdk-rpm', 'nativesdk-python3', 'nativesdk-tk', 'nativesdk-xft', 'nativesdk-fontconfig']
Extend fontconfig to nativesdk to fix this issue.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Thu, 8 Nov 2018 06:08:14 +0000 (14:08 +0800)]
libxft: extend to nativesdk
After enable tk via PACKAGECONFIG for python3,
there comes below error:
Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-python3-testtools', 'nativesdk-python3-pbr', 'nativesdk-python3', 'nativesdk-tk', 'nativesdk-xft']
Extend libxft to nativesdk to fix this issue as
PROVIDES = "xft" in libxft recipe.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Thu, 8 Nov 2018 06:08:13 +0000 (14:08 +0800)]
libxt: extend to nativesdk
After enable tk via PACKAGECONFIG for python3,
there comes below error:
Missing or unbuildable dependency chain was: ['buildtools-tarball', 'nativesdk-python3-pytz', 'nativesdk-python3', 'nativesdk-tk', 'nativesdk-libxt']
Extend libxt to nativesdk to fix this issue.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 8 Nov 2018 14:24:00 +0000 (14:24 +0000)]
distcc: Handle upstream branch deletion for old releases
distcc upstream dropped the 3.2 branch which we reference in older project releases
the revisions are there, just the branch is not. In order to be able to continue
to build those old releases, adjust any mirror tarball to contain the missing branch.
We have updated the newer point releases but the previous tags were failing to build.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Nathan Rossi [Wed, 7 Nov 2018 08:51:56 +0000 (08:51 +0000)]
base.bbclass: Display name of licenses which caused SkipRecipe
Display the name of the restricted licenses which caused the recipe to
be skipped. This makes it easy to determine which license or licenses
are missing and need to be checked and whitelisted.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openssl-1.1.1: remove build path from version info
The openssl build system generates buildinf.h containing the full
compiler command line used to compile objects. This breaks
reproducibility, as the compile command is baked into libcrypto, where
it is used when running `openssl version -f`.
Add stripped build variables for the compiler and cflags lines, and use
those when generating buildinfo.h.
This is based on a similar patch for older openssl versions:
https://patchwork.openembedded.org/patch/147229/
Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jens Rehsack [Thu, 8 Nov 2018 15:32:42 +0000 (16:32 +0100)]
cpan.bbclass: avoid newer MakeMaker run perl.real
In newer versions of ExtUtils::MakeMaker, the location of the perl
binary to run is determined differently which results in finding
${bindir}/perl.real instead of ${bindir}/perl
Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
busybox: make busybox.links.{suid, nosuid} reproducible
The busybox.link.* files are generated from autoconf.h and applets.h,
which are both auto-generated by the build system. The contents of the
two files might be in different order, and so the link files are not
reproducble as is.
Fix this by sorting the lists using `sort`.
Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yeoh Ee Peng [Thu, 8 Nov 2018 09:41:54 +0000 (17:41 +0800)]
oeqa/runtime: Add tests for gstreamer CLI
We should not be finding GStreamer issues right around
release time but that's what we seem to do.
Port gstreamer tests from Intel Ref Kit.
https://github.com/intel/intel-iot-refkit/blob/master/meta-iotqa/
lib/oeqa/runtime/multimedia/gstreamer/gstreamer_cli.py
Add tests for gstreamer commandline tools (gst-inspect-1.0
& gst-launch-1.0).
[YOCTO #11418]
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/autobuilder-worker-prereq-tests: Shore up qemu testing
Check that yocto-autobuilder-helper has been cloned to the correct location.
Check that vnc is running using the same script the autobuilder does.
Set the DISPLAY enviroment variable to :1 the same way we do when building
normally.
Make the VM's serial console available so we can log in and power off allowing
the tests to continue.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/runqemu: Replace subprocess.run() for compatibilty
subprocess.run() was introduced in Python 3.5. We currently support down to
Python 3.4 so I've replaced it with subprocess.check_call() which is available
in that version.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 8 Nov 2018 20:58:38 +0000 (12:58 -0800)]
scripts/runqemu: Add serialstdio mode
Its currently not possible to have a console available whilst using qemu in graphics
mode. This is causing some issues for testing autobuilder bringup so all a "serialstdio"
mode to runqemu to accomodate this.
The existing serialstdio internal variable is renamed to allow the new user visible option.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The previous code looks strange because of historical reason, simply return
base_get_metadata_git_revision/branch() is enough, the later functions has
handled everything like '<unknown>' and strip().
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
shadow: improve reproducibility by hard-coding shell path
The shadow configure script tries really hard to detect the running
shell to make sure it doesn't do unsupported calls.
On my system the shell is detected as /bin/sh, while a build in an
ubuntu docker it resolves to /bin/bash. And since the shell path is
baked into the target binaries through config.h, the build becomes
inreproducible.
Fix reproducibility by hard-coding the shell to be /bin/sh
Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mauno Niko [Mon, 12 Nov 2018 11:32:14 +0000 (11:32 +0000)]
strace: Bump to version 4.25
V4L2_CID_USER_IMX_BASE value differs in v4.14 and v4.19 LTS kernels
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/include/uapi/linux/v4l2-controls.h?h=v4.14.79#n191
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/include/uapi/linux/v4l2-controls.h?h=v4.19.1#n191
Building strace v4.24 against 4.19 kernel headers results in following
build failure
| arm-vaisala-linux-gnueabi-ranlib libstrace.a
| In file included from ../strace-4.24/static_assert.h:31,
| from ../strace-4.24/xlat/v4l2_pix_fmts.h:4,
| from ../strace-4.24/v4l2.c:78:
| ../strace-4.24/xlat/v4l2_control_id_bases.h:36:1: error: static assertion failed: "V4L2_CID_USER_IMX_BASE != (V4L2_CID_BASE + 0x1090)"
This Linux kernel ABI breakage that occurred wrt V4L2_CID_USER_IMX_BASE
has been observed and addressed in strace upstream commit
https://github.com/strace/strace/commit/b89a69dec27cf638df0e17db80ed937c3e1abf77
Bump strace to version 4.25 which also addresses ABI breakage so that
strace once again builds against both v4.14 and v4.19 LTS kernel headers
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop newly added option --disable-lang-qt-test which is merged to --disable-gpg-test by
upstream commit [26820ba qt: Respect --disable-gpg-test for tests]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enable sna by default and remove upstreamed patches.
Also include a patch from fedora to fix compile issues when using
qemux86 which doesn't enable sse2 leading to gcc refusing to
inline vertex_emit_2s in emit_vertex because they are defined as:
static __attribute__((always_inline)) void
vertex_emit_2s(struct sna *sna, int16_t x, int16_t y)
| In file included from ../../../git/src/sna/gen4_vertex.c:34:
| ../../../git/src/sna/gen4_vertex.c: In function 'emit_vertex':
| ../../../git/src/sna/sna_render_inline.h:40:26: error: inlining failed in call to always_inline 'vertex_emit_2s': target specific option mismatch
| static force_inline void vertex_emit_2s(struct sna *sna, int16_t x, int16_t y)
| ^~~~~~~~~~~~~~
| ../../../git/src/sna/gen4_vertex.c:308:25: note: called from here
| #define OUT_VERTEX(x,y) vertex_emit_2s(sna, x,y) /* XXX assert(!too_large(x, y)); */
| ^~~~~~~~~~~~~~~~~~~~~~~~
| ../../../git/src/sna/gen4_vertex.c:360:2: note: in expansion of macro 'OUT_VERTEX'
| OUT_VERTEX(dstX, dstY);
| ^~~~~~~~~~
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 30 Oct 2018 19:04:26 +0000 (15:04 -0400)]
kernel: use olddefconfig as the primary target for KERNEL_CONFIG_COMMAND
As was warned by commit 312ee68752fa [kconfig: announce removal of
oldnoconfig if used], oldnoconfig has been removed from the 4.20 kernel.
So we switch our default mode to olddefconfig.
commit fb16d8912 [kconfig: replace 'oldnoconfig' with 'olddefconfig',
and keep the old name as an alias] introduced olddefconfig in the 3.10
kernel, we shuffle oldnoconfig to the fallback target.
The fallback mode allows kernels between 3.10 and the currently listed
oldest kernel of 3.2 to continue to configure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Armin Kuster [Sat, 20 Oct 2018 14:55:49 +0000 (15:55 +0100)]
gnutls: update to 3.6.4
Notable change:
libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
see: https://lists.gnupg.org/pipermail/gnutls-help/2018-September/004457.html
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
[v2]
Fix typo in version in subject
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Having image-buildinfo enabled causes containerimage.ContainerImageTests.test_expected_files
to fail due to the presence of an unexpected file:
['./',
'./etc/',
- './etc/build',
'./etc/default/',
'./etc/default/postinst',
Tweak the class to allow it to be disabled and disable it from the test just in
case it was enabled.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Randy MacLeod [Wed, 7 Nov 2018 17:59:22 +0000 (12:59 -0500)]
valgrind: drop mips n32 support
valgrind for qemumips64 multilib builds fails to configure
for libn32 with the error:
configure:6190: checking for 32 bit build support
...
fatal error: bits/long-double-32.h: No such file or directory
It seems that the toolchain is producing:
tmp-glibc/sysroots-components/mips64-n32/libn32-glibc/usr/include/bits/long-double-n32.h
Until the toolchain problem is resolved, skip valgrind for libn32.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Play the whack-a-mole game and add the .file directive to another
assembly file that otherwise shows itself in ld-2.28.so debug file,
which in turns alters the build-id of ld-2.28.so on target.
Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Due to a bug in find [1], -ignore_readdir_race does not work correctly with
-delete. This can lead to spurious build failures when files disappear
while such a command is running; specifically this was seen in the case of
do_configure and do_populate_lic running concurrently for packages
with ${B} == ${WORKDIR}:
find: '.../sstate-build-populate_lic': No such file or directory
While the issue is fixed in the findutils git master, the find command of
the host system is called here, so we can't ensure that the used version
contains the fix. Many common distros have not updated to a recent enough
findutils version yet (Ubuntu 18.10 contains the fix, while 18.04 is still
affected).
Work around the issue by passing the output of find to 'rm -f' instead of
using -delete.
[1] https://savannah.gnu.org/bugs/?52981
Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexey Brodkin [Wed, 31 Oct 2018 18:54:23 +0000 (21:54 +0300)]
perf: Disable libunwind for ARC & RISCV64
libunwind is not yet ported for ARC & RISCV64 and on attempt
to build it for those arches we just get an error message.
If we explicitly disable libunwind it is gracefully handled by
perf build system and it just gets configured to not use it
so perf is still usable even on those arches.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Cc: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changqing Li [Thu, 1 Nov 2018 03:15:17 +0000 (11:15 +0800)]
apt: update SRC_URI
update SRC_URI since previous link is not valid now
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fabien Lahoudere [Mon, 29 Oct 2018 11:02:29 +0000 (12:02 +0100)]
archiver: Drop unwanted directories
In sources directory we can find patches/ and temp/.
The first one is filled with symbolic link unusable on another
machines.
The second contains yocto logs to create this archives and are
typically copied when 'S = "${WORKDIR}"'
Signed-off-by: Fabien Lahoudere <fabien.lahoudere@collabora.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kosta Zertsekel [Sun, 4 Nov 2018 19:24:46 +0000 (21:24 +0200)]
meta: Use double colon for chown OWNER:GROUP
Rationale - excerp from `info chown`
====================================
OWNER‘:’GROUP
If the OWNER is followed by a colon and a GROUP (a group name or
numeric group ID), with no spaces between them, the group ownership
of the files is changed as well (to GROUP).
Some older scripts may still use ‘.’ in place of the ‘:’ separator.
POSIX 1003.1-2001 (*note Standards conformance::) does not require
support for that, but for backward compatibility GNU ‘chown’ supports
‘.’ so long as no ambiguity results. New scripts should avoid the use
of ‘.’ because it is not portable, and because it has undesirable
results if the entire OWNER‘.’GROUP happens to identify a user whose
name contains ‘.’.
Signed-off-by: Kosta Zertsekel <zertsekel@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 5 Nov 2018 15:52:09 +0000 (15:52 +0000)]
oeqa/selftest: Add test for Yocto source mirror functionality/completeness
We've had a number of occasions where the Yocto Project source mirrors have not
been complete or functioning correctly. This adds a test so that if this happens
we find out out it sooner.
It also only works over http meaning we should be able to test that anyone behind
an http only proxy (no git protocol) also has functional fetches for OE-Core and
layers built by the core of the project.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Serhey Popovych [Wed, 31 Oct 2018 14:55:47 +0000 (16:55 +0200)]
v86d: Make cross compilation working on more architectures
Since commit 709c603dec19 ("v86d: Accept aarch64 as build host") we
support cross compilation on aarch64 host in addition to x86 host.
However building on hosts different than two above will fail.
Make cross compilation support more generic by checking for TARGET_ARCH
in v86d configure script with fallback to `uname -m` when not present in
environment and pass TARGET_ARCH explicitly in do_configure().
Cross build for x86 tested on IBM Power 8 machine with RHEL7. Should
work on aarch64 and rest too.
Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 30 Oct 2018 11:18:54 +0000 (11:18 +0000)]
oe-init-buildenv/base: Relax python version checks in favour of HOSTTOOLS manipulation
Several distros are now shipping "python" as python v3 contra to the original
python guidelines. This causes users confusion/pain in trying to use our tools.
We can just force "python" to "python2" within HOSTTOOLS to avoid this issue
and hide the complexity from the user.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 2 Nov 2018 13:13:43 +0000 (13:13 +0000)]
oeqa/runtime/ptest: Inject results+logs into stored json results file
This allows the ptest results from ptest-runner, run in an image to be
transferred over to the resulting json results output.
Each test is given a pass/skip/fail so individual results can be monitored
and the raw log output from the ptest-runner is also dumped into the
results json file as this means after the fact debugging becomes much easier.
Currently the log output is not split up per test but that would make a good
future enhancement.
I attempted to implement this as python subTests however it failed as the
output was too confusing, subTests don't support any kind of log
output handling, subTest successes aren't logged and it was making things
far more complex than they needed to be.
We mark ptest-runner as "EXPECTEDFAILURE" since its unlikely every ptest
will pass currently and we don't want that to fail the whole image test run.
Its assumed there would be later analysis of the json output to determine
regressions. We do have to change the test runner code so that
'unexpectedsuccess' is not a failure.
Also, the test names are manipuated to remove spaces and brackets with
"_" used as a replacement and any duplicate occurrences truncated.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gcc-crosssdk buils leaks config.log's through "gcc-stashed-builddir" and
TARGET_* flags to libgcc cross-build through "gcc/libgcc.mvars" file
on "gcc-stashed-builddir". This means that if BUILD_CFLAGS contains
host-specific flags like "-isystem/usr/include" libgcc build will
fail "do_qa_configure" and "do_package_qa" checks.
Remove host-related flags from TARGET_* flags for gcc-crosssdk builds.
[YOCTO #11874]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This changes the PN addtion to something containing the tune rather than
the arch which avoids these kinds of errors. If go-cross can be tune
independent that would be nice but currently that isn't the case.
[YOCTO #12586]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Tue, 30 Oct 2018 06:32:42 +0000 (14:32 +0800)]
go-dep: disable PTEST_ENABLED for mips and mips64
The current go-dep does not compile ptest successfully on mips
and mips64. So as a workaround, disable PTEST_ENABLED explicitly
to avoid error like below.
| vet config not found
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hugues Kamba [Tue, 30 Oct 2018 09:37:25 +0000 (09:37 +0000)]
python3: Fix python3-pyvenv run-time dependency
Pyvenv is just a small script that uses venv to create virtual
environments.
https://www.python.org/dev/peps/pep-0405/#creating-virtual-environments
This patch adds the python3-venv module as a self-contained package which
python3-pyvenv must depend on at run-time.
The patch also provides the package python3-pyvenv from the pyhton3-venv
package.This is good for future-proofing since python3-pyvenv has been
deprecated and only python3-venv is now available in Python 3.6.
https://docs.python.org/3/library/venv.html.
Without this patch python3-pyvenv is broken because it is missing the
venv module at run-time. This patch specifies the newly created
python3-venv as a run-time dependency of python3-pyvenv.
Signed-off-by: Hugues Kamba <hugues.kamba@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pixman: Trim license info extracted from pixman-matrix.c
Four unrelated lines were extracted from pixman-matrix.c for the
license information.
License-Update: Only extract the relevant part from pixman-matrix.c Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libgpg-error: Trim license info extracted from init.c & gpg-error.h.in
License-Update: Only extract relevant parts from init.c & gpg-error.h.in Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
apr-util: Trim license info extracted from apu_version.h
Two unrelated lines were extracted from apu_version.h for the license
information.
License-Update: Only extract the relevant part from apu_version.h Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Two unrelated lines were extracted from apr_lib.h for the license
information.
License-Update: Only extract the relevant part from apr_lib.h Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Once the value of SOURCE_DATE_EPOCH is determined, it is stored in the recipe's SDE_FILE.
If none of the existing mechanisms are suitable, replace the do_deploy_source_date_epoch task
with recipe-specific functionality to write the appropriate SOURCE_DATE_EPOCH into the SDE_FILE.
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Hongxu Jia [Mon, 5 Nov 2018 08:03:36 +0000 (16:03 +0800)]
ghostscript: fix CVE-2018-18073
Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hongxu Jia [Mon, 5 Nov 2018 08:03:35 +0000 (16:03 +0800)]
ghostscript: fix CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Armin Kuster [Mon, 29 Oct 2018 01:29:32 +0000 (01:29 +0000)]
tzdata: update to 2018g
Changes to code
When generating TZif files with leap seconds, zic no longer uses a
format that trips up older 32-bit clients, fixing a bug introduced
in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround
for QTBUG-53071 now also works for TZif files with leap seconds.
The translator to rearguard format now rewrites the line
"Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
"Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S".
This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
and earlier. (Reported by Christos Zoulas.)
Changes to past time zone abbreviations
Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
This reverts to 2011h, as the abbreviation change in 2011i was
likely inadvertent.
Changes to documentation
tzfile.5 has new sections on interoperability issues.
Armin Kuster [Sun, 28 Oct 2018 23:38:32 +0000 (23:38 +0000)]
tzcode-native: update to 2018g
Changes to code
When generating TZif files with leap seconds, zic no longer uses a
format that trips up older 32-bit clients, fixing a bug introduced
in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround
for QTBUG-53071 now also works for TZif files with leap seconds.
The translator to rearguard format now rewrites the line
"Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
"Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S".
This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
and earlier. (Reported by Christos Zoulas.)
Changes to past time zone abbreviations
Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
This reverts to 2011h, as the abbreviation change in 2011i was
likely inadvertent.
Changes to documentation
tzfile.5 has new sections on interoperability issues.
Ross Burton [Thu, 1 Nov 2018 11:15:58 +0000 (11:15 +0000)]
xserver-xorg: fix CVE-2018-14665
Incorrect command-line parameter validation in the Xorg X server can lead to
privilege elevation and/or arbitrary files overwrite, when the X server is
running with elevated privileges (ie when Xorg is installed with the setuid bit
set and started by a non-root user). The -modulepath argument can be used to
specify an insecure path to modules that are going to be loaded in the X server,
allowing to execute unprivileged code in the privileged process. The -logfile
argument can be used to overwrite arbitrary files in the file system, due to
incorrect checks in the parsing of the option.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
