poky: subtree update:52a625582e..7035b4b21e

Adrian Bunk (9):
      squashfs-tools: Upgrade to 4.4
      screen: Upgrade 4.6.2 -> 4.7.0
      stress-ng: Upgrade 0.10.00 -> 0.10.08
      nspr: Upgrade 4.21 -> 4.23
      gcc: Remove stale gcc 8 patchfile
      gnu-efi: Upgrade 3.0.9 -> 3.0.10
      python3-numpy: Stop shipping manual config files
      coreutils: Move stdbuf into an own package coreutils-stdbuf
      gnu-efi: Upgrade 3.0.10 -> 3.0.11

Alessio Igor Bogani (1):
      systemtap: support usrmerge

Alexander Hirsch (1):
      libksba: Fix license specification

Alexander Kanavin (6):
      gcr: update to 3.34.0
      btrfs-tools: update to 5.3
      libmodulemd-v1: update to 1.8.16
      selftest: skip virgl test on centos 7 entirely
      nfs-utils: do not depend on bash unnecessarily
      selftest: add a test for gpl3-free images

Alistair Francis (4):
      opensbi: Bump from 0.4 to 0.5
      u-boot: Bump from 2019.07 to 2019.10
      qemuriscv64: Build smode U-Boot
      libsdl2: Fix build failure when using mesa 19.2.1

Andreas Müller (4):
      adwaita-icon-theme: upgrade 3.32.0 -> 3.34.0
      gsettings-desktop-schemas: upgrade 3.32.0 -> 3.34.0
      IMAGE_LINGUAS_COMPLEMENTARY: auto-add language packages other than locales
      libical: add PACKAGECONFIG glib and enable it by default

André Draszik (10):
      testimage.bbclass: support hardware-controlled targets
      testimage.bbclass: enable ssh agent forwarding
      oeqa/runtime/df: don't fail on long device names
      oeqa/core/decorator: add skipIfFeature
      oeqa/runtime/opkg: skip install on read-only-rootfs
      oeqa/runtime/systemd: skip unit enable/disable on read-only-rootfs
      ruby: update to v2.6.4
      ruby: some ptest fixes
      oeqa/runtime/context.py: ignore more files when loading controllers
      connman: mark connman-wait-online as SYSTEMD_PACKAGE

Bruce Ashfield (6):
      linux-yocto/4.19: update to v4.19.78
      linux-yocto/5.2: update to v5.2.20
      perf: fix v5.4+ builds
      perf: create directories before copying single files
      perf: add 'cap' PACKAGECONFIG
      perf: drop 'include' copy

Carlos Rafael Giani (12):
      gstreamer1.0: upgrade to version 1.16.1
      gstreamer1.0-plugins-base: upgrade to version 1.16.1
      gstreamer1.0-plugins-good: upgrade to version 1.16.1
      gstreamer1.0-plugins-bad: upgrade to version 1.16.1
      gstreamer1.0-plugins-ugly: upgrade to version 1.16.1
      gstreamer1.0-libav: upgrade to version 1.16.1
      gstreamer1.0-vaapi: upgrade to version 1.16.1
      gstreamer1.0-omx: upgrade to version 1.16.1
      gstreamer1.0-python: upgrade to version 1.16.1
      gstreamer1.0-rtsp-server: upgrade to version 1.16.1
      gst-validate: upgrade to version 1.16.1
      gstreamer: Change SRC_URI to use HTTPS access instead of HTTP

Changqing Li (4):
      qemu: Fix CVE-2019-12068
      python: Fix CVE-2019-10160
      sudo: fix CVE-2019-14287
      mdadm: fix do_package failed when changed local.conf but not cleaned

Chee Yang Lee (2):
      wic/help: change 'wic write' help description
      wic/engine: use 'linux-swap' for swap file system

Chen Qi (3):
      go: fix CVE-2019-16276
      python3: fix CVE-2019-16935
      python: fix CVE-2019-16935

Chris Laplante via bitbake-devel (2):
      bitbake: bitbake: contrib/vim: initial commit, with unmodified code from indent/python.vim
      bitbake: bitbake: contrib/vim: Modify Python indentation to work with 'python do_task {'

Christopher Larson (2):
      bitbake: fetch2/git: fetch shallow revs when needed
      bitbake: tests/fetch: add test for fetching shallow revs

Dan Callaghan (1):
      elfutils: add PACKAGECONFIG for compression algorithms

Douglas Royds via Openembedded-core (1):
      icecc: Export ICECC_CC and friends via wrapper-script

Eduardo Abinader (1):
      devtool: add ssh key option to deploy-target param

Eugene Smirnov (1):
      wic/rawcopy: Support files in sub-directories

Ferry Toth (1):
      sudo: Fix fetching sources

Frazer Leslie Clews (2):
      makedevs: fix format strings in makedevs.c in print statements
      makedevs: fix invalidScanfFormatWidth to prevent overflowing usr_buf

George McCollister (1):
      openssl: make OPENSSL_ENGINES match install path

Haiqing Bai (1):
      unfs3: fixed the issue that unfsd consumes 100% CPU

He Zhe (1):
      ltp: Fix overcommit_memory failure

Hongxu Jia (1):
      openssh: fix CVE-2019-16905

Joe Slater (2):
      libtiff: fix CVE-2019-17546
      libxslt: fix CVE-2019-18197

Kai Kang (1):
      bind: fix CVE-2019-6471 and CVE-2018-5743

Liwei Song (1):
      util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963]

Mattias Hansson (1):
      base.bbclass: add dependency on pseudo from do_prepare_recipe_sysroot

Max Tomago (1):
      python-native: Remove debug.patch

Maxime Roussin-Bélanger (2):
      meta: update and add missing homepage/bugtracker links
      meta: add missing description in recipes-gnome

Michael Ho (1):
      cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH

Mike Crowe (2):
      kernel-fitimage: Cope with non-standard kernel deploy subdirectory
      kernel-devicetree: Cope with non-standard kernel deploy subdirectory

Mikko Rapeli (1):
      systemd.bbclass: enable all services specified in ${SYSTEMD_SERVICE}

Nicola Lunghi (1):
      ofono: tidy up the recipe

Ola x Nilsson (10):
      oeqa/selftest/recipetool: Use with to control file handle lifetime
      oe.types.path: Use with to control file handle lifetime
      lib/oe/packagedata: Use with to control file handle lifetime
      lib/oe/package_manager: Use with to control file handle lifetime
      report-error.bbclass: Use with to control file handle lifetime
      package.bbclass: Use with to manage file handle lifetimes
      devtool-source.bbclass: Use with to manage file handle lifetime
      libc-package.bbclass: Use with to manage filehandle in do_spit_gconvs
      bitbake: bitbake: prserv/serv: Use with while reading pidfile
      bitbake: bitbake: ConfHandler: Use with to manage filehandle lifetime

Oleksandr Kravchuk (4):
      ell: update to 0.23
      ell: update to 0.25
      ell: update to 0.26
      ofono: update to 1.31

Ricardo Ribalda Delgado (1):
      i2c-tools: Add missing RDEPEND

Richard Leitner (1):
      kernel-fitimage: introduce FIT_SIGN_ALG

Richard Purdie (4):
      tinderclient: Drop obsolete class
      meson: Backport fix to assist meta-oe breakage
      nfs-utils: Improve handling when no exported fileysystems
      qemu: Avoid potential build configuration contamination

Robert Yang (1):
      bluez5: Fix for --enable-btpclient

Ross Burton (29):
      sanity: check the format of SDK_VENDOR
      file: explicitly disable seccomp
      python3: -dev should depend on distutils
      gawk: add PACKAGECONFIG for readline
      python3: alternative name is python3-config not python-config
      python3: ensure that all forms of python3-config are in python3-dev
      oeqa/selftest: use specialist assert* methods
      bluez5: refresh upstreamed patches
      xorgproto: fix summary
      libx11: upgrade to 1.6.9
      xorgproto: upgrade to 2019.2
      llvm: add missing Upstream-Status tags
      buildhistory-analysis: filter out -src changes by default
      squashfs-tools: remove redundant source checksums
      squashfs-tools: clean up compile/install tasks
      wpa-supplicant: fix CVE-2019-16275
      gcr: remove intltool-native
      elfutils: disable bzip
      cve-check: ensure all known CVEs are in the report
      git: some tools are no longer perl, so move to main recipe
      git: cleanup man install
      qemu-helper-native: add missing option to getopt() call
      qemu-helper-native: showing help shouldn't be an error
      qemu-helper-native: pass compiler flags
      oeqa/selftest: add test for oe-run-native
      cve-check: failure to parse versions should be more visible
      gst-examples: rename so PV is in filename
      sanity: check for more bits of Python
      recipeutils-test: use a small dependency in the dummy recipe

Sai Hari Chandana Kalluri (1):
      devtool: Add --remove-work option for devtool reset command

Scott Rifenbark (9):
      ref-manual: First pass of 2.8 migration changes (WIP)
      poky.ent: Updated the release date to October 2019
      dev-manual: Added info to "Selecting an Initialization Manager"
      ref-manual: 2nd pass 3.0 migration
      documenation: Changed "2.8" to "3.0".
      ref-manual: Removed deprecated link to ref-classes-bluetooth
      ref-manual, dev-manual: Clean up of a commit
      ref-manual: Updated the BUSYBOX_SPLIT_SUID variable.
      ref-manual, dev-manual: Added CMake toolchain files.

Stefan Agner (1):
      uninative: check .done file instead of tarball

Tom Benn (1):
      dbus: update dbus-1.init to reflect new PID file

Trevor Gamblin (5):
      aspell: upgrade from 0.60.7 to 0.60.8
      binutils: fix CVE-2019-17450
      binutils: fix CVE-2019-17451
      ncurses: fix CVE-2019-17594, CVE-2019-17595
      libgcrypt: upgrade 1.8.4 -> 1.8.5

Trevor Woerner (1):
      libcap-ng: undefined reference to `pthread_atfork'

Wenlin Kang (1):
      sysstat: fix CVE-2019-16167

Yann Dirson (1):
      mesa: fix meson configure fix when 'dri' is excluded from PACKAGECONFIG

Yeoh Ee Peng (1):
      scripts/oe-pkgdata-util: Enable list-pkgs to print ordered packages

Yi Zhao (2):
      libsdl2: fix CVE-2019-13616
      libgcrypt: fix CVE-2019-12904

Zang Ruochen (6):
      bison:upgrade 3.4.1 -> 3.4.2
      e2fsprogs:upgrade 1.45.3 -> 1.45.4
      libxvmc:upgrade 1.0.11 -> 1.0.12
      python3-pip:upgrade 19.2.3 -> 19.3.1
      python-setuptools:upgrade 41.2.0 -> 41.4.0
      libcap-ng:upgrade 0.7.9 -> 0.7.10

Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Change-Id: I50bc42f74dffdc406ffc0dea034e41462fe6e06b

2 files changed, 49 insertions, 1 deletions

diff --git a/poky/meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch b/poky/meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch
new file mode 100644
index 000000000..46b111806
--- /dev/null
+++ b/poky/meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch
@@ -0,0 +1,46 @@
+From 603ae4ed8cd65abf0776ef7f68354a5c24a3411c Mon Sep 17 00:00:00 2001
+From: Sebastien GODARD <sysstat@users.noreply.github.com>
+Date: Tue, 15 Oct 2019 14:39:33 +0800
+Subject: [PATCH] Fix #232: Memory corruption bug due to Integer Overflow in
+ remap_struct()
+
+Try to avoid integer overflow when reading a corrupted binary datafile
+with sadf.
+
+Upstream-Status: Backport [https://github.com/sysstat/sysstat/commit/83fad9c895d1ac13f76af5883b7451b3302beef5]
+CVE: CVE-2019-16167
+
+Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
+Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
+---
+ sa_common.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/sa_common.c b/sa_common.c
+index 395c11c..cfa9007 100644
+--- a/sa_common.c
++++ b/sa_common.c
+@@ -1336,7 +1336,8 @@ int remap_struct(unsigned int gtypes_nr[], unsigned int ftypes_nr[],
+ 	/* Remap [unsigned] int fields */
+ 	d = gtypes_nr[1] - ftypes_nr[1];
+ 	if (d) {
+-		if (ftypes_nr[1] * UL_ALIGNMENT_WIDTH < ftypes_nr[1])
++		if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
++		    ftypes_nr[1] * UL_ALIGNMENT_WIDTH < ftypes_nr[1])
+ 			/* Overflow */
+ 			return -1;
+ 
+@@ -1365,7 +1366,9 @@ int remap_struct(unsigned int gtypes_nr[], unsigned int ftypes_nr[],
+ 	/* Remap possible fields (like strings of chars) following int fields */
+ 	d = gtypes_nr[2] - ftypes_nr[2];
+ 	if (d) {
+-		if (ftypes_nr[2] * U_ALIGNMENT_WIDTH < ftypes_nr[2])
++		if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
++		    gtypes_nr[1] * UL_ALIGNMENT_WIDTH +
++		    ftypes_nr[2] * U_ALIGNMENT_WIDTH < ftypes_nr[2])
+ 			/* Overflow */
+ 			return -1;
+ 
+-- 
+1.9.1
+
diff --git a/poky/meta/recipes-extended/sysstat/sysstat_12.1.6.bb b/poky/meta/recipes-extended/sysstat/sysstat_12.1.6.bb
index 8cf8c36d9..362888d50 100644
--- a/poky/meta/recipes-extended/sysstat/sysstat_12.1.6.bb
+++ b/poky/meta/recipes-extended/sysstat/sysstat_12.1.6.bb
@@ -2,7 +2,9 @@ require sysstat.inc
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"
 
-SRC_URI += "file://0001-Include-needed-headers-explicitly.patch"
+SRC_URI += "file://0001-Include-needed-headers-explicitly.patch \
+	    file://0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch \
+"
 
 SRC_URI[md5sum] = "d8e3bbb9c873dd370f6d33664e326570"
 SRC_URI[sha256sum] = "f752f3c406153a6fc446496f1102872505ace3f0931d975c1d664c81ec09f129"