In texinfo, we didn't have info/dir entries, which caused
info not work.
...
root@qemux86:~# info info
info: dir: No such file or directory
...
Refer ubuntu/debian to invoke install-info to create info/dir
entries in pkg_postinst_info.
[YOCTO #6751]
Signed-off-by: Hongxu Jia
Conditionally add 'xz/bz2/gzip' to info/man's RDEPENDS
according to DOC_COMPRESS.
[YOCTO #6750]
[YOCTO #6751]
Signed-off-by: Hongxu Jia hongxu@windriver.com
---
meta/recipes-extended/man/man_1.6g.bb| 13 +
meta/recipes-extended/texinfo/texinfo_5.2.bb | 13 +
Changed in V4:
- In info's postinst/prerm, check the existance of ${infodir}
- Remove x permission for scripts/postinst-intercepts/update_info_dir
'new file mode 100755'--'new file mode 100644', rootfs.py
use the x permission to decide whether the scripts in
postinst-intercepts be invoked
While doc compress enabled, ther is a QA issue:
...
ERROR: QA Issue: texinfo: Files/directories were installed but not shipped
/usr/share/info/info.info.bz2
/usr/share/info/info-stnd.info.bz2 [installed-vs-shipped]
...
Signed-off-by: Hongxu Jia hongxu@windriver.com
---
We need to run it after all packages have been installed. Here is details:
NAME
update_info_dir - update or create index file from all installed
info files in directory
SYNOPSIS
update_info_dir [options] [directory]
DESCRIPTION
Update, or create, the index file dir of available
Hi Ross,
On Wed, Sep 24, 2014 at 11:27:57PM +0100, Burton, Ross wrote:
On 10 September 2014 15:43, Maxin B. John maxin.j...@enea.com wrote:
Fixes two HTTP cookie related security bugs:
1. CVE-2014-3613
2. CVE-2014-3620
Can these be backported instead to 7.37.1? Upgrading to a new
The syslog daemon behaviour in our systemd system should be like the following
1. If ForwardToSyslog is disabled, no daemon should be started.
2. If ForwardToSyslog is enabled, daemon should be started via socket
activation. This is very important for OE based system. Because unlike
other
I commented out these configurations for the following reasons:
We don't have xconsole utility in OE. These configurations are useless
for us.
Besides, the /dev/xconsole device is created in the init script which means
if these configuration are enabled, we need to add a script in sysklogd which
The following changes since commit f6a39cc957bf85ff43513f0b76afc3b2c9c906b6:
sstatesig: fix overrides behaviour to remove SIGGEN_LOCKEDSIGS_i586
(2014-09-17 22:00:05 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib
APT before 1.0.4 does not properly validate source packages, which allows
man-in-the-middle attackers to download and install Trojan horse packages
by removing the Release signature.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0478
Signed-off-by: Wenlin Kang
The following changes since commit 8ac8eca2e3bd8c78e2b31ea974930ed0243258a3:
build-appliance-image: Update to dizzy head revision (2014-09-23 22:10:26
+0100)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib chonglu/apt
This patch includes the following changes:
1. Explicitly set StandardOutput of the log daemon to null.
This would avoid creating a feedback loop of the syslog service.
See link below for more information.
http://www.freedesktop.org/wiki/Software/systemd/syslog/
2. Use ALTERNATIVE
This patch includes the following changes:
1. Add socket activation support for sysklogd.
2. Add systemd service file.
3. Use ALTERNATIVE mechanism in OE to manage the syslog service.
4. Set ALTERNATIVE_PRIORITY to 100 regardless of whether 'systemd'
is in DISTRO_FEATURE or not because sysklogd
Please drop this one.
V2 has been sent to fix a problem in the patch for sysklogd.
//Chen Qi
On 09/19/2014 04:11 PM, Chen Qi wrote:
The following changes since commit f6a39cc957bf85ff43513f0b76afc3b2c9c906b6:
sstatesig: fix overrides behaviour to remove SIGGEN_LOCKEDSIGS_i586
(2014-09-17
On 24 September 2014 11:32, Peter A. Bigot p...@pabigot.com wrote:
Ping for this one too (it re-opened Yocto #3780 and has 1.7 as a due date).
That's all I expect to have for 1.7, unless u-boot 2014.07 gets in (there's
a patch needed for BBB in that case, but it's already in meta-ti's
On 09/25/2014 05:49 AM, Burton, Ross wrote:
On 24 September 2014 11:32, Peter A. Bigot p...@pabigot.com wrote:
Ping for this one too (it re-opened Yocto #3780 and has 1.7 as a due date).
That's all I expect to have for 1.7, unless u-boot 2014.07 gets in (there's
a patch needed for BBB in that
On Thursday 25 September 2014 06:16:11 Peter A. Bigot wrote:
On 09/25/2014 05:49 AM, Burton, Ross wrote:
On 24 September 2014 11:32, Peter A. Bigot p...@pabigot.com wrote:
Ping for this one too (it re-opened Yocto #3780 and has 1.7 as a due
date).
That's all I expect to have for 1.7,
On 25 September 2014 12:16, Peter A. Bigot p...@pabigot.com wrote:
Can you suggest a way to reproduce the problem? Or a pointer to the log
where the errors above can be seen in context?
Build nativesdk-git, not git-nativesdk.
Ross
--
___
When files overlap in the sysroot, something bad usually happened. We've had
two independent cases recently where a couple of months after one of these
warnings was shown, builds failed due to corruption.
This change moves the warning to become a fatal error. The complaint I've had
about this is
On 09/25/2014 06:17 AM, Paul Eggleton wrote:
On Thursday 25 September 2014 06:16:11 Peter A. Bigot wrote:
I'm at a loss here. The probable fix is clear and I can send it as
V2, but I can't test it: no matter what I do, bitbake git-nativesdk
succeeds after attemping 0 tasks of which 0 were
Details of vulnerabilities are available below:
CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
CVE-2014-3620: http://curl.haxx.se/docs/adv_20140910B.html
Signed-off-by: Maxin B. John maxin.j...@enea.com
---
meta/recipes-support/curl/curl/CVE-2014-3613.patch | 269
On 25 September 2014 12:35, Peter A. Bigot p...@pabigot.com wrote:
Shouldn't I have gotten the nothing PROVIDES warning for git-nativesdk even
with git-native in ASSUME_PROVIDED? I'm smelling a missing end-of-line
anchor in a regex somewhere.
Yes, me too.
Ross
--
Currently linux-firmware rebuilds for each machine due to its usage of
update-alternatives which in turn means a dependency on opkg-utils.
Marking opkg-utils as ABISAFE is the only option we have right now
to avoid this.
Signed-off-by: Richard Purdie richard.pur...@linuxfoundation.org
Currently allarch recipes using useradd rebuild each time MACHINE
changes which is not desireable. Adding the useradd dependencies
to this list ensures they do not change under these circumstances.
Signed-off-by: Richard Purdie richard.pur...@linuxfoundation.org
Signed-off-by: Steffen Sledz
Taking run-postinsts and building for two machines which have different
OVERRIDES leads to two different sets of stamps for an allarch package.
We don't need to depend on OVERRIDES in these classes, the end resulting
variables are good enough. We can therefore exclude the dependency
and allow a
Git perl tools such as add--interactive load the Git module at runtime.
A previous patch to eliminate a QA error by deleting it instead of
packaging it was incorrect.
beaglebone[62]$ git add -i
Can't locate Git.pm in @INC (you may need to install the Git module) (@INC
contains:
Ping. Can someone accept this patch in dora branch please?
Thanks.
Regards,
Seb M
2014-07-30 4:37 GMT+02:00 Robert Yang liezhi.y...@windriver.com:
Sorry for the late response, it worked well for me, I will confirm
with RP.
// Robert
On 07/18/2014 03:30 PM, Sébastien Mennetrier wrote:
On 25 September 2014 12:36, Maxin B. John maxin.j...@enea.com wrote:
Details of vulnerabilities are available below:
CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
CVE-2014-3620: http://curl.haxx.se/docs/adv_20140910B.html
Signed-off-by: Maxin B. John maxin.j...@enea.com
This
Complete logs:
http://logs.nslu2-linux.org/buildlogs/oe/world/log.dependencies.20140901_100637.log/
ERROR: 483 issues were found in these recipes: adb ajenti
android-initscripts anjuta-remote-run apcupsd barnyard barnyard2
bigbuckbunny-1080p bigbuckbunny-480p bigbuckbunny-720p
On 25 September 2014 10:09, Chong Lu chong...@windriver.com wrote:
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
@@ -0,0 +1,188 @@
+This patch comes from:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795
Hi Ross,
On Thu, Sep 25, 2014 at 04:08:23PM +0100, Burton, Ross wrote:
On 25 September 2014 12:36, Maxin B. John maxin.j...@enea.com wrote:
Details of vulnerabilities are available below:
CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
CVE-2014-3620:
commit 842a797460cd07b779ab588a4ece7e5d4d97417b
Author: Robert Yang liezhi.y...@windriver.com
Date: Tue Jul 29 00:05:04 2014 -0700
image-vmdk.bbclass: use sda rather than hda
The modern kernels may not support IDE (CONFIG_IDE=y), but it should
support SCSI in most of the cases.
BTW: I've forgot to update date in my previous test-dependencies status, it
should be 2014-09-01.
http://www.openembedded.org/wiki/Bitbake_World_Status
Chromium and firefox seem to be fixed now, but there are couple new issues,
some of them
only as pending patches on e-mail.
== Failed tasks
On Tue, Jun 24, 2014 at 05:13:20PM -0700, Saul Wold wrote:
This will allow for easier configuration of curl for SSL vs gnutls
[YOCTO #6329]
Signed-off-by: Saul Wold s...@linux.intel.com
---
meta/recipes-support/curl/curl_7.37.0.bb | 18 +++---
1 file changed, 7
On 25 September 2014 18:17, Maxin B. John maxin.j...@enea.com wrote:
I have tried it with the latest master and it worked for me.
Could you please confirm if it was applied on the master branch ?
(Couldn't recreate this failure at my PC)
I applied this patch to origin/master
On 25 September 2014 20:27, Martin Jansa martin.ja...@gmail.com wrote:
Can you look into this floating dependency?
curl-7.37.1: libcurl rdepends on rtmpdump, but it isn't a build dependency?
[build-deps]
Thanks for the heads up, patch incoming.
Ross
--
On 9/25/14, 5:40 PM, Burton, Ross wrote:
Hu Francesco,
On 25 September 2014 11:35, Francesco Del Degan f.delde...@endian.com wrote:
Updated to reflect the latest patchset in bash 4.3.
Fixes the CVE-2014-6271.
I'm hearing that this isn't a complete fix, so lets wait for more patches.
Is it
On 25 September 2014 02:20, rongqing...@windriver.com wrote:
++AC_ARG_WITH([numa],
++ [AC_HELP_STRING([--with-numa],
++[have the numa support (default=no)])],
++ [with_numa=${withval}],
++)
I suggest reading
From reading the COPYING and various license headers, the nss
LICENSE was incorrect. It's actually MPL-2.0 (not 1.1) with a
few different Or instances.
Signed-off-by: Elizabeth Flanagan elizabeth.flana...@intel.com
---
meta/recipes-support/nss/nss.inc | 2 +-
1 file changed, 1 insertion(+), 1
Otherwise this is a non-deterministic build dependency.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
meta/recipes-support/curl/curl_7.37.1.bb |1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-support/curl/curl_7.37.1.bb
b/meta/recipes-support/curl/curl_7.37.1.bb
index
CVE-2014-6271 aka ShellShock.
GNU Bash through 4.3 processes trailing strings after function definitions in
the values of environment variables, which allows remote attackers to execute
arbitrary code via a crafted environment.
Signed-off-by: Ross Burton ross.bur...@intel.com
---
On 25 September 2014 23:48, Mark Hatle mark.ha...@windriver.com wrote:
So I would recommend that someone get the 025 patch (don't forget to patch
bash 3.2 as well) in.. and we should wait until their is an official one for
7169.
Agreed, and patches sent.
Ross
--
On 09/26/2014 12:23 AM, Burton, Ross wrote:
On 25 September 2014 10:09, Chong Lu chong...@windriver.com wrote:
+++ b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
@@ -0,0 +1,188 @@
+This patch comes from:
Change since V1:
Add Upstream-Status and Signed-off-by in patch.
The following changes since commit 8ac8eca2e3bd8c78e2b31ea974930ed0243258a3:
build-appliance-image: Update to dizzy head revision (2014-09-23 22:10:26
+0100)
are available in the git repository at:
APT before 1.0.4 does not properly validate source packages, which allows
man-in-the-middle attackers to download and install Trojan horse packages
by removing the Release signature.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0478
Signed-off-by: Wenlin Kang
From: Nitin A Kamble nitin.a.kam...@intel.com
The lttng-modules recipe was failing for meta-intel BSPs with the v3.17 kernel.
These BSP kernels were enabling some of the audio codec drivers, whose
structures are changed recently, causing mismatch with lttng-modules code
expectations. The qemu
From: Nitin A Kamble nitin.a.kam...@intel.com
The lttng-modules recipe was failing with meta-intel BSPs with the
v3.17 kernel. The qemu machines from the poky layers did not get
hit by this issue. The accompanying commit fixes the issue observed in
the lttng-modules recipe. The fix is made in a
On 2014-09-25, 10:00 PM, nitin.a.kam...@intel.com wrote:
From: Nitin A Kamble nitin.a.kam...@intel.com
The lttng-modules recipe was failing for meta-intel BSPs with the v3.17 kernel.
These BSP kernels were enabling some of the audio codec drivers, whose
structures are changed recently, causing
48 matches
Mail list logo
