Hi,
On Tue, Sep 03, 2013 at 08:42:17AM -0700, Saul Wold wrote:
> On 09/02/2013 04:36 AM, maxin.j...@enea.com wrote:
> >From: "Maxin B. John"
> >
> >Upgrade to latest version 3.8.0.1
> >
>
> Is there something special about this update?
Apart from
Hi Paul,
On Mon, Oct 28, 2013 at 11:27:01AM +, Paul Eggleton wrote:
> Hi Maxin,
>
> On Monday 21 October 2013 17:36:42 maxin.j...@enea.com wrote:
> > From: "Maxin B. John"
> >
> > update to latest version 2013.60
> > Update 0006-dropbear-configura
From: "Maxin B. John"
Latencytop needs superuser privileges. The latencytop plugin in
eclipse invokes it as 'sudo latencytop'. So, it will be good to
include sudo as a runtime dependency.
Signed-off-by: Maxin B. John
---
meta/recipes-kernel/latencytop/latencytop_0.5.bb
Hi Richard,
On Fri, Jan 04, 2013 at 02:27:42PM +, Richard Purdie wrote:
> On Fri, 2013-01-04 at 12:30 +0100, Maxin B. John wrote:
> > From: "Maxin B. John"
> >
> > Latencytop needs superuser privileges. The latencytop plugin in
> > eclipse invokes it as &
From: "Maxin B. John"
This back ported patch fixes CVE-2013-1752 for smtplib
Signed-off-by: Maxin B. John
Reviewed-by: Sona Sarmadi
---
.../python-2.7.3-CVE-2013-1752-smtplib-fix.patch | 101
meta/recipes-devtools/python/python_2.7.3.bb |1 +
2 fil
On Mon, Mar 18, 2013 at 10:25:05AM -0700, Flanagan, Elizabeth wrote:
> On Mon, Mar 18, 2013 at 3:24 AM, wrote:
> > From: "Maxin B. John"
> >
> > harfbuzz is using the 'Modern Variants' of MIT License:
> > https://fedoraproject.org/wiki
ptest enabled packages will "inherit ptest". So, we can use grep to
find the list of ptest enabled packages.
eg:
# cd poky
# grep -ir --include=*.{bb,inc} "inherit" |grep "ptest"
meta/recipes-extended/bash/bash.inc:inherit autotools gettext
update-alternatives ptest
meta/recipes-core/glib-2.0/g
From: "Maxin B. John"
A remote user can send specially crafted data to trigger a buffer overflow
in socket.recvfrom_into() and execute arbitrary code on the target system.
The code will run with the privileges of the target service.
This back-ported patch fixes CVE-2014-1912
Sig
From: "Maxin B. John"
1. Fixes CVE-2014-0333
2. There are changes in License checksums. This is due to new
contributor names being added to LICENSE and png.h file
contains version of the new release.So, license remains the same.
Signed-off-by: Maxin B. John
---
.../libpng/{li
From: "Maxin B. John"
Install openssh test-suite and run it as ptest.
Signed-off-by: Maxin B. John
---
.../openssh/add-test-support-for-busybox.patch | 61
.../recipes-connectivity/openssh/openssh/run-ptest |7 +++
meta/recipes-connectivity/openssh/ope
From: "Maxin B. John"
Install openssl test suite and run it as ptest.
Signed-off-by: Maxin B. John
---
meta/recipes-connectivity/openssl/openssl.inc | 19 -
.../openssl/openssl/Makefiles-ptest.patch | 75
.../recipes-connectivity/openssl/o
From: "Maxin B. John"
Update ltp version to 20140422
Removed two patches that already exist in the current version:
1. regen-makefile.patch
2. ffsb-remove-hardcoded-configure.patch
Signed-off-by: Maxin B. John
---
.../ltp/ltp/ffsb-remove-hardcoded-configure.patch | 15 -
ping ..
On Thu, Apr 24, 2014 at 07:28:25PM +0200, Maxin B. John wrote:
> From: "Maxin B. John"
>
> Install openssl test suite and run it as ptest.
>
> Signed-off-by: Maxin B. John
> ---
> meta/recipes-connectivity/openssl/openssl.inc | 19 -
&
From: "Maxin B. John"
Install gdbm test-suite and run it as ptest
Signed-off-by: Maxin B. John
---
meta/recipes-support/gdbm/files/ptest.patch | 36 +++
meta/recipes-support/gdbm/files/run-ptest |7 ++
meta/recipes-support/gdbm/gdbm_1.11.bb
From: "Maxin B. John"
This patch fixes the bzip2 ptest execution failure:
root@qemux86:/usr/lib/bzip2/ptest# ./run-ptest
make: *** No rule to make target 'runtest'.
(This is also applicable for daisy branch)
Signed-off-by: Maxin B. John
---
meta/recipes-extended/bzip2/b
From: "Maxin B. John"
A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.
https://access.redhat.com/security/cve/CVE-2014-0198
Signed-off-by: Maxin B. John
---
.../opens
From: "Maxin B. John"
Add "sed" in the ptest runtime package dependency list
[YOCTO #6260]
Signed-off-by: Maxin B. John
---
meta/recipes-devtools/perl/perl-ptest.inc |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/perl/pe
From: "Maxin B. John"
It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A remote attacker could
ping.
On Mon, May 05, 2014 at 10:42:22PM +0200, Maxin B. John wrote:
> From: "Maxin B. John"
>
> This patch fixes the bzip2 ptest execution failure:
>
> root@qemux86:/usr/lib/bzip2/ptest# ./run-ptest
> make: *** No rule to make target 'runtest'.
>
&g
From: "Maxin B. John"
The on-target fw_printenv and fw_setenv needs configuration file
(fw_env.config) to be present in the target.
Signed-off-by: Maxin B. John
---
meta/recipes-bsp/u-boot/u-boot-fw-utils_2013.07.bb |2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/rec
Hi Tom,
On Thu, Jun 26, 2014 at 08:27:00AM -0400, Tom Rini wrote:
> On Wed, Jun 25, 2014 at 11:13:59AM +0200, Maxin B. John wrote:
> > From: "Maxin B. John"
> >
> > + install -m 0644 ${S}/tools/env/fw_env.config
> > ${D}${sysconfdir}/fw_env.
Bump version to 4.0
Signed-off-by: Maxin B. John
---
meta/recipes-support/gnutls/{libtasn1_3.5.bb => libtasn1_4.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/gnutls/{libtasn1_3.5.bb => libtasn1_4.0.bb} (82%)
diff --git a/meta/recipes-s
Bump version to 3.3.5
Signed-off-by: Maxin B. John
---
meta/recipes-support/gnutls/gnutls_3.2.15.bb | 7 ---
meta/recipes-support/gnutls/gnutls_3.3.5.bb | 7 +++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 meta/recipes-support/gnutls/gnutls_3.2.15.bb
create
Hi,
On Fri, Jul 04, 2014 at 11:49:50AM +0100, Richard Purdie wrote:
> To quote "Maxin B. John" :
>
> git version 1.7.8 added the --list option to git-branch. Since we depend on
> this
> option in git.py, the minimum requiremnt for git should be updated to Git
&g
as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version."
Signed-off-by: Maxin B. John
---
.../i2c-tools/{i2c-tools-3.1.0 => i2c-tools-3.1.1}/Module.mk | 0
.../i2c-tools/{i2c-tools_3.1.0.bb => i2c-tools_3.1.1.bb
Hi Khem,
On Tue, Jul 29, 2014 at 10:55:06PM -0700, Khem Raj wrote:
> On Tue, Jul 29, 2014 at 4:27 AM, Maxin B. John wrote:
> > +SRC_URI = "http://dl.lm-sensors.org/i2c-tools/releases/${PN}-${PV}.tar.bz2
> > \
>
> use BP instead of PN-PV
Thanks for the review. I wi
as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version."
Signed-off-by: Maxin B. John
---
.../i2c-tools/{i2c-tools-3.1.0 => i2c-tools-3.1.1}/Module.mk | 0
.../i2c-tools/{i2c-tools_3.1.0.bb => i2c-tools_3.1.1.bb
Fix build error:
...
unknown command `colophon'
unknown command `cygnus'
Signed-off-by: Maxin B. John
---
...ve-errors-about-colophon-and-cygnus-comma.patch | 39 ++
meta/recipes-devtools/remake/remake_git.bb | 4 ++-
2 files changed, 42 insertions(+),
Bump to *August 2014* release
Signed-off-by: Maxin B. John
---
meta/recipes-extended/ltp/{ltp_20140422.bb => ltp_20140828.bb} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename meta/recipes-extended/ltp/{ltp_20140422.bb => ltp_20140828.bb} (100%)
diff --git a/meta/recipes-ex
Hi,
Wrong one. Please ignore this patch.
On Thu, Sep 04, 2014 at 06:33:55PM +0200, Maxin B. John wrote:
> Bump to *August 2014* release
>
> Signed-off-by: Maxin B. John
> ---
> meta/recipes-extended/ltp/{ltp_20140422.bb => ltp_20140828.bb} | 0
> 1 file changed, 0 inser
Upgrade to *August 2014* release
Removed "automake-foreign.patch" as it has been merged
Signed-off-by: Maxin B. John
---
meta/recipes-extended/ltp/ltp/automake-foreign.patch | 20
.../ltp/{ltp_20140422.bb => ltp_20140828.bb} | 3 +--
2 files changed
Fixes two HTTP cookie related security bugs:
1. CVE-2014-3613
2. CVE-2014-3620
Changelog:
http://curl.haxx.se/changes.html#7_38_0
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/{curl_7.37.1.bb => curl_7.38.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deleti
Hi Ross,
On Wed, Sep 24, 2014 at 11:27:57PM +0100, Burton, Ross wrote:
> On 10 September 2014 15:43, Maxin B. John wrote:
> > Fixes two HTTP cookie related security bugs:
> > 1. CVE-2014-3613
> > 2. CVE-2014-3620
>
> Can these be backported instead to 7.37.1
Details of vulnerabilities are available below:
CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
CVE-2014-3620: http://curl.haxx.se/docs/adv_20140910B.html
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/curl/CVE-2014-3613.patch | 269 +
meta/recipes
Hi Ross,
On Thu, Sep 25, 2014 at 04:08:23PM +0100, Burton, Ross wrote:
> On 25 September 2014 12:36, Maxin B. John wrote:
> > Details of vulnerabilities are available below:
> > CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
> > CVE-2014-3620: htt
Details of vulnerabilities are available below:
CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
CVE-2014-3620: http://curl.haxx.se/docs/adv_20140910B.html
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/curl/CVE-2014-3613.patch | 214 +
meta/recipes
Hi Ross,
On Thu, Sep 25, 2014 at 10:07:37PM +0100, Burton, Ross wrote:
> On 25 September 2014 18:17, Maxin B. John wrote:
> > I have tried it with the latest master and it "worked for me".
> > Could you please confirm if it was applied on the "master" branch ?
Hi Ross,
On Thu, Oct 02, 2014 at 02:54:05PM +0100, Burton, Ross wrote:
> On 1 October 2014 14:29, Maxin B. John wrote:
> > Details of vulnerabilities are available below:
> > CVE-2014-3613: http://curl.haxx.se/docs/adv_20140910A.html
> > CVE-2014-3620: http://curl.haxx.se/do
Deliberately simple workload generator for POSIX systems. It imposes
a configurable amount of CPU, memory, I/O, and disk stress on the system.
Signed-off-by: Maxin B. John
---
meta/recipes-extended/stress/files/texinfo.patch | 79
meta/recipes-extended/stress
OCTO #1569]
Maxin B. John (2):
rt-tests: enable ptest support
stress: Add new package
meta/recipes-extended/stress/files/texinfo.patch | 79 +
meta/recipes-extended/stress/stress_1.0.4.bb | 14 +
meta/recipes-rt/rt-tests/files/rt_bmark.py | 411 +++
meta/
Add ptest support for rt-tests package
[YOCTO #1569]
Signed-off-by: Thomas Lundström
Signed-off-by: Maxin B. John
---
meta/recipes-rt/rt-tests/files/rt_bmark.py | 411 +
meta/recipes-rt/rt-tests/files/run-ptest | 3 +
meta/recipes-rt/rt-tests/rt-tests_0.89.bb
File "/usr/lib/python2.7/ssl.py", line 92, in
import base64# for DER-to-PEM translation
ImportError: No module named base64
Signed-off-by: Maxin B. John
---
meta/recipes-devtools/python/python-2.7-manifest.inc | 2 +-
scripts/contrib/python/generate-manifest-2.7.py |
ping ..
On Wed, Nov 26, 2014 at 10:54:25AM +0100, Maxin B. John wrote:
> The tests are implemented using rt_bmark.py which uses the "stress"
> application
> to check the real-time performance under various conditions.
>
> We need to add the stress package as a depe
ault at 7fff2400 ip 7f6dd5b73404 sp 7fff27cce8f8
error 4 in libc-2.20.so[7f6dd5af7000+199000]
Segmentation fault
Signed-off-by: Maxin B. John
---
.../coreutils/coreutils-8.22/date-tz-crash.patch | 43 ++
meta/recipes-core/coreutils/coreutils_8.22.bb | 1 +
Upgrade includes 8 CVE bug fixes
Signed-off-by: Maxin B. John
---
.../openssl/{openssl_1.0.1j.bb => openssl_1.0.1k.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-connectivity/openssl/{openssl_1.0.1j.bb =>
openssl_1.0.1k.bb} (92%)
diff
Bump to version 7.40
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/{curl_7.38.0.bb => curl_7.40.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/curl/{curl_7.38.0.bb => curl_7.40.0.bb} (93%)
diff --git a/meta/recipes-suppor
Since we have "expect" available in oe-core, install the test scripts
which uses it.
Signed-off-by: Maxin B. John
---
meta/recipes-extended/ltp/ltp_20140828.bb | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/meta/recipes-extended/ltp/ltp_20140828.bb
b/me
Bump to 1.1.0
1. Updated LICENSE from GPLv3 to GPLv2 or later
2. Misc. spelling fix
Signed-off-by: Maxin B. John
---
.../fuse-exfat/{fuse-exfat_1.0.1.bb => fuse-exfat_1.1.0.bb} | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
rename meta-filesystems/recipes-filesystems/f
> [mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of Maxin
> B. John
> Sent: den 9 januari 2015 13:07
> To: openembedded-core@lists.openembedded.org
> Cc: Maxin John
> Subject: [OE-core] [PATCH] curl: upgrade to 7.40
>
> Bump to version 7.40
>
> Si
Upgraded version include fixes for these CVE bugs:
1. CVE-2014-8150
2. CVE-2014-8151
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/{curl_7.38.0.bb => curl_7.40.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/curl/{curl_7.38.0
Hi,
On Fri, Jan 16, 2015 at 12:00:16PM -0800, Andre McCurdy wrote:
> On Fri, Jan 16, 2015 at 7:06 AM, Maxin B. John wrote:
> > Upgraded version include fixes for these CVE bugs:
> > 1. CVE-2014-8150
> > 2. CVE-2014-8151
> >
> > Signed-off-by: Maxin B. John
>
curl 7.40.0 added support for the SMB/CIFS protocol. So provide
a PACKAGECONFIG option for smb.
Reported-by: Andre McCurdy
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/curl_7.40.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-support/curl/curl_7.40.0.bb
b
Gentle ping on this.
On Wed, Jan 07, 2015 at 01:11:43PM +0100, Maxin B. John wrote:
> Fiedler Roman discovered that coreutils' parse_datetime() function
> has some flaws that may be exploitable if the date(1), touch(1),
> or potentially other programs, accept untrusted inp
Hi Ross,
On Tue, Jan 20, 2015 at 04:00:02PM +, Burton, Ross wrote:
>
> On 19 January 2015 at 13:57, Maxin B. John wrote:
>
> On Wed, Jan 07, 2015 at 01:11:43PM +0100, Maxin B. John wrote:
> > Fiedler Roman discovered that coreutils' parse_datetime() function
Update LTP to 20150119 release
1. Remove 2 upstreamed patches
2. Add 'expect' to run time dependency and install the tests which
depend on it.
3. ffsb related configuration problem was fixed in this release.
Signed-off-by: Maxin B. John
---
...sts-Fix-bad-priority-inheritance-cond
-
-Taken From:
-https://git.buildroot.net/buildroot/tree/package/iproute2/0001-Add-the-musl-workaround-to-the-libc-compat.h-copy.patch
-
-Signed-off-by: Baruch Siach
-Signed-off-by: Maxin B. John
-
- include/uapi/linux/libc-compat.h | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion
Update the following recipes by removing unnecessary 'protocol=git'
from SRC_URI
Maxin B. John (5):
u-boot-fw-utils: remove unnecessary 'protocol=git' from SRC_URI
u-boot-mkimage: remove unnecessary 'protocol=git' from SRC_URI
systemd: remove unnecessary
Signed-off-by: Maxin B. John
---
meta/recipes-core/systemd/systemd_219.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/systemd/systemd_219.bb
b/meta/recipes-core/systemd/systemd_219.bb
index d5eed08..e9b3c84 100644
--- a/meta/recipes-core/systemd
Signed-off-by: Maxin B. John
---
meta/recipes-bsp/u-boot/u-boot-fw-utils_2015.01.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-bsp/u-boot/u-boot-fw-utils_2015.01.bb
b/meta/recipes-bsp/u-boot/u-boot-fw-utils_2015.01.bb
index 2b0550c..b310b0d 100644
--- a
Signed-off-by: Maxin B. John
---
meta/recipes-bsp/u-boot/u-boot-mkimage_2015.01.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-bsp/u-boot/u-boot-mkimage_2015.01.bb
b/meta/recipes-bsp/u-boot/u-boot-mkimage_2015.01.bb
index 57989c7..076dff8 100644
--- a/meta
Signed-off-by: Maxin B. John
---
meta/recipes-kernel/trace-cmd/trace-cmd.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/trace-cmd/trace-cmd.inc
b/meta/recipes-kernel/trace-cmd/trace-cmd.inc
index feb56e1..87e4a9c 100644
--- a/meta/recipes-kernel
Signed-off-by: Maxin B. John
---
meta/recipes-devtools/mmc/mmc-utils_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/mmc/mmc-utils_git.bb
b/meta/recipes-devtools/mmc/mmc-utils_git.bb
index c54e351..bdb4fed 100644
--- a/meta/recipes-devtools/mmc
1. Upgrade version to 0.91
2. Add ptest support
[YOCTO #1569]
Signed-off-by: Thomas Lundström
Signed-off-by: Maxin B. John
---
meta/recipes-rt/rt-tests/files/rt_bmark.py | 412 +
meta/recipes-rt/rt-tests/files/run-ptest | 3 +
meta/recipes-rt/rt-tests
1. Add ptest support to rt-tests package [YOCTO #1569]
2. Add stress package as a dependency for rt-tests ptest
3. Upgrade the rt-tests and hwlatdetect package to version 0.91
Maxin B. John (3):
rt-tests: bump version and enable ptest support
hwlatdetect: upgrade to version 0.91
stress: add
Upgrade hwlatdetect to version 0.91
Signed-off-by: Maxin B. John
---
meta/recipes-rt/rt-tests/{hwlatdetect_0.89.bb => hwlatdetect_0.91.bb} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename meta/recipes-rt/rt-tests/{hwlatdetect_0.89.bb => hwlatdetect_0.91.bb}
(100%)
diff -
Deliberately simple workload generator for POSIX systems. It imposes
a configurable amount of CPU, memory, I/O, and disk stress on the system.
Moving the package from meta-linaro as a dependency for rt-tests ptest
Signed-off-by: Maxin B. John
---
meta/recipes-extended/stress/files
Fixes below listed bugs:
1. CVE-2015-3143
2. CVE-2015-3144
3. CVE-2015-3145
4. CVE-2015-3148
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/curl/CVE-2015-3143.patch | 38
meta/recipes-support/curl/curl/CVE-2015-3144.patch | 45 ++
meta/recipes-support/curl
Upgrade include these security fixes:
1. CVE-2015-3143
2. CVE-2015-3144
3. CVE-2015-3145
4. CVE-2015-3148
Signed-off-by: Maxin B. John
---
meta/recipes-support/curl/{curl_7.41.0.bb => curl_7.42.0.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/c
From: Sona Sarmadi
Fixes an out of bounds memory access flaw
in Qemu's IDE device model
Reference
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894
Signed-off-by: Sona Sarmadi
Signed-off-by: Maxin B. John
---
.../qemu/files/ide-CVE-2014-2894.patch
From: Sona Sarmadi
Memory corruption flaw in parse_datetime()
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471
Signed-off-by: Sona Sarmadi
Signed-off-by: Maxin B. John
---
.../parse-datetime-CVE-2014-9471.patch | 43 ++
meta/recipes-core
/dc294204b641373bc6eb603075a8b98f51a75dd8/
External Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973
http://seclists.org/oss-sec/2014/q4/1133
Signed-off-by: Sona Sarmadi
Signed-off-by: Maxin B. John
---
.../libpng/libpng/libpng16-CVE-2015-0973.patch | 47 ++
meta/recipes
From: Sona Sarmadi
Fixes input sanitization errors.
References
http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
http://www.ocert.org/advisories/ocert-2015-002.html
Signed-off-by: Sona Sarmadi
Signed-off-by: Maxin B. John
---
.../e2fsprogs/e2fsprogs/CVE-2015-0247.patch
Signed-off-by: Maxin B. John
---
.../elfutils/elfutils/CVE-2014-9447.patch | 50 ++
meta/recipes-devtools/elfutils/elfutils_0.155.bb | 1 +
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-devtools/elfutils/elfutils/CVE-2014-9447.patch
diff --git
Fixes a number of security related bugs for daisy branch.
Sona Sarmadi (5):
Qemu: CVE-2014-2894
libpng16: CVE-2015-0973
coreutils: parse-datetime: CVE-2014-9471
elfutils: CVE-2014-9447
e2fsprogs: CVE-2015-0247
.../parse-datetime-CVE-2014-9471.patch | 43
me
Update SRC_URI to use debian mirrors as googlecode will be closed
in near future. Also added a summary to the recipe.
Signed-off-by: Maxin B. John
---
meta/recipes-support/serf/serf_1.3.8.bb | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-support/serf
Hi Ross,
>On Fri, Dec 16, 2016 at 05:53:25PM +, Burton, Ross wrote:
>>On 12 December 2016 at 13:09, Maxin B. John wrote:
>>
>>+ python-argparse python-pprint diffutils openssh
>> \
>Sadly this dependency on openssh breaks
Add ptest support to curl
[YOCTO #6707]
Signed-off-by: Cristian Iorga
Signed-off-by: Maxin B. John
---
Changes in V2:
Drop ptest dependency on openssh since the Test suite "will not run ssh
server as root to mitigate security risks".
---
.../curl/0001-runtests.pl-remove-warning.patc
Refreshed the following patch:
* inet-6-.defn-fix-inverted-checks-for-loopback.patch
Signed-off-by: Maxin B. John
---
...-6-.defn-fix-inverted-checks-for-loopback.patch | 395 +++--
.../{ifupdown_0.8.2.bb => ifupdown_0.8.16.bb} | 4 +-
2 files changed, 359 inserti
Signed-off-by: Maxin B. John
---
meta/recipes-support/sqlite/{sqlite3_3.15.1.bb => sqlite3_3.15.2.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/sqlite/{sqlite3_3.15.1.bb => sqlite3_3.15.2.bb}
(66%)
diff --git a/meta/recipes-support/
Hi,
On Thu, Dec 22, 2016 at 12:54:54PM +0800, Huang Qiyu wrote:
> Upgrade ncurses from 6.0+20160625 to 6.0+20161126.
This causes build failures for beaglebone and qemumips64 targets:
http://errors.yoctoproject.org/Errors/Details/115740/
http://errors.yoctoproject.org/Errors/Details/115738/
Plea
Hi,
On Tue, Jan 03, 2017 at 05:16:05PM +0800, Chen Qi wrote:
> The following changes since commit dbb247cac5fbf7b037e4955f9793828451723924:
>
> bitbake: cookerdata: Convert multiconfig to use BB_CURRENT_MC (2016-12-22
> 12:36:40 +)
>
> are available in the git repository at:
>
> git://
3.15.2 -> 3.16.2
1. Updated the SRC_URI for releases in 2017
2. Removed the following revert patch as the fix is present in this release:
a) 0001-revert-ad601c7962-that-brings-2-increase-of-build-ti.patch
[YOCTO #10695]
Signed-off-by: Maxin B. John
---
...1c7962-that-brings-2-incre
5.3 -> 5.4
Refreshed the following patch:
a) netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
Signed-off-by: Maxin B. John
---
...netbase-add-rpcbind-as-an-alias-to-sunrpc.patch | 24 +-
.../netbase/{netbase_5.3.bb => netbase_5.4.bb} | 6 +++---
2 files chang
l.h-instead-of-sys-poll.h.patch
f) mdadm-3.2.2_fix_for_x32.patch
Signed-off-by: Maxin B. John
---
.../0001-Fix-some-type-comparison-problems.patch | 50 -
.../mdadm/files/0001-Fix-typo-in-comparision.patch | 86 --
...dadm.h-bswap-is-already-defined-in-uclibc.pa
1.3.4 -> 1.4.1
Signed-off-by: Maxin B. John
---
.../harfbuzz/{harfbuzz_1.3.4.bb => harfbuzz_1.4.1.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-graphics/harfbuzz/{harfbuzz_1.3.4.bb => harfbuzz_1.4.1.bb}
(88%)
diff --git a/met
0.4.13 -> 0.4.14
Signed-off-by: Maxin B. John
---
.../libproxy/{libproxy_0.4.13.bb => libproxy_0.4.14.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-support/libproxy/{libproxy_0.4.13.bb =>
libproxy_0.4.14.bb} (88%)
diff --git a/met
Hi,
On Tue, Jan 17, 2017 at 12:59:37PM +, Phil Blundell wrote:
> On Thu, 2016-04-21 at 12:24 +0300, Maxin B. John wrote:
> >
> +-
> > +- if (argv[0])
> > +- return spawn_and_wait(argv);
> > +-
> > ++if (argv[0]) {
> > ++cmd_a
Upstream accepted the flock fix with some improvements. Backport those
changes.
Signed-off-by: Maxin B. John
---
...e-the-behaviour-of-c-parameter-to-match-u.patch | 77 ++
1 file changed, 34 insertions(+), 43 deletions(-)
diff --git
a/meta/recipes-core/busybox/busybox
Hi Jason,
On Thu, Jan 19, 2017 at 03:24:00PM -0600, Jason Wessel wrote:
>
> The issue here is that in a multilib build the ${base_libdir} is resolving to
> /lib64 which completely breaks some tools that fully expect /lib/modules to
> be a fixed location regardless if the target is 32/64 or some
Removed the following Backported patches:
1. 0001-fix-for-multijob-build.patch
2. 0002-comm.h-now-depends-on-term.h.patch
Signed-off-by: Maxin B. John
---
.../screen/0001-fix-for-multijob-build.patch | 58 --
.../screen/0002-comm.h-now-depends-on-term.h.patch | 33
Removed the following Backported patches:
1. 0001-configure-don-t-add-Werror-to-build-flags.patch
2. 0002-ASN.y-corrected-compiler-warning.patch
3. 0003-parser_aux-corrected-potential-null-pointer-derefere.patch
4. 0004-tools-eliminated-compiler-warnings.patch
Signed-off-by: Maxin B. John
This upgrade fixes the vulnerability: CVE-2016-10087
License file changes are due to updates in Version and Copyright date. ie:
'libpng versions 1.0.7, July 1, 2000, through 1.2.57, December 29, 2016, are
Copyright (c) 2000-2002, 2004, 2006-2016 Glenn Randers-Pehrson'
Signed-off-b
This upgrade fixes the vulnerability: CVE-2016-10087
License file changes are due to updates in Package Version
and Copyright date. ie:
'libpng version 1.6.28, January 5, 2017'
Signed-off-by: Maxin B. John
---
.../libpng/{libpng_1.6.26.bb => libpng_1.6.28.bb} |
Ping.
On Mon, Dec 12, 2016 at 03:48:04PM +0200, Maxin B. John wrote:
> Without this change, sstate dependency filter squashes dependencies
> of packages which inherits useradd class. That causes failures while
> rebuilding it for another MACHINE.
>
> Fixes [YOCTO #8078]
>
>
Hi RP,
On Mon, Jan 23, 2017 at 03:59:31PM +, Richard Purdie wrote:
> On Mon, 2017-01-23 at 16:55 +0200, Maxin B. John wrote:
> > Ping.
>
> This never merged as I was never 100% convinced this was the correct
> way to solve this problem. I'd be interested to unders
Hi Ross,
>On Thu, Jan 26, 2017 at 10:20:16AM +, Burton, Ross wrote:
>>On 23 January 2017 at 09:58, Maxin B. John wrote:
>>
>>Removed the following Backported patches:
>> 1. 0001-configure-don-t-add-Werror-to-build-flags.patch
>
> This break
with musl
...
| from ../../libtasn1-4.10/gl/getopt.c:28:
| ./stdint.h:89:5: error: #if with no expression
| #if
| ^
Signed-off-by: Maxin B. John
---
...configure-don-t-add-Werror-to-build-flags.patch | 28 -
...reintroduce-GNULIB_OVERRIDES_WINT_T-check.patch | 63
Hi Ross,
>On Mon, Jan 30, 2017 at 11:59:21AM +, Burton, Ross wrote:
>>On 30 January 2017 at 11:55, Maxin B. John wrote:
>>
>>+From b17dbb8d3c5605db3a1d82861fcaeef4636d1117 Mon Sep 17 00:00:00 2001
>>+From: "Maxin B. John"
>>+Date: Thu, 26
Hi Khem,
On Mon, Jan 30, 2017 at 11:23:42AM -0800, Khem Raj wrote:
>
>
> On 1/30/17 3:55 AM, Maxin B. John wrote:
> > Removed the following Backported patches:
> > 1. 0001-configure-don-t-add-Werror-to-build-flags.patch
> > 2. 0002-ASN.y-corrected-compiler
Hi Ross,
>On Tue, Jan 31, 2017 at 08:02:41PM +, Burton, Ross wrote:
>>
>>On 31 January 2017 at 15:05, Maxin B. John wrote:
>>
>>Somehow we have an old wint_t.m4 provided by gettext-0.18.2 in the
>> aclocal search path.
>>Looking into tha
1 - 100 of 836 matches
Mail list logo