fusermount in FUSE before 2.9.3-15 does not properly clear the environment before
invoking (1) mount or (2) umount as root, which allows local users to write
to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is
used by mount's debugging feature.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202http://www.openwall.com/lists/oss-security/2015/05/21/9
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2305
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta-oe/recipes-support/mysql/mariadb_5.5.39.inc
When the host system provides pcap-config, the configure scripts
detect that and add a bogous CPPFLAG:
checking for pcap-config... /usr/bin/pcap-config
checking if we want to build with libpcap support... yes, pcap-config
...
PCAP_CPPFLAGS = -I/usr/include
Which down the line can lead to compile errors due to wrong headers
being included. Fix this issue by using --with-pcap-config=no which
prevents detection using pcap-config but does "guessing", which works
fine for OE.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* otherwise fails with:
| gcc -DHAVE_CONFIG_H -I. -I/work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/gsoap/src -I../.. -isystem/sysroots/x86_64-linux/usr/include -DWITH_BISON -DWITH_LEX -DSOAPCPP_IMPORT_PATH="\"/sysroots/x86_64-linux/usr/share/gsoap/import\"" -DLINUX -isystem/sysroots/x86_64-linux/usr/include -O2 -pipe -c -o soapcpp2-soapcpp2_yacc.o `test -f 'soapcpp2_yacc.c' || echo '/work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/gsoap/src/'`soapcpp2_yacc.c
| /bin/bash /work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/ylwrap /work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/gsoap/src/soapcpp2_lex.l .c soapcpp2_lex.c -- /bin/bash /work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/missing flex
| /work/x86_64-linux/gsoap-native/2.8.12-r1/gsoap-2.8/missing: line 81: flex: command not found
| WARNING: 'flex' is missing on your system.
| You should only need it if you modified a '.l' file.
| You may want to install the Fast Lexical Analyzer package:
| <http://flex.sourceforge.net/>
| make[4]: *** [soapcpp2_lex.c] Error 127
| make[4]: Leaving directory `/work/x86_64-linux/gsoap-native/2.8.12-r1/build/gsoap/src'
| make[3]: *** [all-recursive] Error 1
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The previous do_install is empty and do nothing.
Unset variables datadir and mandir, use pimd's default set.
So it could install doc files correctly.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
python-sip has the runtime support for PyQT. Also drop the need
for anki to RDEPEND on python-sip.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The package is named python-sip for backwards compatibility.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The old URI is not available anymore.
If you visit that website in a browser, you will only
see ads.
Signed-off-by: Sven Ebenfeld <sven.ebenfeld@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The original log4c configure.in is buggy and requires fixing
before "configure --with-expat" works as expected.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fix the following runtime issue of pip:
# pip
Traceback (most recent call last):
File "/usr/bin/pip", line 5, in <module>
from pkg_resources import load_entry_point
ImportError: No module named pkg_resources
Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The theme uses svg files. If libsvg-gtk isn't available lxdm
still runs, but throws a bunch of pixbuf errors.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
We rely on the host sed all over the place; we don't need sed-native
here just because it's being used in do_configure.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This software contains an older or slightly modified BSD license in
its COPYING file and assigns copyright to the specific authors. The
code (see the About function) makes it clear that a BSD
license is intended:
"license", xfce_get_license_text (XFCE_LICENSE_TEXT_BSD),
Signed-off-by: Ash Charles <ashcharles@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Like several other xfce plugins, this software contains an older or
slightly modified BSD license in its COPYING file and assigns copyright
to the specific authors. The code itself (see the xfce_xkb_about
function) however makes it clear that a GPL license is intended:
xfce_get_license_text (XFCE_LICENSE_TEXT_GPL));
Use GPLv2, not the author's name, as the LICENSE matching other plugins
with the same license text.
Signed-off-by: Ash Charles <ashcharles@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Samba server is down currently so add mirrors. Both were short tested
by wget.
Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-06
The ATN-CPDLC dissector could crash. ([2]Bug 9952) [3]CVE-2015-2187
* [4]wnpa-sec-2015-07
The WCP dissector could crash. ([5]Bug 10844) [6]CVE-2015-2188
* [7]wnpa-sec-2015-08
The pcapng file parser could crash. ([8]Bug 10895) [9]CVE-2015-2189
* [10]wnpa-sec-2015-09
The LLDP dissector could crash. ([11]Bug 10983) [12]CVE-2015-2190
* [13]wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. ([14]Bug 11023) [15]CVE-2015-2191
* [16]wnpa-sec-2015-11
The SCSI OSD dissector could go into an infinite loop. Discovered
by Vlad Tsyrklevich. ([17]Bug 11024) [18]CVE-2015-2192
For more information see
https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
configure: error: Header file pcap.h not found; if you installed libpcap
don't use pcap. Use the internal version.
And minor configure cleanups
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Added a few more PACKAGECONF options
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-01
The WCCP dissector could crash. ([2]Bug 10720, ws-buglink:10806)
CVE-2015-0559, CVE-2015-0560
* [3]wnpa-sec-2015-02
The LPP dissector could crash. ([4]Bug 10773)
CVE-2015-0561
* [5]wnpa-sec-2015-03
The DEC DNA Routing Protocol dissector could crash. ([6]Bug 10724)
CVE-2015-0562
* [7]wnpa-sec-2015-04
The SMTP dissector could crash. ([8]Bug 10823)
CVE-2015-0563
* wnpa-sec-2015-05
Wireshark could crash while decypting TLS/SSL sessions.
Discovered by Noam Rathaus.
CVE-2015-0564
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The sip package provides python support for the target.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The sip configure.py script now has some support for cross compiling. This
allowed simplication of the existing OpenEmbedded sip support. The sip
recipe now produces support for builds via sip-native and target runtime
via sip.
This has been build and runtime tested on the zedboard and ettus-e300.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The configure.py script now has support for cross compiling. This
simplified the recipe substantially.
The recipe was tested with gnuradio-companion on the zedboard and
ettus-e300. This is the first time we have been able to use grc with
pyqt built with OpenEmbedded.
Build tested on armv7, x86, x86_64 and mips.
Dropped patches from previous versions.
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
All the other syslogd implementations use 'syslogd' as update alternatives
group name. So rsyslogd should use this too.
Signed-off-by: Steffen Sledz <sledz@dresearch-fe.de>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The license is not a common only and seems to be a 'free distribution'
license but without explicit rules about modification or similar. Due
that, we copied the license text from the README file and added it
onto nbench-byte license file.
This fixes following QA error:
,----
| WARNING: Recipe nbench-byte, LICENSE (freely distributable) has
| invalid format, LICENSES must have operator "([&|() ])" between
| them.
`----
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
According to README, it depends on oe-core and openembedded-layer
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The configure step uses a package header to check for support
of types/declares, this package header encapsulates all the
required system headers for providing the needed resources.
When configured from an out of tree directory the package
header is not found due to the hard path.
We now make the path for package header relative to 'srcdir' so
it is found appropriately.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Dizzy is missing several CVE's and upgrading to a later version within the same
series seems reasonable since most changes are bugfixes or Security releated.
if you are ok with this approach, please Ack and I will stage this with the next series of updates I am working on.
- armin
18-Dec-2014
Core:
Upgraded crypt_blowfish to version 1.3.
Fixed bug #68545 (NULL pointer dereference in unserialize.c).
Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142)
Mcrypt:
Fixed possible read after end of buffer and use after free.
13 Nov 2014
Core:
Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy).
Fileinfo:
Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710)
GMP:
Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP).
PDO_pgsql:
Fixed bug #66584 (Segmentation fault on statement deallocation).
16 Oct 2014
Fileinfo:
Fixed bug #66242 (libmagic: don't assume char is signed).
Core:
Fixed bug #67985 (Incorrect last used array index copied to new array after unset).
Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669)
cURL:
Fixed bug #68089 (NULL byte injection - cURL lib).
EXIF:
Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
OpenSSL:
Reverted fixes for bug #41631, due to regressions.
XMLRPC:
Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296.
For more details please see:
https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01A
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
The mplayer "make install" phase leaves an empty
/usr/lib directory seemingly regardless of the setting
of libdir. Remove it to avoid a packaging warning.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The mplayer2 package does not support out of tree builds
and the do_configure step also tries to find the configure
script in the same build directory while the script lies in
the src directory.
This patch updates the builddir to point to the srcdir in
order to cope with the above issues.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
* this makes it easier to unblacklist it from local.conf which
is parsed before the recipes
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It has been changed to:
http://www.kernel.org/pub/software/network/rfkill/
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The added patch fixes the usage of AM_ICONV macro and
comes straight from the Buildroot source tree.
Signed-off-by: Drew Moseley <drew_moseley@mentor.com>
Signed-off-by: Awais Belal <awais_belal@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
obexd was integrated into bluez5 and is no longer a separate package.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
