| Age | Commit message (Collapse) | Author |
|---|
|
* This is a security release in order to address the following defect:
- CVE-2016-2119 (Client side SMB2/3 required signing can be downgraded)
* Detail release note:
- https://www.samba.org/samba/history/samba-4.4.5.html
* Removed part of the 10-use-only-libsystemd.patch
which has been fixed in new version.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
daemontools-native
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Upgrade postgresql from 9.4.5 to 9.4.8
* Update LIC_FILES_CHKSUM as COPYRIGHT file
updates
* Remove two backport CVE patches
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* License remains the same (dates updates)
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
This reverts commit 5cdb839fa676ccc738c749e9f4c7679080ee9f2d.
The issue is fixed by the following commits:
in oe-core: "71b3516 avahi-ui: use PACKAGECONFIG for gtk features"
in meta-gnome: "0e19635 meta-gnome/layer.conf: enable gtk for avahi-ui"
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
avahi-ui enables gtk3 be default, but gnome-disk-utility
in meta-gnome needs gtk, so add gtk here.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
upgrade to version 3.1.4 to fix two CVEs:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4463
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2099
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Extend the recipe so that it supports target builds.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Update the checksums and the S directory.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
- Let recipe's LDFLAGS work in Makefile.
- Pass option '-e' to Makefile, let environment
CFLAGS append to the one in Makefile.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Recipes that use intltool need to depend on intltool-native.
...
|WARNING: network-manager-applet-1.0.10-r0 do_configure: Missing DEPENDS
on intltool-native
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
When building mutlilib, using ${PN} in the middle of the package name
creates incorrect package names:
lib32-liblib32-mozjs
lib32-liblib32-mozjs.shlibdeps
Which in turn breaks license.bbclass during image creation.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Commit f8dd8cde90c4d6c945177117953e7123e1401236 removed the StandardError
option from the proftpd service file, re-introduce it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
This way ntp can be used as an alternative to ntpd from busybox
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
inherit update-rc.d to manage init script, so we
can avoid duplicating the update-rc.d commands,
and the default behavior can be easily overridden
by distro.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
bridge-utils suffers from a few problems:
- doesn't build on musl
- doesn't respect CFLAGS
- build errors are silently ignored
- doesn't support parallel make
All of these are addressed with the included patches.
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
prxs (PRoftpd eXtenSion tool) is a perl script,
in which the host path should be avoided.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
When using '??=' to set a variable, '+=' will cause
the '??=' value to be discarded. We change how PACKAGECONFIG
is defined. We also do not make sia support a default
since it is not likely to be available.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Add information to proftpd.service so that it will
be started at boot time.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
wireshark needs pod2man and pod2html (provided by perl-native)
to create doc files, inherit perlnative instead of the
dependency only, so it sets the correct path to find these
native commands.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
* Remove the blacklist since the issue is gone with new version
* Remove two CVE patches which have been fixed:
- CVE-2016-3947 and CVE-2016-4553
* Rebased the patch for ptest.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Modify the curlpp.pc file in do_install_append to avoid the following QA error.
ERROR: QA Issue: curlpp.pc failed sanity test (tmpdir)
The problem occurs only for tunes which set baselib to 'lib32', and in OE,
we only have two tunes which set such value.
BASE_LIB_tune-octeon2 = "lib32"
BASE_LIB_tune-octeon3 = "lib32"
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fix paths in pkgconfig files and remove snort from blacklist.
Also add 'xz' to DEPENDS to avoid the following QA issue.
WARNING: snort-2.9.7.5-r0 do_package_qa: QA Issue: snort rdepends on liblzma, but it isn't a build dependency, missing xz in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Without this it breaks builds which don't include
conf/distro/include/security_flags.inc
with:
lcl_maybe_fortify = "${@base_conditional('DEBUG_BUILD','1','','-D_FORTIFY_SOURCE=2',d)}"
because then lcl_maybe_fortify isn't defined and gcc in c-ares
do_configure gets it unexpaned and fails:
configure:3926: checking whether the C compiler works
configure:3948: arm-oe-linux-gnueabi-gcc -march=armv7-a -mthumb -mfpu=neon -mfloat-abi=softfp -mcpu=cortex-a9 -mtune=cortex-a9 -funwind-tables -rdynamic -Os
--sysroot=/OE/sysroots/MACHINE -O2 -pipe -g -feliminate-unused-debug-types
-fdebug-prefix-map=/OE/work/MACHINE-oe-linux-gnueabi/c-ares/1.10.0-r0=/usr/src/debug/c-ares/1.10.0-r0 -fdebug-prefix-map=/OE/sysroots/x86_64-linux=
-fdebug-prefix-map=/OE/sysroots/MACHINE= -Os ${lcl_maybe_fortify} -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed conftest.c >&5
arm-oe-linux-gnueabi-gcc: error: ${lcl_maybe_fortify}: No such file or directory
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
c-ares doesn't build if the distro has enabled usage of the
security_flags.inc file as it is picky about what is placed
into CPPFLAGS and CFLAGS. It complains and errors out if any
preprocessor options appear in CFLAGS.
Fix this by providing an additional include file that is
require'd from conf/layer.conf which for c-ares moves the
defines added by security_flags.inc from CFLAGS to CPPFLAGS.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
If not requested otherwise as ./configure option, c-ares will strip
any -g from CFLAGS / CPPFLAGS and add -g0 instead, disabling all
debug info.
Similarly, it will try to enable optimisation (but bail out since in
that case it honors an existing -O in CFLAGS / CPPFLAGS)
Since we want to control code generation, patch out the code
mangling -g (and -O for consistency). Alternatively, if we were to
pass --enable-debug to ./configure, c-ares would at the same time
assume that we don't want optimisation anymore.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
The recipe for atftp inherits useradd.bbclass and
re-creates the user nobody as a "system" user. This
is not correct and is in vain because this new definition
will not be created on the target.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
* Remove setup_requires pytest-runner as the
setup_requires pytest-runner actually is not
used for pytest which only in do_compile phase
via setup.py build
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Upgrade to the latest release to fix some CVEs:
- CVE-2016-3068: arbitrary code execution with Git subrepos
- CVE-2016-3069: arbitrary code execution when converting Git repos
- CVE-2016-3630: remote code execution in binary delta decoding
- CVE-2016-3105: arbitrary code execution when converting Git repos
* For other changes please see:
https://www.mercurial-scm.org/wiki/WhatsNew
* Update SRC_URI with the new download link
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* Update license checksum to include latest copyright information
* Update patch for the latest version
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Derek Straka <derek@asterius.io>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
This version includes fix for CVE-2016-0787
and other changes, for details please see:
https://www.libssh2.org/changes.html
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Changelog:
version 0.7.3 (released 2016-01-23)
* Fixed CVE-2016-0739
* Fixed ssh-agent on big endian
* Fixed some documentation issues
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The project used to be hosted on Sourceforge, then Launchpad, and it moved to
Github. The last stable release (0.4.12) cannot be found on Sourceforge anymore,
and is not available (as tarball) on github. So using the tarball from Launchpad
instead. We can move to github when the next release happens (which will be the
first one from github).
Tested with and without mysql, with and without aio.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
meta-webos hasn't been maitained for about 2years.
So, how about add libnih into meta-oe.
Fix the error as foloowing:
invalid tag value("^[A-Za-z0-9+._]+$") Release: Release: r2-4ubuntu16.
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
| DEBUG: Executing shell function dos2unix
| /home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/libebml/1.3.0-r0/temp/run.dos2unix.30265:104:
/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/libebml/1.3.0-r0/temp/run.dos2unix.30265:cannot open make/*/Makefile: No such file
| WARNING: exit code 2 from a shell command.
| ERROR: Function failed: dos2unix (log file is located at
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
Jackie Huang
Derek Straka
leimaohui
mingli.yu@windriver.com
Ross Burton
Hongxu Jia
Jeremy Puhlman
Andreas Müller
Joe MacDonald
Pascal Bach
André Draszik
Joe Slater
Qi.Chen@windriver.com
Martin Jansa
André Draszik
Nicolas Dechesne
Dai Caiyun