poky: refresh thud: 1d987b98ed..ee7dd31944

Update poky to thud HEAD.

Alex Kiernan (2):
      systemd: backport fix to stop enabling ECN
      systemd: Add PACKAGECONFIG for gnutls

Alexander Kanavin (3):
      lighttpd: update to 1.4.51
      boost: update to 1.69.0
      systemd: backport a patch to fix meson 0.49.0 issue

Alexey Brodkin (1):
      wic: sdimage-bootpart: Use mmcblk0 drive instead of bogus mmcblk

André Draszik (1):
      meta: remove True option to getVar calls (again)

Anuj Mittal (6):
      eudev: upgrade 3.2.5 -> 3.2.7
      gsettings-desktop-schemas: upgrade 3.28.0 -> 3.28.1
      libatomic-ops: upgrade 7.6.6 -> 7.6.8
      libpng: upgrade 1.6.35 -> 1.6.36
      common-licenses: update Libpng license text
      i2c-tools: upgrade 4.0 -> 4.1

Aníbal Limón (1):
      meta/classes/testimage.bbclass: Only validate IMAGE_FSTYPES when is QEMU

Armin Kuster (1):
      tzdata/tzcode-native: update to 2018i

Brad Bishop (1):
      systemd-systemctl-native: handle Install wildcards

Bruce Ashfield (3):
      kernel: use olddefconfig as the primary target for KERNEL_CONFIG_COMMAND
      linux-yocto/4.18: update to v4.18.22
      linux-yocto/4.18: update to v4.18.25

Changqing Li (1):
      libsndfile1: Security fix CVE-2017-17456/17457 CVE-2018-19661/19662

Chen Qi (3):
      package.bbclass: fix python unclosed file ResourceWarning
      eSDK.py: avoid error in tearDownClass due to race condistion
      eSDK.py: unset BBPATH and BUILDDIR to avoid eSDK failure

Douglas Royds (6):
      icecc: readlink -f on the recipe-sysroot gcc/g++
      icecc: Trivial simplification
      icecc: Syntax error meant that we weren't waiting for tarball generation
      icecc: Don't generate recipe-sysroot symlinks at recipe-parsing time
      icecc: patchelf is needed by icecc-create-env
      patch: reproducibility: Fix host umask leakage

Erik Botö (1):
      testimage: Add possibility to pass parmeters to qemu

Federico Sauter (1):
      kernel: don't assign the build user/host

Joshua Watt (1):
      classes/testsdk: Split implementation into classes

Kai Kang (2):
      testimage.bbclass: remove boot parameter systemd.log_target
      systemd: fix compile error for x32

Kevin Hao (1):
      meta-yocto-bsp: Bump to the latest stable kernel for the non-x86 BSPs

Khem Raj (6):
      grub2: Fix passing null to printf formats
      gnupg: Upgrade to 2.2.12 release
      binutils: Fix build with clang
      binutils: Upgrade to latest on 2.31 release branch
      binutils: bfd doesn't handle ELF compressed data alignment
      systemd: Fix memory use after free errors

Manjukumar Matha (1):
      kernel.bbclass: Fix incorrect deploying of fitimage.initramfs

Marcus Cooper (3):
      systemd: Security fix CVE-2018-16864
      systemd: Security fix CVE-2018-16865
      systemd: Security fix CVE-2018-16866

Michael Ho (1):
      sstate: add support for caching shared workdir tasks

Naveen Saini (2):
      linux-yocto: update genericx86* SRCREV for 4.18
      linux-yocto: update genericx86* SRCREV for 4.18

Peter Kjellerstedt (2):
      systemd: Correct and clean up user/group definitions
      systemd: Correct a conditional add to SYSTEMD_PACKAGES

Richard Purdie (9):
      nativesdk-*-provides-dummy: Fixes to allow correct operation with opkg
      classes: Correctly markup regex strings
      testimage: Remove duplicate dependencies
      testimage: Simplfy DEFAULT_TEST_SUITES logic
      testimage: Further cleanup DEFAULT_TEST_SUITES
      testimage: Enable autorunning of the package manager testsuites
      oeqa/runtime/cases: Improve test dependency information
      oeqa/runtime/cases: Improve dependencies of kernel/gcc/build tests
      oeqa/utils/buildproject: Only clean files if we've done something

Robert Yang (7):
      oeqa/utils/qemurunner: Print output when failed to login
      oeqa/utils/qemurunner: set timeout to 60s for run_serial
      oeqa: Fix for QEMU_USE_KVM
      oeqa: make it work for multiple users
      runqemu-gen-tapdevs: Allow run --help without sudo
      oeqa/manual/bsp-qemu.json: Update for QEMU_USE_KVM
      oeqa/selftest/runqemu: Enable kvm when QEMU_USE_KVM is set

Ross Burton (2):
      toolchain-scripts: run post-relocate scripts for every environment
      runqemu: clean up subprocess usage

Yeoh Ee Peng (3):
      scripts/oe-git-archive: fix non-existent key referencing error
      testimage: Add support for slirp
      oeqa/qemu & runtime: qemu do not need ip input from external

OpenBMC compatibility updates:
  meta-phosphor:
    Brad Bishop (1):
          phosphor: rebase i2c-tools patches

Change-Id: Idc626fc076580aeebde1420bcad01e069b559504
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

3 files changed, 106 insertions, 4 deletions

diff --git a/poky/meta/recipes-multimedia/libpng/libpng_1.6.35.bb b/poky/meta/recipes-multimedia/libpng/libpng_1.6.36.bb
index 5ae0a91a7..3cf4f7249 100644
--- a/poky/meta/recipes-multimedia/libpng/libpng_1.6.35.bb
+++ b/poky/meta/recipes-multimedia/libpng/libpng_1.6.36.bb
@@ -2,16 +2,16 @@ SUMMARY = "PNG image format decoding library"
 HOMEPAGE = "http://www.libpng.org/"
 SECTION = "libs"
 LICENSE = "Libpng"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=4791381a76f106ac4699f6261c65ee29 \
-                    file://png.h;endline=144;md5=090ba5769782e8a1663a45fab1c2b36c \
+LIC_FILES_CHKSUM = "file://LICENSE;md5=12b4ec50384c800bc568f519671b120c \
+                    file://png.h;endline=144;md5=15ae15f53376306868259924a9db4e05 \
                     "
 DEPENDS = "zlib"
 
 LIBV = "16"
 
 SRC_URI = "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/${BP}.tar.xz"
-SRC_URI[md5sum] = "678b7e696a62a193ed3503b04bf449d6"
-SRC_URI[sha256sum] = "23912ec8c9584917ed9b09c5023465d71709dce089be503c7867fec68a93bcd7"
+SRC_URI[md5sum] = "df2be2d29c40937fe1f5349b16bc2826"
+SRC_URI[sha256sum] = "eceb924c1fa6b79172fdfd008d335f0e59172a86a66481e09d4089df872aa319"
 
 MIRRORS += "${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/${PV}/ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}${LIBV}/older-releases/${PV}/"
 
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
new file mode 100644
index 000000000..c3f44ca23
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
@@ -0,0 +1,101 @@
+From 39453899fe1bb39b2e041fdf51a85aecd177e9c7 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 7 Jan 2019 15:55:03 +0800
+Subject: [PATCH] a/ulaw: fix multiple buffer overflows (#432)
+
+i2ulaw_array() and i2alaw_array() fail to handle ptr [count] = INT_MIN
+properly, leading to buffer underflow. INT_MIN is a special value
+since - INT_MIN cannot be represented as int.
+
+In this case round - INT_MIN to INT_MAX and proceed as usual.
+
+f2ulaw_array() and f2alaw_array() fail to handle ptr [count] = NaN
+properly, leading to null pointer dereference.
+
+In this case, arbitrarily set the buffer value to 0.
+
+This commit fixes #429 (CVE-2018-19661 and CVE-2018-19662) and
+fixes #344 (CVE-2017-17456 and CVE-2017-17457).
+
+Upstream-Status: Backport[https://github.com/erikd/libsndfile/
+commit/585cc28a93be27d6938f276af0011401b9f7c0ca]
+
+CVE: CVE-2017-17456 CVE-2017-17457 CVE-2018-19661 CVE-2018-19662
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/alaw.c | 9 +++++++--
+ src/ulaw.c | 9 +++++++--
+ 2 files changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/src/alaw.c b/src/alaw.c
+index 063fd1a..4220224 100644
+--- a/src/alaw.c
++++ b/src/alaw.c
+@@ -19,6 +19,7 @@
+ #include	"sfconfig.h"
+ 
+ #include	<math.h>
++#include	<limits.h>
+ 
+ #include	"sndfile.h"
+ #include	"common.h"
+@@ -326,7 +327,9 @@ s2alaw_array (const short *ptr, int count, unsigned char *buffer)
+ static inline void
+ i2alaw_array (const int *ptr, int count, unsigned char *buffer)
+ {	while (--count >= 0)
+-	{	if (ptr [count] >= 0)
++	{	if (ptr [count] == INT_MIN)
++			buffer [count] = alaw_encode [INT_MAX >> (16 + 4)] ;
++		else if (ptr [count] >= 0)
+ 			buffer [count] = alaw_encode [ptr [count] >> (16 + 4)] ;
+ 		else
+ 			buffer [count] = 0x7F & alaw_encode [- ptr [count] >> (16 + 4)] ;
+@@ -346,7 +349,9 @@ f2alaw_array (const float *ptr, int count, unsigned char *buffer, float normfact
+ static inline void
+ d2alaw_array (const double *ptr, int count, unsigned char *buffer, double normfact)
+ {	while (--count >= 0)
+-	{	if (ptr [count] >= 0)
++	{	if (!isfinite (ptr [count]))
++			buffer [count] = 0 ;
++		else if (ptr [count] >= 0)
+ 			buffer [count] = alaw_encode [lrint (normfact * ptr [count])] ;
+ 		else
+ 			buffer [count] = 0x7F & alaw_encode [- lrint (normfact * ptr [count])] ;
+diff --git a/src/ulaw.c b/src/ulaw.c
+index e50b4cb..b6070ad 100644
+--- a/src/ulaw.c
++++ b/src/ulaw.c
+@@ -19,6 +19,7 @@
+ #include	"sfconfig.h"
+ 
+ #include	<math.h>
++#include	<limits.h>
+ 
+ #include	"sndfile.h"
+ #include	"common.h"
+@@ -827,7 +828,9 @@ s2ulaw_array (const short *ptr, int count, unsigned char *buffer)
+ static inline void
+ i2ulaw_array (const int *ptr, int count, unsigned char *buffer)
+ {	while (--count >= 0)
+-	{	if (ptr [count] >= 0)
++	{	if (ptr [count] == INT_MIN)
++			buffer [count] = ulaw_encode [INT_MAX >> (16 + 2)] ;
++		else if (ptr [count] >= 0)
+ 			buffer [count] = ulaw_encode [ptr [count] >> (16 + 2)] ;
+ 		else
+ 			buffer [count] = 0x7F & ulaw_encode [-ptr [count] >> (16 + 2)] ;
+@@ -847,7 +850,9 @@ f2ulaw_array (const float *ptr, int count, unsigned char *buffer, float normfact
+ static inline void
+ d2ulaw_array (const double *ptr, int count, unsigned char *buffer, double normfact)
+ {	while (--count >= 0)
+-	{	if (ptr [count] >= 0)
++	{	if (!isfinite (ptr [count]))
++			buffer [count] = 0 ;
++		else if (ptr [count] >= 0)
+ 			buffer [count] = ulaw_encode [lrint (normfact * ptr [count])] ;
+ 		else
+ 			buffer [count] = 0x7F & ulaw_encode [- lrint (normfact * ptr [count])] ;
+-- 
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index b28f67528..13248f5cb 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -13,6 +13,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
            file://CVE-2017-14245-14246.patch \
            file://CVE-2017-14634.patch \
            file://CVE-2018-13139.patch \
+           file://0001-a-ulaw-fix-multiple-buffer-overflows-432.patch \
           "
 
 SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"