Since this image can be built with both poky and poky-lsb, ensure the correct
tests are run in both cases, the auto detection does not quite work right in the
poky-lsb case since not all the Posix cmdline utilites are added. Add connman and
connman test for network sanity
(From OE-Core rev: 8df57b4b1a110dcbaab9652795fe5c0d86019554)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
the offset the param of mmap2() doesn't align the page size, but,
this param allow must be a multiple of the page size as returned
by sysconf(_SC_PAGE_SIZE).meanwhile offset * 4096 must be a
multiple of the system page size, so modify the input param of offset
pgoff = (ULONG_MAX - 1)&(~((pgsz-1)>>12));
(From OE-Core rev: f9a140441ab27c6e90d108ced76cff2dc70eedf2)
Signed-off-by: Chuang Dong <Chuang.Dong@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
12-cve-2014-9636-test-compr-eb.patch is same as unzip-6.0_overflow3.diff,
is to fix CVE-2014-9636
(From OE-Core rev: 43cc77f6dd1615ec6797a159647a1ad677c1df23)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: a5500f348fa58962cbd4a36c154d311c71bc7233)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ROOTDIR should be defined, otherwise man files will be installed
to host root dir.
(From OE-Core rev: 72430a8db44eaab2704c0d828171d3c98a48fe2a)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bzip2-native is in ASSUME_PROVIDED but we don't just want "bzip2" but
libbz2 here. To do this, we need to DEPEND on bzip2-replacement-native
which hints to bitbake we really do want to build it.
Add the missing dependency to avoid failures on machines which don't
have libbz2-dev installed.
(From OE-Core rev: a87b7172a99051c2ea61bcfae60e922b58333291)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Port four patches from unzip_6.0-8+deb7u2.debian.tar.gz to fix:
cve-2014-8139
cve-2014-8140
cve-2014-8141
cve-2014-9636
(From OE-Core rev: 5e9f29b1c212f7a067772699e7fc9b6e233baa34)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rather than just use d.getVar(X), use the more explict d.getVar(X, False)
since at some point in the future, having the default of expansion would
be nice. This is the first step towards that.
This patch was mostly made using the command:
sed -e 's:\(getVar([^,()]*\)\s*):\1, False):g' -i `grep -ril getVar *`
(From OE-Core rev: ab7c1d239b122c8e549e8112c88fd46c9e2b061b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade cups from 2.0.2 to 2.0.3. In its release log, it fixes
CERT VU #810572/CVE-2015-1158/CVE-2015-1159.
(From OE-Core rev: d719d2d9bf7c57efd2bc249d06bf4f9e3876a766)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
merged inc back into recipe.
Changes affecting future time stamps
Morocco will suspend DST from 2015-06-14 03:00 through 2015-07-19 02:00,
not 06-13 and 07-18 as we had guessed. (Thanks to Milamber.)
Assume Cayman Islands will observe DST starting next year, using US rules.
Although it isn't guaranteed, it is the most likely.
(From OE-Core rev: 3c63274c306c46d2ec9210b1b505b2a0aafccb70)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
merged inc back into recipe.
Changes affecting code
When displaying data, tzselect converts it to the current locale's
encoding if the iconv command works. (Problem reported by random832.)
tzselect no longer mishandles Dominica, fixing a bug introduced
in Release 2014f. (Problem reported by Owen Leibman.)
zic -l no longer fails when compiled with -DTZDEFAULT=\"/etc/localtime\".
This fixes a bug introduced in Release 2014f.
(Problem reported by Leonardo Chiquitto.)
(From OE-Core rev: aa82ed313f4e377eb25e324d90b9229e0ff24878)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To fix an error in the patch.Otherwise,the dictionary would be wrong.
(From OE-Core rev: 8670b99b06ce14ed391b4713d7887af90d44a2c8)
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of hand-rolling a do_configure() simply use autotools and disable
autoheader (upstream uses a hand-generated config.h.in).
Also do_compile() doesn't need to pass SSLLIBS as configure uses pkgconfig to
find gnutls, LIBPNG and LIBJPEG are not used anywhere in the build system, and
LIBZ is detected correctly.
(From OE-Core rev: 9c25af5483280c5c753f981504eb373d6e58c7f3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 9de66c04e326abbc120f062edffdc1ec3aff3921)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is not needed since its target recipe and we always
need to pass 'linux' for OS
(From OE-Core rev: 4580b59d07af2e0a18eaf0110eae06de1c7969d4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Surfaced when building with musl This details are in patch headers
Enabel innetgr.patch for musl as well
(From OE-Core rev: 6ec229d8dec6a5978ebf6b264c332590c8be0b3a)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed ethtool-uint.patch since it is already in the source.
(From OE-Core rev: 0a5bb9f617dffbfddf599555cff5f5536f10b93f)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following two patches are removed because they have been merged
in the new version.
Use-DESTDIR-in-extension-Makefile.am-when-removing-..patch
extension-Add-DESTDIR-prefix-to-remaining-pkgextensi.patch
(From OE-Core rev: 491d485ade68c128624eee00977f293dba8f64b9)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The packagegroup-core-full-cmdline-sys-services should not pull in
lighttpd, move it to packagegroup-core-lsb since lsb needs it.
[YOCTO #7086]
(From OE-Core rev: f1b91bca8f314548f8b616c870cacf9507649c19)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch to fix CVE-2015-1345. The issue was introduced with
v2.18-90-g73893ff, and version 2.5.1a is not affected.
Replace tab with spaces in SRC_URI as well.
(From OE-Core rev: ea97b1dee834594358c342515720559ad5d56f33)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 1aeeb17a01c4a585b84ed52bd29d47e3e027d0b0)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 6c6cfcc25717c09b02801065cd2de816f3f1f068)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-/tset/LI18NUX2K.L1/utils/egrep-tp/T.egrep-tp 5
-/tset/LI18NUX2K.L1/utils/fgrep/T.fgrep 5
-/tset/LI18NUX2K.L1/utils/grep-tp/T.grep-tp 5
The LSB core test requires grep egrep and fgrep can
perform pattern matching in searches without regard
to case if -i option is specified.
(From OE-Core rev: d3b6aa30b3ea30d4e6a6ca923693367f66957ab0)
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LIC_CHKSUM updated because year was changed in those associated files.
(From OE-Core rev: 1f030a5355c234dc6d1d2b22a25cbb96d5628056)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Update LICENSE's md5sum, the new version added a "of" in the file, the
license is the same.
* Remove ghostscript-9.02-parallel-make.patch, it has 932 lines and
modified 24 files, which is hard to maintain, and it can't be applied
since the code has changed, and if we meet parallel issues again, we
need fix it in other ways.
* Fix a build error of -Werror=return-type.
(From OE-Core rev: c5adb5903bd93f1c71acd52062d8c8620de2f944)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
They can't be built withou x11 in DISTRO_FEATURES.
(From OE-Core rev: e66f1c830bfee09ed9a043ade5374fe61fea3c99)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636
unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with
an uncompressed size smaller than the compressed field size in a
zip archive that advertises STORED method compression.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315
Buffer overflow in the charset_to_intern function in unix/unix.c in
Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code
via a crafted string, as demonstrated by converting a string from CP866
to UTF-8.
(From OE-Core rev: f86a178fd7036541a45bf31a46bddf634c133802)
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The old SRC_URI is redirected to the new one, fixed:
WARNING: Failed to fetch URL ftp://metalab.unc.edu/pub/Linux/utils/file/stat-3.3.tar.gz, attempting MIRRORS if available
(From OE-Core rev: 45034239c7e38ec991aa75d7c30417c22bfdef28)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Add objarch.h for MicroBlaze big and little endian
(From OE-Core rev: cb7e4f8e3dcbe1d85eabc7d1545fddcd2500e02b)
Signed-off-by: Nathan Rossi <nathan.rossi@xilinx.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set ALTERNATIVE for nativesdk package to empty to avoid warnings like below.
WARNING: pigz: NOT adding alternative provide xxx/bin/gunzip: xxx/bin/pigz does not exist
(From OE-Core rev: 666e0b5c117202e9e866ef62eac99e0af9c8c2fb)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Updated 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
* Removed 0002-uclibc-rpcsvc-defines.patch since it is already in the
source.
(From OE-Core rev: 713ac3bfbc95e58ce3332409bae838053fdeced8)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The COPYING's md5sum is changed by this commit:
commit 945f9c69af665044448b0eb6816656acc84fca77
Author: Ken Dreyer <kdreyer@redhat.com>
Date: Mon Jan 26 14:02:46 2015 -0700
update GPLv2 text in COPYING
The FSF has issued a couple of tiny updates to the GPLv2. The main
change is a new mailing address for the FSF headquarters.
This license text was taken verbatim from
https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
The main content are the same.
(From OE-Core rev: b91909e15f817294e609cffcb71c123d44cf7b4b)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 5deb2adc5a2db250a3ffa9974af51ded6e10e446)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is a backport patch, and verified that the patch is in the source.
(From OE-Core rev: a46976b9de5a2270f041a73661a6ed635bf4eb43)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is already in the source.
(From OE-Core rev: e6b2def565c1201c3b0a0d2a8c296b65e6cafb02)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It is a backport patch, and verified that the patch is in the source.
(From OE-Core rev: 370dc496c2d6f8fa97a18af49747d15a41fc7bcf)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libarchive: Updated libarchive packages fix security vulnerability
Alexander Cherepanov discovered that bsdcpio, an implementation of the "cpio"
program part of the libarchive project, is susceptible to a directory
traversal vulnerability via absolute paths.
(From OE-Core rev: e64a961e9c5e94e643896e4b68b85bd5b4c27470)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An out of bounds read access in the UTF-8 decoding can be triggered with
a malformed file in the tool less. The access happens in the function
is_utf8_well_formed due to a truncated multibyte character in the sample
file.
The bug does not crash less, it can only be made visible by running less
with valgrind or compiling it with Address Sanitizer.
Version 475 of less contains a fix for this issue. The file version.c
contains some entry mentioning this issue (without any credit):
- v475 3/2/15 Fix possible buffer overrun with invalid UTF-8
The fix is in the file line.c. We derive this patch from:
https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
Thank Claire Robinson for validating it on Mageia 4 i586. Refer to:
https://bugs.mageia.org/show_bug.cgi?id=15567
(From OE-Core rev: 68994284f3c059b737bfc5afc2600ebd09bdf47f)
Signed-off-by: Junling Zheng <zhengjunling@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changes affecting future time stamps
Egypt will not observe DST in 2015 and will consider canceling it
permanently. For now, assume no DST indefinitely.
(Thanks to Ahmed Nazmy and Tim Parenti.)
Changes affecting past time stamps
America/Whitehorse switched from UTC-9 to UTC-8 on 1967-05-28, not
1966-07-01. Also, Yukon's time zone history is documented better.
(Thanks to Brian Inglis and Dennis Ferguson.)
Change affecting past and future time zone abbreviations
The abbreviations for Hawaii-Aleutian standard and daylight times
have been changed from HAST/HADT to HST/HDT, as per US Government
Printing Office style. This affects only America/Adak since 1983,
as America/Honolulu was already using the new style.
(From OE-Core rev: b9f366ab4e0a9cad69b631f402b9afa02d40f667)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy
Saul Wold
Chuang Dong
Robert Yang
Roy Li
Chen Qi
Richard Purdie
Kai Kang
Armin Kuster
Lei Maohui
Ross Burton
Khem Raj
Li xin
Nathan Rossi
Li Zhou
Junling Zheng