diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2021-05-27 09:23:47 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2021-05-27 09:29:33 +0300 |
| commit | eee7d70a4dbbd89645098df2397aa3f4e5d8baa0 (patch) | |
| tree | 6d5e9c8499e6106fd31b902694ad519941460ed8 /meta-openembedded/meta-networking/recipes-kernel/wireguard | |
| parent | 776d5d2fd95e177490624f4f2f1b2f91a20a3e77 (diff) | |
| download | openbmc-eee7d70a4dbbd89645098df2397aa3f4e5d8baa0.tar.xz | |
subtree updates
meta-openembedded: 346681e7bf..11eae11452:
Aditya.Tayade (1):
neon: Add ptest
Andrei Gherzan (1):
nss: Fix warnings generated by getcwd
Andrej Kozemcak (1):
libupnp: Fix CVE-2020-13848
Armin Kuster (3):
wireguard: fix build issue with updated 5.4 kernel
nostromo: Blacklist and exclude from world builds
packagegroup-meta-webserver: remove nostromo from pkg grp
Clément Péron (1):
nodejs: 12.20.2 -> 12.21.0
Khem Raj (1):
linuxptp: Fix cross build
Marek Vasut (1):
freerdp: Add missing libxkbcommon WL dependency
Martin Jansa (9):
opencv: refresh patches with devtool to apply cleanly
ceres-solver: prevent fetching git hook during do_configure
packagegroup-meta-oe: include nodejs without meta-python2 conditional
packagegroup-meta-oe: move the packages depending on meta-python2 to separate packages
packagegroup-meta-oe: add guider
uml-utilities: fix installed-vs-shipped with usrmerge
telepathy-glib: respect GI_DATA_ENABLED when enabling vala-bindings
libyui: switch to libyui-old repo which still has this SRCREV
ostree: switch from default master branch to main to fix do_fetch failure
Mingli Yu (2):
hostapd: fix CVE-2019-5061
hostapd: fix CVE-2021-0326 and CVE-2021-27803
Neetika Singh (1):
opencv: Security fixes
Peace Lee (2):
guider: Upgrade to 3.9.7
Update commit for version 3.9.7
Rahul Taya (1):
nghttp2: Add fix for CVE-2020-11080
Saloni Jain (1):
fuse: Whitelisted CVE-2019-14860
Sana Kazi (1):
mdns: Whitelisted CVE-2007-0613 for mdns
Sean Nyekjaer (1):
nodejs: 12.20.1 -> 12.20.2
Stefan Ghinea (1):
hostapd: fix CVE-2021-30004
changqing.li@windriver.com (1):
thin-provisioning-tools: switch branch from master to main
poky: d20ef1f5a5..6ebb33bdac:
Alejandro Hernandez Samaniego (1):
devtool: Fix do_kernel_configme task
Alexander Kanavin (11):
selftest/reproducible: enable world reproducibility test
selftest/reproducible: add an exclusion list for items that are not yet reproducible
selftest/reproducible: track unusued entries in the exclusion list
oeqa: tear down oeqa decorators if one of them raises an exception in setup
meta/lib/oeqa/core/tests/cases/timeout.py: add a testcase for the previous fix
diffoscope: add native libraries to LD_LIBRARY_PATH
Revert "oeqa: Set LD_LIBRARY_PATH when executing native commands"
ovmf: update to 202002
ovmf: update to 202005
ovmf: update edk2-stable202005 -> edk2-stable202008
linux-firmware: upgrade 20210208 -> 20210315
Anatol Belski (2):
glibc: Pull latest 2.31 HEAD
tar: Fix CVE-2021-20193
Anton D. Kachalov (1):
run-postinsts: do not remove postinsts directory.
Anuj Mittal (1):
lsb-release: fix reproducibility failure
Bruce Ashfield (14):
linux-yocto/5.4: update to v5.4.99
linux-yocto/5.4: update to v5.4.101
linux-yocto/5.4: update to v5.4.103
linux-yocto/5.4: update to v5.4.105
linux-yocto/5.4: update to v5.4.107
linux-yocto/5.4: update to v5.4.109
linux-yocto/5.4: update to v5.4.111
linux-yocto/5.4: update to v5.4.112
linux-yocto/5.4: fix arm defconfig warnings
linux-yocto/5.4: update to v5.4.114
linux-yocto/5.4: update to v5.4.116
perf: fix python-audit RDEPENDS
make-mod-scripts: add HOSTCXX definitions and gmp-native dependency
linux-yocto/5.4: qemuppc32: reduce serial shutdown issues
Catalin Enache (1):
connman: fix CVE-2021-26675, CVE-2021-26676
Charlie Davies (1):
bitbake-bblayers/create: Fix incorrect priority help message
Chee Yang Lee (1):
initrdscripts: init-install-efi.sh install extra files for ESP
Chen Qi (4):
python3-jinja2: set CVE_PRODUCT
cups: use /run instead /var/run in systemd's unit file
populate_sdk_ext: record METADATA_REVISION
db: update CVE_PRODUCT
Christophe Chapuis (1):
rootfs.py: find .ko.gz and .ko.xz kernel modules as well
Christopher Larson (2):
buildhistory: add missing vardepsexcludes
image,populate_sdk_base: move 'func' flag setting for sdk command vars
Denys Dmytriyenko (1):
maintainers: update own email address
Diego Santa Cruz (1):
iputils: fix various arping regressions
Diego Sueiro (1):
oeqa/selftest/bblayers: Add test case for bitbake-layers layerindex-show-depends
Dorinda (7):
meta/recipes-rt: Add HOMEPAGE / DESCRIPTION
meta-skeleton: Add HOMEPAGE / DESCRIPTION
meta/recipes-extended: Add HOMEPAGE / DESCRIPTION
meta/recipes-support: Add HOMEPAGE / DESCRIPTION
meta/recipes-kernel: Add HOMEPAGE / DESCRIPTION
meta/recipes-multimedia: Add HOMEPAGE / DESCRIPTION
meta/recipes-graphics: Add HOMEPAGE / DESCRIPTION
Dorinda Bassey (3):
meta/recipes-devtools: Add HOMEPAGE / DESCRIPTION
meta-selftest: Add HOMEPAGE / DESCRIPTION
devshell.bbclass: Exceptions displayed within devpyshell
Douglas Royds (4):
cmake: Fully-qualified path to ar
externalsrc: Detect code changes in submodules
Revert "externalsrc: Detect code changes in submodules"
externalsrc: Detect code changes in submodules
Florian Bezdeka (1):
wic: Warn if an ext filesystem affected by the Y2038 problem is used
Gavin Li (1):
kmod: do not symlink config.guess/config.sub during autoreconf
Guillaume Champagne (1):
image-live.bbclass: optional depends when ROOTFS empty
He Zhe (1):
cryptodev-module: Backport a patch to fix build failure with kernel v5.8
Jan Brzezanski (1):
bitbake: Force parser shutdown after catching an exception
Jon Mason (1):
runqemu: use "raw" instead of "bin" for ovmf
Jose Quaresma (1):
ptest-runner: libgcc must be installed for pthread_cancel to work
Joshua Watt (1):
classes/image: Use xargs to set file timestamps
Kai Uwe Broulik (1):
gstreamer1.0-plugins-good: on wayland qt5 needs qtwayland
Khem Raj (6):
oeqa/pam: Need shadow installed for the tests
rxvt-unicode: Do not use throw specifications
dtc: Fix array-bounds error
documentation-audit.sh: Fix typo in specifying LICENSE_FLAGS_WHITELIST
ca-certificates: Fix openssl runtime cert dependencies
cml1.bbclass: Return sorted list of cfg files
Konrad Weihmann (1):
cve-update-db-native: skip on empty cpe23Uri
Lee Chee Yang (7):
cve-update-db-native: consider version suffix when update CVE db
cve-check: CVE_VERSION_SUFFIX to work with patched release
binutils: fix CVE-2021-3487
subversion: fix CVE-2020-17525
qemu: fix CVE-2021-3392
tiff: fix CVE-2020-35523 CVE-2020-35524
python3-jinja2: 2.11.2 -> 2.11.3
Li Wang (1):
linux-dummy: add empty dependent packages
Marek Vasut (1):
linux-firmware: Package RSI 911x WiFi firmware
Mark Hatle (2):
populate_sdk_ext: Avoid copying and producing .pyc files
kernel.bbclass: Remove do_install[prefunc] no longer needed
Martin Jansa (2):
iso-codes: fix protocol in SRC_URI
wpa-supplicant: update CVE-2021-27803.patch
Meh Mbeh Ida Delphine (6):
recipes-gnome: Add missing HOMEPAGE and DESCRIPTION for recipes
recipes-graphics: Add missing HOMEPAGE and DESCRIPTION for recipes.
recipes-kernel: Add missing HOMEPAGE and DESCRIPTION for recipes.
recipes-multimedia: Add missing HOMEPAGE and DESCRIPTION for recipes.
recipes-sato: Add missing HOMEPAGE and DESCRIPTION for recipes
recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipes
Michael Opdenacker (1):
sanity.bbclass: mention CONNECTIVITY_CHECK_URIS in network failure message
Michael Trensch (1):
linux-firmware: Fix packaging
Mike Crowe (1):
curl: Patch CVE-2021-22876 & CVE-2021-22890
Mikko Rapeli (3):
openssl: update to 1.1.1k to fix CVE-2021-3450 and CVE-2021-3449
bitbake: bitbake: tests/fetch: fix test execution without .gitconfig
bitbake: bitbake: tests/fetch: remove write protected files too
Mingli Yu (3):
libtool: make sure autoheader run before autoconf
libtool: make sure autoheader run before automake
groff: not ship /usr/bin/grap2graph
Minjae Kim (3):
wpa-supplicant: fix CVE-2021-27803
qemu: fix CVE-2021-20203
git: fix CVE-2021-21300
Naveen Saini (1):
cryptodev-module: fix build failure with kernel v5.10
Niels Avonds (1):
bitbake: fetch/gitsm: Fix crash when using git LFS and submodules
Peter Budny (1):
lib/oe/terminal: Fix tmux new-session on older tmux versions (<1.9)
Peter Morrow (2):
goarch: map target os to windows for mingw* TARGET_OS
go_1.14: don't set -buildmode=pie when building for windows targets
Petr Vorel (1):
scripts/verify-bashisms: Update checkbashisms.pl URL
Purushottam Choudhary (1):
shadow: whitelist CVE-2013-4235
Reto Schneider (2):
license_image.bbclass: Detect broken symlinks
license_image.bbclass: Fix symlink to generic license files
Richard Purdie (44):
libid3tag: Fix reproducibility issue
syslinux: Fix reproducibility issues
swig: Fix reproducibility issue
efivar: Fix reproducibility issue
selftest/reproducible: Add ability to pull some objects from sstate
build-appliance-image: Drop kernel module handling
bitbake: runqueue: Fix task execution corruption issue
bitbake: runqueue: Add setscene task overlap sanity check
selftest/wic: Fix dependency issue in rawcopy test
build-appliance-image: Update to dunfell head revision
selftest/reproducible: Sort the unused exclusion list
diffoscope: Upgrade 136 -> 168
diffoscope: Upgrade 168 -> 172
oeqa/selftest: Hardcode test assumptions about heartbeat event timings
oeqa/selftest: Ensure packages classes are set correctly for maintainers test
sanity: Add error check for '%' in build path
sanity: Further improve directory sanity tests
pseudo: Upgrade to add trailing slashes ignore path fix
yocto-check-layer: Avoid bug when iterating and autoadding dependencies
bitbake: runqueue: Fix deferred task issues
yocto-uninative: Update to 3.1 which includes a patchelf fix
pybootchart/draw: Avoid divide by zero error
glibc: Document and whitelist CVE-2019-1010022-25
qemu: Exclude CVE-2017-5957 from cve-check
qemu: Exclude CVE-2007-0998 from cve-check
qemu: Exclude CVE-2018-18438 from cve-check
jquery: Exclude CVE-2007-2379 from cve-check
logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check
openssh: Exclude CVE-2007-2768 from cve-check
openssh: Exclude CVE-2008-3844 from cve-check
unzip: Exclude CVE-2008-0888 from cve-check
cpio: Exclude CVE-2010-4226 from cve-check
ghostscript: Exclude CVE-2013-6629 from cve-check
bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check
tiff: Exclude CVE-2015-7313 from cve-check
coreutils: Exclude CVE-2016-2781 from cve-check
librsvg: Exclude CVE-2018-1000041 from cve-check
avahi: Exclude CVE-2021-26720 from cve-check
oeqa/qemurunner: Improve logging thread exit handling for qemu shutdown test
oeqa/qemurunner: Fix binary vs str issue
oeqa/qemurunner: Improve handling of run_serial for shutdown commands
Revert "cml1.bbclass: Return sorted list of cfg files"
sstate: Handle manifest 'corruption' issue
build-appliance-image: Update to dunfell head revision
Robert P. J. Day (4):
bitbake-whatchanged: change ending quote to proper period
bitbake.conf: correct description of HOSTTOOLS_DIR
image.bbclass: fix comment "pacackages" -> "packages"
meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring"
Romain Naour (1):
dejagnu: needs expect at runtime
Ross Burton (7):
ptest-packagelists: remove libinput-ptest
insane: don't check for a warning string that is never output
insane: clean up some more warning messages
cairo: backport patch for CVE-2020-35492
libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)
builder: whitelist CVE-2008-4178 (a different builder)
bitbake: providers: selected version not available should be a warning
Stefan Ghinea (2):
wpa-supplicant: fix CVE-2021-30004
boost: fix do_fetch failure
Stefan Schmidt (1):
systemd-conf: do not ask for DHCP if configured on kernel command line
Steve Sakoman (11):
Revert "sstatesig.py: show an error instead of warning when sstate manifest isn't found"
documentation: prepare for 3.1.7 release
poky.conf: Bump version for 3.1.7 release
selftest/reproducible: adjust exclusion list for dunfell
lib/package_manager: Use shutil.copy instead of bb.utils.copyfile for intercepts
reproducible.py: add quilt-ptest and valgrind-ptest
poky-tiny.conf: set PREFERRED_VERSION_linux-yocto-tiny to 5.4%
ref-system-requirements.rst: Add Fedora 33 to list of supported distros
documentation: prepare for 3.1.8 release
poky.conf: Add fedora33 as a supported distro
poky.conf: Bump version for 3.1.8 release
Vinay Kumar (1):
Binutils: Fix CVE-2021-20197
Yanfei Xu (1):
parselogs: ignore floppy error on qemu-system-x86 at boot stage
Yann Dirson (1):
linux-firmware: include all relevant files in -bcm4356
Yi Fan Yu (2):
valgrind: Increase timeout duration 30 -> 90 s
libevent: Increase ptest timing tolerance 50 ms -> 100 ms
Zhang Qiang (1):
kernel.bbclass: Configuration for environment with HOSTCXX
zhengruoqin (1):
wireless-regdb: upgrade 2020.11.20 -> 2021.04.21
meta-security: c74cc97641..93232ae6d5:
Armin Kuster (1):
kas-security-base: drop DL_DIR
Ming Liu (12):
ima-evm-utils: set native REQUIRED_DISTRO_FEATURES to empty
initramfs-framework-ima: fix a wrong path
ima-evm-keys: add recipe
initramfs-framework-ima: RDEPENDS on ima-evm-keys
meta: refactor IMA/EVM sign rootfs
README.md: update according to the refactoring in ima-evm-rootfs.bbclass
initramfs-framework-ima: let ima_enabled return 0
ima-evm-rootfs.bbclass: avoid generating /etc/fstab for wic
ima-policy-hashed: add CGROUP2_SUPER_MAGIC fsmagic
ima-evm-keys: add file-checksums to IMA_EVM_X509
meta: drop IMA_POLICY from policy recipes
initramfs-framework-ima: introduce IMA_FORCE
Omer Akram (4):
Update apparmor to 2.13.6
backport cross-compile python binding fix
Use C preprocessor from the yocto build environment
tests: correctly escape # in Makefile
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Ibb369f72ca2601f5582a5608d6bdd516d90bea2a
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-kernel/wireguard')
2 files changed, 34 insertions, 1 deletions
diff --git a/meta-openembedded/meta-networking/recipes-kernel/wireguard/files/0001-compat-icmp_ndo_send-functions-were-backported-exten.patch b/meta-openembedded/meta-networking/recipes-kernel/wireguard/files/0001-compat-icmp_ndo_send-functions-were-backported-exten.patch new file mode 100644 index 0000000000..f01cfe4e1c --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-kernel/wireguard/files/0001-compat-icmp_ndo_send-functions-were-backported-exten.patch @@ -0,0 +1,32 @@ +From 122f06bfd8fc7b06a0899fa9adc4ce8e06900d98 Mon Sep 17 00:00:00 2001 +From: "Jason A. Donenfeld" <Jason@zx2c4.com> +Date: Sun, 7 Mar 2021 08:14:33 -0700 +Subject: [PATCH] compat: icmp_ndo_send functions were backported extensively + +Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> + +Upstream-Status: Backport + +Fixes build with 5.4.103 update. +/include/linux/icmpv6.h:56:6: note: previous declaration of 'icmpv6_ndo_send' was here +| 56 | void icmpv6_ndo_send(struct sk_buff *skb_in, u8 type, u8 code, __u32 info); + +Signed-of-by: Armin Kuster <akuster808@gmail.com> + +--- + src/compat/compat.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: src/compat/compat.h +=================================================================== +--- src.orig/compat/compat.h ++++ src/compat/compat.h +@@ -946,7 +946,7 @@ static inline int skb_ensure_writable(st + } + #endif + +-#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 6, 0) ++#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 6, 0) && LINUX_VERSION_CODE >= KERNEL_VERSION(5, 5, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 102) && LINUX_VERSION_CODE >= KERNEL_VERSION(4, 20, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 178) && LINUX_VERSION_CODE >= KERNEL_VERSION(4, 15, 0)) || (LINUX_VERSION_CODE < KERNEL_VERSION(4, 14, 223) && LINUX_VERSION_CODE > KERNEL_VERSION(4, 10, 0)) || LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 259) || defined(ISRHEL8) || defined(ISUBUNTU1804) + #if IS_ENABLED(CONFIG_NF_NAT) + #include <linux/ip.h> + #include <linux/icmpv6.h> diff --git a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb index e8891c4428..6ed988bafa 100644 --- a/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb +++ b/meta-openembedded/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20200401.bb @@ -3,7 +3,8 @@ require wireguard.inc SRCREV = "43f57dac7b8305024f83addc533c9eede6509129" SRC_URI = "git://git.zx2c4.com/wireguard-linux-compat \ - file://0001-compat-SYM_FUNC_-START-END-were-backported-to-5.4.patch" + file://0001-compat-SYM_FUNC_-START-END-were-backported-to-5.4.patch \ + file://0001-compat-icmp_ndo_send-functions-were-backported-exten.patch " inherit module kernel-module-split |