summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* Remove broken test calls from sed recipeTimothy Pearson2019-04-161-10/+0
|
* Fix freetype FTBFS after automake updateTimothy Pearson2019-04-161-1/+1
|
* Update intltool to newer versionTimothy Pearson2019-04-168-22/+61
|
* Fix autoreconf failure due to automake calling host perlTimothy Pearson2019-04-161-0/+8
| | | | | The host perl and the native perl may not always be compatible Make sure the naive perl is always called when autoreconf and friends are run
* Fix libtool-native FTBFS on Stretch due to Perl mismatchTimothy Pearson2019-04-161-0/+6
|
* Use system config.guess for cross-localedef-nativeRaptor Engineering Development Team2018-07-091-0/+1
| | | | This fixes builds on ppc64el
* Add ppc64el host supportRaptor Engineering Development Team2018-07-091-0/+2
|
* Revup automake to latestRaptor Engineering Development Team2018-07-0910-117/+333
|
* Fix FTBFS with GCC 6Timothy Pearson2017-08-285-6/+104
|
* Building gcc-cross 4.9.3 with gcc 6 fails with the following error:Ioan-Adrian Ratiu2017-08-282-0/+152
| | | | | | | | error: 'const char* libc_name_p(const char*, unsigned int)' redeclared inline with 'gnu_inline' attribute This is a backport of the upstream fix. Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
* Make builds functional on Debian StretchTimothy Pearson2017-08-274-5/+91
| | | | Add AST2050 / KGPE-D16 files
* dpkg: Security fix CVE-2015-0860Armin Kuster2016-02-072-0/+54
| | | | | | | | | | | | | CVE-2015-0860 dpkg: stack overflows and out of bounds read (From OE-Core rev: 5aaec01acc9e5a19374a566307a425d43c887f4b) (From OE-Core rev: 4dea3e7b9a0041e7359981e68c561e7de8ad3ae5) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8704Armin Kuster2016-02-072-0/+30
| | | | | | | | | CVE-2015-8704 bind: specific APL data could trigger an INSIST in apl_42.c (From OE-Core rev: 600c1d2beb64e23123e478051537b917f5d4a8a7) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Security fix CVE-2015-8710Armin Kuster2016-02-072-0/+72
| | | | | | | | | | | | | CVE-2015-8710 libxml2: out-of-bounds memory access when parsing an unclosed HTML comment (From OE-Core rev: 03d481070ebc6f9af799aec5d038871f9c73901c) (From OE-Core rev: d5db25213613cb862255047c0e995fd5489d9765) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: Security fix CVE-2015-8241Armin Kuster2016-02-072-0/+41
| | | | | | | | | | | | | CVE-2015-8241 libxml2: Buffer overread with XML parser in xmlNextChar (From OE-Core rev: f3c19a39cdec435f26a7f46a3432231ba4daa19c) (From OE-Core rev: 428878a67fd723908af74c4881e933969f2928a7) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: reinstate changes reverted in 2014c upgradePaul Eggleton2016-02-071-2/+3
| | | | | | | | | | | | | | | | | | OE-Core commit 57af3fb9662106f0a65a1b4edf83e2398be0a8f1 upgraded tzdata but also reverted a couple of changes to SUMMARY and LIC_FILES_CHKSUM. Reinstate these (with an update to the README md5 value since that has changed slightly, without any change to the licensing statements within). (From OE-Core rev: cea4f6b86129f84a99700207777929bf7e811ed6) (From OE-Core rev: 37069c7511603f9fe33bcc48e38ac58ab89138f9) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2016aArmin Kuster2016-02-071-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changed LIC_CHKSUM_FILES to a new LICENSE file. Add BSD-3-clause to licenses Changes affecting future time stamps America/Cayman will not observe daylight saving this year after all. Revert our guess that it would. (Thanks to Matt Johnson.) Asia/Chita switches from +0800 to +0900 on 2016-03-27 at 02:00. (Thanks to Alexander Krivenyshev.) Asia/Tehran now has DST predictions for the year 2038 and later, to be March 21 00:00 to September 21 00:00. This is likely better than predicting no DST, albeit off by a day every now and then. Changes affecting past and future time stamps America/Metlakatla switched from PST all year to AKST/AKDT on 2015-11-01 at 02:00. (Thanks to Steffen Thorsen.) America/Santa_Isabel has been removed, and replaced with a backward compatibility link to America/Tijuana. Its contents were apparently based on a misreading of Mexican legislation. Changes affecting past time stamps Asia/Karachi's two transition times in 2002 were off by a minute. (Thanks to Matt Johnson.) (From OE-Core rev: 790315dbd2dcb5b2024948ef412f32d2788cb6b5) (From OE-Core rev: 6ebd2689f72b725c1ca493eae77d5a41386ee901) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 39e231cfabda8d75906c935d2a01f37df6121b84) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode: update to 2016aArmin Kuster2016-02-072-25/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change LIC_CHKSUM_FILES to License. Some files are BSD clause 3 Changes affecting build procedure An installer can now combine leap seconds with use of the backzone file, e.g., with 'make PACKRATDATA=backzone REDO=posix_right zones'. The old 'make posix_packrat' rule is now marked as obsolescent. (Thanks to Ian Abbott for an initial implementation.) Changes affecting documentation and commentary A new file LICENSE makes it easier to see that the code and data are mostly public-domain. (Thanks to James Knight.) The three non-public-domain files now use the current (3-clause) BSD license instead of older versions of that license. tz-link.htm mentions the BDE library (thanks to Andrew Paprocki), CCTZ (thanks to Tim Parenti), TimeJones.com, and has a new section on editing tz source files (with a mention of Sublime zoneinfo, thanks to Gilmore Davidson). The Theory and asia files now mention the 2015 book "The Global Transformation of Time, 1870-1950", and cite a couple of reviews. The America/Chicago entry now documents the informal use of US central time in Fort Pierre, South Dakota. (Thanks to Rick McDermid, Matt Johnson, and Steve Jones.) (From OE-Core rev: 1ee9072e16d96f95d07ec5a1f63888ce4730d60e) (From OE-Core rev: 7d8a32361c45ab99c88bc65612327aa49cf3bd39) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit b7f292b84eea202fb13730c11452ac1957e41cf0) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2015-7295Armin Kuster2016-02-074-0/+176
| | | | | | | | | | | | | CVE-2015-7295 Qemu: net: virtio-net possible remote DoS (From OE-Core rev: 74771f8c41aaede0ddfb86983c6841bd1f1c1f0f) (From OE-Core rev: 3a7c84952d40f95b0f34bc35eef4490ecc8da07e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2016-1568Armin Kuster2016-02-072-0/+47
| | | | | | | | | | | | | CVE-2016-1568 Qemu: ide: ahci use-after-free vulnerability in aio port commands (From OE-Core rev: 166c19df8be28da255cc68032e2d11afc59d4197) (From OE-Core rev: c2361dd9bb663b00dd194cb7fdb0e07d7e1ab5e1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2015-8345Armin Kuster2016-02-072-0/+74
| | | | | | | | | | | | | CVE-2015-8345 Qemu: net: eepro100: infinite loop in processing command block list (From OE-Core rev: 99ffcd66895e4ba064542a1797057e45ec4d3220) (From OE-Core rev: e51fc319b859f44be61822d93e0b72647a02f7c6) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2015-7512Armin Kuster2016-02-072-0/+45
| | | | | | | | | | | | | CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mod (From OE-Core rev: e6e9be51f77c9531f49cebe0ca6b495c23cf022d) (From OE-Core rev: 90d2a8eb0853f506a457e9935f4354c71d2fc9c9) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2015-7504Armin Kuster2016-02-072-0/+57
| | | | | | | | | | | | | CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode (From OE-Core rev: b01b569d7d7e651a35fa38750462f13aeb64a2f3) (From OE-Core rev: 10752d6beb5520ec0fc83a7d0173e10144b11685) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Security fix CVE-2015-8504Armin Kuster2016-02-072-0/+52
| | | | | | | | | | | | | CVE-2015-8504 Qemu: ui: vnc: avoid floating point exception (From OE-Core rev: c622bdd7133d31d7fbefe87fb38187f0aea4b592) (From OE-Core rev: 38f102a9271896a49aa32aacf2c2be3a14f51493) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix CVE-2015-3187Wenzong Fan2016-02-072-0/+347
| | | | | | | | | | | | | | | | | | | | | | | | The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt (From OE-Core master rev: 6da25614edcad30fdb4bea8ff47b81ff81cdaed2) (From OE-Core rev: e1e277bf51c6f00268358f6bf8623261b1b9bc22) (From OE-Core rev: b45dcbadc1a51188ac6dead855e14a181a7bccd9) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix CVE-2015-3184Wenzong Fan2016-02-072-0/+2083
| | | | | | | | | | | | | | | | | | | | | | | | mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt (From OE-Core master rev: 29eb921ed074d86fa8d5b205a313eb3177473a63) (From OE-Core rev: 7af7a3e692a6cd0d92768024efe32bfa7d83bc8f) (From OE-Core rev: e4a1caecc5ae6b8488ec8ed7d303296af99146c0) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-0701Armin Kuster2016-02-073-0/+260
| | | | | | | | | | | | | CVE-2016-0701 OpenSSL: DH small subgroups (From OE-Core rev: c5868a7cd0a28c5800dfa4be1c9d98d3de08cd12) (From OE-Core rev: 5e73d0e88c28ca1e948f5c463b9d9d1001251a42) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2015-3197Armin Kuster2016-02-072-0/+64
| | | | | | | | | | | | | CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers (From OE-Core rev: b387d9b8dff8e2c572ca14f9628ab8298347fd4f) (From OE-Core rev: c037cbdac6a0e871a60077703432c08be6d29677) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-8776Armin Kuster2016-02-072-0/+156
| | | | | | | | | | | | | | | | it was found that out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information. (From OE-Core rev: b9bc001ee834e4f8f756a2eaf2671aac3324b0ee) (From OE-Core rev: 3527ba3be7cfdfd813f5ca495bc74db559a648cd) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-9761Armin Kuster2016-02-073-0/+1429
| | | | | | | | | | | | | | | | A stack overflow vulnerability was found in nan* functions that could cause applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (From OE-Core rev: fd3da8178c8c06b549dbc19ecec40e98ab934d49) (From OE-Core rev: 6cb0465247195ec25ef1073e79997001380aa807) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-8779Armin Kuster2016-02-072-0/+263
| | | | | | | | | | | | | | | | A stack overflow vulnerability in the catopen function was found, causing applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5) (From OE-Core rev: 2e1c8cab3bc7b70e2a05dca20cb5bcec4335f04d) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2015-8777Armin Kuster2016-02-072-0/+123
| | | | | | | | | | | | | | | | The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. (From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252) (From OE-Core rev: 9cc998978bd67bc5569cc1478f4ddee40020b929) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: CVE-2016-077xArmin Kuster2016-01-202-0/+57
| | | | | | | | | | this address two CVE's. CVE-2016-0777 and CVE-2016-0778 (From OE-Core rev: 1c05115a906499989d2159683195ed6d2cda75ba) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* logrotate: do not move binary logrotate to /usr/binHongxu Jia2016-01-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | In oe-core commit a46d3646a3e1781be4423b508ea63996b3cfca8a ... Author: Fahad Usman <fahad_usman@mentor.com> Date: Tue Aug 26 13:16:48 2014 +0500 logrotate: obey our flags Needed to quiet GNU_HASH warnings, and some minor fixes. ... it explicitly move logrotate to /usr/bin without any reason, which is against the original Linux location /usr/sbin. So partly revert the above commit which let logrotate be kept in the original place /usr/sbin. (From OE-Core rev: 88015d6d0a887969ae82b0888bf32659a6d225d3) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-5312Armin Kuster2016-01-202-0/+40
| | | | | | | | (From OE-Core rev: 15d05f186fbe78774c933cf93f116af1a2a8e51a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-8242Armin Kuster2016-01-202-0/+50
| | | | | | | | (From OE-Core rev: acbd71fe7d0571b78bbecb7464d99823411a7b22) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7500Armin Kuster2016-01-203-0/+271
| | | | | | | | | | includes a depend fix security issue CVE-2015-7500 (From OE-Core rev: 7d54f2f85dfcc3a56239abafd5eaefb9d7d25081) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7499Armin Kuster2016-01-203-0/+133
| | | | | | | | | | | | includes: CVE-2015-7499-1 CVE-2015-7499-2 (From OE-Core rev: 3048fe24e4c5f83ad0971062a88592bcb6bf52bc) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7497Armin Kuster2016-01-202-0/+41
| | | | | | | | (From OE-Core rev: 5b72983d1a6d5ad5e9a21d2673d57d1da2333ac6) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7498Armin Kuster2016-01-202-0/+90
| | | | | | | | (From OE-Core rev: b3d6a714180199a5e0099e3d40b37c9bfa106eb1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-8035Armin Kuster2016-01-202-0/+39
| | | | | | | | (From OE-Core rev: 495eaf5039596ac0fab7684cfc867569710eb0f4) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7942Armin Kuster2016-01-203-0/+76
| | | | | | | | | | | | includes: CVE-2015-7942 CVE-2015-7942-2 (From OE-Core rev: 4ca806d70cf65a66daab85898bcf5d682bef43d3) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-8317Armin Kuster2016-01-202-0/+43
| | | | | | | | (From OE-Core rev: 34379b38919d535cd787bde4493fff61bd17f37a) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: security fix CVE-2015-7941Armin Kuster2016-01-203-0/+97
| | | | | | | | | | | | includes: CVE-2015-7941-1 CVE-2015-7941-2 (From OE-Core rev: e06312c71209b2e1d19c7df1434e409ad96b58be) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxml2: remove files for easier maintenanceJoshua Lock2016-01-203-98/+0
| | | | | | | | | | | Drop a couple of CVE fixes for easy cherry-picking from jethro. The same fixes will be pack-ported from jethro in a following patch. (From OE-Core rev: 02fb45bada58f03c5571baf700934154e9fc57c2) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3195Armin Kuster2016-01-202-0/+67
| | | | | | | | (From OE-Core rev: 55d09d4e2dad9d1f80e50348d44177e47e6e33e1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3194Armin Kuster2016-01-203-0/+113
| | | | | | | | (From OE-Core rev: edff5fc629c8f70191bd33c731084e8217780a38) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3193Armin Kuster2016-01-202-0/+102
| | | | | | | | (From OE-Core rev: ee47f6ca78d15ec56556d5c078bf20315af457b8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* texinfo: don't create dependency on INHERIT variableMartin Jansa2016-01-201-1/+1
| | | | | | | | | | | | | | | | | * we don't want the do_package signature depending on INHERIT variable * e.g. just adding the own-mirrors causes texinfo to rebuild: # bitbake-diffsigs BUILD/sstate-diff/*/*/texinfo/*do_package.sig* basehash changed from 015df2fd8e396cc1e15622dbac843301 to 9f1d06c4f238c70a99ccb6d8da348b6a Variable INHERIT value changed from ' rm_work blacklist blacklist report-error ${PACKAGE_CLASSES} ${USER_CLASSES} ${INHERIT_DISTRO} ${INHERIT_BLACKLIST} sanity' to ' rm_work own-mirrors blacklist blacklist report-error ${PACKAGE_CLASSES} ${USER_CLASSES} ${INHERIT_DISTRO} ${INHERIT_BLACKLIST} sanity' (From OE-Core rev: e6cae8ace890fc4322830731cb95bcc2680f4cfc) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: Fix CVE-2015-8370Belal, Awais2016-01-152-0/+51
| | | | | | | | | | | http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 (From OE-Core rev: 3f2701c102e4e5b95fc79a8d967f9c48f8232fc6) Signed-off-by: Awais Belal <awais_belal@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
OpenPOWER on IntegriCloud