Richard Purdie [Tue, 6 May 2014 13:48:37 +0000 (14:48 +0100)]
ptest: Work from PTEST_ENABLED, not DISTRO_FEATURES
Some classes of recipe disable ptest even though its in DISTRO_FEATURES
(e.g. nativesdk). We shouldn't attempt to build ptest packages when
its disabled. This replaces some DISTRO_FEATURE checks with PTEST_ENABLED
checks instead.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Richard Purdie [Fri, 30 May 2014 12:32:54 +0000 (13:32 +0100)]
gcc: Clean up configure_prepend and fix for mingw
The do_configure_prepend was duplicated in gcc-4.X.inc and
gcc-configure-common.inc leading to confusion when reading the resulting
do_configure task where the file was processed twice.
The only difference was the removal of the include line for gcc 4.8/4.9.
On mingw were were seeing two issues, firstly that the if statements meant
the values we wanted weren't being set, the second that the include
paths were still wrong as there was no header path set.
To fix the first issue, the #ifdef conditionals were removed, we want
to set these things unconditionally. The second issue is addressed by
setting the NATIVE_SYSTEM_HEADER_DIR variable here (it was already
set in t-oe).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chong Lu [Tue, 8 Apr 2014 03:30:56 +0000 (11:30 +0800)]
dbus: fix a hard dependency about dbus-ptest
If image contains dbus and ptest is in DISTRO_FEATURES, dbus-ptest package
is installed, regardless of whether ptest-pkgs is in IMAGE_FEATURES. This
issue will increase size for most small images.
This patch fixes this problem.
Richard Purdie [Tue, 10 Jun 2014 16:32:16 +0000 (17:32 +0100)]
rpm: Fix cpio 32 bit overflow issues on 64 bit inode filesystems
When building on XFS filesystems, the resulting rpms can be corrupted
with the same inode number being used for multiple hardlinked files.
There are two fixes, one to stop rpm crashing when accessing a broken
binary rpm, the other to stop generating them in the first places. Full
descriptions in the patch headers.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 9 Jun 2014 15:51:19 +0000 (16:51 +0100)]
openssl: fix CVE-2014-0224
http://www.openssl.org/news/secadv_20140605.txt
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak
keying material in OpenSSL SSL/TLS clients and servers. This can be exploited
by a Man-in-the-middle (MITM) attack where the attacker can decrypt and
modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client *and*
server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers
are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users
of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Paul Eggleton [Mon, 9 Jun 2014 15:51:17 +0000 (16:51 +0100)]
openssl: use upstream fix for CVE-2014-0198
This replaces the fix for CVE-2014-0198 with one borrowed from Fedora,
which is the same as the patch which was actually applied upstream for
the issue, i.e.:
Paul Eggleton [Mon, 9 Jun 2014 15:51:16 +0000 (16:51 +0100)]
openssl: fix CVE-2014-0195
From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments
to an OpenSSL DTLS client or server. This is potentially exploitable to
run arbitrary code on a vulnerable client or server.
Only applications using OpenSSL as a DTLS client or server affected.
(Patch borrowed from Fedora.)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-connectivity/openssl/openssl_1.0.1g.bb
Saul Wold [Fri, 6 Jun 2014 00:09:02 +0000 (17:09 -0700)]
update-rc.d/useradd: Add additional dependecies
These dependcies are needed to ensure that thier packages are created
correctly since these classes have runtime dependiences in their packages
but they are not actually created yet at rootfs time.
Chen Qi [Wed, 4 Jun 2014 09:47:08 +0000 (17:47 +0800)]
systemd: update a uclibc specific patch to avoid segment fault
The alloca() function allocates space in the stack frame of the caller,
so using alloca(new_size - old_size) would possibly crash the stack,
causing a segment fault error.
This patch fixes the above problem by avoiding using this function in
journal-file.c.
Richard Purdie [Tue, 3 Jun 2014 12:51:24 +0000 (12:51 +0000)]
image_types: Fix ubi filesystem return codes
If the first command returns an error, it will not cause the image generation
step to fail. Simply split up the statement into multiple lines to avoid
this issue, they no longer need to be one line expressions.
Richard Purdie [Mon, 2 Jun 2014 20:08:34 +0000 (21:08 +0100)]
sanity.bbclass: Add libsdl-native check
If libsdl-native is in ASSUME_PROVIDED, check for it in the sanity tests.
This warns the user if they've said its being provided but it isn't and
prevents silent build issues.
Richard Purdie [Tue, 3 Jun 2014 09:09:22 +0000 (09:09 +0000)]
libfm: Ensure m4 directory exists
configure.ac references the m4 directory so things like gtkdocize
will try and place m4 files there. We need to ensure the directory
exists or the builds can fail.
Cristian Iorga [Fri, 30 May 2014 17:11:11 +0000 (20:11 +0300)]
v86d: fix for SeaBIOS VGA BIOS compatibility
This fixes a compatibility issue between v86d
and SeaBIOS VGA BIOS where the leal instruction
is not decoded properly. Read the
http://thread.gmane.org/gmane.comp.emulators.qemu/271806
thread for more details.
Patch taken from upstream.
Saul Wold [Thu, 29 May 2014 22:00:54 +0000 (15:00 -0700)]
util-linux: add sulogin to alternatives list
sulogin is provided by both busybox in /sbin/sulogin and util-linux provides one
in /usr/sbin/sulogin, so move util-linux's to sbin and setup ALTERNATIVE_LINK.
Dan McGregor [Fri, 30 May 2014 21:39:48 +0000 (15:39 -0600)]
gzip: Avoid host contamination during build
On systems with /bin and /usr/bin merged the gzip recipe may find grep
in /usr/bin, while OE puts it in /bin. Force the recipe to find grep in
the correct place.
Richard Purdie [Fri, 30 May 2014 12:31:47 +0000 (13:31 +0100)]
classextend: Fix crosssdk remapping for multilib
Multilib builds only require one crosssdk toolchain. We therefore shouldn't
be remapping crosssdk names. This resolves build failures looking for
weird multilib crosssdk toolchains.
combo-layer: fix revlist taking into account file_filter
If file_filter is set, git format-patch takes account but git rev-list
does not. So revlist is going to get with wrong revisions. And last_revision
will be updated with wrong revision. The next time that user run
combo-layer it complain about applying patches.
So ensure that 'git rev-list' are using file_filter as 'git format-patch'.
Chen Qi [Thu, 29 May 2014 01:50:53 +0000 (09:50 +0800)]
update-rc.d: fix to handle priority numbers correctly
The update-rc.d treated priority numbers begin with '0' as octal
numbers. This led to problems of update-rc.d being unable to handle
priorities like '08' or '09' correctly.
Saul Wold [Fri, 6 Jun 2014 00:09:05 +0000 (17:09 -0700)]
fontconfig: enable 64 bit file support
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Fri, 6 Jun 2014 00:09:04 +0000 (17:09 -0700)]
freetype: enable 64 bit file support
When running 32bit code on a large filessytem with 64bit inodes, the
fontcache was not being created correctly because an EOVERFLOW was being
returned from the fstat when reading the 64 inode on a 32bit system.
The fontcache is created at rootfs time on the host system via qemu.
[YOCTO #6338]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 28 Apr 2014 03:12:34 +0000 (11:12 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0849
The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via a
crafted (1) width or (2) height dimension that is not a multiple of
sixteen in id RoQ video data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 13:02:51 +0000 (21:02 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0850
The decode_slice_header function in libavcodec/h264.c in FFmpeg before
1.1 allows remote attackers to have an unspecified impact via crafted
H.264 data, which triggers an out-of-bounds array access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:24:18 +0000 (20:24 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0856
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted Apple
Lossless Audio Codec (ALAC) data, related to a large nb_samples value.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 12:04:19 +0000 (20:04 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0854
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via crafted MJPEG data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:51:12 +0000 (19:51 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via crafted
Electronic Arts Madcow video data, which triggers an out-of-bounds array
access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 11:44:28 +0000 (19:44 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0858
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before
1.0.4 allows remote attackers to have an unspecified impact via ATRAC3
data with the joint stereo coding mode set and fewer than two channels.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:37:10 +0000 (15:37 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0852
The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg
before 1.1 allows remote attackers to have an unspecified impact via
crafted RLE data, which triggers an out-of-bounds array access.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 07:10:15 +0000 (15:10 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0845
libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to
have an unspecified impact via a crafted block length, which triggers an
out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Sun, 27 Apr 2014 03:56:19 +0000 (11:56 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0868
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers
to have an unspecified impact via crafted Huffyuv data, related to an
out-of-bounds write and (1) unchecked return codes from the init_vlc
function and (2) len==0 cases.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Fri, 25 Apr 2014 08:26:00 +0000 (16:26 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2099
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before
2.1.4 does not properly calculate line sizes, which allows remote
attackers to cause a denial of service (out-of-bounds array access) or
possibly have unspecified other impact via crafted Microsoft RLE video
data.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:58:29 +0000 (18:58 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood
Studios VQA Video file, which triggers an out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 10:38:34 +0000 (18:38 +0800)]
gst-ffmpeg: fix for Security Advisory CVE-2014-2263
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB)
muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,
allows remote attackers to have unspecified impact and vectors, which
trigger an out-of-bounds write.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 07:00:38 +0000 (15:00 +0800)]
openssl: fix for CVE-2010-5298
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL
through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote
attackers to inject data across sessions or cause a denial of service
(use-after-free and parsing error) via an SSL connection in a
multithreaded environment.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 19 May 2014 06:32:13 +0000 (14:32 +0800)]
tiff: fix for Security Advisory CVE-2013-4231
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers
to cause a denial of service (out-of-bounds write) via a crafted (1)
extension block in a GIF image or (2) GIF raster image to
tools/gif2tiff.c or (3) a long filename for a TIFF image to
tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which
states that the input cannot exceed the allocated buffer size.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4231Multiple
buffer overflows in libtiff before 4.0.3 allow remote attackers to cause
a denial of service (out-of-bounds write) via a crafted (1) extension
block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3)
a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1
and 3 are disputed by Red Hat, which states that the input cannot exceed
the allocated buffer size.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Li Wang [Mon, 19 May 2014 05:42:53 +0000 (13:42 +0800)]
nss: CVE-2013-1740
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
https://bugzilla.mozilla.org/show_bug.cgi?id=919877
https://bugzilla.mozilla.org/show_bug.cgi?id=713933
changeset: 10946:f28426e944ae
user: Wan-Teh Chang <wtc@google.com>
date: Tue Nov 26 16:44:39 2013 -0800
summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
changeset: 10945:774c7dec7565
user: Wan-Teh Chang <wtc@google.com>
date: Mon Nov 25 19:16:23 2013 -0800
summary: Bug 713933: Declare the |falseStart| local variable in the smallest
changeset: 10848:141fae8fb2e8
user: Wan-Teh Chang <wtc@google.com>
date: Mon Sep 23 11:25:41 2013 -0700
summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
changeset: 10898:1b9c43d28713
user: Brian Smith <brian@briansmith.org>
date: Thu Oct 31 15:40:42 2013 -0700
summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Thu, 8 May 2014 10:16:24 +0000 (18:16 +0800)]
subversion: fix for Security Advisory CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:22:17 +0000 (15:22 +0800)]
subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21
and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of
service (NULL pointer dereference and crash) via a LOCK on an activity URL.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20
and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via an anonymous LOCK for a URL that does
not exist.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 05:21:25 +0000 (13:21 +0800)]
subversion: fix for Security Advisory CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 07:57:31 +0000 (15:57 +0800)]
subversion: fix for Security Advisory CVE-2013-4131
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause
a denial of service (assertion failure or out-of-bounds read) via a
certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision
root.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Tue, 15 Apr 2014 02:49:03 +0000 (10:49 +0800)]
subversion: fix for Security Advisory CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yue Tao [Mon, 14 Apr 2014 05:01:16 +0000 (13:01 +0800)]
screen: fix for Security Advisory CVE-2009-1215
Race condition in GNU screen 4.0.3 allows local users to create or
overwrite arbitrary files via a symlink attack on the
/tmp/screen-exchange temporary file.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/screen/screen_4.0.3.bb
Yue Tao [Mon, 14 Apr 2014 04:41:17 +0000 (12:41 +0800)]
Screen: fix for Security Advisory CVE-2009-1214
GNU screen 4.0.3 creates the /tmp/screen-exchange temporary file with
world-readable permissions, which might allow local users to obtain
sensitive session information.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-extended/screen/screen_4.0.3.bb
Chen Qi [Tue, 13 May 2014 07:46:27 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and
earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking
by presenting an unacceptable HostCertificate.
Chen Qi [Tue, 13 May 2014 07:46:26 +0000 (15:46 +0800)]
openssh: fix for CVE-2014-2532
sshd in OpenSSH before 6.6 does not properly support wildcards on
AcceptEnv lines in sshd_config, which allows remote attackers to
bypass intended environment restrictions by using a substring located
before a wildcard character.
Joe Slater [Mon, 12 May 2014 18:54:04 +0000 (11:54 -0700)]
qemu: define PACKAGECONFIG[] for ssh2
qemu configure will search for libssh2 if we do not enable or
disable it's use, resulting in non-deterministic builds. We
define PACKAGECONFIG[] to avoid this.
Chen Qi [Tue, 13 May 2014 02:54:26 +0000 (10:54 +0800)]
gdb: add PACKAGECONFIG for babeltrace
Add PACKAGECONFIG for 'babeltrace' so that we don't have the implicit
dependency which might lead to problems when building images.
As an example of showing what problem we might have without this patch,
see the following steps which would lead to a failure.
1. IMAGE_INSTALL_append = " gdb"
2. bitbake babeltrace
3. bitbake gdb
4. bitbake babeltrace -ccleansstate
5. bitbake core-image-minimal
The rootfs process would fail with the following error message.
error: Can't install gdb-7.7-r0@i586: no package provides babeltrace >= 1.2.1+git0+66c2a20b43
Richard Purdie [Mon, 12 May 2014 10:04:26 +0000 (11:04 +0100)]
git: Fix various makefile flags
We need to pass CFLAGS and LDFLAGS to the makefile correctly so we
need to list them as part of EXTRA_OEMAKE.
We also have a problem where git hardlinks binaries in bindir with
those in its libexecdir. If we change the RPATH in one of them, it
breaks the other. We therefore set the no cross dir hardlinking flag
git already has for this kind of issue. This ensures the RPATHS for
the git-core binaries works correctly. Its pure luck this has
sometimes worked so far.
Koen Kooi [Tue, 13 May 2014 10:16:29 +0000 (12:16 +0200)]
ca-certificates: generate CAfile for -native in do_install
Git-replacement-native needs the generated files in place for https:// URIs:
WARNING: Failed to fetch URL git://github.com/kernelslacker/trinity.git;protocol=https, attempting MIRRORS if available
ERROR: Fetcher failure: Fetch command failed with exit code 128, output:
Cloning into bare repository '/build/linaro/build/build/downloads/git2/github.com.kernelslacker.trinity.git'...
fatal: unable to access 'https://github.com/kernelslacker/trinity.git/': error setting certificate verify locations:
CAfile: /build/linaro/build/build/tmp-eglibc/sysroots/x86_64-linux/etc/ssl/certs/ca-certificates.crt
CApath: none
ERROR: Function failed: Fetcher failure for URL: 'git://github.com/kernelslacker/trinity.git;protocol=https'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /build/linaro/build/build/tmp-eglibc/work/aarch64-oe-linux/trinity/1.3-r0/temp/log.do_fetch.7843
ERROR: Task 1378 (/build/linaro/build/meta-linaro/meta-linaro/recipes-extra/trinity/trinity_1.3.bb, do_fetch) failed with exit code '1'
Tudor Florea [Mon, 5 May 2014 22:40:11 +0000 (00:40 +0200)]
curl: remove inapporpriate file from curl release
This is the adaptation for the a bugfix upstream
The inappropriate file src/tool_hugehelp.c presence in the curl 7.36 release
interfered with the upstream fix for
https://sourceforge.net/p/curl/bugs/1350/
Ross Burton [Wed, 14 May 2014 10:13:19 +0000 (11:13 +0100)]
freetype: disable harfbuzz
Freetype has an automatically detected dependency on Harfbuzz, which has a
dependency on Freetype.
To produce deterministic builds and avoid link failures when rebuilding freetype
with harfbuzz present add a PACKAGECONFIG for Harfbuzz and disable it by
default.
Chong Lu [Thu, 15 May 2014 08:54:32 +0000 (16:54 +0800)]
syslinux-native: fix parallel building issue
There might be an error when parallel build:
[snip]
cp: cannot create directory `tmp/sysroots/x86_64-linux/usr/share/
syslinux/com32/include/gplinclude': No such file or directory
make[4]: *** [install] Error 1
make[3]: *** [gpllib] Error 2
[snip]
This is a potential issue. In ${S}/com32/gpllib/Makefile file,
install target wants to copy $(SRC)/../gplinclude to
$(INSTALLROOT)$(COM32DIR)/include/ directory, but in ${S}/com32/lib/Makefile
file, the install target will remove $(INSTALLROOT)$(COM32DIR)/include
directory. We need to do com32/lib first.
The patch make com32/gpllib depends on com32/lib to fix this issue.
Chen Qi [Mon, 19 May 2014 08:03:28 +0000 (16:03 +0800)]
runqemu-internal: add "console=ttyS0" to ramfs image kernel parameters
We need this kernel command parameter so that when we start a ramfs
image, we can actually get some output. Although we can make this
happen by specifying the 'bootparams' for the 'runqemu' command, it's
better to make this the default behaviour.
Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Mon, 16 Dec 2013 13:14:51 +0000 (14:14 +0100)]
gtk+: Add PACKAGECONFIG for directfb
* building without x11 doesn't work, because it sets default
gdkbackend to x11 and then requires cairo-xlib to be available
* checking for CAIRO_BACKEND... no
configure: error: Package requirements (cairo-xlib >= 1.6) were not met:
No package 'cairo-xlib' found
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-multimedia/gstreamer/gst-plugins-good_0.10.31.bb
Martin Jansa [Sun, 11 May 2014 06:48:10 +0000 (08:48 +0200)]
gstreamer1.0-plugins-good: add libxfixes and libxdamange to x11 depends
* fixes following issue in test-dependencies report:
gstreamer1.0-plugins-good/gstreamer1.0-plugins-good-ximagesrc/latest lost dependency on libxdamage
Richard Purdie [Tue, 6 May 2014 12:50:55 +0000 (12:50 +0000)]
attr: Fix uclibc builds
attr needs libintl headers and libs. Add in the missing dependency and
ensure the linker flag gets passed in multilib builds by replacing the
PN == BPN check with a class-target override instead.
Maxin B. John [Wed, 7 May 2014 12:24:15 +0000 (14:24 +0200)]
libxml2: fix CVE-2014-0191
It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A remote attacker could provide a
specially-crafted XML file that, when processed, would lead to the
exhaustion of CPU and memory resources or file descriptors.
Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Function buildhistory_list_installed_image fails with error "Argument
list too long". This patch uses a temporal file to pass the package list
to opkg-query-helper.py
ERROR: Function failed: buildhistory_list_installed_image
ERROR: Logfile of failure stored in: /var/lib/jenkins/jobs/qt5022-cesium/workspace/build/tmp/work/qt5022-poky-linux/qimage-dev/1.0-r0/temp/log.do_rootfs.16747
NOTE: recipe qimage-dev-1.0-r0: task do_rootfs: Failed
ERROR: Task 7 (/var/lib/jenkins/jobs/qt5022-cesium/workspace/repo/yocto/../qtec/meta-qt5022/recipes-core/images/qimage-dev.bb, do_rootfs) failed with exit code '1'
NOTE: Tasks Summary: Attempted 4999 tasks of which 30 didn't need to be rerun and 1 failed.
NOTE: Writing buildhistory
Auto packing the repository for optimum performance.
Summary: 1 task failed:
/var/lib/jenkins/jobs/qt5022-cesium/workspace/repo/yocto/../qtec/meta-qt5022/recipes-core/images/qimage-dev.bb, do_rootfs
Summary: There were 74 WARNING messages shown.
Summary: There were 2 ERROR messages shown, returning a non-zero exit code.
Richard Purdie [Tue, 6 May 2014 13:49:50 +0000 (14:49 +0100)]
libiconv: Fix B != S with uclibc builds
Without this, uclibc builds fail with libtool version mismatches. The issue
is that we need to remove the files in ${S}, not ${B} which is now
the default after the B != S change.
Chen Qi [Tue, 6 May 2014 07:53:12 +0000 (15:53 +0800)]
mmc-utils: fix compilation failure for mips64 target.
This patch fixes mmc-utils compilation failure for qemumips64.
Remove the 'include <asm-generic/int-ll64.h>' line from mmc.h,
because this file is automatically included if _MIPS_SZLONG
is not 64, otherwise, <asm-generic/int-l64.h> is included.
Expicitly including <asm-generic/int-ll64.h> will cause the
compilation failure for mips64 target.
Maxin B. John [Tue, 6 May 2014 00:53:34 +0000 (02:53 +0200)]
openssl: fix CVE-2014-0198
A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.
Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tyler Hall [Mon, 5 May 2014 00:06:43 +0000 (20:06 -0400)]
python3: Revert python-config to distutils.sysconfig
The newer sysconfig module shares some code with distutils.sysconfig,
but the same modifications as in
12-distutils-prefix-is-inside-staging-area.patch
makes distutils.sysconfig affect the native runtime as well as cross
building. Use the old, patched implementation which returns paths in
the staging directory and for the target, as appropriate.
This change reverts this upstream patch
http://hg.python.org/cpython/diff/712970b019f7/Misc/python-config.in
Tyler Hall [Sun, 4 May 2014 22:37:50 +0000 (18:37 -0400)]
python3: Substitute correct python version in shebang
If python2 and python3 are both available, scripts that are subject to
this substitution can possibly run with the wrong python version.
python3-config is one such script.
Radek Dostal [Mon, 5 May 2014 07:38:22 +0000 (09:38 +0200)]
distutils.bbclass: only modify *.py file if it contains path to be removed
Currently sed command touches every single *.py file. This modifies the
timestamp of the file. All *.pyo files will be recompiled during the first
boot, because timestamp will not match. This should be only necessary if
sed command changes the file.
Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
