- Feb 24, 2016
-
-
Richard Purdie authored
(From OE-Core rev: 0c702756dd0009c4112028fbf2479a346867b32c) Signed-off-by:Richard Purdie <richard.purdie@linuxfoundation.org>
-
- Feb 21, 2016
-
-
Armin Kuster authored
CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write (From OE-Core rev: 646a8cfa5398a22062541ba9c98539180ba85d58) Signed-off-by:
Armin Kuster <akuster@mvista.com> Signed-off-by:
-
Armin Kuster authored
CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines (From OE-Core rev: ca7cbcf22558349f0b43ed7dc84ad38d7c178c55) Signed-off-by:
-
Armin Kuster authored
CVE-2015-7511 libgcrypt: side-channel attack on ECDH with Weierstrass curves affects libgcrypt < 1.6.5 Patch 1 is a dependancy patch. simple macro name change. Patch 2 is the cve fix. (From OE-Core rev: c691ce99bd2d249d6fdc4ad58300719488fea12c) Signed-off-by:
-
Armin Kuster authored
CVE-2016-2225 Make sure to always terminate decoded string This change is being provide to comply to Yocto compatiblility. (From OE-Core rev: 093d76f3f4a385aae46304bd572ce1545c6bcf33) Signed-off-by:
-
Armin Kuster authored
CVE-2016-2224 Do not follow compressed items forever. This change is being provide to comply to Yocto compatiblity. (From OE-Core rev: 4fe0654253d7444f2c445a30b06623cef036b2bb) Signed-off-by:
-
- Feb 18, 2016
-
-
Armin Kuster authored
CVE-2016-2090 Heap buffer overflow in fgetwln function of libbsd affects libbsd <= 0.8.1 (and therefore not needed in master) (From OE-Core rev: e56aba3a822f072f8ed2062a691762a4a970a3f0) Signed-off-by:
Joshua Lock <joshua.g.lock@intel.com> Signed-off-by:
-
Armin Kuster authored
CVE-2015-7547: getaddrinfo() stack-based buffer overflow (From OE-Core rev: cf754c5c806307d6eb522d4272b3cd7485f82420) Signed-off-by:
-
- Feb 07, 2016
-
-
Richard Purdie authored
(From OE-Core rev: 05e551d821594b0f4c06328386b6a82e0801ac2a) Signed-off-by: -
Armin Kuster authored
CVE-2016-0755 curl: NTLM credentials not-checked for proxy connection re-use (From OE-Core rev: 8322814c7f657f572d5c986652e708d6bd774378) Signed-off-by:
-
Armin Kuster authored
CVE-2016-0754 curl: remote file name path traversal in curl tool for Windows (From OE-Core rev: b2c9b48dea2fd968c307a809ff95f2e686435222) Signed-off-by:
-
Armin Kuster authored
(From OE-Core rev: 7474c7dbf98c1a068bfd9b14627b604da5d79b67) Signed-off-by:
-
Armin Kuster authored
(From OE-Core rev: f62eb452244c3124cc88ef01c14116dac43f377a) Signed-off-by:
-
Armin Kuster authored
this address both Socat security advisory 7 and MSVR-1499: "Bad DH p parameter in OpenSSL" and Socat security advisory 8: "Stack overflow in arguments parser [Yocto # 9024] (From OE-Core rev: 0218ce89d3b5125cf7c9a8a91f4a70eb31c04c52) Signed-off-by:
-
Armin Kuster authored
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions this patch fixes an incomplete patch in CVE-2015-8126 (From OE-Core rev: f4a805702df691cbd2b80aa5f75d6adfb0f145eb) Signed-off-by:
-
Armin Kuster authored
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (From OE-Core rev: d0a8313a03711ff881ad89b6cfc545f66a0bc018) Signed-off-by:
-
Armin Kuster authored
CVE-2015-8327 cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character this time with the recipe changes. (From OE-Core rev: 62d6876033476592a8ca35f4e563c996120a687b) Signed-off-by:
-
Armin Kuster authored
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character (From OE-Core rev: 307056ce062bf4063f6effeb4c891c82c949c053) Signed-off-by:
-
Richard Purdie authored
(From OE-Core rev: a2b1d9a6f0f29a2d21c80e549b10f3522df20c11) Signed-off-by: -
Jens Rehsack authored
Add patch from commit 96b1b5c1 to cross-localedef-native to avoid broken images built with ENABLE_BINARY_LOCALE_GENERATION set to 1: $ sh -c "export LANG=de_DE; ls -la" sh: loadlocale.c:130: _nl_intern_locale_data: Assertion `cnt < (sizeof (_nl_value_type_LC_COLLATE) / sizeof (_nl_value_type_LC_COLLATE[0]))' failed. Aborted (From OE-Core rev: 2ddfcfaa996d8c675b5c161acb605dc5573eba67) Signed-off-by:
Jens Rehsack <sno@netbsd.org> Signed-off-by:
-
- Feb 05, 2016
-
-
Richard Purdie authored
(From OE-Core rev: 113812945c3cddfec75d67d781c0fa2d7ee02762) Signed-off-by: -
Richard Purdie authored
If we don't do this, we can use an mke2fs.conf from a different path which may contain incompatible flags and lead to obtuse build failures such as: Invalid filesystem option set: has_journal,extent,huge_file,flex_bg,metadata_csum,64bit,dir_nlink,extra_isize To fix this, wrap the mke2fs binary and its hardlinks and point at the correct configuration file. In particular this fixes conflicts between master and jethro builds affecting the main autobuilder. (From OE-Core rev: 0ef6277463517fb0e52b4bd65ca5f6ab42315773) Signed-off-by:
-
- Feb 04, 2016
-
-
Richard Purdie authored
(From OE-Core rev: f3831307d7c849e60c4141f7bfe4067ec5ff224a) Signed-off-by: -
Scott Rifenbark authored
Put in a caveat about getting the ADT Installer to work with CentOS 6.x. New note. Fixes [YOCTO #8324] (From yocto-docs rev: 6ee7696537ca2031073cc59a42ff035cfd8caeec) Signed-off-by:
Scott Rifenbark <srifenbark@gmail.com> Signed-off-by:
-
Belen Barros Pena authored
In section 3.6 of the manual about setting up a production instance of Toaster, explain that TOASTER_DIR determines the location of the build directory, and that the checksettings command configures the build environment for Toaster. NOTE: I applied some minor fixes to the wording. (From yocto-docs rev: 5d899f3026cff40078449ca8bdaba680f79ee0a8) Signed-off-by:
-
Scott Rifenbark authored
Current instructions were wrong. Applied changes to correct them. Author: Belen Barros Pena <belen.barros.pena@intel.com> (From yocto-docs rev: 609e7bd8847cba70e49f4c8a58524392fdc1bd41) Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring(), and upgrades to LINUX_VERSION 4.1.17 (From meta-yocto rev: 2aab8657999c2bcf6e7a54f1085664207ba3ac93) Signed-off-by:
Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring() (From meta-yocto rev: 20c1e1e8ec2f18fbbb47b6dbc27dd7dfa15922fb) Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring(), and upgrades to LINUX_VERSION 3.14.39 (From meta-yocto rev: 47a81a47c5f1f2625365ab7a2f130b75fb5764fd) Signed-off-by:
-
Jianxun Zhang authored
When uvesafb is automatically loaded during boot and FW doesn't support legacy video bios and frame buffer, its user space helper will throw error messages in kernel log: [6.843790] uvesafb: Getting VBE info block failed (eax=0x4f00, err=1) [6.843864] uvesafb: vbe_init() failed with -22 [6.843916] uvesafb: probe of uvesafb.0 failed with error -22 Assuming most x86 boards today don't really rely on this module, this change simply removes it from the common feature list to get rid of these harmless messages. [YOCTO #6584] (From meta-yocto rev: d58fc630b1114dbafa8342de7dcaef8e7d798848) (From meta-yocto rev: 8b08977dc9f2d9ff4fd5ecf4ead24a36dcbda542) Signed-off-by:
Jianxun Zhang <jianxun.zhang@linux.intel.com> Signed-off-by:
Ross Burton <ross.burton@intel.com> Signed-off-by:
Saul Wold <sgw@linux.intel.com> Signed-off-by:
-
Leonardo Sandoval authored
By default, checkout to latest revision from the machine branch specified by the user. (From meta-yocto rev: f79a43406b5b323587415380ecffc87527c64653) (From meta-yocto rev: 311e084bb321701624785ce56a1ad23d7b20b396) Signed-off-by:
Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by:
-
Leonardo Sandoval authored
Fixes the hardcode branch name set to KTYPE, where its value is used as a base branch when user decides to create a new branch. Tested on x86_64 architecture. [YOCTO #8630] (From meta-yocto rev: ab895be90a0cae7dfa77a8aab3b19e5571e7e7bc) (From meta-yocto rev: bc5aec2348b2c314953806734a8fbabf798d142c) Signed-off-by:
-
Leonardo Sandoval authored
On linux-yocto-dev or linux-yocto_X.YY bbappend files, the SRC_URI includes {{=machine}}-standard.scc, which in turn includes {{=machine}}-user-parches.scc, thus there is no need to include it again on the corresponding bbappend file. [YOCTO #8486] (From meta-yocto rev: 11c93b5dd8c651df478d4810e1b6ff6ad9fa57e8) (From meta-yocto rev: c1105ff0e65a24f344e5fab17402b1b4fcb1d728) Signed-off-by: -
Leonardo Sandoval authored
On the 3.19 to 4.1 migration, the target x86_64 was not taken into account (no reason, just missing the correspoding update on the kernel-list.noinstall file), so moving it to 4.1 to be align with the rest. (From meta-yocto rev: 283665d9295c3c10f964496dc0110137e358daa6) (From meta-yocto rev: d58d3c5e65294bd6f4f3f780d746e1c3f8678c2b) Signed-off-by:
-
Ross Burton authored
If there are multiple builds on the same machine then piglit writing it's generated sources to /tmp will race. Instead, export TEMP to tell the tempfile module to use a temporary directory under ${B}. (From OE-Core rev: 226a26e51eb0789686509d3e22a3766e2e3e8666) Signed-off-by: -
Paul Eggleton authored
When copying the sstate-cache into the extensible SDK, if the source path had a trailing / and the destination path did not, there would be a missing / between the path and the subdirectory name, and you'd end up with subdirectories like "sstate-cacheCentOS-6.7". There are functions in os.path for this sort of thing so let's just use them and avoid the problem. (From OE-Core rev: 2ed6adfea5ba16aeda7b5d908bea4303202d3774) Signed-off-by:
Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring(), and upgrades to LINUX_VERSION 4.1.17 (From OE-Core rev: f070d5fee56a4589a6abf422e6872373c5557c6d) Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring() (From OE-Core rev: 8cb97ea8ed59ee77c0542b50d1af65bf9a3c3fef) Signed-off-by:
-
Alejandro Hernandez authored
This addresses CVE-2016-0728: KEYS: Fix keyring ref leak in join_session_keyring(), and upgrades to LINUX_VERSION 3.14.39 (From OE-Core rev: ce53ebc001af87d169a2e0e98ca3d7d4729fdec4) Signed-off-by:
-
Maxin B. John authored
Fix the following warning: WARNING: Failed to fetch URL http://downloads.sourceforge.net/project/ libpng/libpng12/1.2.53/libpng-1.2.53.tar.xz, attempting MIRRORS if available. [YOCTO #8739] (From OE-Core rev: 02363e50b4a3d124fa71edb2870deb820567482b) Signed-off-by:
Maxin B. John <maxin.john@intel.com> Signed-off-by:
-
