Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-connectivity/openssl/openssl.inc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-connectivity/openssl/openssl.inc
b/meta/recipes-
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-connectivity/openssl/openssl.inc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-connectivity/openssl/openssl.inc
b/meta/recipes-
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../openssl/openssl/CVE-2016-7055.patch| 43
.../recipes-connectivity/openssl/openssl_1.0.2j.bb | 60 --
.../recipes-
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-extended/lighttpd/lighttpd_1.4.43.bb | 84 ---
meta/recipes-extended/lighttpd/lighttpd_1.4.45.bb | 84 +++
2 files
Regarding the last commit about missing dependencies, another issue
was found. The problem was found, while ptest has been built with some
set extra settings. It means, when ptest is going to be built,
it is necessary to rebuild dependencies for test directory too.
Signed-off-by: Andrej Valek
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@si
The NULL pointer dereferencing could produced some
security problems.
This is a preventive security fix.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../libxml2/libxml2-fix_NULL_pointer_derefs
xpath:
- Check for errors after evaluating first operand.
- Add sanity check for empty stack.
- Include comparation in changes from xmlXPathCmpNodesExt to xmlXPathCmpNodes
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@si
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../busybox/busybox/CVE-2016-6301.patch| 37 ++
meta/recipes-core/busybox/busybox_1.24.1.bb| 1 +
2 files changed, 38 insertions(+)
ntpd: NTP server denial of service flaw
CVE: CVE-2016-6301
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../busybox/busybox/CVE-2016-6301.patch| 37 ++
meta/recipes-core/busybox/busyb
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 +++
meta/recipes-core/glibc/g
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 +++
meta/recipes-core/glibc/g
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 +++
meta/recipes-core/glibc/g
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 +++
meta/recipes-core/glibc/g
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-support/libpcre/{libpcre_8.40.bb => libpcre_8.41.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/libpcre/{libpcre_8.40.bb => libpcre_8.41.bb} (95%)
diff --git a/meta/rec
Update libevent to version 2.1.8 and fix test directory creation
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../libevent/Makefile-missing-test-dir.patch | 25 ++
.../{libeve
Update libevent to version 2.1.8 and fix test directory creation
License file has been changed due to new MIT license in source code.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
.../libevent/Makefile-missing-te
Yes, for actual branch is not required. But for branches like krogoth
and morty, where HOSTTOOLS is not implemented, is this necessary.
Andrej
On 08/17/2017 06:31 PM, Richard Purdie wrote:
> On Thu, 2017-08-17 at 16:44 +0200, Andrej Valek wrote:
>> Signed-off-by: Andrej Valek &
Hello Armin,
Could You please merge it into krogoth and morty branch?
@Randy: last commit into those branches was ~5weeks ago, so they are
still maintained.
Regards,
Andrej
On 08/18/2017 05:46 PM, Randy MacLeod wrote:
> On 2017-08-18 06:05 AM, Andrej Valek wrote:
>> OK thank You,
without option to
ignore errors (unlike wget which ignores certificates by default).
Regards,
Andrej
On 08/21/2017 08:12 AM, [ext] Andrej Valek wrote:
> Hello Armin,
>
> Could You please merge it into krogoth and morty branch?
>
> @Randy: last commit into those branches was
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-support/ca-certificates/ca-certificates_20161130.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20161130.bb
b/meta/recipes-support/ca-certif
Hello everyone,
I would like to ask you a question about busybox upgrading.
Is there any reason, why we are still using the version 1.24.1?
I think that, the latest version 1.27.2 has a lot of fixes and it less
vulnerable then the current.
I have checked a license and it has not been changed.
OK thank You, so please merge it into these branches.
Regards,
Andrej
On 08/18/2017 11:35 AM, Richard Purdie wrote:
> On Fri, 2017-08-18 at 08:26 +0200, Andrej Valek wrote:
>> Yes, for actual branch is not required. But for branches like krogoth
>> and morty, where HOSTTOOLS is
the directory structure is the same like during build creation.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Pascal Bach <pascal.b...@siemens.com>
---
meta/lib/oe/copy_buildsystem.py | 5 +
1 file changed, 5 insertions(+)
diff --git a/meta/lib/oe/copy_buildsystem.p
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-graphics/freetype/{freetype_2.7.1.bb => freetype_2.8.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-graphics/freetype/{freetype_2.7.1.bb => freetype_2.8.bb}
(93%)
diff
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../srecord/files/add-option-to-remove-docs.patch | 57 ++
meta/recipes-support/srecord/srecord_1.64.bb | 23 +
2 files changed, 80 insertions(+)
create mode 100644
meta/recipes-support/srecord
ok, I have moved it into meta-oe
(http://lists.openembedded.org/pipermail/openembedded-devel/2017-June/113040.html)
*fixed url
On 06/05/2017 12:42 PM, Burton, Ross wrote:
>
> On 5 June 2017 at 08:55, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siem
ok, I have moved it into meta-oe
(http://lists.openembedded.org/pipermail/openembedded-devel/2017/June/113040.html)
On 06/05/2017 12:42 PM, Burton, Ross wrote:
>
> On 5 June 2017 at 08:55, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siem
For explanation, this utility is used for EPROM data manipulation.
I think, it should be useful for development of embedded devices.
Is this the correct mailing list?
If not, which mailing list would be appropriate?
Andrej
On 05/31/2017 02:55 PM, Andrej Valek wrote:
> Signed-off-by: And
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
...ibxml2-fix_and_simplify_xmlParseStartTag2.patch | 590 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 591 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
Fix CVE:
- CVE-2017-0663
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
- CVE-2017-5969
- Sync necessary changes for CVE fixing from master.
Andrej Valek (7):
libxml2: Disable LeakSanitizer when running API tests
libxml2: Avoid reparsing and simplify control flow
The new flag doesn't work and the change even broke the XML_PARSE_NONET option.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/CVE-2016-9318.patch | 207 -
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 -
2 files c
Fix type confusion in xmlValidateOneNamespace
Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types
on namespace declarations make no practical sense anyway.
Fixes bug 780228
CVE: CVE-2017-0663
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxm
-9050
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9049_CVE-2017-9050.patch | 291 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 292 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
Makefile.am: Disable LeakSanitizer when running API tests
The autogenerated API tests leak memory.
Upstream-Status: Backported -
[https://git.gnome.org/browse/libxml2/commit/?id=ac9a4560ee85b18811ff8ab7791ddfff7b144b0a]
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/r
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 and bug 781701
CVE: CVE-2017-9047 CVE-2017-9048
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9047_CVE-2017-9048.patch
Fix NULL pointer deref in xmlDumpElementContent
Can only be triggered in recovery mode.
Fixes bug 758422
CVE: CVE-2017-5969
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml2-CVE-2017-5969.patch | 62 ++
meta/recipes-core/
I have modified all patches and posted in
http://lists.openembedded.org/pipermail/openembedded-core/2017-June/138219.html
.
Andrej
On 06/15/2017 01:47 PM, Burton, Ross wrote:
>
> On 15 June 2017 at 12:42, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siem
The new flag doesn't work and the change even broke the XML_PARSE_NONET option.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/CVE-2016-9318.patch | 207 -
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 -
2 files c
Fix type confusion in xmlValidateOneNamespace
Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types
on namespace declarations make no practical sense anyway.
Fixes bug 780228
CVE: CVE-2017-0663
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxm
Fix CVE:
- CVE-2017-0663
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
- CVE-2017-5969
- Sync necessary changes for CVE fixing from master.
Andrej Valek (7):
libxml2: Disable LeakSanitizer when running API tests
libxml2: Avoid reparsing and simplify control flow
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
...ibxml2-fix_and_simplify_xmlParseStartTag2.patch | 590 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 591 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 and bug 781701
CVE: CVE-2017-9047 CVE-2017-9048
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9047_CVE-2017-9048.patch
Makefile.am: Disable LeakSanitizer when running API tests
The autogenerated API tests leak memory.
Upstream-Status: Backported -
[https://git.gnome.org/browse/libxml2/commit/?id=ac9a4560ee85b18811ff8ab7791ddfff7b144b0a]
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/r
-9050
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9049_CVE-2017-9050.patch | 291 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 292 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
I have created a PR:
https://github.com/openembedded/openembedded-core/pull/22
Andrej
On 06/15/2017 02:15 PM, Burton, Ross wrote:
> This patch won't apply, probably because of the crazy encodings. Can you
> push
> the series to a branch?
>
> Ross
>
> On 15 June 2017 a
Fix NULL pointer deref in xmlDumpElementContent
Can only be triggered in recovery mode.
Fixes bug 758422
CVE: CVE-2017-5969
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml2-CVE-2017-5969.patch | 62 ++
meta/recipes-core/
I am modifying already existing patch not creating the new one. Is it
necessary to change Upstream-Status to backported?
If yes, is it possible to fix only this patch, or do I need to push the
whole series?
Andrej
On 06/15/2017 01:31 PM, Burton, Ross wrote:
>
> On 15 June 2017 at 07:34,
There is the potential for sensitive information to leak through the urls
there and removing it brings this into the behavior of the other package
backends since filtering it is likely error prone.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/classes/package_ipk.bbcla
Fix CVE:
- CVE-2017-0663
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
- CVE-2017-5969
- Sync necessary changes for CVE fixing from master.
Andrej Valek (7):
libxml2-2.9.4: Disable LeakSanitizer when running API testsFix
CVE-2016-4658
libxml2-2.9.4: Avoid
The new flag doesn't work and the change even broke the XML_PARSE_NONET option.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/CVE-2016-9318.patch | 207 -
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 -
2 files c
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
...ibxml2-fix_and_simplify_xmlParseStartTag2.patch | 591 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 592 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
-9050
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9049_CVE-2017-9050.patch | 291 +
meta/recipes-core/libxml/libxml2_2.9.4.bb | 1 +
2 files changed, 292 insertions(+)
create mode 100644
meta/recipes-core/libxml/libxml2/l
xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.
Fixes bug 781333 and bug 781701
CVE: CVE-2017-9047 CVE-2017-9048
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml2-CVE-2017-9047_CVE-2017-9048.patch
Fix NULL pointer deref in xmlDumpElementContent
Can only be triggered in recovery mode.
Fixes bug 758422
CVE: CVE-2017-5969
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml2-CVE-2017-5969.patch | 62 ++
meta/recipes-core/
Makefile.am: Disable LeakSanitizer when running API tests
The autogenerated API tests leak memory.
Upstream-Status: Backported -
[https://git.gnome.org/browse/libxml2/commit/?id=ac9a4560ee85b18811ff8ab7791ddfff7b144b0a]
CVE: -
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
Fix type confusion in xmlValidateOneNamespace
Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types
on namespace declarations make no practical sense anyway.
Fixes bug 780228
CVE: CVE-2017-0663
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxm
.
Andrej
On 10/06/2017 02:11 PM, Alexander Kanavin wrote:
> On 10/06/2017 10:27 AM, Andrej Valek wrote:
>> Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
>> ---
>> .../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
>> .../libxml/libxml2/libx
cttyhack
init
lzcat
mdev
nproc
setsid
xzcat
partprobe
On 10/03/2017 08:12 PM, Andre McCurdy wrote:
> On Tue, Oct 3, 2017 at 8:38 AM, Andrej Valek <andrej.va...@siemens.com> wrote:
>> Update busybox to version 1.27.2
>> Fix CVE-20177-5325
>>
>> Changes:
>> -
partprobe
You have right, there was a mistake. These applets are disabled in
defconfig, so they are not installed.
Only lzcat, xzcat and nproc are new.
Regards,
Andrej
On 10/04/2017 12:15 PM, Burton, Ross wrote:
> On 4 October 2017 at 07:20, Andrej Valek <andrej.va...@siemens.com
> <mailto:andr
I don not know, if you have custom configuration, but I can give a
advice. CONFIG_FEATURE_SH_IS_ASH has been changed to CONFIG_SH_IS_ASH.
You can check, if have all occurrences already changed ;).
Andrej
On 10/04/2017 06:13 PM, Burton, Ross wrote:
> On 4 October 2017 at 12:56, Andrej Va
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch | 269 --
.../libxml/libxml2/libxml2-CVE-2016-5131.patch | 180 ---
.../libxml/libxml2/libxml2-CVE-201
I have created a PR:
https://github.com/openembedded/openembedded-core/pull/23 as last time.
Andrej
On 09/05/2017 08:52 PM, Burton, Ross wrote:
> Also the patch has been corrupted by SMTP. Is it in a branch somewhere?
>
> Ross
>
> On 5 September 2017 at 18:28, Andrej V
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libarchive/libarchive/CVE-2017-14166.patch | 37 +
.../libarchive/libarchive/bug929.patch | 38 ++
.../libarchive/libarchive_3.3.2.bb | 2 ++
3 files chang
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch | 269 --
.../libxml/libxml2/libxml2-CVE-2016-5131.patch | 180 ---
.../libxml/libxml2/libxml2-CVE-201
Hi Ross,
There are not any CVEs fixes which has not been already merged. There
are only general changes. Of course, we can "clean" a lot of patches by
accepting this.
Regards,
Andrej
On 09/05/2017 11:19 AM, Burton, Ross wrote:
> On 5 September 2017 at 07:35, Andrej Val
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch | 269 --
.../libxml/libxml2/libxml2-CVE-2016-5131.patch | 180 ---
.../libxml/libxml2/libxml2-CVE-201
Thank You for pointing to this. I have fixed and updated the pull request.
Andrej
On 09/27/2017 05:35 PM, Burton, Ross wrote:
> On 27 September 2017 at 09:52, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siemens.com>> wrote:
>
> Could You pleas
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch | 269 --
.../libxml/libxml2/libxml2-CVE-2016-5131.patch | 180 ---
.../libxml/libxml2/libxml2-CVE-201
September 2017 at 07:06, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siemens.com>> wrote:
>
> Thank You for pointing to this. I have fixed and updated the pull request.
>
> Andrej
>
> On 09/27/2017 05:35 PM, Burton, Ross wrote:
>
- fixed link creation to shell
- reported bug with suid shells
[https://bugs.busybox.net/show_bug.cgi?id=10346]
- removed and modified already merged patches
- updated defconfig regarding to new version
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
Signed-off-by: Radovan
new version
- busybox: Fix CVE-2011-5325
- include necessary commits from upstream and fix CVE
Andrej Valek (1):
busybox: 1.24.1 -> 1.27.2
Radovan Scasny (1):
busybox: Fix CVE-2011-5325
...ss-interface-device-name-for-ipv6-route-c.patch | 52 --
meta/recipes-core/busybox/busyb
Signed-off-by: Radovan Scasny <radovan.sca...@siemens.com>
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../busybox/busybox/CVE-2011-5325.patch| 481 +
meta/recipes-core/busybox/busybox_1.27.2.bb| 1 +
2 files changed, 48
Hi Ross,
Could You please provide my the current status of my request?
Thank You,
Andrej
On 09/06/2017 08:16 AM, Andrej Valek wrote:
> I have created a PR:
> https://github.com/openembedded/openembedded-core/pull/23 as last time.
>
> Andrej
>
> On 09/05/2017 08:52 PM,
I have seen your patch, but it is not fixing my described issue.
A command update-ca-certificates will be not available due to missing
native stuff.
Regards,
Andrej
On 08/24/2017 04:16 PM, Richard Purdie wrote:
> On Thu, 2017-08-24 at 12:38 +0200, Andrej Valek wrote:
>> What about
What about enabling ASSUME_PROVIDED functionality also for nativesdk-
components?
Andrej
On 08/23/2017 09:00 PM, Khem Raj wrote:
> On 8/23/17 5:44 AM, Richard Purdie wrote:
>> On Wed, 2017-08-23 at 14:07 +0200, Andrej Valek wrote:
>>> I have found out that even master with HOST
Hello Richard,
I have seen, that You have merge also my change into current branch.
Thank you about that.
Andrej
On 08/25/2017 10:25 AM, Richard Purdie wrote:
> On Fri, 2017-08-25 at 08:05 +0200, Andrej Valek wrote:
>> It's fine, but for this function
>>
>> do_install_a
It's fine, but for this function
do_install_append_class-nativesdk () {
SYSROOT="${D}${SDKPATHNATIVE}" update-ca-certificates
}
is still update-ca-certificates needed from native.
On 08/24/2017 04:26 PM, Richard Purdie wrote:
> On Thu, 2017-08-24 at 16:23 +0200, Andrej Vale
- remove backported patches (CVE-* and fix-*)
- adapt changes from 2.9.5+ version into ptest patch
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch
;
> Ross
>
> On 10 November 2017 at 12:07, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siemens.com>> wrote:
>
> Of course, I don't think so, that /bin/sh > /bin/busybox.suid is a good
> think. I am just thinking, why is necessary to cast a fat
;
> Ross
>
> On 10 November 2017 at 07:17, Andrej Valek <andrej.va...@siemens.com
> <mailto:andrej.va...@siemens.com>> wrote:
>
> I don't think so, that adding bbfatal into this recipe is a good
> solution. Someone could build the busybox with /bin/sh linkin
override correctly busybox's applet when CONFIG_FLASH_ERASEALL=y is set
Error: update-alternatives: not linking /builds/image/1.0-r0/rootfs/usr/
sbin/flash_eraseall to /bin/busybox.nosuid since /builds/image/1.0-r0/
rootfs/usr/sbin/flash_eraseall exists and is not a link
Signed-off-by: Andrej
override correctly busybox's applet when CONFIG_FLASH_ERASEALL=y is set
Error: update-alternatives: not linking /builds/image/1.0-r0/rootfs/usr/
sbin/flash_eraseall to /bin/busybox.nosuid since /builds/image/1.0-r0/
rootfs/usr/sbin/flash_eraseall exists and is not a link
Signed-off-by: Andrej
This patch is obsolete, due to merged upgrade to version 2.9.5 .
I have sent the new one, which upgrades version to 2.9.7
http://lists.openembedded.org/pipermail/openembedded-core/2017-November/143973.html
Andrej
On 10/06/2017 09:27 AM, Andrej Valek wrote:
> Signed-off-by: Andrej Va
This patch is obsolete, due to merged upgrade to version 2.9.5 .
I have sent the new one, which upgrades version to 2.9.7
http://lists.openembedded.org/pipermail/openembedded-core/2017-November/143973.html
Andrej
On 11/03/2017 08:12 AM, Andrej Valek wrote:
> - remove backported patches (
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-core/libxml/{libxml2_2.9.5.bb => libxml2_2.9.7.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-core/libxml/{libxml2_2.9.5.bb => libxml2_2.9.7.bb} (96%)
diff --git a/meta/recipes
I don't think so, that adding bbfatal into this recipe is a good
solution. Someone could build the busybox with /bin/sh linking into
.suid eg. for more secure. We can leave live with this one as before.
Andrej
On 11/09/2017 02:25 PM, Nathan Rossi wrote:
> Add a sanity check during the do_compile
- remove backported patches (CVE-* and fix-*)
- adapt changes from 2.9.5+ version into ptest patch
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch
- remove backported patches (CVE-* and fix-*)
- adapt changes from 2.9.5+ version into ptest patch
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 2 +-
.../libxml/libxml2/libxml2-CVE-2016-4658.patch
Set the context variable to NULL when evaluating EXSLT functions.
Fixes potential use-after-free errors or memory leaks.
Fixes bug 792580
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
.../libxslt/libxslt/fix-rvts-handling.patch| 80 ++
meta/r
-endia.patch
- already merged in this version
This update needs to be queued with btrfs version >= 4.15.2|4.16.0.
- already submitted previously
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-devtools/e2fsprogs/e2fsprogs.inc | 2 +-
...ix-build-failure-in-swapfs
(ext2_ext_attr.h).
Regards,
Andrej
On 05/22/18 12:21, Burton, Ross wrote:
> Can you justify the removal of
> Revert-mke2fs-enable-the-metadata_csum-and-64bit-fea.patch please?
>
> Ross
>
> On 22 May 2018 at 09:22, Andrej Valek <andrej.va...@siemens.com> wrote:
>>
:
> On Tue, May 22, 2018 at 1:01 PM, Andrea Adami <andrea.ad...@gmail.com> wrote:
>> On Tue, May 22, 2018 at 10:22 AM, Andrej Valek <andrej.va...@siemens.com>
>> wrote:
>>> License-Update: The checksum of LIC_FILES_CHKSUM has been changed due to
>>> c
:
> On Wed, May 23, 2018 at 9:40 AM, Andrej Valek <andrej.va...@siemens.com>
> wrote:
>> Hi,
>>
>> As I have already wrote, metadata_csum hsa been enabled by default with
>> https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/misc/mke2fs.conf.in?id=d0b9
License-Update: The checksum of LIC_FILES_CHKSUM has been changed due to
changed FSF address. The content of NOTICE has no change.
Signed-off-by: Andrej Valek <andrej.va...@siemens.com>
---
meta/recipes-devtools/e2fsprogs/e2fsprogs.inc | 2 +-
...ix-build-failure-in-swapfs.c-
Hi
> On 06/08/2018 10:48 AM, Andrej Valek wrote:
>> after more testing, I think creating ${sysconfdir}/ssl links is highly
>> recommended. ca-certificate updating script (+ many other tools) has
>> hard-coded path to /etc/ssl. Debian has multiple links in /usr/lib/ssl/
>&g
Some packages has hard-coded path to /etc/ssl location.
Create a symlinks to correct location.
Signed-off-by: Andrej Valek
Signed-off-by: Marko Peter
---
meta/recipes-connectivity/openssl/openssl_1.1.0h.bb | 18 +++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git
additional package openssl-bin.
Patch original c_rehash instead of overriding it with our own.
After applying patch from Debian c_rehash is working.
Signed-off-by: Andrej Valek
Signed-off-by: Marko Peter
---
...le.pl-only-quote-stuff-that-actually-need.patch | 29
to test your openssl-1.1.1 branch.
BR,
Andrej
On 06/08/18 08:33, Andrej Valek wrote:
> Hi Alex,
>
> On 06/07/18 15:13, Alexander Kanavin wrote:
>> On 06/07/2018 10:32 AM, Andrej Valek wrote:
>>> -do_install_append_class-native () {
>>> # Install a cu
Hi Alex,
On 06/07/18 15:13, Alexander Kanavin wrote:
> On 06/07/2018 10:32 AM, Andrej Valek wrote:
>> -do_install_append_class-native () {
>> # Install a custom version of c_rehash that can handle sysroots
>> properly.
>> # This version is used for
1 - 100 of 377 matches
Mail list logo