poky: refresh thud: 1d987b98ed..ee7dd31944
Update poky to thud HEAD.
Alex Kiernan (2):
systemd: backport fix to stop enabling ECN
systemd: Add PACKAGECONFIG for gnutls
Alexander Kanavin (3):
lighttpd: update to 1.4.51
boost: update to 1.69.0
systemd: backport a patch to fix meson 0.49.0 issue
Alexey Brodkin (1):
wic: sdimage-bootpart: Use mmcblk0 drive instead of bogus mmcblk
André Draszik (1):
meta: remove True option to getVar calls (again)
Anuj Mittal (6):
eudev: upgrade 3.2.5 -> 3.2.7
gsettings-desktop-schemas: upgrade 3.28.0 -> 3.28.1
libatomic-ops: upgrade 7.6.6 -> 7.6.8
libpng: upgrade 1.6.35 -> 1.6.36
common-licenses: update Libpng license text
i2c-tools: upgrade 4.0 -> 4.1
Aníbal Limón (1):
meta/classes/testimage.bbclass: Only validate IMAGE_FSTYPES when is QEMU
Armin Kuster (1):
tzdata/tzcode-native: update to 2018i
Brad Bishop (1):
systemd-systemctl-native: handle Install wildcards
Bruce Ashfield (3):
kernel: use olddefconfig as the primary target for KERNEL_CONFIG_COMMAND
linux-yocto/4.18: update to v4.18.22
linux-yocto/4.18: update to v4.18.25
Changqing Li (1):
libsndfile1: Security fix CVE-2017-17456/17457 CVE-2018-19661/19662
Chen Qi (3):
package.bbclass: fix python unclosed file ResourceWarning
eSDK.py: avoid error in tearDownClass due to race condistion
eSDK.py: unset BBPATH and BUILDDIR to avoid eSDK failure
Douglas Royds (6):
icecc: readlink -f on the recipe-sysroot gcc/g++
icecc: Trivial simplification
icecc: Syntax error meant that we weren't waiting for tarball generation
icecc: Don't generate recipe-sysroot symlinks at recipe-parsing time
icecc: patchelf is needed by icecc-create-env
patch: reproducibility: Fix host umask leakage
Erik Botö (1):
testimage: Add possibility to pass parmeters to qemu
Federico Sauter (1):
kernel: don't assign the build user/host
Joshua Watt (1):
classes/testsdk: Split implementation into classes
Kai Kang (2):
testimage.bbclass: remove boot parameter systemd.log_target
systemd: fix compile error for x32
Kevin Hao (1):
meta-yocto-bsp: Bump to the latest stable kernel for the non-x86 BSPs
Khem Raj (6):
grub2: Fix passing null to printf formats
gnupg: Upgrade to 2.2.12 release
binutils: Fix build with clang
binutils: Upgrade to latest on 2.31 release branch
binutils: bfd doesn't handle ELF compressed data alignment
systemd: Fix memory use after free errors
Manjukumar Matha (1):
kernel.bbclass: Fix incorrect deploying of fitimage.initramfs
Marcus Cooper (3):
systemd: Security fix CVE-2018-16864
systemd: Security fix CVE-2018-16865
systemd: Security fix CVE-2018-16866
Michael Ho (1):
sstate: add support for caching shared workdir tasks
Naveen Saini (2):
linux-yocto: update genericx86* SRCREV for 4.18
linux-yocto: update genericx86* SRCREV for 4.18
Peter Kjellerstedt (2):
systemd: Correct and clean up user/group definitions
systemd: Correct a conditional add to SYSTEMD_PACKAGES
Richard Purdie (9):
nativesdk-*-provides-dummy: Fixes to allow correct operation with opkg
classes: Correctly markup regex strings
testimage: Remove duplicate dependencies
testimage: Simplfy DEFAULT_TEST_SUITES logic
testimage: Further cleanup DEFAULT_TEST_SUITES
testimage: Enable autorunning of the package manager testsuites
oeqa/runtime/cases: Improve test dependency information
oeqa/runtime/cases: Improve dependencies of kernel/gcc/build tests
oeqa/utils/buildproject: Only clean files if we've done something
Robert Yang (7):
oeqa/utils/qemurunner: Print output when failed to login
oeqa/utils/qemurunner: set timeout to 60s for run_serial
oeqa: Fix for QEMU_USE_KVM
oeqa: make it work for multiple users
runqemu-gen-tapdevs: Allow run --help without sudo
oeqa/manual/bsp-qemu.json: Update for QEMU_USE_KVM
oeqa/selftest/runqemu: Enable kvm when QEMU_USE_KVM is set
Ross Burton (2):
toolchain-scripts: run post-relocate scripts for every environment
runqemu: clean up subprocess usage
Yeoh Ee Peng (3):
scripts/oe-git-archive: fix non-existent key referencing error
testimage: Add support for slirp
oeqa/qemu & runtime: qemu do not need ip input from external
OpenBMC compatibility updates:
meta-phosphor:
Brad Bishop (1):
phosphor: rebase i2c-tools patches
Change-Id: Idc626fc076580aeebde1420bcad01e069b559504
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
new file mode 100644
index 0000000..c3f44ca
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/0001-a-ulaw-fix-multiple-buffer-overflows-432.patch
@@ -0,0 +1,101 @@
+From 39453899fe1bb39b2e041fdf51a85aecd177e9c7 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Mon, 7 Jan 2019 15:55:03 +0800
+Subject: [PATCH] a/ulaw: fix multiple buffer overflows (#432)
+
+i2ulaw_array() and i2alaw_array() fail to handle ptr [count] = INT_MIN
+properly, leading to buffer underflow. INT_MIN is a special value
+since - INT_MIN cannot be represented as int.
+
+In this case round - INT_MIN to INT_MAX and proceed as usual.
+
+f2ulaw_array() and f2alaw_array() fail to handle ptr [count] = NaN
+properly, leading to null pointer dereference.
+
+In this case, arbitrarily set the buffer value to 0.
+
+This commit fixes #429 (CVE-2018-19661 and CVE-2018-19662) and
+fixes #344 (CVE-2017-17456 and CVE-2017-17457).
+
+Upstream-Status: Backport[https://github.com/erikd/libsndfile/
+commit/585cc28a93be27d6938f276af0011401b9f7c0ca]
+
+CVE: CVE-2017-17456 CVE-2017-17457 CVE-2018-19661 CVE-2018-19662
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/alaw.c | 9 +++++++--
+ src/ulaw.c | 9 +++++++--
+ 2 files changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/src/alaw.c b/src/alaw.c
+index 063fd1a..4220224 100644
+--- a/src/alaw.c
++++ b/src/alaw.c
+@@ -19,6 +19,7 @@
+ #include "sfconfig.h"
+
+ #include <math.h>
++#include <limits.h>
+
+ #include "sndfile.h"
+ #include "common.h"
+@@ -326,7 +327,9 @@ s2alaw_array (const short *ptr, int count, unsigned char *buffer)
+ static inline void
+ i2alaw_array (const int *ptr, int count, unsigned char *buffer)
+ { while (--count >= 0)
+- { if (ptr [count] >= 0)
++ { if (ptr [count] == INT_MIN)
++ buffer [count] = alaw_encode [INT_MAX >> (16 + 4)] ;
++ else if (ptr [count] >= 0)
+ buffer [count] = alaw_encode [ptr [count] >> (16 + 4)] ;
+ else
+ buffer [count] = 0x7F & alaw_encode [- ptr [count] >> (16 + 4)] ;
+@@ -346,7 +349,9 @@ f2alaw_array (const float *ptr, int count, unsigned char *buffer, float normfact
+ static inline void
+ d2alaw_array (const double *ptr, int count, unsigned char *buffer, double normfact)
+ { while (--count >= 0)
+- { if (ptr [count] >= 0)
++ { if (!isfinite (ptr [count]))
++ buffer [count] = 0 ;
++ else if (ptr [count] >= 0)
+ buffer [count] = alaw_encode [lrint (normfact * ptr [count])] ;
+ else
+ buffer [count] = 0x7F & alaw_encode [- lrint (normfact * ptr [count])] ;
+diff --git a/src/ulaw.c b/src/ulaw.c
+index e50b4cb..b6070ad 100644
+--- a/src/ulaw.c
++++ b/src/ulaw.c
+@@ -19,6 +19,7 @@
+ #include "sfconfig.h"
+
+ #include <math.h>
++#include <limits.h>
+
+ #include "sndfile.h"
+ #include "common.h"
+@@ -827,7 +828,9 @@ s2ulaw_array (const short *ptr, int count, unsigned char *buffer)
+ static inline void
+ i2ulaw_array (const int *ptr, int count, unsigned char *buffer)
+ { while (--count >= 0)
+- { if (ptr [count] >= 0)
++ { if (ptr [count] == INT_MIN)
++ buffer [count] = ulaw_encode [INT_MAX >> (16 + 2)] ;
++ else if (ptr [count] >= 0)
+ buffer [count] = ulaw_encode [ptr [count] >> (16 + 2)] ;
+ else
+ buffer [count] = 0x7F & ulaw_encode [-ptr [count] >> (16 + 2)] ;
+@@ -847,7 +850,9 @@ f2ulaw_array (const float *ptr, int count, unsigned char *buffer, float normfact
+ static inline void
+ d2ulaw_array (const double *ptr, int count, unsigned char *buffer, double normfact)
+ { while (--count >= 0)
+- { if (ptr [count] >= 0)
++ { if (!isfinite (ptr [count]))
++ buffer [count] = 0 ;
++ else if (ptr [count] >= 0)
+ buffer [count] = ulaw_encode [lrint (normfact * ptr [count])] ;
+ else
+ buffer [count] = 0x7F & ulaw_encode [- lrint (normfact * ptr [count])] ;
+--
+2.7.4
+
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index b28f675..13248f5 100644
--- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -13,6 +13,7 @@
file://CVE-2017-14245-14246.patch \
file://CVE-2017-14634.patch \
file://CVE-2018-13139.patch \
+ file://0001-a-ulaw-fix-multiple-buffer-overflows-432.patch \
"
SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"