Daniel Díaz [Tue, 25 Oct 2016 18:09:45 +0000 (13:09 -0500)]
weston: Add no-input-device patch to 1.9.0.
The included patch, backported from Weston master, allows
it to run without any input device at launch. An ini option
is introduced for this purpose, so there is no behavioral
change.
Related change in weston.ini:
[core]
require-input=true
Default is true; setting it false allows Weston to run
without a keyboard or mouse, which is handy for automated
environments.
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Adrian Dudau [Thu, 3 Nov 2016 13:18:01 +0000 (14:18 +0100)]
qemu: Security fix CVE-2016-4952
affects qemu < 2.7.0
Quick Emulator(Qemu) built with the VMWARE PVSCSI paravirtual SCSI bus
emulation support is vulnerable to an OOB r/w access issue. It could
occur while processing SCSI commands 'PVSCSI_CMD_SETUP_RINGS' or
'PVSCSI_CMD_SETUP_MSG_RING'.
A privileged user inside guest could use this flaw to crash the Qemu
process resulting in DoS.
Adrian Dudau [Thu, 3 Nov 2016 13:18:00 +0000 (14:18 +0100)]
qemu: Security fix CVE-2016-4439
affects qemu < 2.7.0
Quick Emulator(Qemu) built with the ESP/NCR53C9x controller emulation
support is vulnerable to an OOB write access issue. The controller uses
16-byte FIFO buffer for command and data transfer. The OOB write occurs
while writing to this command buffer in routine get_cmd().
A privileged user inside guest could use this flaw to crash the Qemu
process resulting in DoS.
Zeeshan Ali [Mon, 14 Nov 2016 09:40:54 +0000 (10:40 +0100)]
nss: Disable warning on deprecated API usage
nss itself enables Werror if gcc is version 4.8 of greater, which fails
the build against new glibc (2.24) because of use of readdir_r(), which
is now deprecated. Let's just disable warnings on deprecated API usage.
Ross Burton [Mon, 3 Oct 2016 14:16:32 +0000 (15:16 +0100)]
binutils: apply RPATH fixes from our libtool patches
We don't autoreconf/libtoolize binutils as it has very strict requirements, so
extend our patching of the stock libtool to include two fixes to RPATH
behaviour, as part of the solution to ensure that native binaries don't have
RPATHs pointing at the host system's /usr/lib.
This generally doesn't cause a problem but it can cause some binaries (such as
ar) to abort on startup:
./x86_64-pokysdk-linux-ar: relocation error: /usr/lib/libc.so.6: symbol
_dl_starting_up, version GLIBC_PRIVATE not defined in file ld-linux.so.2 with
link time reference
The situation here is that ar is built and as it links to the host libc/loader
has an RPATH for /usr/lib. If tmp is wiped and then binutils is installed from
sstate relocation occurs and the loader changed to the sysroot, but there
remains a RPATH for /usr/lib. This means that the sysroot loader is used with
the host libc, which can be incompatible. By telling libtool that the host
library paths are in the default search path, and ensuring that all default
search paths are not added as RPATHs by libtool, the result is a binary that
links to what it should be linking to and nothing else.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
minor fixup Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Mon, 3 Oct 2016 14:16:30 +0000 (15:16 +0100)]
classes/native: set lt_cv_sys_lib_dlsearch_path_spec
This variable is used by libtool to know what paths are on the default loader
search path. As we have modified loader paths, native.bbclass can tell libtool
that both the sysroot libdir and the host library paths are searched, so no
RPATHs for those will be generated.
Ross Burton [Mon, 3 Oct 2016 14:16:29 +0000 (15:16 +0100)]
classes/cross: set lt_cv_sys_lib_dlsearch_path_spec
This variable is used by libtool to know what paths are on the default loader
search path. As we have modified loader paths, cross.bbclass can tell libtool
that both the sysroot libdir and the host library paths are searched, so no
RPATHs for those will be generated.
Paul Gortmaker [Fri, 17 Mar 2017 23:24:26 +0000 (19:24 -0400)]
file: update SRCREV for 5.25 to fix fetch fail on missing commit
Machines that cloned a while ago will have the commit, but new
deployments won't because it seems the upstream changed/rebased
and the old commit ID has been garbage-collected away. Hence
the fetch fails to check out the named commit ID.
Both the old (gone) commit, and the "new" commit show the same
dates and commit log and point at 5.25, so hopefully this is
the right thing to do. A git diff of the two seems to only show
a blanket uprev of CVS tags and deletion of a couple autogen'd
files, and no real source changes.
Bruce Ashfield [Tue, 30 Aug 2016 16:49:00 +0000 (12:49 -0400)]
perf: adapt to Makefile.config
commit 4842576cd857 [perf tools: Move config/Makefile into Makefile.config]
relocated the configuration Makefile of perf. As such, we need to adapt
our fixup routines to work with the Makefile no matter where it is.
This patch brings the last bit from meta-mentor for the perf
to build successfully with minnowmax BSP. The meta-mentor
commit for the same is:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-mentor/commit/meta-mentor-staging?id=a8db95c0d4081cf96915e0c3c4063a44f55e21cc
The previous fix:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-kernel/perf?id=ef942d6025e1a339642b10ec1e29055f4ee6bd46
was incomplete and was not submitted upstream. And due to that this change is required.
When built on minnowmax ( machine name: intel-corei7-64),
an error is noticed during the do_compile:
/home/sujith/codebench-linux-install-2015.12-133-i686-pc-linux-gnu/codebench/bin/i686-pc-linux-gnu-ld:
Relocatable linking with relocations from format elf64-x86-64
(/home/sujith/MEL/dogwood/build-minnowmax/tmp/work/intel_corei7_64-mel-linux/perf/1.0-r9/perf-1.0/fd/array.o)
to format elf32-i386 (/home/sujith/MEL/dogwood/build-minnowmax/tmp/work/intel_corei7_64-mel-linux/perf/1.0-r9/perf-1.0/fd/libapi-in.o)
is not supported
When built on an i686 host for qemux86-64 without the
fix to obey LD and it fails:
/scratch/dogwood/toolchains/x86_64/bin/i686-pc-linux-gnu-ld:
Relocatable linking with relocations from format elf64-x86-64
(/scratch/dogwood/perf-ld-test/build/tmp/work/qemux86_64-mel-linux/perf/1.0-r9/perf-1.0/fs/fs.o)
to format elf32-i386 (/scratch/dogwood/perf-ld-test/build/tmp/work/qemux86_64-mel-linux/perf/1.0-r9/perf-1.0/fs/libapi-in.o)
is not supported
This is because LD includes HOST_LD_ARCH, which contains TUNE_LDARGS,
which is -m elf32_x86_64 for x86_64. Without that, direct use of ld will fail.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base-files: fix profile error under < /dev/null
Previous attempts to constrain execution of `resize` to only TTYs did
not properly handle situations when `tty` would return the string "not a
tty". The symptom is "/etc/profile: line 34: test: too many arguments".
Fix this by utilizing the exit code of `tty`. Also use `case` instead of
`cut` to eliminate a subshell.
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
parselogs.py: Add disabling eDP error to x86_common whitelist
The NUC6 firmware tells the kernel to try and initialize an embedded
DisplayPort it does not have, causing this warning. Its harmless, so
just whitelist it.
and A has errors in parselogs, machine B can pick these up and cause
immense confusion. This is because the test transfers the log files
to cwd which is usually TOPDIR. This is clearly bad and this patch
uses a subdir of WORKDIR to ensure machines don't contaminate each
other.
Also ensure any previous logs are cleaned up from any existing
transfer directory.
parselogs.py: Ignore Skylake graphics firmware load errors on genericx86-64
These errors can't be fixed without adding the firmware to the initramfs
and building it into the kernel, which we don't want to do for
genericx86-64. Since graphics still work acceptably without the firmware
blobs, just ignore the errors for that MACHINE.
Richard Purdie [Fri, 19 Aug 2016 10:03:00 +0000 (11:03 +0100)]
parselogs: Ignore uvesafb timeouts
We're periodically seeing uvesafb timeouts on the autobuilder. Whitelist these
errors as there is little it seems we can do about them and we therefore
choose to ignore them rather than fail the builds.
[YOCTO #8245]
There is a better solution proposed in the bug with a -1 timeout however
this avoids failed builds until such times as that is implemented.
parselogs.py: Add amd_nb error to x86_common whitelist
This has always silently failed on hardware without AMD Northbridge,
and a recent kernel patch made it not silent. It would be ideal to only
whitelist the error for genericx86 MACHINEs and disable the CONFIG
option that enables it in intel-* MACHINEs, but in order to disable
this configuration option we would have to enable EXPERT and
DEBUG_KERNEL, which we don't want. Instead just whitelist it on all
x86 MACHINEs.
Merging the following patches into 4.4 and 4.8 to remove kernel
configuration warnings:
bbaf01752b01 meta-yocto-bsp: beaglebone: remove the stale kernel options 552a83790b17 features: Fix configcheck warnings in features used by intel-quark BSPs c33d9c2c575f features: Fix configcheck warnings in features used by intel-core* BSPs
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Droped the 4.8 kernel changes, 4.8 not supported Signed-off-by: Armin Kuster <akuster808@gmail.com>
Before standard/intel/* was created in the 4.1 and 4.4 kernel trees,
some patches were merged to standard/base to add features/support for
intel platforms.
While this isn't entirely bad, there have been some compile issues
reported in some configurations. Since we don't need these commits
on standard/base, we can relocate them to make standard/base upstream
clean.
This commit removes those patches from standard/base, and restores
then to the standard/intel/* branches.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied to manage merge conflicts. Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Hand applied to manage merge conflicts. Signed-off-by: Armin Kuster <akuster808@gmail.com>
We fail to compile simple CPP programs because CPP cannot
find relevant header files, looking for them in a non-existing place.
To fix this, we create a symlink of the name CPP expects and point it to
the corresponding existing directory.
Juro Bystricky [Mon, 29 Aug 2016 22:45:36 +0000 (15:45 -0700)]
gcc-runtime.inc: add CPP support for mips64-n32 tune
This patch fixes the problem where the CPP compiler cannot find include files.
The compiler is configured to look for the files in places that do not exist.
When querying the CPP for search paths, we observe messages such as these:
Markus Lehtonen [Fri, 14 Oct 2016 10:41:26 +0000 (13:41 +0300)]
rpm: prevent race in tempdir creation
This patch fixes an extramely rare race condition in creation of rpmdb
temporary directory. The "rpmdb-more-verbose-error-logging" patch is
still left in place, just for the case.
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
hand merged to apply against 2.26 Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ola x Nilsson <ola.x.nilsson@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ola x Nilsson <ola.x.nilsson@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Paul Eggleton [Tue, 11 Oct 2016 21:33:47 +0000 (10:33 +1300)]
classes/externalsrc: re-run do_configure when configure files change
If the user modifies files such as CMakeLists.txt in the case of cmake,
we want do_configure to re-run so that those changes can take effect. In
order to accomplish that, have a variable CONFIGURE_FILES which
specifies a list of files that will be put into do_configure's checksum
(either full paths, or just filenames which will be searched for in the
entire source tree). CONFIGURE_FILES then just needs to be set
appropriately depending on what do_configure is doing; for now I've set
this for autotools and cmake which are the most common cases.
Paul Eggleton [Tue, 26 Jul 2016 02:57:49 +0000 (14:57 +1200)]
recipetool: create: fix greedy regex that broke support for github tarballs
The regex here needs to be anchored to the end or it'll match longer
URLs, which was exactly what I was trying to avoid. This regression was
introduced in OE-Core revision 7998dc3597657229507e5c140fceef1e485ac402.
Paul Eggleton [Mon, 25 Jul 2016 08:47:17 +0000 (20:47 +1200)]
lib/oe/recipeutils: fix patch_recipe*() with empty input
If you supplied an empty file to patch_recipe() (or an empty list to
patch_recipe_lines()) then the result was IndexError because the code
checking to see if it needed to add an extra line of padding didn't
check to see if there were in fact any lines before trying to access the
last line.
Paul Eggleton [Wed, 6 Jul 2016 23:57:07 +0000 (11:57 +1200)]
recipetool: create: fix handling of github URLs
For a while now, Github hasn't been advertising a specific repository
URL since cloning the web URL with git works. Armed with this knowledge
and fully expecting people to just paste the github URL, we need to
handle this situation specially. If it looks like a github URL to the
root of a repository then treat it as a git repository instead of a
normal https URL to be fetched by the wget fetcher.
Paul Eggleton [Wed, 6 Jul 2016 23:57:11 +0000 (11:57 +1200)]
devtool: reset: allow reset to work if the recipe file has been deleted
We were attempting to open the recipe file unconditionally here - we
need to account for the possibility that the recipe file has been
deleted or moved away by the user.
Paul Eggleton [Wed, 6 Jul 2016 23:57:10 +0000 (11:57 +1200)]
devtool: update-recipe: fix --initial-rev option
In OE-Core revision 7baf57ad896112cf2258b3e2c2a1f8b756fb39bc I changed
the default update-recipe behaviour to only update patches for commits
that were changed; unfortunately I failed to handle the --initial-rev
option which was broken after that point. Rework how the initial
revision is passed in so that it now operates correctly.
Saul Wold [Mon, 10 Oct 2016 18:32:05 +0000 (11:32 -0700)]
archiver: fix gcc-source handling
The source archiver was not handling the gcc-source target correctly, since it uses the
work-shared directory, we don't want to unpack and patch it twice, just as the comments
say, but the code was not there to check for the gcc-source target.
binutils: fix AR issue when opkg is unpacking IPKs containing empty entries
* this patch is backported from 2.26.1 which is already in oe-core/master
since this patch:
commit 37e8b6ecf9f9163d7b5b3becdc2feba57df4838f
Author: Khem Raj <raj.khem@gmail.com>
Date: Thu Jul 7 11:08:29 2016 -0700
Subject: binutils: Upgrade to 2.26.1
multilib_header: avoid sstate checksum issues for -nativesdk recipes
Much as with -native recipes, as addressed in commit b15730caf0d4c40271796887505507f2501958bb, arch specific variables
like MIPSPKGSFX_ABI were affecting -nativesdk sstate checksums for
recipes like nativesdk-glibc-initial.
Disable multilib_header for nativesdk as we don't use multilibs in
this scenario.
Turkey switched from EET/EEST (+02/+03) to permanent +03,
effective 2016-09-07. (Thanks to Burak AYDIN.) Use "+03" rather
than an invented abbreviation for the new time.
New leap second 2016-12-31 23:59:60 UTC as per IERS Bulletin C 52.
(Thanks to Tim Parenti.)
Changes to past time stamps
For America/Los_Angeles, spring-forward transition times have been
corrected from 02:00 to 02:01 in 1948, and from 02:00 to 01:00 in
1950-1966.
For zones using Soviet time on 1919-07-01, transitions to UT-based
time were at 00:00 UT, not at 02:00 local time. The affected
zones are Europe/Kirov, Europe/Moscow, Europe/Samara, and
Europe/Ulyanovsk. (Thanks to Alexander Belopolsky.)
Changes to past and future time zone abbreviations
The Factory zone now uses the time zone abbreviation -00 instead
of a long English-language string, as -00 is now the normal way to
represent an undefined time zone.
Several zones in Antarctica and the former Soviet Union, along
with zones intended for ships at sea that cannot use POSIX TZ
strings, now use numeric time zone abbreviations instead of
invented or obsolete alphanumeric abbreviations. The affected
zones are Antarctica/Casey, Antarctica/Davis,
Antarctica/DumontDUrville, Antarctica/Mawson, Antarctica/Rothera,
Antarctica/Syowa, Antarctica/Troll, Antarctica/Vostok,
Asia/Anadyr, Asia/Ashgabat, Asia/Baku, Asia/Bishkek, Asia/Chita,
Asia/Dushanbe, Asia/Irkutsk, Asia/Kamchatka, Asia/Khandyga,
Asia/Krasnoyarsk, Asia/Magadan, Asia/Omsk, Asia/Sakhalin,
Asia/Samarkand, Asia/Srednekolymsk, Asia/Tashkent, Asia/Tbilisi,
Asia/Ust-Nera, Asia/Vladivostok, Asia/Yakutsk, Asia/Yekaterinburg,
Asia/Yerevan, Etc/GMT-14, Etc/GMT-13, Etc/GMT-12, Etc/GMT-11,
Etc/GMT-10, Etc/GMT-9, Etc/GMT-8, Etc/GMT-7, Etc/GMT-6, Etc/GMT-5,
Etc/GMT-4, Etc/GMT-3, Etc/GMT-2, Etc/GMT-1, Etc/GMT+1, Etc/GMT+2,
Etc/GMT+3, Etc/GMT+4, Etc/GMT+5, Etc/GMT+6, Etc/GMT+7, Etc/GMT+8,
Etc/GMT+9, Etc/GMT+10, Etc/GMT+11, Etc/GMT+12, Europe/Kaliningrad,
Europe/Minsk, Europe/Samara, Europe/Volgograd, and
Indian/Kerguelen. For Europe/Moscow the invented abbreviation MSM
was replaced by +05, whereas MSK and MSD were kept as they are not
our invention and are widely used.
Changes to zone names
Rename Asia/Rangoon to Asia/Yangon, with a backward compatibility link.
(Thanks to David Massoud.)
LICENSE file checksum changed do to a verbage change.
Changes to code
zic no longer generates binary files containing POSIX TZ-like
strings that disagree with the local time type after the last
explicit transition in the data. This fixes a bug with
Africa/Casablanca and Africa/El_Aaiun in some year-2037 time
stamps on the reference platform. (Thanks to Alexander Belopolsky
for reporting the bug and suggesting a way forward.)
If the installed localtime and/or posixrules files are symbolic
links, zic now keeps them symbolic links when updating them, for
compatibility with platforms like OpenSUSE where other programs
configure these files as symlinks.
zic now avoids hard linking to symbolic links, avoids some
unnecessary mkdir and stat system calls, and uses shorter file
names internally.
zdump has a new -i option to generate transitions in a
more-compact but still human-readable format. This option is
experimental, and the output format may change in future versions.
(Thanks to Jon Skeet for suggesting that an option was needed,
and thanks to Tim Parenti and Chris Rovick for further comments.)
Changes to build procedure
An experimental distribution format is available, in addition
to the traditional format which will continue to be distributed.
The new format is a tarball tzdb-VERSION.tar.lz with signature
file tzdb-VERSION.tar.lz.asc. It unpacks to a top-level directory
tzdb-VERSION containing the code and data of the traditional
two-tarball format, along with extra data that may be useful.
(Thanks to Antonio Diaz Diaz, Oscar van Vlijmen, and many others
for comments about the experimental format.)
The release version number is now more accurate in the usual case
where releases are built from a Git repository. For example, if
23 commits and some working-file changes have been made since
release 2016g, the version number is now something like
'2016g-23-g50556e3-dirty' instead of the misleading '2016g'.
Official releases uses the same version number format as before,
e.g., '2016g'. To support the more-accurate version number, its
specification has moved from a line in the Makefile to a new
source file 'version'.
The experimental distribution contains a file to2050.tzs that
contains what should be the output of 'zdump -i -c 2050' on
primary zones. If this file is available, 'make check' now checks
that zdump generates this output.
'make check_web' now works on Fedora-like distributions.
Changes to documentation and commentary
tzfile.5 now documents the new restriction on POSIX TZ-like
strings that is now implemented by zic.
Comments now cite URLs for some 1917-1921 Russian DST decrees.
(Thanks to Alexander Belopolsky.)
tz-link.htm mentions JuliaTime (thanks to Curtis Vogt) and Time4J
(thanks to Meno Hochschild) and ThreeTen-Extra, and its
description of Java 8 has been brought up to date (thanks to
Stephen Colebourne). Its description of local time on Mars has
been updated to match current practice, and URLs have been updated
and some obsolete ones removed.
Davis, Michael [Wed, 28 Sep 2016 18:36:41 +0000 (18:36 +0000)]
pulseaudio: Disable unit tests
Pulseaudio unit tests create a dependency on check not in the recipe.
Since unit tests are not used they are disabled to eliminate build race condition.
Signed-off-by: Michael Davis <michael.davis@essvote.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Richard Purdie [Wed, 5 Oct 2016 07:55:11 +0000 (08:55 +0100)]
pigz: Update SRC_URI
Upstream have released a new tarball and removed the old one. Revert to
the Yocto Project source mirror instead, preserving the upstream version
check.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 29 Sep 2016 01:27:35 +0000 (21:27 -0400)]
useradd: Fix infinite build loop
http://git.openembedded.org/openembedded-core-contrib/commit/?id=642c6cf0b6a0371de476513162bd0cefa9c438b3
introduces a problem if the USERADD_PARAM variable has trailing
whitespace as the code infinitely loops causing build hangs.
Add a similar sed expression to $remaining to avoid this.
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Wed, 18 May 2016 04:20:15 +0000 (21:20 -0700)]
useradd.bbclass: Strip trailing ';' in cmd params
When there are more than 1 packages in a recipe requiring useradd
services, they are concatnated and a ';' is inserted just after
each of the users being added by the packages. A situation arises
in cases where this is controlled by PACKAGECONFIG then we add a
';' separator in the USERADD_PARAM value itself for each packagecofig
since we do not know which one will be picked, we end up in situation
where the final string returned from get_all_cmd_params() appears to be
a; ; b; c;
and then the logic which uses these cmds triggers with ';' as separator
but in this case it will fail after executing useradd 'a' because the next
cmd it will call will be just a whitespace
This is highlighted by the systemd patch to add more users as needed
by systemd 229 components.
Martin Jansa [Wed, 18 May 2016 09:57:33 +0000 (11:57 +0200)]
useradd: use bindir_native for pseudo PATH
* useradd/userdel functions will fail for recipes which override their target prefix
(e.g. to /opt/foo), because it will try to use pseudo from native-sysroot/opt/foo/bin/pseudo
Zhixiong Chi [Thu, 22 Sep 2016 07:54:27 +0000 (15:54 +0800)]
wpa_supplicant: Security Advisory-CVE-2016-4477
Add CVE-2016-4477 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/
Zhixiong Chi [Thu, 22 Sep 2016 07:54:20 +0000 (15:54 +0800)]
wpa_supplicant: Security Advisory-CVE-2016-4476
Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase
parameters, which allows remote attackers to cause a denial of service
(daemon outage) via a crafted WPS operation.
Patches came from http://w1.fi/security/2016-1/
python3: Fixes several python3 dependency problems
This patch adds the packages python3-signal, python3-enum and python3-selectors,
while it also fixes python3-subprocess which in turn fix the installation of
python3-modules
Jussi Kukkonen [Thu, 8 Sep 2016 13:35:31 +0000 (16:35 +0300)]
tiff: Update download URL
remotesensing.org domain has been taken over by someone unrelated.
There does not seem to be an up-to-date tiff homepage, but
osgeo.org is a reliable download site.
pre-5.25.0 perl by default tries to link to an antiquated libnm (new
math) which is not used anymore since the early 1990's. After 2014
another libnm appeared for NetworkManager causing build failures.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Bill Randle [Sat, 4 Jun 2016 22:45:03 +0000 (15:45 -0700)]
perl: fix several perl test failures
Several ExtUtils-MakeMaker tests fail when cross-compiled and run on
the target machine. Backport an upstream patch to fix the issues. Also
update the customized.dat hash file for the files modified by this patch
and other existing patches so the porting/customized.t test passes.
Bill Randle [Sat, 4 Jun 2016 22:45:01 +0000 (15:45 -0700)]
perl: set proper perl subversion number in config files
During the upgrade from Perl 5.22.0 to 5.22.1 in commit f4c9908eae1ae3dcc38877abe2d5fbeb46851dd4 the config.sh file was hand edited
to change the subversion numbers. However, the edit was not entirely
correct. As a result the Perl version test failed. Set the correct
version strings.
Sona Sarmadi [Wed, 14 Sep 2016 12:34:38 +0000 (14:34 +0200)]
dropbear: upgrade to 2016.72
The upgrade addresses CVE-2016-3116:
- Validate X11 forwarding input. Could allow bypass of
authorized_keys command= restrictions,
found by github.com/tintinweb.
Thanks for Damien Miller for a patch. CVE-2016-3116
