reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch
index 3e3a64d..5f1dd30 100644
--- a/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch
+++ b/poky/meta/recipes-support/gnupg/gnupg/0001-configure.ac-use-a-custom-value-for-the-location-of-.patch
@@ -1,4 +1,4 @@
-From 0b97148c3aad0993a9aeb088596fa63a2fec5328 Mon Sep 17 00:00:00 2001
+From 7eb7efb9ce89c66e14c194773c4dcf6478a6ca4d Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Mon, 22 Jan 2018 18:00:21 +0200
Subject: [PATCH] configure.ac: use a custom value for the location of
@@ -8,15 +8,16 @@
Upstream-Status: Inappropriate [oe-core specific, and only for -native]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
-index 382ef1d..0570d7c 100644
+index 59a2e60..12d390b 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -1818,7 +1818,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf",
+@@ -1841,7 +1841,7 @@ AC_DEFINE_UNQUOTED(GPGCONF_DISP_NAME, "GPGConf",
AC_DEFINE_UNQUOTED(GPGTAR_NAME, "gpgtar", [The name of the gpgtar tool])
@@ -25,6 +26,3 @@
[The name of the agent socket])
AC_DEFINE_UNQUOTED(GPG_AGENT_EXTRA_SOCK_NAME, "S.gpg-agent.extra",
[The name of the agent socket for remote access])
---
-2.15.1
-
diff --git a/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-12020.patch b/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-12020.patch
deleted file mode 100644
index 14698db..0000000
--- a/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-12020.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 13f135c7a252cc46cff96e75968d92b6dc8dce1b Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Fri, 8 Jun 2018 10:45:21 +0200
-Subject: [PATCH] gpg: Sanitize diagnostic with the original file name.
-
-* g10/mainproc.c (proc_plaintext): Sanitize verbose output.
---
-
-This fixes a forgotten sanitation of user supplied data in a verbose
-mode diagnostic. The mention CVE is about using this to inject
-status-fd lines into the stderr output. Other harm good as well be
-done. Note that GPGME based applications are not affected because
-GPGME does not fold status output into stderr.
-
-CVE-id: CVE-2018-12020
-GnuPG-bug-id: 4012
-
-Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=13f135c7a252cc46cff96e75968d92b6dc8dce1b]
-
-Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
----
- g10/mainproc.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/g10/mainproc.c b/g10/mainproc.c
-index d2ceec2fd..a9da08f74 100644
---- a/g10/mainproc.c
-+++ b/g10/mainproc.c
-@@ -851,7 +851,14 @@ proc_plaintext( CTX c, PACKET *pkt )
- if (pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8))
- log_info (_("Note: sender requested \"for-your-eyes-only\"\n"));
- else if (opt.verbose)
-- log_info (_("original file name='%.*s'\n"), pt->namelen, pt->name);
-+ {
-+ /* We don't use print_utf8_buffer because that would require a
-+ * string change which we don't want in 2.2. It is also not
-+ * clear whether the filename is always utf-8 encoded. */
-+ char *tmp = make_printable_string (pt->name, pt->namelen, 0);
-+ log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp);
-+ xfree (tmp);
-+ }
-
- free_md_filter_context (&c->mfx);
- if (gcry_md_open (&c->mfx.md, 0, 0))
---
-2.13.3
-
diff --git a/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-9234.patch b/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-9234.patch
deleted file mode 100644
index d4ba1d8..0000000
--- a/poky/meta/recipes-support/gnupg/gnupg/CVE-2018-9234.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From ce055269c80f6e7c1393c0deec7bc5f0d37895ea Mon Sep 17 00:00:00 2001
-From: Sinan Kaya <okaya@kernel.org>
-Date: Sun, 23 Sep 2018 04:05:47 +0000
-Subject: [PATCH] g10: Fix filtering by PK->REQ_USAGE
-
-Upstream-Status: Backport [https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657]
-CVE: CVE-2018-9234
-Signed-off-by: Sinan Kaya <okaya@kernel.org>
----
- g10/getkey.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/g10/getkey.c b/g10/getkey.c
-index e31e023..ca2500c 100644
---- a/g10/getkey.c
-+++ b/g10/getkey.c
-@@ -1810,6 +1810,8 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock,
- ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
- : KEYDB_SEARCH_MODE_FPR20;
- memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
-+ if (pk)
-+ ctx.req_usage = pk->req_usage;
- rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
- if (!rc && pk)
- pk_from_block (pk, kb, found_key);
---
-2.19.0
-
diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.2.4.bb b/poky/meta/recipes-support/gnupg/gnupg_2.2.9.bb
similarity index 88%
rename from poky/meta/recipes-support/gnupg/gnupg_2.2.4.bb
rename to poky/meta/recipes-support/gnupg/gnupg_2.2.9.bb
index 5a3688a..b7d23b8 100644
--- a/poky/meta/recipes-support/gnupg/gnupg_2.2.4.bb
+++ b/poky/meta/recipes-support/gnupg/gnupg_2.2.9.bb
@@ -14,15 +14,13 @@
file://0002-use-pkgconfig-instead-of-npth-config.patch \
file://0003-dirmngr-uses-libgpg-error.patch \
file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \
- file://CVE-2018-12020.patch \
- file://CVE-2018-9234.patch \
"
SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \
file://relocate.patch"
-SRC_URI[md5sum] = "709e5af5bba84d251c520222e720972f"
-SRC_URI[sha256sum] = "401a3e64780fdfa6d7670de0880aa5c9d589b3db7a7098979d7606cec546f2ec"
+SRC_URI[md5sum] = "52c895a81f514a65e08923736c38654a"
+SRC_URI[sha256sum] = "6278eaabffa1ebc9fa2ceb3dc53eea9a1505ab02a668a86dd6fec06951af2164"
EXTRA_OECONF = "--disable-ldap \
--disable-ccid-driver \