| Age | Commit message (Collapse) | Author |
|---|
|
Source: https://git.yoctoproject.org/git/poky
MR: 112369
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?id=48960ce56265e9ec7ec352c0d0fcde6ed44569be
ChangeID: 799afc7adf3f2c915751744b618e38cccb01d854
Description:
(From OE-Core rev: e16cd155c5ef7cfe8b4d3a94485cb7b13fd95036)
(From OE-Core rev: f515c00c995b90a6d583f0e6162aa8fba8005a67)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 48960ce56265e9ec7ec352c0d0fcde6ed44569be)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: qemu.org
MR: 107262
Type: Security Fix
Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a
ChangeID: 3024b894ab045c1a74ab2276359d5e599ec9e822
Description:
Affects qemu < 5.0.0
(From OE-Core rev: 55aa94e9185ecd93612c64cdd982a89d633284e2)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: qemu.org
MR: 106462
Type: Security Fix
Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1
ChangeID: b9dc1b656c07d6a0aecaf7680ed33801bd5f6352
Description:
Affects qemu < 5.2.0
(From OE-Core rev: be31eb87299b883306c1823ad632d6ada237dc05)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: qemu.org
MR: 105490
Type: Security Fix
Disposition: Backport from https://git.qemu.org/?p=qemu.git;a=commit;h=b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4
ChangeID: 6e222b766fc67c76cdc311d02cc47801992d0e66
Description:
Affect qemu < 5.0.0
(From OE-Core rev: 7cd5c38b6d078c22519ad6b6e89caa9c1aa5ecd4)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://github.com/libsndfile/libsndfile
MR: 112098
Type: Security Fix
Disposition: Backport from https://github.com/libsndfile/libsndfile/pull/713
ChangeID: 10d137de063b7a1e543ee96fbcf948945a452869
Description:
(From OE-Core rev: f999bac187a935821f8580f3c5b1d08107ba9851)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://dist.apache.org
MR: 112793
Type: Security Fix
Disposition: Backport from https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.patch
ChangeID: c8247210204ffcc7d1425e3d60f077ad3dd54ebc
Description:
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the
Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue
was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed
compared to 1.6.3 and is vulnerable to the same issue.
(From OE-Core rev: 315262830bfe2bc8b2a9259541bb3a0bc83a2cdd)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://sources.debian.org/patches/libgcrypt20/1.8.4-5+deb10u1
MR: 111591
Type: Security Fix
Disposition: Backport from https://sources.debian.org/data/main/libg/libgcrypt20/1.8.4-5%2Bdeb10u1/debian/patches/31_cipher-Fix-ElGamal-encryption-for-other-implementati.patch
ChangeID: d066a9baacc0d967dd80ac54c684cde031ac686e
Description:
Affects before 1.8.8 and 1.9.x before 1.9.3
(From OE-Core rev: 7de5e19a668f268f0cc56617a9f5760054acb5f5)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(Bitbake rev: 3c1799b2576f80b6dcb310e03f77105a58b9fa8e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c7d2281eb6cda9c1637c20b3540b142073bca235)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
SDKPATHINSTALL is the default installation path used for the SDK but is not
the path encoded into every SDK binary as the default path. This change
allows it to contain things like dates without requiring every nativesdk
recipe to rebuild.
Partially fixes [YOCTO #14100]
(From meta-yocto rev: 7eac76587428202db781f269439ad9d719017289)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a62175ee581bd05661717f0fb89dad2a297b4034)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 49ca1f62cc17c951b7737a4ee3c236f732bc8ebe)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: golang.org
MR: 111958, 112390, 112393
Type: Security Fix
Disposition: Backport from https://github.com/golang/go.git
ChangeID: 662d021814f025b3d768a04864498486f94819a7
Description:
Affects < 1.16.5
Fixes:
CVE-2021-33196
CVE-2021-33197
CVE-2021-34558
(From OE-Core rev: 1eaac89b0384cc39ea489a3b7ea58eab6b23240b)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://gitlab.freedesktop.org/xorg/xserver
MR: 108223,
Type: Security Fix
Disposition: Backport from https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b and https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9
ChangeID: 496c2a2d80e4f8fff9b0d3148fca70c090cec31e
Description:
affects < 1.20.10
Fixes CVE-2020-14360 and CVE-2020-25712
(From OE-Core rev: ee4a4f9053909f820de48a48750bda92170aaf86)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream don't believe it is a signifiant real world issue and will only
fix in 1.17 onwards. Therefore exclude it from our reports.
https://github.com/golang/go/issues/30999#issuecomment-910470358
(From OE-Core rev: 9dfc6abbb83f8792fbfa1acb9c0fe4ab23872d8f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE is effectively disputed - yes there is stack exhaustion but no bug and it
is building the parser, not running it, effectively similar to a compiler ICE.
Upstream no plans to address and there is no security issue.
https://github.com/westes/flex/issues/414
(From OE-Core rev: b939b005b06be58a276d565f755ee2d8f3e5dfc1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://git.openembedded.org/openembedded-core
MR: 108825
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-core/dbus?id=bfaef91e77cd54e4f642e966903aac3f3291c325
ChangeID: bfaef91e77cd54e4f642e966903aac3f3291c325
Description:
Bugz only update
Includes fix for CVE-2020-35512
ab88811768 (HEAD, tag: dbus-1.12.20) v1.12.20
5757fd5480 Update NEWS
f3b2574f0c userdb: Reference-count DBusUserInfo, DBusGroupInfo <- cve fix
37b36d49a6 userdb: Make lookups return a const pointer
732284d530 Solaris and derivatives do not adjust cmsg_len on MSG_CTRUNC
1f8c42c7cd Start 1.12.20 development
(From OE-Core rev: bfaef91e77cd54e4f642e966903aac3f3291c325)
(From OE-Core rev: 4cebabf1007762872510c5065a2a718a89687734)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bfaef91e77cd54e4f642e966903aac3f3291c325)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
dbus and dbus-test share the same source code and base configuration options,
so factor out the common parts into dbus.inc.
This way we can eliminate the need to keep the two recipes in sync. When they
are not properly in sync (e.g. when dbus recipe has extra patches/config
options that are not duplicated in dbus-test) ptest testsuite will actually
test a slightly different codebase. This is due to the fact that dbus-test does
not run the testsuite against the system libdbus library, but instead it
generates a local libdbus.so that needs to configured/compiled as close as
possible to the system one.
(From OE-Core rev: 1cde2935526d2eec7d6b17a6c622647b0c132439)
(From OE-Core rev: 6c90e4dd59eb06058d14deeb9aa87717fd88ab09)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44ae5d8d6f26fda4ab1a3fef9fc49d74e4ac89f0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
X specific configs are already handled through PACKAGECONFIG:
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd x11', d)}"
...
PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x
--disable-x11-autolaunch, virtual/libx11 libsm"
Remove duplicated EXTRA_OECONF_X args.
(From OE-Core rev: 7dc107b05a29f8a3e8903d73f84ef8069f68af6f)
(From OE-Core rev: d747c666ed563488af0b894d4e3236335aa2a8bf)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 036e3436e51a44de3fc9b4b8e5b1ff149e3aaa9d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 839695e0c1b0c0fcfbb924c2b174c4a638067a32)
(From OE-Core rev: 296746f58dd1b4839c953a7b1eb4aed22e407c29)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5cbf053481642a820b9f4c6bed9ac79246719087)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 8d33a2a4e4b6ff8f831523e5b1b16ead6b29cc79)
(From OE-Core rev: 7337d7e4faf20a513c065c44d7d9d472334452b2)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a62471f0641551717a260c67690d3a7d280ac028)
[Bug fix only update, drop cve patch now included
a0926ef86f (tag: dbus-1.12.18) Prepare 1.12.18
8bc1381819 fdpass test: Assert that we don't leak file descriptors
272d484283 sysdeps-unix: On MSG_CTRUNC, close the fds we did receive <- cve fix
31297172f1 Update NEWS
041d579139 dbus-daemon test: Don't test fd limits if in an unprivileged container
55b3f71376 Update NEWS
ced04aabc7 doxygen: fix example for dbus_message_append_args
3e40637b10 Update NEWS
3e0ea34966 cmake: Add X11 include path for tools
d0992805d7 doc: replace dbus-send's --address with --peer and --bus
dd32f6b617 Update NEWS
d251fe7850 Merge branch 'cherry-pick-b034b83b' into 'dbus-1.12'
2c6b0ad7f6 bus: Don't explicitly clear BusConnections.monitors
df0c675b93 Merge branch 'cherry-pick-bf71a58e' into 'dbus-1.12'
beb79b94fb doc: Fix environment variable name in dbus-daemon(1)
eab5d4a420 Start 1.12.18 development]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream repo no longer has 'master' branch, and switched to
'main'. To avoid issue such as:
ERROR: rt-tests-1_1.1-r0 do_fetch: Fetcher failure: Unable to find
revision dff174f994f547a5785d32454865f140daacb0f5 in branch master
even from upstream
we need to set the default branch name to 'main' in the recipe.
(From OE-Core rev: ed52bea54f135b7b5367a24bb3861d9bc0c53117)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This log checking fix is needed for both qemux86 and qemux86-64 so move
to the common section.
[YOCTO #14528]
(From OE-Core rev: e47fcdd767f97d788b5bf749815d902215520edc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2475ce68f0bc1f342c75364dfcfaf7f30499badf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Added 0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
to fix large memory usage for large file downloads
from dynamic backends reuse or release large memory chunks.
Also, added patch to set default chunk size 8k earlier it was 4k.
This issue is caused by a bug in the lighttpd 1.4.55 version and
has been fixed in lighttpd 1.4.58. Hence, it is not needed for
master and hardknott branch because lighttpd has 1.4.59 version.
Link: https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/7ba521ffb4959f6f74a609d5d4acafc29a038337
Link: https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/304e46d4f808c46cbb025edfacf2913a30ce8855
(From OE-Core rev: d3ac63230b98251d67a75a67456b769b6a002df0)
Signed-off-by: Purushottam Choudhary <purushottamchoudhary29@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport an upstream patch for the CVE.
(From OE-Core rev: 5042a4116a024bbc320d97ea29b21a589dea9942)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87191ed0303f6552865ad1edcacd674c57f2010c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://git.openembedded.org/openembedded-core
MR: 111543
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-gnome/gdk-pixbuf?h=hardknott&id=bd08e4d179979937604c196b4047f59c5499a960
ChangeID: bd08e4d179979937604c196b4047f59c5499a960
Description:
(From OE-Core rev: bd08e4d179979937604c196b4047f59c5499a960)
(From OE-Core rev: c7b6a3fef6aa04bb1d264326e483e8a3d3350ca2)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de631334ccd2d6af74ed795228394ee2b7218403)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 05a87be51b44608ce4f77ac332df90a3cd2445ef introduced
a Python conditional expression when updating PATH that
generates syntax warnings in bitbake-cookerdaemon.log:
Var <PATH[:=]>:1: SyntaxWarning: "is not" with a literal. Did you mean "!="?
Fix this by using the more appropriate '!=' comparison
operator.
(From OE-Core rev: b46b059a306b2823624e64adecded9f76430471a)
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2e753a12cf6bb98f9e0940e5ed6255ce8c538eed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Some distributions with UTF-8 locale have problem when National Language
Support is enabled. Add there an option to disable it.
(From OE-Core rev: 9224b01eaa46986b1c363a541e88f20387d8c30b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit da630d6d81a396c3e1635fbd7b8103df47ed2732)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://github.com/lz4/lz4
MR: 111604
Type: Security Fix
Disposition: Backport from https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
ChangeID: 58492f950164e75954a97cf084df6f9af3d88244
Description:
(From OE-Core rev: 00acbc19a48e2b03c910ff5dc62e51eda32bdf03)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d1b4b4b6104e7b94ba49e61774c772a9181a67f6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4accf77ea5b5810cb2330acc6773690ec1b1c71b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add SDKPATHINSTALL which is used as the default install location of the SDK
instead of SDKPATH. This means the default install path isn't encoded into
every SDK binary, meaning if a date is used there the entire SDK doesn't
have to rebuild. Most distros can switch to only customise SDKPATHINSTALL
meaning more sstate reuse too.
[YOCTO #14100]
(From OE-Core rev: 33a5714592bf41a26fcd7e8ff595b45538082431)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bc4ee5453560dcefc4a4ecc5657df5cc1666e153)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From meta-yocto rev: 2cbc8ba3dfd928f69f023f38984d58b5252a43df)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From yocto-docs rev: cc226593701bd5a93c0bcefc0c41da1a32849912)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Crashes in mesa when using vgem kernel module (in the absence of real GPU)
have been observed in dunfell (they do not happen in master):
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14527
Let's focus on making host-accelerated virtualized graphics work well in master
and upcoming releases (the issue is not seen there).
(From OE-Core rev: 448e0271ed831582bb5833486fc17b131676fb53)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We don't use the CD/DVD ROM drive in any of our tests, but it
periodically fails discovery and that leads to a QA error:
[ 6.403477] ata3.00: failed to IDENTIFY (I/O error, err_mask=0x4)
The only way to disable the optical ROM drive in qemu is to use
the '-nodefaults' option, which disables the CDROM (among other things).
We can't be sure that none of our tests, or extended users are relying
on default devices, so using that option is more of a risk than adding
the message to our ignore list.
To date, no one has sent a patch to just disable the optical drive
(either in qemu or the BIOS), but that is something we could consider
in the future.
[YOCTO #14528]
(From OE-Core rev: ae65f4a6a10ad9ca7cf94d653b3b07039b483e72)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 143fc5504539c69752ca87717507c197a8920ce5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 6f3a8e259ecf6934b32a264661422a6872aca2ef)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f4abfdeea175cfcadd6f73a69a676632ab4334a6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is done when starting up qemu has failed, but is not done
when qemu started ok, but fails later in QMP communication.
Output from runqemu does contain valuable information to find out
why, so rather than fix all the QMP fails to include it, let's just
print it in stop().
(From OE-Core rev: 1732290d4d2147bd9ffd76deaf90650519a6ad3d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e2bf68e4401db747484c2c8ba0f77500b1d2d49)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
c15b830f7c1c Linux 5.4.142
a17f2f2c8949 KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
7c1c96ffb658 KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)
456fd889227f iommu/vt-d: Fix agaw for a supported 48 bit guest address width
5b5f855a793c vmlinux.lds.h: Handle clang's module.{c,d}tor sections
e9b2b2b29ca8 ceph: take snap_empty_lock atomically with snaprealm refcount change
95ff775df6ec ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm
1d8c232afb03 ceph: add some lockdep assertions around snaprealm handling
a6ff0f3f9f90 KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation
ec25d05e1893 PCI/MSI: Protect msi_desc::masked for multi-MSI
48d2439c6f2a PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
386ead1d3598 PCI/MSI: Correct misleading comments
76d81dec16d0 PCI/MSI: Do not set invalid bits in MSI mask
6b4bcbf13390 PCI/MSI: Enforce MSI[X] entry updates to be visible
4495a41fbcd7 PCI/MSI: Enforce that MSI-X table entry is masked for update
1866c8f6d43c PCI/MSI: Mask all unused MSI-X entries
3b4220c2bf35 PCI/MSI: Enable and mask MSI-X early
0c8dea3fd55c genirq/timings: Prevent potential array overflow in __irq_timings_store()
4dfe80927102 genirq/msi: Ensure deactivation on teardown
e3e54a930073 x86/resctrl: Fix default monitoring groups reporting
a6b594ad7419 x86/ioapic: Force affinity setup before startup
db5e2666946a x86/msi: Force affinity setup before startup
eda32c21882c genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
06b347743608 x86/tools: Fix objdump version check again
74451dd8bfca powerpc/kprobes: Fix kprobe Oops happens in booke
b74145d858a8 nbd: Aovid double completion of a request
ad9550114d4c vsock/virtio: avoid potential deadlock when vsock device remove
b9cd73cce50a xen/events: Fix race in set_evtchn_to_irq
4d3c5c319b19 net: igmp: increase size of mr_ifc_count
721ff564cc6a tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets
2ce8a68a312c net: linkwatch: fix failure to restore device state across suspend/resume
33597972a2e9 net: bridge: fix memleak in br_add_if()
f6eee53beb07 net: dsa: sja1105: fix broken backpressure in .port_fdb_dump
1e6a570d3786 net: dsa: lantiq: fix broken backpressure in .port_fdb_dump
564f6bbd0ed6 net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
a9243455e874 net: igmp: fix data-race in igmp_ifc_timer_expire()
ed957c77b391 net: Fix memory leak in ieee802154_raw_deliver
13a381b8bc22 net: dsa: microchip: Fix ksz_read64()
991117eeeee8 drm/meson: fix colour distortion from HDR set during vendor u-boot
e114f15de881 net/mlx5: Fix return value from tracer initialization
f99aa76bb83c psample: Add a fwd declaration for skbuff
9dc8e396c12e iavf: Set RSS LUT and key in reset handle path
23436edae3c9 net: sched: act_mirred: Reset ct info when mirror/redirect skb
9636fbfe7bdd ppp: Fix generating ifname when empty IFLA_IFNAME is specified
1c31ee907fde net: phy: micrel: Fix link detection on ksz87xx switch"
dfeb64f6e2ce platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables
699db2bb96ad platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED
af7f1539cfb1 net: dsa: mt7530: add the missing RxUnicast MIB counter
d353a61860a2 ASoC: cs42l42: Fix LRCLK frame start edge
b036452082f3 netfilter: nf_conntrack_bridge: Fix memory leak when error
cd36a36ea4ea ASoC: cs42l42: Remove duplicate control for WNF filter frequency
eb789cc9179f ASoC: cs42l42: Fix inversion of ADC Notch Switch control
6a3381336398 ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
55e86f07b85e ASoC: cs42l42: Correct definition of ADC Volume control
22d2e3c6a1b8 ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
5bac8c2a3087 ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
ddcf807fbb70 libnvdimm/region: Fix label activation vs errors
bc97fde4c668 ACPI: NFIT: Fix support for virtual SPA ranges
a753e3f33405 ceph: reduce contention in ceph_check_delayed_caps()
aa04486c419d i2c: dev: zero out array used for i2c reads from userspace
c18b28e5ade8 ASoC: intel: atom: Fix reference to PCM buffer address
aab3fa544647 ASoC: xilinx: Fix reference to PCM buffer address
60e2854acf3b iio: adc: Fix incorrect exit of for-loop
bcac5225923b iio: humidity: hdc100x: Add margin to the conversion time
da7cb80905ec iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
(From OE-Core rev: 18e0b6edc40a6e26b90f582e7eb3edcd10b62887)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently the mkfs.btrfs generates large images with a lot of wasted
space. This happens since OE-core updated btrfs-tools from 4.13.3 to
4.15.1 in commit 94b645aa77 ("btrfs-tools: update to 4.15.1") .
Note in mkfs.btrfs(8) manpage section -r says the following:
"
-r|--rootdir <rootdir>
...
Note This option may enlarge the image or file to ensure
it’s big enough to contain the files from rootdir. Since
version 4.14.1 the filesystem size is not minimized. Please
see option --shrink if you need that functionality.
--shrink
Shrink the filesystem to its minimal size, only works with
--rootdir option.
...
Note prior to version 4.14.1, the shrinking was done
automatically.
"
Add the --shrink option to EXTRA_IMAGECMD_btrfs to reinstate the
original behavior and un-waste the space.
(From OE-Core rev: 6de30e62fc5815edc19c96b49c0ff9681298c56c)
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c4a99d36967302c176b62fad840b5e79486ea356)
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
gcc11 has -std=gnu++17 as default. Remove deprecated C++17 exceptions based
on http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html.
(From OE-Core rev: ef8b7946b4793db653ef7dd716e1d3f919a84725)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 419503134b76abeb57727259f846a2394dc73ea5)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44a6cd03721b51cbb4e05870375fa347527b0db5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
utils.bbclass contains create_cmdline_wrapper() function that
creates wrapper script with additional arguments for any passed
"$cmd" command, and uses several calls to "dirname".
Because "dirname" is an external command, in cases of lots of
calls to wrapped "$cmd", each call of "dirname" will incur
significant overhead.
There are three same calls to "dirname": one for saving it`s
output to "realdir" variable, and other two in "exec" command.
So last two "dirname" calls can be replaced with cached value
from "realdir" variable.
(From OE-Core rev: 912c9eda653c45fee2f55092fbe281efba897bc0)
Signed-off-by: Oleksandr Popovych <opopovyc@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4b9cf2c80fd14386e0b88a2e6c40a9fa3f1ae0f7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
lzo was missing CVE_PRODUCT and related CVEs (at least CVE-2014-4607) were
not reported.
(From OE-Core rev: 69e33b9eee6ae97208e766fd96353dfcb8c20bd5)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 366cf8201e36df1ac836e49de04ccda1f763ca9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously the bootimg-pcbios wic plugin was not respecting
the --label option provided from the wks file. The plugin
was setting the label to 'boot'. With this fix, the --label
option is use. If no option are specified, then the default
is 'boot'.
(From OE-Core rev: c9617934a20d30198a8ddcf10fc02de4885fd433)
Signed-off-by: jbouchard <jeanbouch418@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0fd7a73c1bd2486b7a022f0f69bbcb2e0d9cb141)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog shows only security fixes for CVE-2021-3711 and CVE-2021-3712:
https://www.openssl.org/news/cl111.txt
(From OE-Core rev: e26bc21f09ed1631437fc990cbda86c8659d4738)
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: https://sourceware.org/git/binutils-gdb.git
MR: 112801
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729
ChangeID: 470b309f4859eecdcc837add2bf756484ad94ee5
Description:
Fixed up for 2.34 context
(From OE-Core rev: bcaa13d8888416b01f0f590d9dab2bd736d1e8a8)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: git://sourceware.org/binutils-gdb.git
MR: 111523
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7
ChangeID: 2d3161f601852eb8f9a9ca982c6b0cd44e036bc6
Description:
Affects <= 2.36
Fixup Changelog to apply to dunfel context.
(From OE-Core rev: 3cb2e144f8b74f9d78d93ba15e2d66e432462860)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adding fix for CVE-2021-20266
Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/pull/1587/commits/9646711891df851dfbf7ef54cc171574a0914b15]
Note: Hunk#2 and Hunk#3 refreshed to apply patch and match value of
dl_max variable to make it with current version
All Hunks are refreshed to solve patch-fuzz
(From OE-Core rev: 6c16aad7167eb98bc9995486f967431c39f9df15)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: http://git.yoctoproject.org/cgit/poky.git
MR: 112749
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=f5e77d70e2eb35751f5bad5572b6eb8a3ab14422
ChangeID: 4496341da3af9126c9c67170e1a2cce929c29828
Description:
(From OE-Core rev: 5e05ee8ff363eac84edec568039b86bcd716c6ce)
(From OE-Core rev: f8d34ef74dafcf14e07f9322254465d03490bd60)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f5e77d70e2eb35751f5bad5572b6eb8a3ab14422)
[Refreshed patch]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: http://git.yoctoproject.org/cgit/poky.git
MR: 112749
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=460485d774480cd89cadf3b068f5197f44d86f25
ChangeID: 4e40dee2e6ce0b5b4de971f2c2b336929e7f22c3
Description:
(From OE-Core rev: 764bca67650da9df439527796879dda767c8c008)
(From OE-Core rev: cc541da4d67a9afa86a6ac37d5470d4dc77ea922)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 460485d774480cd89cadf3b068f5197f44d86f25)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Source: http://git.yoctoproject.org/cgit/poky.git
MR: 112743
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=e11384737ed489ea02800d545432b9ded82bf1bb
ChangeID: a2ff7112354349e8cf8960f30499f61e545d7f8e
Description:
(From OE-Core rev: fb2634922db91e5b877dd10021dafec7b5c6e565)
(From OE-Core rev: 942d936524d3948d74c7240038ce81d859f68cab)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e11384737ed489ea02800d545432b9ded82bf1bb)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Sakib Sajal
Armin Kuster
Richard Purdie
Wang Mingyu
Ovidiu Panait
Nicolas Dechesne
Purushottam Choudhary
Changqing Li
Matt Madison
Andrej Valek
Ross Burton
Steve Sakoman
Alexander Kanavin
Bruce Ashfield
Marek Vasut
Oleksandr Popovych
Marta Rybczynska
jbouchard
Mikko Rapeli
Ranjitsinh Rathod