poky: subtree update:23deb29c1b..c67f57c09e
Adrian Bunk (1):
librsvg: Upgrade 2.40.20 -> 2.40.21
Alejandro Hernandez (1):
musl: Upgrade to latest release 1.2.1
Alex Kiernan (8):
systemd: Upgrade v245.6 -> v246
systemd: Move musl patches to SRC_URI_MUSL
systemd: Fix path to modules-load.d et al
nfs-utils: Drop StandardError=syslog from systemd unit
openssh: Drop StandardError=syslog from systemd unit
volatile-binds: Drop StandardOutput=syslog from systemd unit
systemd: Upgrade v246 -> v246.1
systemd: Upgrade v246.1 -> v246.2
Alexander Kanavin (16):
sysvinit: update 2.96 -> 2.97
kbd: update 2.2.0 -> 2.3.0
gnu-config: update to latest revision
go: update 1.14.4 -> 1.14.6
meson: update 0.54.3 -> 0.55.0
nasm: update 2.14.02 -> 2.15.03
glib-2.0: correct build with latest meson
rsync: update 3.2.1 -> 3.2.2
vala: update 0.48.6 -> 0.48.7
logrotate: update 3.16.0 -> 3.17.0
mesa: update 20.1.2 -> 20.1.4
libcap: update 2.36 -> 2.41
net-tools: fix upstream version check
meson.bbclass: add a cups-config entry
oeqa: write @OETestTag content into json test reports for each case
libhandy: upstream has moved to gnome
Alistair Francis (1):
binutils: Remove RISC-V PIE patch
Andrei Gherzan (2):
initscripts: Fix various shellcheck warnings in populate-volatile.sh
initscripts: Fix populate-volatile.sh bug when file/dir exists
Anuj Mittal (4):
harfbuzz: upgrade 2.6.8 -> 2.7.1
sqlite3: upgrade 3.32.3 -> 3.33.0
stress-ng: upgrade 0.11.17 -> 0.11.18
x264: upgrade to latest revision
Armin Kuster (1):
glibc: Secruity fix for CVE-2020-6096
Bruce Ashfield (25):
linux-yocto/5.4: update to v5.4.53
linux-yocto/5.4: fix perf build with binutils 2.35
kernel/yocto: allow dangling KERNEL_FEATURES
linux-yocto/5.4: update to v5.4.54
systemtap: update to 4.3 latest
kernel-devsrc: fix x86 (32bit) on target module build
lttng-modules: update to 2.12.2 (fixes v5.8+ builds)
yocto-bsps: update reference BSPs to 5.4.54
kernel-yocto: enhance configuration queue analysis capabilities
strace: update to 5.8 (fix build against v5.8 uapi headers)
linux-yocto-rt/5.4: update to rt32
linux-yocto/5.4: update to v5.4.56
linux-yocto/5.4: update to v5.4.57
kernel-yocto: set cwd before querying the meta data dir
kernel-yocto: make # is not set matching more precise
kernel-yocto: split meta data gathering into patch and config phases
make-mod-scripts: add HOSTCXX definitions and gmp-native dependency
kernel-devsrc: fix on target modules prepare for ARM
kernel-devsrc: 5.8 + gcc10 require gcc-plugins + libmpc-dev
linux-yocto/5.4: update to v5.4.58
linux-yocto/5.4: perf cs-etm: Move definition of 'traceid_list' global variable from header file
libc-headers: update to v5.8
linux-yocto: introduce 5.8 reference kernel
kernel-yocto/5.8: add gmp-native dependency
linux-yocto/5.8: update to v5.8.1
Chandana kalluri (1):
qemu.inc: Use virtual/libgl instead of mesa
Changhyeok Bae (2):
iproute2: upgrade 5.7.0 -> 5.8.0
ethtool: upgrade 5.7 -> 5.8
Changqing Li (5):
layer.conf: fix adwaita-icon-theme signature change problem
gtk-icon-cache.bbclass: add features_check
gcc-runtime.inc: fix m32 compile fail with x86-64 compiler
libffi: fix multilib header conflict
gpgme: fix multilib header conflict
Chen Qi (3):
grub: set CVE_PRODUCT to grub2
runqemu: fix permission check of /dev/vhost-net
fribidi: extend CVE_PRODUCT to include fribidi
Chris Laplante (11):
lib/oe/log_colorizer.py: add LogColorizerProxyProgressHandler
bitbake: build: print traceback if progress handler can't be created
bitbake: build: create_progress_handler: fix calling 'get' on NoneType
bitbake: progress: modernize syntax, format
bitbake: progress: fix hypothetical NameError if 'progress' isn't set
bitbake: progress: filter ANSI escape codes before looking for progress text
bitbake: tests/color: add test suite for ANSI color code filtering
bitbake: data: emit filename/lineno information for shell functions
bitbake: build: print a backtrace when a Bash shell function fails
bitbake: build: print a backtrace with the original metadata locations of Bash shell funcs
bitbake: build: make shell traps less chatty when 'bitbake -v' is used
Dan Callaghan (1):
stress-ng: create a symlink for /usr/bin/stress
Daniel Ammann (1):
wic: fix typo
Daniel Gomez (1):
allarch: Add missing allarch ttf-bitstream-vera
Diego Sueiro (1):
cml1: Add the option to choose the .config root dir
Dmitry Baryshkov (3):
mesa: enable freedreno Vulkan driver if freedreno is enabled
arch-armv8-2a.inc: add tune include for armv8.2a
tune-cortexa55.inc: switch to using armv8.2a include file
Fredrik Gustafsson (13):
package_manager: Move to package_manager/__init__.py
rpm: Move manifest to its own subdir
ipk: Move ipk manifest to its own subdir
deb: Move deb manifest to its own subdir
rpm: Move rootfs to its own dir
ipk: Move rootfs to its own dir
deb: Move rootfs to its own dir
rpm: Move sdk to its own dir
ipk: Move sdk to its own dir
deb: Move sdk to its own dir
rpm: Move package manager to its own dir
ipk: Move package manager to its own dir
deb: Move package manager to its own dir
Guillaume Champagne (1):
weston: add missing packageconfigs
Jeremy Puhlman (1):
gobject-introspection: disable scanner caching in install
Joe Slater (3):
libdnf: allow reproducible binary builds
gconf: use python3
gcr: make sure gcr-oids.h is generated
Jonathan Richardson (1):
cortex-m0plus.inc: Add tuning for cortex M0 plus
Joshua Watt (3):
bitbake: bitbake: command: Handle multiconfig in findSigInfo
lib/oe/reproducible.py: Fix git HEAD check
perl: Add check for non-arch Storable.pm file
Khasim Mohammed (2):
wic/bootimg-efi: Add support for IMAGE_BOOT_FILES
wic/bootimg-efi: Update docs for IMAGE_BOOT_FILES support in bootimg-efi
Khem Raj (23):
qemumips: Use 34Kf CPU emulation
libunwind: Backport a fix for -fno-common option to compile
dhcp: Use -fcommon compiler option
inetutils: Fix build with -fno-common
libomxil: Use -fcommon compiler option
kexec-tools: Fix build with -fno-common
distcc: Fix build with -fno-common
libacpi: Fix build with -fno-common
minicom: Fix build when using -fno-common
binutils: Upgrade to 2.35 release
xf86-video-intel: Fix build with -fno-common
glibc: Upgrade to 2.32 release
go: Upgrade to 1.14.7
webkitgtk: Upgrade to 2.28.4
kexec-tools: Fix additional duplicate symbols on aarch64/x86_64 builds
gcc: Upgrade to 10.2.0
buildcpio.py: Apply patch to fix build with -fno-common
buildgalculator: Patch to fix build with -fno-common
localedef: Update to include floatn.h fix
xserver-xorg: Fix build with -fno-common/mips
binutils: Let crosssdk gold linker generate 4096 btyes long .interp section
gcc-cross-canadian: Correct the regexp to delete versioned gcc binary
curl: Upgrade to 7.72.0
Konrad Weihmann (2):
rootfs-post: remove traling blanks from tasks
cve-update: handle baseMetricV2 as optional
Lee Chee Yang (4):
buildhistory: use pid for temporary txt file name
checklayer: check layer in BBLAYERS before test
ghostscript: fix CVE-2020-15900
qemu : fix CVE-2020-15863
Mark Hatle (1):
package.bbclass: Sort shlib2 output for hash equivalency
Martin Jansa (2):
net-tools: upgrade to latest revision in upstream repo instead of old debian snapshot
perf: backport a fix for confusing non-fatal error
Matt Madison (1):
cogl-1.0: correct X11 dependencies
Matthew (3):
ltp: remove --with-power-management-testsuite from EXTRA_OECONF
ltp: remove OOM tests from runtest/mm
ltp: make copyFrom scp command non-fatal
Mikko Rapeli (2):
alsa-topology-conf: use ${datadir} in do_install()
alsa-ucm-conf: use ${datadir} in do_install()
Ming Liu (3):
conf/machine: set UBOOT_MACHINE for qemumips and qemumips64
multilib.conf: add u-boot to NON_MULTILIB_RECIPES
libubootenv: uprev to v0.3
Mingli Yu (2):
ccache: Upgrade to 3.7.11
Revert "python3: define a profile directory path"
Naoto Yamaguchi (1):
patch.py: Change to more strictly fuzz detection
Nathan Rossi (4):
libexif: Enable native and nativesdk
cmake.bbclass: Rework compiler program variables for allarch
python3: Improve handling of python3 manifest generation
python3-manifest.json: Updates
Oleksandr Kravchuk (9):
python3-setuptools: update to 49.2.0
bash-completion: update to 2.11
python3: update to 3.8.5
re2c: update to 2.0
diffoscope: update to 153
json-c: update to 0.15
git: update 2.28.0
libwpe: update to 1.7.1
python3-setuptools: update to 49.3.1
Richard Purdie (20):
perl: Avoid race continually rebuilding miniperl
gcc: Fix mangled patch
bitbake: server/process: Fix UI first connection tracking
bitbake: server/process: Account for xmlrpc connections
Revert "lib/oe/log_colorizer.py: add LogColorizerProxyProgressHandler"
lib/package_manager: Fix missing imports
populate_sdk_ext: Ensure buildtools doesn't corrupt OECORE_NATIVE_SYSROOT
buildtools: Handle generic environment setup injection
uninative: Handle PREMIRRORS generically
maintainers: Update entries for Mark Hatle
gcr: Fix patch Upstream-Status from v2 patch
bitbake: server/process: Remove pointless process forking
bitbake: server/process: Simplfy idle callback handler function
bitbake: server/process: Pass timeout/xmlrpc parameters directly to the server
bitbake: server/process: Add extra logfile flushing
packagefeed-stability: Remove as obsolete
build-compare: Drop recipe
qemu: Upgrade 5.0.0 -> 5.1.0
selftest/tinfoil: Increase wait event timeout
lttng-tools: upgrade 2.12.1 -> 2.12.2
Ross Burton (3):
popt: upgrade to 1.18
conf/machine: set UBOOT_MACHINE for qemuarm and qemuarm64
gcc: backport a fix for out-of-line atomics on aarch64
TeohJayShen (2):
oeqa/manual/bsp-hw.json : remove shutdown_system test
oeqa/manual/bsp-hw.json : remove X_server_can_start_up_with_runlevel_5_boot test
Trevor Gamblin (1):
llvm: upgrade 9.0.1 -> 10.0.1
Tyler Hicks (1):
kernel-devicetree: Fix intermittent build failures caused by DTB builds
Usama Arif (3):
kernel-fitimage: build configuration for image tree when dtb is not present
oeqa/selftest/imagefeatures: Add testcase for fitImage
ref-manual: Add documentation for kernel-fitimage
Vasyl Vavrychuk (1):
runqemu: Check gtk or sdl option is passed together with gl or gl-es options.
Yi Zhao (1):
pbzip2: extend for nativesdk
Zhang Qiang (1):
kernel.bbclass: Configuration for environment with HOSTCXX
hongxu (1):
nativesdk-rpm: adjust RPM_CONFIGDIR paths dynamically
zangrc (8):
libevdev:upgrade 1.9.0 -> 1.9.1
mpg123:upgrade 1.26.2 -> 1.26.3
flex: Refresh patch
stress-ng:upgrade 0.11.15 -> 0.11.17
sudo:upgrade 1.9.1 -> 1.9.2
libcap: Upgrade 2.41 -> 2.42
libinput: Upgrade 1.15.6 -> 1.16.0
python3-setuptools: Upgrade 49.2.0 -> 49.2.1
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ic7fa1e8484c1c7722a70c75608aa4ab21fa7d755
diff --git a/poky/meta/recipes-devtools/json-c/json-c/CVE-2020-12762.patch b/poky/meta/recipes-devtools/json-c/json-c/CVE-2020-12762.patch
deleted file mode 100644
index a45cfb6..0000000
--- a/poky/meta/recipes-devtools/json-c/json-c/CVE-2020-12762.patch
+++ /dev/null
@@ -1,160 +0,0 @@
-From 099016b7e8d70a6d5dd814e788bba08d33d48426 Mon Sep 17 00:00:00 2001
-From: Tobias Stoeckmann <tobias@stoeckmann.org>
-Date: Mon, 4 May 2020 19:41:16 +0200
-Subject: [PATCH 1/3] Protect array_list_del_idx against size_t overflow.
-
-If the assignment of stop overflows due to idx and count being
-larger than SIZE_T_MAX in sum, out of boundary access could happen.
-
-It takes invalid usage of this function for this to happen, but
-I decided to add this check so array_list_del_idx is as safe against
-bad usage as the other arraylist functions.
-
-Upstream-Status: Backport [https://github.com/json-c/json-c/commit/31243e4d1204ef78be34b0fcae73221eee6b83be]
-CVE: CVE-2020-12762
-Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
-
----
- arraylist.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/arraylist.c b/arraylist.c
-index 12ad8af6d3..e5524aca75 100644
---- a/arraylist.c
-+++ b/arraylist.c
-@@ -136,6 +136,9 @@ int array_list_del_idx(struct array_list *arr, size_t idx, size_t count)
- {
- size_t i, stop;
-
-+ /* Avoid overflow in calculation with large indices. */
-+ if (idx > SIZE_T_MAX - count)
-+ return -1;
- stop = idx + count;
- if (idx >= arr->length || stop > arr->length)
- return -1;
-
-From 77d935b7ae7871a1940cd827e850e6063044ec45 Mon Sep 17 00:00:00 2001
-From: Tobias Stoeckmann <tobias@stoeckmann.org>
-Date: Mon, 4 May 2020 19:46:45 +0200
-Subject: [PATCH 2/3] Prevent division by zero in linkhash.
-
-If a linkhash with a size of zero is created, then modulo operations
-are prone to division by zero operations.
-
-Purely protective measure against bad usage.
----
- linkhash.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/linkhash.c b/linkhash.c
-index 7ea58c0abf..f05cc38030 100644
---- a/linkhash.c
-+++ b/linkhash.c
-@@ -12,6 +12,7 @@
-
- #include "config.h"
-
-+#include <assert.h>
- #include <limits.h>
- #include <stdarg.h>
- #include <stddef.h>
-@@ -499,6 +500,8 @@ struct lh_table *lh_table_new(int size, lh_entry_free_fn *free_fn, lh_hash_fn *h
- int i;
- struct lh_table *t;
-
-+ /* Allocate space for elements to avoid divisions by zero. */
-+ assert(size > 0);
- t = (struct lh_table *)calloc(1, sizeof(struct lh_table));
- if (!t)
- return NULL;
-
-From d07b91014986900a3a75f306d302e13e005e9d67 Mon Sep 17 00:00:00 2001
-From: Tobias Stoeckmann <tobias@stoeckmann.org>
-Date: Mon, 4 May 2020 19:47:25 +0200
-Subject: [PATCH 3/3] Fix integer overflows.
-
-The data structures linkhash and printbuf are limited to 2 GB in size
-due to a signed integer being used to track their current size.
-
-If too much data is added, then size variable can overflow, which is
-an undefined behaviour in C programming language.
-
-Assuming that a signed int overflow just leads to a negative value,
-like it happens on many sytems (Linux i686/amd64 with gcc), then
-printbuf is vulnerable to an out of boundary write on 64 bit systems.
----
- linkhash.c | 7 +++++--
- printbuf.c | 19 ++++++++++++++++---
- 2 files changed, 21 insertions(+), 5 deletions(-)
-
-diff --git a/linkhash.c b/linkhash.c
-index f05cc38030..51e90b13a2 100644
---- a/linkhash.c
-+++ b/linkhash.c
-@@ -580,9 +580,12 @@ int lh_table_insert_w_hash(struct lh_table *t, const void *k, const void *v, con
- {
- unsigned long n;
-
-- if (t->count >= t->size * LH_LOAD_FACTOR)
-- if (lh_table_resize(t, t->size * 2) != 0)
-+ if (t->count >= t->size * LH_LOAD_FACTOR) {
-+ /* Avoid signed integer overflow with large tables. */
-+ int new_size = INT_MAX / 2 < t->size ? t->size * 2 : INT_MAX;
-+ if (t->size == INT_MAX || lh_table_resize(t, new_size) != 0)
- return -1;
-+ }
-
- n = h % t->size;
-
-diff --git a/printbuf.c b/printbuf.c
-index 976c12dde5..00822fac4f 100644
---- a/printbuf.c
-+++ b/printbuf.c
-@@ -15,6 +15,7 @@
-
- #include "config.h"
-
-+#include <limits.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-@@ -65,10 +66,16 @@ static int printbuf_extend(struct printbuf *p, int min_size)
-
- if (p->size >= min_size)
- return 0;
--
-- new_size = p->size * 2;
-- if (new_size < min_size + 8)
-+ /* Prevent signed integer overflows with large buffers. */
-+ if (min_size > INT_MAX - 8)
-+ return -1;
-+ if (p->size > INT_MAX / 2)
- new_size = min_size + 8;
-+ else {
-+ new_size = p->size * 2;
-+ if (new_size < min_size + 8)
-+ new_size = min_size + 8;
-+ }
- #ifdef PRINTBUF_DEBUG
- MC_DEBUG("printbuf_memappend: realloc "
- "bpos=%d min_size=%d old_size=%d new_size=%d\n",
-@@ -83,6 +90,9 @@ static int printbuf_extend(struct printbuf *p, int min_size)
-
- int printbuf_memappend(struct printbuf *p, const char *buf, int size)
- {
-+ /* Prevent signed integer overflows with large buffers. */
-+ if (size > INT_MAX - p->bpos - 1)
-+ return -1;
- if (p->size <= p->bpos + size + 1)
- {
- if (printbuf_extend(p, p->bpos + size + 1) < 0)
-@@ -100,6 +110,9 @@ int printbuf_memset(struct printbuf *pb, int offset, int charvalue, int len)
-
- if (offset == -1)
- offset = pb->bpos;
-+ /* Prevent signed integer overflows with large buffers. */
-+ if (len > INT_MAX - offset)
-+ return -1;
- size_needed = offset + len;
- if (pb->size < size_needed)
- {
diff --git a/poky/meta/recipes-devtools/json-c/json-c_0.14.bb b/poky/meta/recipes-devtools/json-c/json-c_0.15.bb
similarity index 80%
rename from poky/meta/recipes-devtools/json-c/json-c_0.14.bb
rename to poky/meta/recipes-devtools/json-c/json-c_0.15.bb
index 1d501d1..2968590 100644
--- a/poky/meta/recipes-devtools/json-c/json-c_0.14.bb
+++ b/poky/meta/recipes-devtools/json-c/json-c_0.15.bb
@@ -4,11 +4,9 @@
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=de54b60fbbc35123ba193fea8ee216f2"
-SRC_URI = "https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz \
- file://CVE-2020-12762.patch \
-"
+SRC_URI = "https://s3.amazonaws.com/json-c_releases/releases/${BP}.tar.gz"
-SRC_URI[sha256sum] = "b377de08c9b23ca3b37d9a9828107dff1de5ce208ff4ebb35005a794f30c6870"
+SRC_URI[sha256sum] = "b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6"
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases"
UPSTREAM_CHECK_REGEX = "json-c-(?P<pver>\d+(\.\d+)+)-\d+"