poky: refresh master: 8217b477a1..4e511f0abc
Update poky to master HEAD.
Adrian Bunk (1):
bind: upgrade 9.11.5 -> 9.11.5-P4
Alexey Brodkin (1):
busybox: Enable domain search list support
Andre Rosa (2):
lib/oe/utils: Make prune_suffix prune a suffix
bitbake: utils: Make prune_suffix prune a suffix
Andreas Müller (1):
patch/insane: Rework patch fuzz handling
Bruce Ashfield (8):
poky-tiny: set 5.0 as the preferred kernel
linux-yocto-rt/4.19: fix duplicate TIF_NEED_RESCHED_LAZY
linux-yocto/5.0: update CGL audit configuration fragment
linux-yocto-tiny/4.18: point KBRANCH to 4.18
linux-yocto/4.18: update to v4.18.33
qemumips: Enable the poweroff driver
linux-yocto/5.0: tweak qemuarm -tiny configuration
linux-yocto/4.18: remove versioned recipes
Gianfranco Costamagna (1):
kernel-dev, sdk-manual: Unified question spacing
Khem Raj (2):
libgcc: Create linux-musleabihf and linux-gnueabihf symlinks
Revert "mdadm: fix gcc8 maybe-uninitialized/format-overflow warning"
Mark Asselstine (2):
go.bbclass: Export more GO* environment variables
goarch.bbclass: use MACHINEOVERRIDES and simplify go_map_arm()
Nathan Rossi (3):
cmake-native: Enable ccmake by default and depend on ncurses
ccmake.bbclass: Create a cml1 style class for the CMake curses UI
devtool: standard: Handle exporting generated config fragments
Nikhil Pal Singh (1):
cmake: Support Eclipse and other cmake generators
Ovidiu Panait (2):
xf86-video-vesa: Refuse to run on UEFI machines
ghostscript: Fix 3 CVEs
Randy MacLeod (1):
autoconf: update runtime perl module dependencies
Richard Purdie (4):
openssh/util-linux/python*: Ensure ptest output is unbuffered
ptest-runner: Add several logging fixes
oeqa/utils/qemurunner: Fix typo in previous commit
linux-yocto: Drop 4.18 kernel
Robert Yang (1):
sstate.bbclass: Use bb.utils.to_boolean() for BB_NO_NETWORK
Ross Burton (2):
sanity: clarify error message if TMPDIR moves
insane: fix gettext dependency warning
Scott Rifenbark (2):
ref-manual: Updated BB_GENERATE_MIRROR_TARBALLS
overview-manual: Fixed broken link to pseudo.
Tomasz Meresiński (1):
systemd: fix predictable network interface names in initrd
Yeoh Ee Peng (2):
resulttool/manualexecution: Enable configuration options selection
resulttool/manualexecution: Enable creation of configuration option file
Change-Id: I988df9d6bf0dfdeaa517960fb744c7388f791cf6
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0003.patch b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0003.patch
new file mode 100644
index 0000000..02b1dc9
--- /dev/null
+++ b/poky/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-6116-0003.patch
@@ -0,0 +1,32 @@
+From 60b77b8bf8b6e4d30519c47724631012b530cf0e Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Sat, 15 Dec 2018 09:08:32 +0000
+Subject: [PATCH 3/7] Bug700317: Fix logic for an older change
+
+Unlike almost every other function in gs, dict_find_string() returns 1 on
+success 0 or <0 on failure. The logic for this case was wrong.
+
+CVE: CVE-2019-6116
+Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
+
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+---
+ psi/interp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/psi/interp.c b/psi/interp.c
+index aa5779c..f6c45bb 100644
+--- a/psi/interp.c
++++ b/psi/interp.c
+@@ -703,7 +703,7 @@ again:
+ * i.e. it's an internal operator we have hidden
+ */
+ code = dict_find_string(systemdict, (const char *)bufptr, &tobj);
+- if (code < 0) {
++ if (code <= 0) {
+ buf[0] = buf[1] = buf[rlen + 2] = buf[rlen + 3] = '-';
+ rlen += 4;
+ bufptr = buf;
+--
+2.18.1
+