diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-10-27 21:52:24 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-11-23 23:00:33 +0300 |
commit | 4c19ea120a3e7a73dc8470c86744bc95997f1c90 (patch) | |
tree | dd2f114bc0a3614b653d1afde08bec22ab646e7e /poky/meta/recipes-support | |
parent | 5f4b874fc7d6f8941582b97eb688c67dc21efffb (diff) | |
download | openbmc-4c19ea120a3e7a73dc8470c86744bc95997f1c90.tar.xz |
poky: subtree update:ad30a6d470..7231c10430
Akira Shibakawa (3):
License-Update: attr: Add a missing file to LIC_FILES_CHKSUM.
License-Update: kmod: Add a missing file to LIC_FILES_CHKSUM.
License-Update: gdk-pixbuf: Fix LICENSE.
Alejandro Hernandez Samaniego (1):
baremetal-helloworld: Fix install path since S doesnt have a trailing slash
Alexander Kanavin (4):
ncurses: only include upstream releases in version check
python3: fix upstream version check
boost-build-native: fix upstream version check
selftest/virgl: drop the custom 30 sec timeout
Alistair (1):
weston-init: Allow setting idle time to 0
Changqing Li (1):
toolchain-shar-extract.sh: don't print useless info
Charlie Davies (1):
bitbake: bitbake: fetch/git: use shlex.quote() to support spaces in SRC_URI url
Chen Qi (2):
watchdog: use /run instead of /var/run in systemd service file
cups: use /run instead /var/run in systemd's unit file
David Reyna (1):
bitbake: toaster: Enable Gatesgarth branch in place of Zeus
Douglas Royds (1):
externalsrc: No single-task lock if S != B
Joshua Watt (2):
ref-variables: Given example for naming sources
ref-manual: Document wic --offset option
Khairul Rohaizzat Jamaluddin (1):
imagefeatures: New test case, test_empty_image, added
Khem Raj (5):
autotools.bbclass: Order CONFIG_SHELL before CACHED_CONFIGUREVARS
boost: Fix build on 32-bit arches with 64bit time_t only
mesa: Fix build on 32bit arches supporting 64bit time_t only
packagegroup-core-tools-debug: Disable for rv32/glibc as well
packagegroup-core-tools-profile: Remove lttng-tools and perf for rv32/glibc
Konrad Weihmann (1):
lib/oe/rootfs: introduce IMAGE_LOG_CHECK_EXCLUDES
Lee Chee Yang (2):
libproxy: fix CVE-2020-25219
grub2: fix CVE-2020-10713
Martin Jansa (11):
tune-cortexa76ae.inc: Correct TUNE_FEATURES
arch-armv7a.inc: fix typo
arch-mips.inc: remove duplicated mips64el-o32 from PACKAGE_EXTRA_ARCHS_tune-mips64el-o32
arch-arm64.inc: don't append _be to ARMPKGARCH for tune-aarch64_be
tune-mips64r6.inc: fix typo in mipsisa64r6-nf
tune-ep9312.inc: add t suffix for thumb to PACKAGE_EXTRA_ARCHS_tune-ep9312
tune-riscv.inc: use nf suffix also for TUNE_PKGARCH
tune-supersparc.inc: remove
tune-thunderx.inc: don't append _be to ARMPKGARCH for tune-thunderx_be
siteinfo: Recognize 32bit PPC LE
siteinfo: Recognize bigendian sh3be and sh4be
Max Krummenacher (2):
linux-firmware: package marvel sdio 8997 firmware
linux-firmware: package nvidia firmware
Mingli Yu (1):
tcl: adapt to potential pseudo changes
Naoki Hayama (1):
dev/test/ref-manual: Fix typos
Neil Armstrong (1):
linux-firmware: add Amlogic VDEC firmware package
Nicolas Dechesne (4):
sdk-manual: use built-in footnotes
dev-manual/dev-manual-common-tasks: fix warning
sphinx: add 3.1.3 and 3.0.4 release in the switcher
dev-manual/dev-manual-common-tasks: fix typos and use extlinks
Paul Eggleton (2):
classes/buildhistory: record SRC_URI
classes/buildhistory: also save recipe info for native recipes
Quentin Schulz (17):
docs: poky.yaml: use HTTPS for links
docs: ref-manual: indentation, links and highlights fixes
docs: remove OE_INIT_FILE variable
docs: ref-manual: fix typos
docs: ref-manual: migration-2.3: specify 2.3 version instead of DISTRO
docs: ref-manual: ref-classes: remove dropped tinderclient class
docs: ref-manual: ref-system-requirements: update requirements to build Sphinx docs
docs: sphinx: yocto-vars: rebuild files when poky.yaml has changed
docs: poky.yaml: fix identation in host packages variables
docs: dev-manual-common-tasks: remove paragraph about race when missing DEPENDS
docs: dev-manual-common-tasks: update python webserver example to python3
docs: dev-manual: fix typos, highlights, indentation and links
docs: ref-manual: ref-terms: add links to terms in glossary
docs: bsp-guide: bsp: fix typos, highlights and links
docs: kernel-dev: fix typos, highlights and links
docs: kernel-dev-common: add .patch file extension to SRC_URI files
docs: kernel-dev-faq: update outdated RDEPENDS_kernel-base
Reyna, David (1):
bitbake: toaster: Update documentation links to new URLs
Richard Purdie (10):
layer.conf: Switch to gatesgarth only in preparation for release
bitbake: ui/toasterui: Fix startup faults from incorrect event sequencing
bitbake: bitbake: Bump version to 1.48.0 ready for the new release
oeqa: Add sync call to command execution
poky.conf: Bump version for 3.2 gatesgarth release
build-appliance-image: Update to master head revision
bitbake: tests/fetch: Update upstream master->main branchname transition
Revert "classes/buildhistory: also save recipe info for native recipes"
valgrind: Fix build on musl after drd fixes
build-appliance-image: Update to master head revision
Robert Yang (1):
weston: Fix PACKAGECONFIG for remoting
Roland Hieber (1):
devtool: make sure .git/info exists before writing to .git/info/excludes
Ross Burton (4):
waf: don't assume the waf intepretter is good
waf: add ${B} to do_configure[cleandirs]
scripts/install-buildtools: Update to 3.2 M3 buildtools
glib-2.0: fix parsing of slim encoded tzdata
Sourabh Banerjee (1):
layer.conf: fix sanity error for PATH variable in extensible SDK workflow
Stacy Gaikovaia (2):
valgrind: drd: fix pthread intercept test failures
bitbake: main: Handle cooker daemon startup error
Tim Orling (1):
bitbake: lib/bb/ui/knotty: fix typo in parseprogress
Victor Kamensky (3):
Revert "qemumips: use 34Kf-64tlb CPU emulation"
Revert "qemu: add 34Kf-64tlb fictitious cpu type"
qemu: change TLBs number to 64 in 34Kf mips cpu model
Yi Zhao (1):
dhcpcd: add PACKAGECONFIG for ntp/chrony/ypbind hooks
Zang Ruochen (1):
harfbuzz: Refresh patch
akuster (2):
busybox: add rev and pgrep
kea: add init scripts
leimaohui (1):
docs: Updated the status of spdx module.
zangrc (1):
classes: Fixed the problem of undefined variables when compiling meta-toolchain.
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ic45bc219b94960751896a0ae3d4923a9f5849e70
Diffstat (limited to 'poky/meta/recipes-support')
6 files changed, 120 insertions, 0 deletions
diff --git a/poky/meta/recipes-support/attr/attr.inc b/poky/meta/recipes-support/attr/attr.inc index f13a83a7b4..0c3330a686 100644 --- a/poky/meta/recipes-support/attr/attr.inc +++ b/poky/meta/recipes-support/attr/attr.inc @@ -8,6 +8,7 @@ LICENSE = "LGPLv2.1+ & GPLv2+" LICENSE_${PN} = "GPLv2+" LICENSE_lib${BPN} = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://doc/COPYING;md5=2d0aa14b3fce4694e4f615e30186335f \ + file://doc/COPYING.LGPL;md5=b8d31f339300bc239d73461d68e77b9c \ file://tools/attr.c;endline=17;md5=be0403261f0847e5f43ed5b08d19593c \ file://libattr/libattr.c;endline=17;md5=7970f77049f8fa1199fff62a7ab724fb" diff --git a/poky/meta/recipes-support/boost/boost-build-native_4.3.0.bb b/poky/meta/recipes-support/boost/boost-build-native_4.3.0.bb index d8096de5af..258f8c9cdf 100644 --- a/poky/meta/recipes-support/boost/boost-build-native_4.3.0.bb +++ b/poky/meta/recipes-support/boost/boost-build-native_4.3.0.bb @@ -7,6 +7,8 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c" SRC_URI = "git://github.com/boostorg/build;protocol=https" SRCREV = "632ea768f3eb225b4472c5ed6d20afee708724ad" +UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+){2,}))" + inherit native S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/boost/boost/0001-fiber-libs-Define-SYS_futex-if-it-does-not-exist.patch b/poky/meta/recipes-support/boost/boost/0001-fiber-libs-Define-SYS_futex-if-it-does-not-exist.patch new file mode 100644 index 0000000000..523568e9bc --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0001-fiber-libs-Define-SYS_futex-if-it-does-not-exist.patch @@ -0,0 +1,54 @@ +From d6f7b6064dc91d1d5fa18554b40b14822ab7a32b Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 16 Oct 2020 11:13:22 -0700 +Subject: [PATCH] fiber,libs: Define SYS_futex if it does not exist + +__NR_futex is not defines by newer architectures e.g. arc, riscv32 as +they only have 64bit variant of time_t. Glibc defines SYS_futex interface based on +__NR_futex, since this is used in applications, such applications start +to fail to build for these newer architectures. This patch defines a +fallback to alias __NR_futex to __NR_futex_tim64 so SYS_futex keeps +working + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + boost/fiber/detail/futex.hpp | 5 +++++ + libs/log/src/event.cpp | 4 ++++ + 2 files changed, 9 insertions(+) + +diff --git a/boost/fiber/detail/futex.hpp b/boost/fiber/detail/futex.hpp +index e64bd5990..16bee64f1 100644 +--- a/boost/fiber/detail/futex.hpp ++++ b/boost/fiber/detail/futex.hpp +@@ -17,6 +17,11 @@ extern "C" { + #include <linux/futex.h> + #include <sys/syscall.h> + } ++ ++#if !defined(SYS_futex) && defined(SYS_futex_time64) ++#define SYS_futex SYS_futex_time64 ++#endif ++ + #elif BOOST_OS_WINDOWS + #include <windows.h> + #endif +diff --git a/libs/log/src/event.cpp b/libs/log/src/event.cpp +index 5485154d7..2c7c0381f 100644 +--- a/libs/log/src/event.cpp ++++ b/libs/log/src/event.cpp +@@ -31,6 +31,10 @@ + #include <linux/futex.h> + #include <boost/memory_order.hpp> + ++#if !defined(SYS_futex) && defined(SYS_futex_time64) ++#define SYS_futex SYS_futex_time64 ++#endif ++ + // Some Android NDKs (Google NDK and older Crystax.NET NDK versions) don't define SYS_futex + #if defined(SYS_futex) + #define BOOST_LOG_SYS_FUTEX SYS_futex +-- +2.28.0 + diff --git a/poky/meta/recipes-support/boost/boost_1.74.0.bb b/poky/meta/recipes-support/boost/boost_1.74.0.bb index 5e9e0d87d7..b01b390a59 100644 --- a/poky/meta/recipes-support/boost/boost_1.74.0.bb +++ b/poky/meta/recipes-support/boost/boost_1.74.0.bb @@ -7,4 +7,5 @@ SRC_URI += "file://arm-intrinsics.patch \ file://0001-Apply-boost-1.62.0-no-forced-flags.patch.patch \ file://0001-Don-t-set-up-arch-instruction-set-flags-we-do-that-o.patch \ file://0001-dont-setup-compiler-flags-m32-m64.patch \ + file://0001-fiber-libs-Define-SYS_futex-if-it-does-not-exist.patch \ " diff --git a/poky/meta/recipes-support/libproxy/libproxy/CVE-2020-25219.patch b/poky/meta/recipes-support/libproxy/libproxy/CVE-2020-25219.patch new file mode 100644 index 0000000000..3ef7f85451 --- /dev/null +++ b/poky/meta/recipes-support/libproxy/libproxy/CVE-2020-25219.patch @@ -0,0 +1,61 @@ +From a83dae404feac517695c23ff43ce1e116e2bfbe0 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro <mcatanzaro@gnome.org> +Date: Wed, 9 Sep 2020 11:12:02 -0500 +Subject: [PATCH] Rewrite url::recvline to be nonrecursive + +This function processes network input. It's semi-trusted, because the +PAC ought to be trusted. But we still shouldn't allow it to control how +far we recurse. A malicious PAC can cause us to overflow the stack by +sending a sufficiently-long line without any '\n' character. + +Also, this function failed to properly handle EINTR, so let's fix that +too, for good measure. + +Fixes #134 + +Upstream-Status: Backport [https://github.com/libproxy/libproxy/commit/836c10b60c65e947ff1e10eb02fbcc676d909ffa] +CVE: CVE-2020-25219 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> +--- + libproxy/url.cpp | 28 ++++++++++++++++++---------- + 1 file changed, 18 insertions(+), 10 deletions(-) + +diff --git a/libproxy/url.cpp b/libproxy/url.cpp +index ee776b2..68d69cd 100644 +--- a/libproxy/url.cpp ++++ b/libproxy/url.cpp +@@ -388,16 +388,24 @@ string url::to_string() const { + return m_orig; + } + +-static inline string recvline(int fd) { +- // Read a character. +- // If we don't get a character, return empty string. +- // If we are at the end of the line, return empty string. +- char c = '\0'; +- +- if (recv(fd, &c, 1, 0) != 1 || c == '\n') +- return ""; +- +- return string(1, c) + recvline(fd); ++static string recvline(int fd) { ++ string line; ++ int ret; ++ ++ // Reserve arbitrary amount of space to avoid small memory reallocations. ++ line.reserve(128); ++ ++ do { ++ char c; ++ ret = recv(fd, &c, 1, 0); ++ if (ret == 1) { ++ if (c == '\n') ++ return line; ++ line += c; ++ } ++ } while (ret == 1 || (ret == -1 && errno == EINTR)); ++ ++ return line; + } + + char* url::get_pac() { diff --git a/poky/meta/recipes-support/libproxy/libproxy_0.4.15.bb b/poky/meta/recipes-support/libproxy/libproxy_0.4.15.bb index 19dddebd44..a14c358cc2 100644 --- a/poky/meta/recipes-support/libproxy/libproxy_0.4.15.bb +++ b/poky/meta/recipes-support/libproxy/libproxy_0.4.15.bb @@ -10,6 +10,7 @@ DEPENDS = "glib-2.0" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz \ file://0001-get-pac-test-Fix-build-with-clang-libc.patch \ + file://CVE-2020-25219.patch \ " SRC_URI[md5sum] = "f6b1d2a1e17a99cd3debaae6d04ab152" SRC_URI[sha256sum] = "654db464120c9534654590b6683c7fa3887b3dad0ca1c4cd412af24fbfca6d4f" |