meta-openembedded: subtree update:fd1a0c9210..1bfaa2e63a

Alex Kiernan (1):
      ostree: Upgrade 2019.3 -> 2019.4

Alexander Kanavin (1):
      lua: change a hard readline dependency into an optional one

Andreas Müller (5):
      catfish: upgrade 1.4.9 -> 1.4.10
      polkit-group-rules: Fix error in do_rootfs for rpm package-manager
      jack: upgrade 1.9.12 -> 1.9.13
      fluidsynth: upgrade 2.0.6 -> 2.0.7
      xfce4-panel: upgrade 4.14.0 -> 4.14.1

Bartosz Golaszewski (3):
      networkd-dispatcher: use distro_features_check to check for systemd
      networkd-dispatcher: remove unneeded RDEPENDS
      networkd-dispatcher: inherit systemd class

Changqing Li (1):
      multipath-tools: upgrade 0.8.1 -> 0.8.2

Hongxu Jia (1):
      lvm2: remove unsupported OPTIONS+="event_timeout" rule

Khem Raj (6):
      nvme-cli: Use install-spec target
      jsonrpc: Disable coverage in default build
      bdwgc: Enable C++ support and Additional options for musl
      a2jmidid: Fix build on risv
      tinyalsa: Update to latest
      packagegroup-meta-multimedia: Remove libsquish from rdeps

Martin Schwan (1):
      python-waitress: Add recipes

Paul Eggleton (1):
      mosquitto: update to 1.6.7

Peiran Hong (1):
      tcpdump: Delete unused patch

Peter Kjellerstedt (1):
      kconfig-frontends: Retrieve the Git repository from GitLab

Randy MacLeod (1):
      rwmem: add DESCRIPTION since the summary is vague

Trevor Gamblin (1):
      rsyslog: fix CVE-2019-17040

Zang Ruochen (7):
      firewalld: upgrade 0.7.1 -> 0.7.2
      fetchmail: upgrade 6.3.26 -> 6.4.1
      python-asn1crypto: upgrade 0.24.0 -> 1.0.1
      python-attrs: upgrade 19.1.0 -> 19.2.0
      python-beautifulsoup4: upgrade 4.8.0 -> 4.8.1
      python-cmd2: upgrade 0.9.17 -> 0.9.18
      python-jinja2: upgrade 2.10.1 -> 2.10.3

Change-Id: Ief2d129403b43b308c19093ac63a498c8d51eb50
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.3.bb b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.4.bb
similarity index 98%
rename from meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.3.bb
rename to meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.4.bb
index 1fe7dcf..505c9fc 100644
--- a/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.3.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/ostree/ostree_2019.4.bb
@@ -28,7 +28,7 @@
     file://0001-Always-enable-trivial-httpd-for-tests.patch \
     file://0002-Gate-ostree-trivial-httpd-on-BUILDOPT_TRIVIAL_HTTPD.patch \
 "
-SRCREV = "5c1697da78ebf6250a7130b8b9e6cbfbeaa34296"
+SRCREV = "9d39e7d91e8497987cad69a3fbed5c5fc91eebdc"
 
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+\.\d+)"
 
diff --git a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule.inc b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule.inc
index 06ab106..8ced8ab 100644
--- a/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule.inc
+++ b/meta-openembedded/meta-oe/recipes-extended/polkit/polkit-group-rule.inc
@@ -8,6 +8,6 @@
 
 do_install_prepend() {
     install -m 700 -d ${D}${sysconfdir}/polkit-1/rules.d
-    chown polkitd:polkitd ${D}${sysconfdir}/polkit-1/rules.d
+    chown polkitd:root ${D}/${sysconfdir}/polkit-1/rules.d
 }
 USERADD_PARAM_${PN}_prepend = "--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;"
diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch
new file mode 100644
index 0000000..b494ca6
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch
@@ -0,0 +1,31 @@
+From b0894088b680666035a3418326e13bc99d4fed49 Mon Sep 17 00:00:00 2001
+From: Philippe Duveau <pduveau@users.noreply.github.com>
+Date: Tue, 24 Sep 2019 20:45:25 +0200
+Subject: [PATCH] Out of bounds issue
+
+Add a new sanity check after determining the level len.
+---
+ contrib/pmdb2diag/pmdb2diag.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+Upstream-Status: Backport [https://github.com/rsyslog/rsyslog/commit/b0894088b6]
+CVE: CVE-2019-17040
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+diff --git a/contrib/pmdb2diag/pmdb2diag.c b/contrib/pmdb2diag/pmdb2diag.c
+index 2b5916301..5810eb4df 100644
+--- a/contrib/pmdb2diag/pmdb2diag.c
++++ b/contrib/pmdb2diag/pmdb2diag.c
+@@ -134,6 +134,10 @@ CODESTARTparse2
+ 		ABORT_FINALIZE(0);
+ 	}
+ 
++	/* let recheck with the real level len */
++	if(pMsg->iLenRawMsg - (int)pMsg->offAfterPRI < pInst->levelpos+lvl_len)
++		ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE);
++
+ 	DBGPRINTF("db2parse Level %d\n", pMsg->iSeverity);
+ 
+ 	end = (char*)pMsg->pszRawMsg + pMsg->iLenRawMsg ;
+-- 
+2.17.1
+
diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb
index bbb4b11..bd0dbc1 100644
--- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb
+++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb
@@ -23,6 +23,7 @@
            file://rsyslog.logrotate \
            file://use-pkgconfig-to-check-libgcrypt.patch \
            file://run-ptest \
+           file://0001-Out-of-bounds-issue.patch \
 "
 
 SRC_URI_append_libc-musl = " \