poky: refresh master: 8217b477a1..4e511f0abc
Update poky to master HEAD.
Adrian Bunk (1):
bind: upgrade 9.11.5 -> 9.11.5-P4
Alexey Brodkin (1):
busybox: Enable domain search list support
Andre Rosa (2):
lib/oe/utils: Make prune_suffix prune a suffix
bitbake: utils: Make prune_suffix prune a suffix
Andreas Müller (1):
patch/insane: Rework patch fuzz handling
Bruce Ashfield (8):
poky-tiny: set 5.0 as the preferred kernel
linux-yocto-rt/4.19: fix duplicate TIF_NEED_RESCHED_LAZY
linux-yocto/5.0: update CGL audit configuration fragment
linux-yocto-tiny/4.18: point KBRANCH to 4.18
linux-yocto/4.18: update to v4.18.33
qemumips: Enable the poweroff driver
linux-yocto/5.0: tweak qemuarm -tiny configuration
linux-yocto/4.18: remove versioned recipes
Gianfranco Costamagna (1):
kernel-dev, sdk-manual: Unified question spacing
Khem Raj (2):
libgcc: Create linux-musleabihf and linux-gnueabihf symlinks
Revert "mdadm: fix gcc8 maybe-uninitialized/format-overflow warning"
Mark Asselstine (2):
go.bbclass: Export more GO* environment variables
goarch.bbclass: use MACHINEOVERRIDES and simplify go_map_arm()
Nathan Rossi (3):
cmake-native: Enable ccmake by default and depend on ncurses
ccmake.bbclass: Create a cml1 style class for the CMake curses UI
devtool: standard: Handle exporting generated config fragments
Nikhil Pal Singh (1):
cmake: Support Eclipse and other cmake generators
Ovidiu Panait (2):
xf86-video-vesa: Refuse to run on UEFI machines
ghostscript: Fix 3 CVEs
Randy MacLeod (1):
autoconf: update runtime perl module dependencies
Richard Purdie (4):
openssh/util-linux/python*: Ensure ptest output is unbuffered
ptest-runner: Add several logging fixes
oeqa/utils/qemurunner: Fix typo in previous commit
linux-yocto: Drop 4.18 kernel
Robert Yang (1):
sstate.bbclass: Use bb.utils.to_boolean() for BB_NO_NETWORK
Ross Burton (2):
sanity: clarify error message if TMPDIR moves
insane: fix gettext dependency warning
Scott Rifenbark (2):
ref-manual: Updated BB_GENERATE_MIRROR_TARBALLS
overview-manual: Fixed broken link to pseudo.
Tomasz Meresiński (1):
systemd: fix predictable network interface names in initrd
Yeoh Ee Peng (2):
resulttool/manualexecution: Enable configuration options selection
resulttool/manualexecution: Enable creation of configuration option file
Change-Id: I988df9d6bf0dfdeaa517960fb744c7388f791cf6
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3835-0001.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3835-0001.patch
new file mode 100644
index 0000000..30ce04a
--- /dev/null
+++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3835-0001.patch
@@ -0,0 +1,99 @@
+From ad3ad6b389653722507e588c5cb34d8731e49e89 Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Mon, 26 Nov 2018 18:01:25 +0000
+Subject: [PATCH] Have gs_cet.ps run from gs_init.ps
+
+Previously gs_cet.ps was run on the command line, to set up the interpreter
+state so our output more closely matches the example output for the QL CET
+tests.
+
+Allow a -dCETMODE command line switch, which will cause gs_init.ps to run the
+file directly.
+
+This works better for gpdl as it means the changes are made in the intial
+interpreter state, rather than after initialisation is complete.
+
+This also means adding a definition of the default procedure for black
+generation and under color removal (rather it being defined in-line in
+.setdefaultbgucr
+
+Also, add a check so gs_cet.ps only runs once - if we try to run it a second
+time, we'll just skip over the file, flushing through to the end.
+
+CVE: CVE-2019-3835
+Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
+
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+---
+ Resource/Init/gs_cet.ps | 11 ++++++++++-
+ Resource/Init/gs_init.ps | 13 ++++++++++++-
+ 2 files changed, 22 insertions(+), 2 deletions(-)
+
+diff --git a/Resource/Init/gs_cet.ps b/Resource/Init/gs_cet.ps
+index d3e1686..75534bb 100644
+--- a/Resource/Init/gs_cet.ps
++++ b/Resource/Init/gs_cet.ps
+@@ -1,6 +1,11 @@
+ %!PS
+ % Set defaults for Ghostscript to match Adobe CPSI behaviour for CET
+
++systemdict /product get (PhotoPRINT SE 5.0v2) readonly eq
++{
++ (%END GS_CET) .skipeof
++} if
++
+ % do this in the server level so it is persistent across jobs
+ //true 0 startjob not {
+ (*** Warning: CET startup is not in server default) = flush
+@@ -25,7 +30,9 @@ currentglobal //true setglobal
+
+ /UNROLLFORMS true def
+
+-{ } bind dup
++(%.defaultbgrucrproc) cvn { } bind def
++
++(%.defaultbgrucrproc) cvn load dup
+ setblackgeneration
+ setundercolorremoval
+ 0 array cvx readonly dup dup dup setcolortransfer
+@@ -109,3 +116,5 @@ userdict /.smoothness currentsmoothness put
+ % end of slightly nasty hack to give consistent cluster results
+
+ //false 0 startjob pop % re-enter encapsulated mode
++
++%END GS_CET
+diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
+index 45bebf4..e6b9cd2 100644
+--- a/Resource/Init/gs_init.ps
++++ b/Resource/Init/gs_init.ps
+@@ -1538,10 +1538,18 @@ setpacking
+ % any-part-of-pixel rule.
+ 0.5 .setfilladjust
+ } bind def
++
+ % Set the default screen and BG/UCR.
++% We define the proc here, rather than inline in .setdefaultbgucr
++% for the benefit of gs_cet.ps so jobs that do anything that causes
++% .setdefaultbgucr to be called will still get the redefined proc
++% in gs_cet.ps
++(%.defaultbgrucrproc) cvn { pop 0 } def
++
+ /.setdefaultbgucr {
+ systemdict /setblackgeneration known {
+- { pop 0 } dup setblackgeneration setundercolorremoval
++ (%.defaultbgrucrproc) cvn load dup
++ setblackgeneration setundercolorremoval
+ } if
+ } bind def
+ /.useloresscreen { % - .useloresscreen <bool>
+@@ -2491,4 +2499,7 @@ WRITESYSTEMDICT {
+ % be 'true' in some cases.
+ userdict /AGM_preserve_spots //false put
+
++systemdict /CETMODE .knownget
++{ { (gs_cet.ps) runlibfile } if } if
++
+ % The interpreter will run the initial procedure (start).
+--
+2.18.1
+