MariaDB 5.5.62 is a maintenance release.
It includes bugfixes and updates, including from
MySQL 5.5.62.
. XtraDB updated to 5.5.61-38.13
. Fixes for the following security vulnerabilities:
CVE-2018-3282
CVE-2018-3174
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
previous database on maxmind website will be removed from January 2, 2019.
and also we met checksum weekly change problem, so update the SRC_URI to
http://sources.openembedded.org/
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Geolite database checksum changed today, so update it
to the lastest one.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
previous change of checksum don't trigger archive to re-downloaded,
, which will cause checksum mismatch. add downloadfilename to
trigger re-download.
1. for user with PREMIRROR, another benefit is it can still compile
success event upstream checksum change frequently.
2. but for user don't use PREMIRROR, if upstream checksum changed,
still might have checksum mismatch problem.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Latest Chromium needs it during build
(cherry picked from commit d7d0cc5227)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Raphael Kubo da Costa <raphael.kubo.da.costa@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
do_package: QA Issue: upm: Files/directories were installed but not shipped in any package:
/usr/lib/python3.5/site-packages/upm/pyupm_speaker.py
/usr/lib/python3.5/site-packages/upm/pyupm_buzzer.py
/usr/lib/python3.5/site-packages/upm/pyupm_lol.py
/usr/lib/python3.5/site-packages/upm/_pyupm_linefinder.so
/usr/lib/python3.5/site-packages/upm/_pyupm_mlx90614.so
/usr/lib/python3.5/site-packages/upm/pyupm_dfrph.py
......
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Existing URI service was closed and fetch error occurred.
Change existing repository to another mirrored SRC URI.
Signed-off-by: Junil Kim <jjunil79.kim@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
hyperrealm has moved to github and it is maintained there.
The current SRC_URI is not available any longer.
Signed-off-by: Yi-Soo An <yisooan@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The internal memory allocator that RapidJSON uses wasn't correctly
aligning memory in all cases, which resulted in data aborts when running
on ARM-based processors.
This was fixed upstream in 748a652f04cd3a202ce3639770238bd9473b300c
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix the warning below and set proper license according to the
content of file COPYING in Rygel:
WARNING: rygel-0.34.0-r0 do_populate_lic: rygel: \
No generic license file exists for: LGPL1.1 in any provider
According to a git commit in Rygel made two years ago by Jens
Georg: "all: Update license text to LGPLv2.1 proper We always
claimed being LGPLv2.1 but the license text said differently."
In the same time the tag for Rygel 0.34 has been created on
20 March 2017, aka after this git commit. For more details:
cdcb6bd55e
Furthermore, the changelog of Rygel 0.34.0 also indicates
that the license is LGPLv2.1+ (after a fix in release 0.29.1):
https://abi-laboratory.pro/tracker/changelog/rygel/0.34.0/log.html
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When cross compiling on linux with gcc, the host gcc was used instead of
the cross gcc to set compilation flags according to gcc version.
Signed-off-by: Gregory Vimont <gregory.vimont@softbankrobotics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* MJ: this was applied for 1.5.0 version in:
https://patchwork.openembedded.org/patch/116023/
then removed with the upgrade to 1.6.1 in:
https://patchwork.openembedded.org/patch/141059/
but as reported before this issue is still reproducible
with 1.6.1
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The place of uim archives has been moved to
https://github.com/uim/uim/releases
Signed-off-by: Takuro Ashie <ashie@clear-code.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes errors e.g.
recipe-sysroot-native/usr/share/gtk-doc/python/gtkdoc/common.py", line 31, in <module>
import six
ImportError: No module named 'six'
make[3]: *** [install-data-local] Error 1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
libebml depends on dos2unix classe since 26dafa0f35 (libebml: inherit
dos2unix), so LAYERDEPENDS needs to be updated accordingly, otherwise we are
getting a ParseError:
ERROR: ParseError at
/srv/work/oe/meta-openembedded/meta-multimedia/recipes-mkv/libebml/libebml_1.3.0.bb:13:
Could not inherit file classes/dos2unix.bbclass
It was initially found with yocto-check-layer script.
In OE/master branch, the dos2unix class was moved to oe-core, so the problem
does not exist in master, and this patch is less invasive than cherry pick the
change from master (move dos2unix from meta-oe to oe-core).
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
A dependency on python-protobuf was added in commit
5f6fcfd362 for the sole purpose of
providing a ptest, however python-protobuf is in meta-python and thus
this means that meta-oe would depend on meta-python by default (assuming
your distro enables ptest by default), and we don't want that - meta-oe
isn't supposed to depend upon any layer other than openembedded-core.
Luckily we can still have a ptest even without the python support, so
add a PACKAGECONFIG and leave it disabled by default.
Note: the PACKAGECONFIG here is not particularly useful since it's only
about what goes into the -ptest package and thus also the dependency. I
contemplated just using LANG_SUPPORT instead, but PACKAGECONFIG does
have the advantage that it's introspectable and fairly well understood
so in the end I went with it.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* CVE-2017-15107
A vulnerability was found in Dnsmasq's implementation of DNSSEC.
Wildcard synthesized NSEC records could be improperly interpreted
to prove the non-existence of hostnames that actually exist.
Affects dnsmasq <= 2.78
CVE: CVE-2017-15107
Ref: https://access.redhat.com/security/cve/cve-2017-15107
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* I've tried just disabling them with:
--disable-internal-jimtcl --disable-internal-libjaylink
but that still tries to use missing jim.h:
| ./src/helper/jim-nvp.h:47:10: fatal error: jim.h: No such file or directory
| #include <jim.h>
| ^~~~~~~
| compilation terminated.
| Makefile:3619: recipe for target 'src/libopenocd_la-openocd.lo' failed
| make[2]: *** [src/libopenocd_la-openocd.lo] Error 1
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* since the upgrade to 1.0.3 more specifically since this commit:
20246f544f (diff-67e997bcfdac55191033d57a16d1408a)
it was failing to build with gold
* add --enable-nosection-fallback to work around the issue
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* CVE-2018-10906-1:
fusermount: don't feed "escaped commas" into mount options
The old code permits the following behavior:
$ _FUSE_COMMFD=10000 priv_strace -etrace=mount -s200 fusermount -o 'foobar=\,allow_other' mount
mount("/dev/fuse", ".", "fuse", MS_NOSUID|MS_NODEV, "foobar=\\,allow_other,fd=3,rootmode=40000,user_id=1000,group_id=1000") = -1 EINVAL (Invalid argument)
However, backslashes do not have any special meaning for the kernel here.
As it happens, you can't abuse this because there is no FUSE mount option
that takes a string value that can contain backslashes; but this is very
brittle. Don't interpret "escape characters" in places where they don't
work.
* CVE-2018-10906-2:
fusermount: refuse unknown options
Blacklists are notoriously fragile; especially if the kernel wishes to add
some security-critical mount option at a later date, all existing systems
with older versions of fusermount installed will suddenly have a security
problem.
Additionally, if the kernel's option parsing became a tiny bit laxer, the
blacklist could probably be bypassed.
Whitelist known-harmless flags instead, even if it's slightly more
inconvenient.
Affects fuse < 2.9.8 and fuse < 3.2.5
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Added link to bug tracker and updated md5sum of LICENSE, which has been
updated with the copyright year.
Signed-off-by: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit edf011c303)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Bug fix update only
includes security fixes:
wnpa-sec-2018-25 The LDSS dissector could crash. (Bug 14615)
wnpa-sec-2018-28 Multiple dissectors could consume excessive memory. (Bug 14678)
wnpa-sec-2018-29 The DNS dissector could crash. (Bug 14681)
wnpa-sec-2018-30 The GSM A DTAP dissector could crash. (Bug 14688)
wnpa-sec-2018-31 The Q.931 dissector could crash. (Bug 14689)
wnpa-sec-2018-33 Multiple dissectors could crash. (Bug 14703)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
file /usr/bin/py.test conflicts between attempted installs of python3-pytest-3.4.2-r0 and python-pytest-3.4.2-r0
file /usr/bin/pytest conflicts between attempted installs of python3-pytest-3.4.2-r0 and python-pytest-3.4.2-r0
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 28fab4c8f5)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Since sizeof(unsigned long) can be 8-byte on 64-bit architectures, use
uint32_t instead for "word" access to always be 4-byte/32-bit long.
Also introduce proper "long" 8-byte/64-bit access by using uint64_t.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1bcd15ed5b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Bug fix update only
includes:
wnpa-sec-2018-25
The LDSS dissector could crash. (Bug 14615)
wnpa-sec-2018-28
Multiple dissectors could consume excessive memory. (Bug 14678)
wnpa-sec-2018-29
The DNS dissector could crash. (Bug 14681)
wnpa-sec-2018-30
The GSM A DTAP dissector could crash. (Bug 14688)
wnpa-sec-2018-31
The Q.931 dissector could crash. (Bug 14689)
wnpa-sec-2018-33
Multiple dissectors could crash. (Bug 14703)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
"distutils.errors.DistutilsError: Could not find suitable distribution for Requirement.parse('pbr>=1.8')"
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 75540ab149)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
While do an out-of-tree build, if xfce4-notifyd-config is not created
in time, there is a compile failure:
...
|LC_ALL=C intltool-merge -d -u -c ./po/.intltool-merge-cache
../xfce4-notifyd-0.4.0/po ../xfce4-notifyd-0.4.0/xfce4-notifyd-config/
xfce4-notifyd-config.desktop.in xfce4-notifyd-config/xfce4-notifyd-config.desktop
|Died at intltool-merge line 1184.
...
Ensure xfce4-notifyd-config subdirectory exists fixes the issue.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Acked-by: Andreas Müller <schnitzeltony@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit acfc380d4e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Since we know that github archives which are automatically generated have a
tendency to change their checksums[1], switch to using a git clone.
[1] http://lists.openembedded.org/pipermail/openembedded-devel/2017-September/114916.html
Signed-off-by: Trevor Woerner <twoerner@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 316753e9cf)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Busybox also provides the command 'vconfig' when CONFIG_VCONFIG is
enabled.
Busybox has a priority of 50.
Prior to the patch running
bitbake core-image-minimal
produced the warnings
WARNING: core-image-minimal-1.0-r0 do_rootfs: busybox.postinst returned 1, marking as unpacked only, configuration required on target.
WARNING: core-image-minimal-1.0-r0 do_rootfs: Intentionally failing postinstall scriptlets of ['busybox'] to defer them to first boot is deprecated. Please place them into pkg_postinst_ontarget_${PN} ().
If deferring to first boot wasn't the intent, then scriptlet failure may mean an issue in the recipe, or a regression elsewhere.
Details of the failure are in /path/to/poky/build/tmp-glibc/work/qemux86-oe-linux/core-image-minimal/1.0-r0/temp/log.do_rootfs.
WARNING: core-image-minimal-1.0-r0 do_rootfs: [log_check] core-image-minimal: found 1 warning message in the logfile:
[log_check] WARNING: Intentionally failing postinstall scriptlets of ['busybox'] to defer them to first boot is deprecated. Please place them into pkg_postinst_ontarget_${PN} ().
where log.do_rootfs contained
update-alternatives: Error: not linking /path/to/poky/build/tmp-glibc/work/qemux86-oe-linux/core-image-minimal/1.0-r0/rootfs/sbin/vconfig to /bin/busybox.nosuid since /path/to/poky/build/tmp-glibc/work/qemux86-oe-linux/core-image-minimal/1.0-r0/rootfs/sbin/vconfig exists and is not a link
when a workspace layer created by devtool contained
$ cat workspace/appends/busybox_%.bbappend
FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
SRC_URI_append = " file://vconfig.cfg"
and
$ cat workspace/appends/busybox/vconfig.cfg
CONFIG_VCONFIG=y
and local.conf contained
$ tail -n2 conf/local.conf
IMAGE_INSTALL_append = " busybox"
IMAGE_INSTALL_append = " vlan"
Signed-off-by: Hannu Lounento <hannu.lounento@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cb7b35a4f9)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Change path of minicoredumper on init/service script to /usr/sbin.
Since the commit "relocate admin-binaries to sbin" on minicoredumper,
minicoredumper binaries are installed on /usr/sbin directory instead
of /usr/bin.
src/minicoredumper/Makefile.am: sbin_PROGRAMS = minicoredumper
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d1cfe7a70c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Change the License to MIT as Fedora. And I also found the license it's MIT in the spdx file of xorgxrdp.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d2a777b925)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The sysv initscript and systemd service assumes minicoredumper is
installed in /usr/bin/. In our case minicoredumper is installed in
/usr/sbin/ by default. Therefore, fix this path.
Signed-off-by: Pierre-Jean TEXIER <texier.pj2@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 26ba552614)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
