diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-16 00:35:03 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-16 00:36:05 +0300 |
commit | 1d80a2eac54644288c7f2820d3c3fbcb5402b351 (patch) | |
tree | dbe2ecc74749cf37f66f9f7268bd7c16d32e9b9b /poky/meta/recipes-extended | |
parent | 98f5315998ea2d2cba17ba9ebafd573902ea97cc (diff) | |
download | openbmc-1d80a2eac54644288c7f2820d3c3fbcb5402b351.tar.xz |
poky: subtree update:7035b4b21e..a616ffebdc
Adrian Bunk (3):
python3: Upgrade 3.7.4 -> 3.7.5
lz4: Whitelist CVE-2014-4715
iputils: Whitelist CVE-2000-1213 CVE-2000-1214
Alex Kube (1):
go: Refactor patches for 1.13.3
Andreas Müller (2):
vte: upgrade 0.56.3 -> 0.58.2
webkitgtk: upgrade 2.26.1 -> 2.26.2
Andreas Oberritter (3):
glibc: move ldconfig to its own package
package.bbclass: Always include ldconfig fragment
systemd: Add runtime dependency on new ldconfig package
André Draszik (1):
libevent: update packaging (one package per shared library)
Anuj Mittal (1):
libsdl2: fix race when building in parallel
Armin Kuster (13):
oeqa/core: Add a check for MACHINE
oeqa/core: Add qemu checks
oeqa/manual/bsp-qemu: remove rpm tests already done in runtime
oeqa/manual/bsp-qemu: remove KVM enabled which is already done in selftest runqemu
oeqa/manual/bsp-qemu: drop xserver test done at runtime
oeqa/manual/bsp-qemu: remove only_one_connmand_in_background test done at runtime
oeqa/manual/bsp-qemu: remove postinit test done w/selftest runtime
oeqa/manual/bsp-qemu: remove manual bash test
oeqa/manual/bsp-qemu: remove manual useradd test
oeqa/selftest/oescripts: move list-packageconfig-flags tests from manual to self
oeqa/manua/oe-core: remove manual PACKAGECONFIG_FLAGS tests
oeqa/selftest/runtime_test: add crosstab selftest
oeqa/manual/oe-core: remove crosstab test from manual
Changhyeok Bae (1):
iproute2: update 5.2.0 -> 5.3.0
Chee Yang Lee (1):
wic: beautify 'wic help'
Chris Laplante via bitbake-devel (7):
bitbake: contrib/vim: More Python indenting; move indent file to correct directory
bitbake: contrib/vim: Special handling of bb.fatal
bitbake: contrib/vim: don't redeclare indenter
bitbake: contrib/vim: renaming & comments
bitbake: contrib/vim: indenting for assignments; tweak Python indenting
bitbake: contrib/vim: handle shell indenting
bitbake: contrib/vim: Add copyright and license notice
Denys Dmytriyenko (1):
buildhistory: fix "version went backwards" QA error message
Gavin Li (1):
bitbake: prserv: fix ResourceWarning due to unclosed socket
Haris Okanovic (8):
isoimage-isohybrid.py: Parameterize ESP label
isoimage-isohybrid.py: Parameterize ESP partition size
initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possible
gnupg: Split gpg and gpg-agent into a minimal gnupg-gpg package
opkg: RDEPEND "gnupg-gpg" instead of "gnupg"
gnupg/libksba/npth/pinentry: Add nativesdk to BBCLASSEXTEND
meta/lib/oe/package_manager.py: Enable sha256 checksums in opkg indexer
dhcp: Workaround busybox limitation in Linux dhclient-script
Ivan Efimov (1):
bitbake: bitbake-worker child process create group before registering SIGTERM handler
Jacob Kroon (2):
rm_work: Promote do_image_qa stamps to setscene versions
rm_work: Simplify logic for setscene promotion
Jagadeesh Krishnanjanappa (1):
tune-cortexa32: Fix libgcc-initial build issue for cortex-a32
Joshua Watt (4):
oeqa: reproducible: Add option to capture bad packages
icecc-create-env: Use OE patchelf in SDK
mc: Fix build reproducibility
wayland: Fix wayland-scanner build for MinGW
Khem Raj (4):
libtirpc: Do not include bits/endian.h directly
strace: Fix ptest build
libnsl2: Update to latest master
strace: Fix build found with 64bit time_t/musl
Liwei Song (1):
buildtools-tarball: export OPENSSL_CONF for openssl
Mark Hatle (1):
populate_sdk_ext.bbclass: Make integrated buildtools optional
Maxime Roussin-Bélanger (1):
meta: add missing description for some recipes in graphics
Mikko Rapeli (1):
harfbuzz: split libharfbuzz-subset.so to its own binary package
Oleksandr Kravchuk (1):
git: update to 2.24.0
Paul Barker (1):
scripts/native-intercept: Add chgrp intercept
Peter Kjellerstedt (3):
sysstat: Correct our systemd unit file
sysstat: Correct when to use the package provided systemd unit files
bitbake: cooker: Remove a left-over comment about expanded_data
Richard Purdie (9):
bitbake: fetch2: Ensure cached url data is matched to a datastore
staging: Handle files moving between dependencies
sstate: Add ability to hide summary output for sstate
selftest/signing: Fix test_locked_signatures to use a temporary layer
dhcp/ruby/ffpmeg: Use CFLAGS, not TARGET_CFLAGS
bitbake: runqueue: Improve sstate rehashing output
pseudo: Add statx support to fix fedora30 issues
pseudo: Drop static linking to sqlite3
sqlite3: Drop pic as we no longer need the sqlite3 static lib
Ross Burton (16):
file: fix CVE-2019-18218
file: remove redundant upstream check workaround
file: run test suite when building natively
patch: the CVE-2019-13638 fix also handles CVE-2018-20969
libpng: whitelist CVE-2019-17371
procps: whitelist CVE-2018-1121
libsndfile1: whitelist CVE-2018-13419
libpam: set CVE_PRODUCT
libsoup: set CVE_PRODUCT
libsoup-2.4: upgrade to 2.66.4
insane: improve textrel warning message
libsoup: update patch upstream status
acpica: upgrade to 20191018
ovmf: unify DEPENDS
cve-check: we don't actually need to unpack to check
cve-update-db-native: don't refresh more than once an hour
Samuli Piippo (1):
linux-firmware: update packaging for brcm files
Scott Rifenbark (3):
ref-manual: Completed the 3.0 migration section.
mega-manual: Updated mega-manual Bitbake manual search path
ref-manual: Removed blank lines from 3.0 migratrion section.
Stefan Agner (1):
dbus: drop unused group netdev
Torbjörn Svensson (1):
psplash: Do mount psplash tmpfs if not mounted
Trevor Gamblin (1):
python3-misc: add python3-audio to RDEPENDS
Volker Vogelhuber (1):
bitbake: fetch2/hg: Fix various runtime issues
Yeoh Ee Peng (4):
scripts/resulttool/report: Enable report to use regression_map
scripts/resulttool/report: Enable output raw test results
scripts/resulttool/report: Add total statistic to test result.
resulttool/store.py: Enable add extra test environment data
Yongxin Liu (2):
systemd: Fix invalid argument of pstore log entry
ltp: Add "udevadm trigger" before swap verification in mkswap01.sh
Zang Ruochen (8):
ruby:upgrade 2.6.4 -> 2.6.5
ethtool:upgrade 5.2 -> 5.3
libdrm:upgrade 2.4.99 -> 2.4.100
libcheck:upgrade 0.12.0 -> 0.13.0
curl:upgrade 7.66.0 -> 7.67.0
libinput:upgrade 1.14.1 -> 1.14.3
python3-six:upgrade 1.12.0 -> 1.13.0
libedit: upgrade 20190324 -> 20191025
Zhixiong Chi (1):
libtirpc: create the symbol link for rpc header files
grygorii tertychnyi (1):
archiver: avoid empty incfile in ar_recipe
Change-Id: Ice596e426e4533d7568a82bcbb21efdfc19e21e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-extended')
15 files changed, 197 insertions, 22 deletions
diff --git a/poky/meta/recipes-extended/acpica/acpica_20190816.bb b/poky/meta/recipes-extended/acpica/acpica_20191018.bb index 8f79974775..4692275762 100644 --- a/poky/meta/recipes-extended/acpica/acpica_20190816.bb +++ b/poky/meta/recipes-extended/acpica/acpica_20191018.bb @@ -9,19 +9,19 @@ ACPI tables." HOMEPAGE = "http://www.acpica.org/" SECTION = "console/tools" -LICENSE = "BSD | GPLv2" -LIC_FILES_CHKSUM = "file://generate/unix/readme.txt;md5=204407e197c1a01154a48f6c6280c3aa" +LICENSE = "Intel | BSD | GPLv2" +LIC_FILES_CHKSUM = "file://source/compiler/aslcompile.c;beginline=7;endline=150;md5=b5690d9ef8d54b2b1e1cc98aad64cd87" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" DEPENDS = "bison flex bison-native" -SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix2-${PV}.tar.gz" -SRC_URI[md5sum] = "6a73b1e34715916fa31132dbe11008b0" -SRC_URI[sha256sum] = "888e80f3bb77381620a5ead208e1a1be06f3ea66ddc8cfdfa62811cae5f03752" +SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz" +SRC_URI[md5sum] = "539a0252bcb42c383ceeaeb12ae9a60d" +SRC_URI[sha256sum] = "029db4014600e4b771b11a84276d2d76eb40fb26eabc85864852ef1f962be95f" UPSTREAM_CHECK_URI = "https://acpica.org/downloads" -S = "${WORKDIR}/acpica-unix2-${PV}" +S = "${WORKDIR}/acpica-unix-${PV}" inherit update-alternatives diff --git a/poky/meta/recipes-extended/ethtool/ethtool/avoid_parallel_tests.patch b/poky/meta/recipes-extended/ethtool/ethtool/avoid_parallel_tests.patch index 7c5d4f956b..153ea55060 100644 --- a/poky/meta/recipes-extended/ethtool/ethtool/avoid_parallel_tests.patch +++ b/poky/meta/recipes-extended/ethtool/ethtool/avoid_parallel_tests.patch @@ -19,7 +19,7 @@ index 2127fdb..4910e6f 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl Process this file with autoconf to produce a configure script. - AC_INIT(ethtool, 5.2, netdev@vger.kernel.org) + AC_INIT(ethtool, 5.3, netdev@vger.kernel.org) AC_PREREQ(2.52) AC_CONFIG_SRCDIR([ethtool.c]) -AM_INIT_AUTOMAKE([gnu]) diff --git a/poky/meta/recipes-extended/ethtool/ethtool_5.2.bb b/poky/meta/recipes-extended/ethtool/ethtool_5.3.bb index 67e7fadee0..401331be39 100644 --- a/poky/meta/recipes-extended/ethtool/ethtool_5.2.bb +++ b/poky/meta/recipes-extended/ethtool/ethtool_5.3.bb @@ -11,8 +11,8 @@ SRC_URI = "${KERNELORG_MIRROR}/software/network/ethtool/ethtool-${PV}.tar.gz \ file://avoid_parallel_tests.patch \ " -SRC_URI[md5sum] = "79cff0d4af62b030ad28be90414b5c4a" -SRC_URI[sha256sum] = "8ad6cb30f6e1767d9d23a5cb5f606f3b51f83e85ebf0153c1506194f6709e90b" +SRC_URI[md5sum] = "63d1c835b861912ea0dfd52cf66a2da4" +SRC_URI[sha256sum] = "cd2d8ea360431a2ea35ff61c276bcf2afee1ad901668a0b50ae9f1c5814756bd" UPSTREAM_CHECK_URI = "https://www.kernel.org/pub/software/network/ethtool/" diff --git a/poky/meta/recipes-extended/iputils/iputils_s20190709.bb b/poky/meta/recipes-extended/iputils/iputils_s20190709.bb index d8f2470d0c..3f9e9917f0 100644 --- a/poky/meta/recipes-extended/iputils/iputils_s20190709.bb +++ b/poky/meta/recipes-extended/iputils/iputils_s20190709.bb @@ -17,6 +17,10 @@ S = "${WORKDIR}/git" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>s\d+)" +# Fixed in 2000-10-10, but the versioning of iputils +# breaks the version order. +CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214" + PACKAGECONFIG ??= "libcap libgcrypt rarpd traceroute6" PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false, libcap" PACKAGECONFIG[libgcrypt] = "-DUSE_CRYPTO=gcrypt, -DUSE_CRYPTO=none, libgcrypt" diff --git a/poky/meta/recipes-extended/libnsl/libnsl2_git.bb b/poky/meta/recipes-extended/libnsl/libnsl2_git.bb index c3a24face1..28c84af7ad 100644 --- a/poky/meta/recipes-extended/libnsl/libnsl2_git.bb +++ b/poky/meta/recipes-extended/libnsl/libnsl2_git.bb @@ -12,7 +12,7 @@ DEPENDS = "libtirpc" PV = "1.2.0+git${SRCPV}" -SRCREV = "37c5ffe3038d42e9fa9ed232ad2cbca4d8f14681" +SRCREV = "4a062cf4180d99371198951e4ea5b4550efd58a3" SRC_URI = "git://github.com/thkukuk/libnsl \ " diff --git a/poky/meta/recipes-extended/libtirpc/libtirpc/musl.patch b/poky/meta/recipes-extended/libtirpc/libtirpc/musl.patch index 0c3ce603ea..21cd9f9588 100644 --- a/poky/meta/recipes-extended/libtirpc/libtirpc/musl.patch +++ b/poky/meta/recipes-extended/libtirpc/libtirpc/musl.patch @@ -1,13 +1,14 @@ Consider musl provided built-in defines Helps compile libtirpc with musl +bits/endian.h is not supposed to be included directly Upstream-Status: Pending Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- ./tirpc/rpc/types.h.orig 2018-03-17 10:23:10.022055255 +0100 -+++ ./tirpc/rpc/types.h 2018-03-17 10:23:30.877751656 +0100 -@@ -66,7 +66,7 @@ +--- a/tirpc/rpc/types.h ++++ b/tirpc/rpc/types.h +@@ -66,7 +66,7 @@ typedef int32_t rpc_inline_t; #define mem_free(ptr, bsize) free(ptr) @@ -16,3 +17,14 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> # define __u_char_defined # define __daddr_t_defined #endif +--- a/src/xdr_float.c ++++ b/src/xdr_float.c +@@ -83,7 +83,7 @@ static struct sgl_limits { + }; + #else + +-#include <bits/endian.h> ++#include <endian.h> + #define IEEEFP + + #endif /* vax */ diff --git a/poky/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb b/poky/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb index e73ffe7b17..633cececd4 100644 --- a/poky/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb +++ b/poky/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb @@ -23,6 +23,20 @@ EXTRA_OECONF = "--disable-gssapi" do_install_append() { chown root:root ${D}${sysconfdir}/netconfig + install -d ${D}${includedir}/rpc + install -d ${D}${includedir}/rpcsvc + for link_header in ${D}${includedir}/tirpc/rpc/*; do + if [ -f $link_header -a ! -e ${D}/${includedir}/rpc/$(basename $link_header) ]; then + ln -sf ../tirpc/rpc/$(basename $link_header) ${D}${includedir}/rpc/$(basename $link_header) + fi + done + for link_header in ${D}${includedir}/tirpc/rpcsvc/*; do + if [ -f $link_header -a ! -e ${D}/${includedir}/rpcsvc/$(basename $link_header) ]; then + ln -sf ../tirpc/rpc/$(basename $link_header) ${D}${includedir}/rpcsvc/$(basename $link_header) + fi + done + ln -sf tirpc/netconfig.h ${D}/${includedir}/netconfig.h + } BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-extended/ltp/ltp/0001-mkswap01.sh-Add-udevadm-trigger-before-swap-verifica.patch b/poky/meta/recipes-extended/ltp/ltp/0001-mkswap01.sh-Add-udevadm-trigger-before-swap-verifica.patch new file mode 100644 index 0000000000..1b433d3ad3 --- /dev/null +++ b/poky/meta/recipes-extended/ltp/ltp/0001-mkswap01.sh-Add-udevadm-trigger-before-swap-verifica.patch @@ -0,0 +1,35 @@ +From fae8852a63d9fa6e56fb8b24eaf10560bd13757f Mon Sep 17 00:00:00 2001 +From: Yongxin Liu <yongxin.liu@windriver.com> +Date: Tue, 12 Nov 2019 11:33:50 +0800 +Subject: [PATCH] mkswap01.sh: Add "udevadm trigger" before swap verification + +Fix: https://github.com/linux-test-project/ltp/issues/458 + +Sometimes the swap device cannot show up in /dev/disk/by-uuid/ +or /dev/disk/by-lable/ due to the issue #458. When this issue +happens, "blkid -c /dev/null" and "ls /dev/disk/by-uuid/" show +different UUID of the device. + +Upstream-Status: Submitted [https://patchwork.ozlabs.org/patch/1193414] + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + testcases/commands/mkswap/mkswap01.sh | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/testcases/commands/mkswap/mkswap01.sh b/testcases/commands/mkswap/mkswap01.sh +index 3a348c6e6..9437c4a4e 100755 +--- a/testcases/commands/mkswap/mkswap01.sh ++++ b/testcases/commands/mkswap/mkswap01.sh +@@ -129,6 +129,8 @@ mkswap_test() + return + fi + ++ udevadm trigger --name-match=$TST_DEVICE ++ + if [ -n "$device" ]; then + mkswap_verify "$mkswap_op" "$op_arg" "$device" "$size" "$dev_file" + if [ $? -ne 0 ]; then +-- +2.14.4 + diff --git a/poky/meta/recipes-extended/ltp/ltp_20190517.bb b/poky/meta/recipes-extended/ltp/ltp_20190517.bb index 5915b1c72a..47aa9675d8 100644 --- a/poky/meta/recipes-extended/ltp/ltp_20190517.bb +++ b/poky/meta/recipes-extended/ltp/ltp_20190517.bb @@ -50,6 +50,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \ file://0001-syscall-rt_sigtimedwait01-Fix-wrong-sigset-length-fo.patch \ file://0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch \ file://0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch \ + file://0001-mkswap01.sh-Add-udevadm-trigger-before-swap-verifica.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/mc/files/0001-Add-option-to-control-configure-args.patch b/poky/meta/recipes-extended/mc/files/0001-Add-option-to-control-configure-args.patch new file mode 100644 index 0000000000..e76aac8161 --- /dev/null +++ b/poky/meta/recipes-extended/mc/files/0001-Add-option-to-control-configure-args.patch @@ -0,0 +1,99 @@ +From a54501d3c9541bc8600225aa2d42531f93c6def7 Mon Sep 17 00:00:00 2001 +From: Joshua Watt <JPEWhacker@gmail.com> +Date: Sat, 9 Nov 2019 20:01:48 -0600 +Subject: [PATCH] Add option to control configure args + +Embedding the configure time options into the executable can lead to +non-reproducible builds, since configure options often have embedded +paths. Add a configure time option to control if the configure args are +embedded so this can be disabled. + +Upstream-Status: Submitted [https://midnight-commander.org/ticket/4031] +Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> +--- + configure.ac | 6 ++++++ + src/args.c | 6 ++++++ + src/textconf.c | 2 ++ + 3 files changed, 14 insertions(+) + +diff --git a/configure.ac b/configure.ac +index 19d1a76be..a1948f6b9 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -544,6 +544,12 @@ dnl Clarify do we really need GModule + AM_CONDITIONAL([HAVE_GMODULE], [test -n "$g_module_supported" && \ + test x"$textmode_x11_support" = x"yes" -o x"$enable_aspell" = x"yes"]) + ++AC_ARG_ENABLE([configure-args], ++ AS_HELP_STRING([--enable-configure-args], [Handle all compiler warnings as errors])) ++if test "x$enable_configure_args" != xno; then ++ AC_DEFINE([ENABLE_CONFIGURE_ARGS], 1, [Define to enable showing configure arguments in help]) ++fi ++ + AC_DEFINE_UNQUOTED([MC_CONFIGURE_ARGS], ["$ac_configure_args"], [MC configure arguments]) + + AC_CONFIG_FILES( +diff --git a/src/args.c b/src/args.c +index baef1a1c8..f8dc24020 100644 +--- a/src/args.c ++++ b/src/args.c +@@ -95,7 +95,9 @@ static gboolean mc_args__nouse_subshell = FALSE; + #endif /* ENABLE_SUBSHELL */ + static gboolean mc_args__show_datadirs = FALSE; + static gboolean mc_args__show_datadirs_extended = FALSE; ++#ifdef ENABLE_CONFIGURE_ARGS + static gboolean mc_args__show_configure_opts = FALSE; ++#endif + + static GOptionGroup *main_group; + +@@ -125,6 +127,7 @@ static const GOptionEntry argument_main_table[] = { + NULL + }, + ++#ifdef ENABLE_CONFIGURE_ARGS + /* show configure options */ + { + "configure-options", '\0', G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_NONE, +@@ -132,6 +135,7 @@ static const GOptionEntry argument_main_table[] = { + N_("Print configure options"), + NULL + }, ++#endif + + { + "printwd", 'P', G_OPTION_FLAG_IN_MAIN, G_OPTION_ARG_STRING, +@@ -758,11 +762,13 @@ mc_args_show_info (void) + return FALSE; + } + ++#ifdef ENABLE_CONFIGURE_ARGS + if (mc_args__show_configure_opts) + { + show_configure_options (); + return FALSE; + } ++#endif + + return TRUE; + } +diff --git a/src/textconf.c b/src/textconf.c +index 1e0613e58..f39b9e028 100644 +--- a/src/textconf.c ++++ b/src/textconf.c +@@ -232,10 +232,12 @@ show_datadirs_extended (void) + + /* --------------------------------------------------------------------------------------------- */ + ++#ifdef ENABLE_CONFIGURE_ARGS + void + show_configure_options (void) + { + (void) printf ("%s\n", MC_CONFIGURE_ARGS); + } ++#endif + + /* --------------------------------------------------------------------------------------------- */ +-- +2.23.0 + diff --git a/poky/meta/recipes-extended/mc/mc_4.8.23.bb b/poky/meta/recipes-extended/mc/mc_4.8.23.bb index 83de8dbb2c..71f61b4848 100644 --- a/poky/meta/recipes-extended/mc/mc_4.8.23.bb +++ b/poky/meta/recipes-extended/mc/mc_4.8.23.bb @@ -8,6 +8,7 @@ RDEPENDS_${PN} = "ncurses-terminfo" SRC_URI = "http://www.midnight-commander.org/downloads/${BPN}-${PV}.tar.bz2 \ file://0001-mc-replace-perl-w-with-use-warnings.patch \ + file://0001-Add-option-to-control-configure-args.patch \ " SRC_URI[md5sum] = "152927ac29cf0e61d7d019f261bb7d89" SRC_URI[sha256sum] = "238c4552545dcf3065359bd50753abbb150c1b22ec5a36eaa02c82808293267d" @@ -21,9 +22,11 @@ PACKAGECONFIG ??= "" PACKAGECONFIG[smb] = "--enable-vfs-smb,--disable-vfs-smb,samba," PACKAGECONFIG[sftp] = "--enable-vfs-sftp,--disable-vfs-sftp,libssh2," -EXTRA_OECONF = "--with-screen=ncurses --without-gpm-mouse --without-x" +EXTRA_OECONF = "--with-screen=ncurses --without-gpm-mouse --without-x --disable-configure-args" CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'" +CACHED_CONFIGUREVARS += "ac_cv_path_PYTHON='/usr/bin/env python'" +CACHED_CONFIGUREVARS += "ac_cv_path_GREP='/usr/bin/env grep'" do_install_append () { sed -i -e '1s,#!.*perl,#!${bindir}/env perl,' ${D}${libexecdir}/mc/extfs.d/* diff --git a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb index 6b73f0a2fe..a2aa1ecd16 100644 --- a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb +++ b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb @@ -163,3 +163,5 @@ CONFFILES_${PN}-runtime += "${sysconfdir}/pam.d/common-account" CONFFILES_${PN}-runtime += "${sysconfdir}/security/limits.conf" UPSTREAM_CHECK_URI = "https://github.com/linux-pam/linux-pam/releases" + +CVE_PRODUCT = "linux-pam" diff --git a/poky/meta/recipes-extended/procps/procps_3.3.15.bb b/poky/meta/recipes-extended/procps/procps_3.3.15.bb index 9756db0e7b..f240e54fd8 100644 --- a/poky/meta/recipes-extended/procps/procps_3.3.15.bb +++ b/poky/meta/recipes-extended/procps/procps_3.3.15.bb @@ -4,9 +4,9 @@ the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill HOMEPAGE = "https://gitlab.com/procps-ng/procps" SECTION = "base" LICENSE = "GPLv2+ & LGPLv2+" -LIC_FILES_CHKSUM="file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \ - " +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \ + " DEPENDS = "ncurses" @@ -64,3 +64,6 @@ python __anonymous() { d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog)) } +# 'ps' isn't suitable for use as a security tool so whitelist this CVE. +# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3 +CVE_CHECK_WHITELIST += "CVE-2018-1121" diff --git a/poky/meta/recipes-extended/sysstat/sysstat.inc b/poky/meta/recipes-extended/sysstat/sysstat.inc index 5a7d2114ca..62de36b44b 100644 --- a/poky/meta/recipes-extended/sysstat/sysstat.inc +++ b/poky/meta/recipes-extended/sysstat/sysstat.inc @@ -17,7 +17,7 @@ DEPENDS += "base-passwd" # autotools-brokensep as this package doesn't use automake inherit autotools-brokensep gettext systemd upstream-version-is-even -PACKAGECONFIG ??= "" +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" PACKAGECONFIG[lm-sensors] = "--enable-sensors,--disable-sensors,lmsensors,lmsensors-libsensors" PACKAGECONFIG[cron] = "--enable-install-cron --enable-copy-only,--disable-install-cron --disable-copy-only" PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_system_unitdir}" @@ -46,10 +46,12 @@ do_install() { echo "d ${localstatedir}/log/sa - - - -" \ > ${D}${sysconfdir}/tmpfiles.d/sysstat.conf - if ${@bb.utils.contains('PACKAGECONFIG', 'cron', 'false', 'true', d)}; then + # Unless both cron and systemd are enabled, install our own + # systemd unit file. Otherwise the package will install one. + if ${@bb.utils.contains('PACKAGECONFIG', 'cron systemd', 'false', 'true', d)}; then install -d ${D}${systemd_unitdir}/system install -m 0644 ${WORKDIR}/sysstat.service ${D}${systemd_unitdir}/system - sed -i -e 's#@LIBDIR@#${libdir}#g' ${D}${systemd_unitdir}/system/sysstat.service + sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}${systemd_unitdir}/system/sysstat.service fi fi } @@ -62,6 +64,6 @@ pkg_postinst_${PN} () { fi } -FILES_${PN} += "${libdir}/sa ${systemd_system_unitdir}" +FILES_${PN} += "${systemd_system_unitdir}" TARGET_CC_ARCH += "${LDFLAGS}" diff --git a/poky/meta/recipes-extended/sysstat/sysstat/sysstat.service b/poky/meta/recipes-extended/sysstat/sysstat/sysstat.service index aff07109f5..ca46befb99 100644 --- a/poky/meta/recipes-extended/sysstat/sysstat/sysstat.service +++ b/poky/meta/recipes-extended/sysstat/sysstat/sysstat.service @@ -5,7 +5,7 @@ Description=Resets System Activity Logs Type=oneshot RemainAfterExit=yes User=root -ExecStart=@LIBDIR@/sa/sa1 --boot +ExecStart=@LIBEXECDIR@/sa/sa1 --boot [Install] WantedBy=multi-user.target |