The new library needs to be put in a specific package, or rootfs
generation fails as:
,----[ Error in rootfs generation ]
| Updating cache... ########################### [100%]
| Computing transaction...error: Can't install
| libclutter-1.0-0-1.18.2-r0@cortexa9hf_vfp_neon_mx6: unable to
| install provider for libcogl-path.so.20:
| error: libcogl-path20-1.18.2-r0@cortexa9hf_vfp_neon_mx6 is
| conflicted by libcogl20-1.18.2-r0@cortexa9hf_vfp_neon_mx6
`----
Upstream split this library out from libcogl20.so, sothe libcogl package
no longer gets renamed to libcogl20 as it contains multiple libraries.
(From OE-Core rev: 9d63188950ecd1877adf1e40de1ca1928729d866)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We have an open bug about the warnings issues in builds from an sstate
cache when something like glib-2.0 gets rebuilt. The issue is that
sstate is "clever" and prunes unneeded dependencies out the tree.
For example is X depends on pkgconfig-native but we've already build X
and installed it from sstate, it will not get installed when you build Y
which depends on X.
This patch changes the logic to match the sstate behaviour and prune out
unnecessary dependencies from the scope of aclocal. This in turn removes
the warning about missing manifest files.
The issue is that this patch exposes holes in our DEPENDS in recipes,
specifically that some native tools are not listed, specifically, and
problematically, pkgconfig, gtk-doc and intltool-native in particular.
I've sent out patches against OE-Core that address the bulk of the
issues there however I'm conscious this is probably going to a bug issue
in other layers and may be too annoying to consider at this point. The
other alternative is simply to turn the warning into a debug statement.
I appreciate the code below has commented blocks, this is simply debug
I've left around for now. It will be cleaned from any final version.
(From OE-Core rev: 6d2dc279faa8b28a00895dc6a620d80e2dbac685)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://bugs.python.org/issue21529
Python 2 and 3 are susceptible to arbitrary process memory reading by
a user or adversary due to a bug in the _json module caused by
insufficient bounds checking.
The sole prerequisites of this attack are that the attacker is able to
control or influence the two parameters of the default scanstring
function: the string to be decoded and the index.
The bug is caused by allowing the user to supply a negative index
value. The index value is then used directly as an index to an array
in the C code; internally the address of the array and its index are
added to each other in order to yield the address of the value that is
desired. However, by supplying a negative index value and adding this
to the address of the array, the processor's register value wraps
around and the calculated value will point to a position in memory
which isn't within the bounds of the supplied string, causing the
function to access other parts of the process memory.
(From OE-Core rev: 9ec213bf67afbdfdbe25802ec86487bb22aeb2e4)
Signed-off-by: Benjamin Peterson <benjamin@python.org>
Applied to python-native recipe in order to fix the above mentioned
vulnerability.
Upstream-Status: Submitted
Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.Per: http://cwe.mitre.org/data/definitions/787.html
(From OE-Core rev: 191cab2f679491c2b6ddba49c5cf4886dcd22f57)
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In subdir 'gcc', Most C source files included config.h which was
generated by a rule. But no related prerequisites was added to
the C source compiling rule. There was potential building failure
while makefile enabled parallel.
The C source compiling rule used suffix rule '.c.o', but the suffix
rule doesn't support prerequisites.
https://www.gnu.org/software/make/manual/html_node/Suffix-Rules.html
We used the pattern rule '%.o : %.c' to instead, and add the config.h
as its prerequisite
We also moved the '%.o : %.c' rule down to the 'build/%.o :' rule, which
makes '%.o : %.c' rule doesn't override 'build/%.o :'.
[YOCTO #6568]
(From OE-Core rev: 86c2483f0fe05fb763d280ae22d70e54cb4bb0bc)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
head -n1 can be done using sed.
(From OE-Core rev: 38d50331acbc1e279449ae6b313ff0116b6c44e8)
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The modules that use skipModule should import it themselves and not rely on somebody else to import it.
(From OE-Core rev: 6a14db407d471e717f41342ac0700e6a383c32c3)
Signed-off-by: Lucian Musat <georgex.l.musat@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In order to make the test skipping decorators independent of the oeTest object we rely on the unittest result object to construct skip, fail and error lists used by these decorators.
Created a new object getResults that analyses upper frames and retrieves the unittest result object instance, then return a list of failed, skipped and error tests.
Also removed the oetest import from decorators.py because it was no longer required.
(From OE-Core rev: 4d2d201158236bd4c72546cf8db88681ff921b11)
Signed-off-by: Lucian Musat <georgex.l.musat@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This class defines a package_name_hook implementation but as EXPORT_FUNCTIONS is
order-dependent it needs to inherit package.bbclass first to ensure that the
"base" definition in there is defined first, otherwise with a suitable inherit
order of debian and then a packaging class can result in the stub
package_name_hook being incorrectly used.
(From OE-Core rev: 3aa52f85e774bf82e8470a8fd849bd6953930720)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
While glibc/eglibc looks for the time zone in /etc/localtime, other libc
alternatives (e.g. uclibc) may look for it in /etc/TZ. If /etc/TZ
exists, don't fall back to setting TZ to "UTC" in /etc/profile.
(From OE-Core rev: a69c3ba99be1502c50d3d1eb9ff66f135884ed76)
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Many GNOME packages are using their InstalledTests pattern, where the test suite
can be trivially installed. To avoid repeating the same logic over and over,
add a class to encapsulate this.
(From OE-Core rev: 6a66fadbd7d7675c61c342f9c338edbdedf8b92c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Also remove outdated (~1.2.99.5) git recipe that was never used.
(From OE-Core rev: de36faa2a6a7c7a379807d69fa07a04a4c878ff8)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
MULTILIB_OPTIONS takes the parameters which trigger a given multilib to be
selected. It supports *one* option per multilib, '/' separated. Spaces
separate options used to generate additional multilib combinations.
Adding in all of CFLAGS to this is therefore clearly a really bad idea
but how do we fix things?
The best option I've come up with so far is a list of whitelist variables
to use to trigger the multilibs. Its populated with the standard multilibs
we support, anyone setting up an advanced multilib can populate the variable
with the correct trigger parameters.
This has the advantage of simplifying the code and allowing us to remove
the code filtering blocks since there is no longer option duplication. Testing
after this change shows a much improved sdk toolchain functionality.
(From OE-Core rev: 29202cd1b9d2e5d56e5b9f7a596e44e229c90492)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Variables like RDEPENDS can contain EXTENDPKGV which in turn uses AUTOPR
based values. This gets set during do_package execution so we want to
defer expansion until then. The only way we can do this in the RDEPENDS
(and friends) mapping code is to subsitute a dummy value, then change it
back again. Horrible but I can't see any other way.
This resolves multilib build failures with inconsistent PR values.
(From OE-Core rev: 5aea553e6eaa3b9647f26944976d2a9da79cba42)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A while back we fixed the cross definitions to work better in multilib
configurations, apply the same fixes to cross-candian.bbclass
(From OE-Core rev: 4544b7f1d0abd1b1efd74da430f1ddedf3fdbd1d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Most people expect the toolchain from a multilib build to contain multilib
components. This change makes that happen and is easy for users to override
should they want something different.
(From OE-Core rev: 396371588c7fd2d691ca9c39cd02287e43cb665b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The so files installed under ${libdir}/bellagio are not versioned and should
be installed without version-based symlinks so that omxregister-bellagio
can properly find and register them.
(From OE-Core rev: 3846b1ec782ba0cc64d389d03116743208e2383f)
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The previous version of this fix was too aggressive and removed
versioning from too many of the .so files in the libomxil package.
This reverts commit 0ef3734c2f.
(From OE-Core rev: b76d254db92d9c08e8d5d41becb2e60178cebb33)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LINKER_HASH_STYLE differs between MIPS and non-MIPS targets. This means
that LDFLAGS differs too. LDFLAGS is exported so it influences all task
hashes. Unfortunately this means that packages with architecture "all"
differ depending on whether they are built for a MIPS or non-MIPS target.
This causes a lot of unnecessary churn in the ipk/all directory when
switching build targets.
The simplest way to fix this is to ensure that LDFLAGS stays the same for
architecture "all" packages by clearing it. It shouldn't being used by such
packages anyway.
(From OE-Core rev: 14f4d016fef9d660da1e7e91aec4a0e807de59ab)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libice 1.0.9 added automatic detection of arc4random(), which is in libbsd on
Linux. As this is automatic and leads to failing builds when ssstate is reused,
seed the autoconf cache as relevant to implement a PACKAGECONFIG for the
functionality.
Default to not using arc4random() as the fallback has been in use for many
years, but people interested in security may wish to turn this on to increase
the security of the X authentication cookies.
(From OE-Core rev: 71d5eb34678eafbcb0f8ff4c31d52a276949bb0c)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In order to generate and support kernel trees with full history, we need
to modify the kernel tools
e914d570232a kgit-checkpoint: ensure that full meta-data artifacts are maintained
192be836d318 kgit-scc: allow meta-data history to be maintained
(From OE-Core rev: f2015ead17c875ae37a9ad496fdafef2b931f771)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating the 3.14 yocto kernel to incorporate the following fix
and feature of interest.
5724bf17acbf x86: align x86 arch with generic CPU modalias handling
6b9a52451a78 cpu: add generic support for CPU feature based module
38367de316bb libata: support the ata host which implements a queue depth less than 32
[YOCTO: #6489]
(From OE-Core rev: 1fcb9843d663a5746690c81fe1cd6cf84dac04b9)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In 3.16+ x86-64 kernel builds produce a vdso64.so.dbg file. If this file is
copied into the kernel source install multiple QA failures are triggered.
Specifically, this file triggers a debug package split that results in
files installed but not shipped, and invalid .debug file errors.
By ensuring that .so files are not copied, we avoid this incorrect split
with no impact on future build phases.
(From OE-Core rev: f1f6d153de9dc675b4bf4020799b2365b1b62ec7)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating to backport the following mainline commit:
[
x86_64: expand kernel stack to 16K
commit 6538b8ea886e472f4431db8ca1d60478f838d14b upstream
While I play inhouse patches with much memory pressure on qemu-kvm,
3.14 kernel was randomly crashed. The reason was kernel stack overflow.
When I investigated the problem, the callstack was a little bit deeper
by involve with reclaim functions but not direct reclaim path.
....
]
(From OE-Core rev: b162bcf26a5b97fddd2a64789f97ec705bb354f9)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With lttng 2.4.2 and gcc 4.9, we can now enable lttng-modules for ARM.
(From OE-Core rev: f6587be6cd3dc864143b1c0be0bb8179a61dc835)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
During the uprev of the yocto kernel to 3.16, lttng-modules failed to build.
To grab the latest stable content, we update to 2.5.0, and add two patches
to also make it build against 3.16+.
We also drop the older 2.3.3 lttng-modules, since it is no longer required
to support ARM builds.
(From OE-Core rev: 10680c8f06c52b25ed63d315596707701402646d)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating the 3.14 SRCREVs to integrate the following changes:
meta: iwlwifi: Add MVM firmware support
vexpress: Pass LOADADDR to Makefile
(From OE-Core rev: da1eca40b5ff608df6f4041a92b2d4c71ee6784e)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Now that we can get the task dependency tree from bitbake, we can start
to use this to strengthen our QA checks. If a dependency is added on
something which isn't in our dependency tree, that is obviously a bad
thing for example.
This patch therefore checks the RDEPENDS against the list of tasks and
ensures we do have a dependency present, if not a QA warning or error
can be issued through the usual mechanism.
The implementation is complicated by needing to resolve the RDEPENDS to
a PN using pkgdata. Its possible that can be an RPROVIDES of another
package so we need to check that too if it isn't a direct RDEPENDS.
To allow this test to work, we need to extend the do_package_qa
dependencies to include all RDEPENDS. In practise the do_package_write_*
tasks already do this so there should be no new circular dependencies or
any issues like that.
For now the issues are warnings as there are issues this finds in
OE-Core which need to be resolved and certainly will be in other layers
too. This change should simplify and assist some of Martin's dependency
scripts, the idea for this came from a discussion with Martin. It has
changed in that it doesn't just cover shlibs dependencies but checks all
dependencies.
(From OE-Core rev: f6cb24cf2255297308ef57399a6be407129d9b8f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch allows for an optional new layout for ipk feed directories which I've
called a 'hierarchical feed' and is based on how Debian pools package files. It
is disabled by default and is enabled by setting IPK_HIERARCHICAL_FEED to "1".
In the traditional feed layout, package files are placed in <outdir>/<arch>/.
This can lead to several thousand files existing in a single directory which is
often a problem if developers want to upload a package feed to a shared web
hosting provider. For example, in my case, listing files via FTP only shows the
first 2000 files, breaking my scripts which attempt to upload only new and
changed files via FTP.
In the hierarchical feed, package files are written to
<outdir>/<arch>/<pkg_prefix>/<pkg_subdir>, where pkg_prefix is the first letter
of the package file name for non-lib packages or "lib" plus the 4th letter of
the package file name for lib packages (eg, 'l' for less, 'libc' for libc6).
pkg_subdir is the root of the package file name, discarding the version and
architecture parts and the common suffixes '-dbg', '-dev', '-doc', '-staticdev',
'-locale' and '-locale-*' which are listed in meta/conf/bitbake.conf.
This change relies on recent patches to opkg-utils which support hierarchical
package feeds.
Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently, BB_NUMBER_THREADS and PARALLEL_MAKE default to unset and
are set in local.conf. Now that we have the automatic probing,
the default values can be set in bitbake.conf and an example of
explicitly defining how many tasks to run can be moved to
local.conf.sample.extended.
[YOCTO #6217]
Signed-off-by: Roxana Ciobanu <roxana.ciobanu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Security Advisory - ffmpeg - CVE-2013-0866
The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large number of channels in an AAC file, which
triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0866
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0875
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in
FFmpeg before 1.1.3 allows remote attackers to have an unspecified
impact via a crafted PNG image, related to an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0860
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg
before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a
frame is fully initialized, which allows remote attackers to trigger a
NULL pointer dereference via crafted picture data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0860
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3934
Double free vulnerability in the vp3_update_thread_context function in
libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have
an unspecified impact via crafted vp3 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3946
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg
before 0.10 allows remote attackers to have an unspecified impact via
crafted Supplemental enhancement information (SEI) data, which triggers
an infinite loop.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3946
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7023
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before
2.1 does not properly handle certain memory-allocation errors, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7023
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7009
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before
2.1 does not properly maintain a pointer to pixel data, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via crafted Apple RPZA
data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7009
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0855
Integer overflow in the alac_decode_close function in libavcodec/alac.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via a large number of samples per frame in Apple Lossless Audio
Codec (ALAC) data, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0855
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-4351
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute
arbitrary code via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0848
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via a crafted
width in huffyuv data with the predictor set to median and the
colorspace set to YUV422P, which triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0848
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3944
The smacker_decode_header_tree function in libavcodec/smacker.c in
FFmpeg before 0.10 allows remote attackers to have an unspecified impact
via crafted Smacker data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944
file://0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch \
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-7010
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg
before 2.1 allow remote attackers to cause a denial of service
(out-of-bounds array access) or possibly have unspecified other impact
via crafted data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2011-3941
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before
0.10 allows remote attackers to have an unspecified impact via vectors
related to an uninitialized block index, which triggers an out-of-bound
write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3941
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0846
Array index error in the qdm2_decode_super_block function in
libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have
an unspecified impact via crafted QDM2 data, which triggers an
out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0846
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6618
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg
before 1.0.2, when running with certain -probesize values, allows remote
attackers to cause a denial of service (crash) via a crafted MP3 file,
possibly related to frame size or lack of sufficient frames to estimate
rate.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6618
gst-ffmpeg: Security Advisory - ffmpeg - CVE-2012-6617
The prepare_sdp_description function in ffserver.c in FFmpeg before
1.0.2 allows remote attackers to cause a denial of service (crash) via
vectors related to the rtp format.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617
(From OE-Core rev: 58f08a96764094189b5aaf3cc8b4cc0c95e23409)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LIBDIR defaults to ${prefix}/lib, use ${libdir} to avoid issue on
64bit platforms.
(From OE-Core rev: e5c023abd5265293623ac993a048d7abb9b71a59)
Signed-off-by: Ting Liu <ting.liu@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
definition of __SANE_USERSPACE_TYPES__ was added in kernel source by
commit e3541ec75219819d3235f80125a1a75d798ff6e1
perf tools, powerpc: Fix compile warnings in tests/attr.c
Overriding the CFLAGS makes it impossible for kernel build system to
append to it, thus making the build fail in various ways as:
| CC /.../perf/1.0-r9/perf-1.0/perf.o
| In file included from builtin.h:4:0,
| from perf.c:9:
| util/util.h:74:24: fatal error: lk/debugfs.h: No such file or directory
| #include <lk/debugfs.h>
| ^
| compilation terminated.
(From OE-Core rev: 7e7063e495d6451b46e06d08d16f92d0597a7d11)
Signed-off-by: Ting Liu <ting.liu@freescale.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There was an error in the previous fix for the powerpc toolchain issue, this
should correct it (and simplify the code too).
[YOCTO #6490]
(From OE-Core rev: 54ddf3fe060715534cd9e23d6e89cf6b06ed3d9f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otavio Salvador
Richard Purdie
Koen Kooi
Stefan Agner
Daniel BORNAZ
Xufeng Zhang
Hongxu Jia
Matthieu Crapet
Lucian Musat
Jackie Huang
Ross Burton
Richard Tollerton
Saul Wold
Drew Moseley
Mike Crowe
Bruce Ashfield
Paul Barker
Roxana Ciobanu
Yue Tao
Ting Liu
Yong Zhang