- 27 Jan, 2022 1 commit
-
-
wangmy authored
Changelog: ========== *) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier (cve.mitre.org) A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. *) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier (cve.mitre.org) A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). *) http: Enforce that fully qualified uri-paths not to be forward-proxied have an http(s) scheme, and that the ones to be forward proxied have a hostname, per HTTP specifications. *) OpenSSL autoconf detection improvement: pick up openssl.pc in the specified openssl path. *) mod_proxy_connect, mod_proxy: Do not change the status code after we already sent it to the client. *) mod_http: Correctly sent a 100 Continue status code when sending an interim response as result of an Expect: 100-Continue in the request and not the current status code of the request. PR 65725 *) mod_dav: Some DAV extensions, like CalDAV, specify both document elements and property elements that need to be taken into account when generating a property. The document element and property element are made available in the dav_liveprop_elem structure by calling dav_get_liveprop_element(). *) mod_dav: Add utility functions dav_validate_root_ns(), dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and dav_find_attr() so that other modules get to play too. *) mpm_event: Restart stopping of idle children after a load peak. PR 65626. *) mod_http2: fixes 2 regressions in server limit handling. 1. When reaching server limits, such as MaxRequestsPerChild, the HTTP/2 connection send a GOAWAY frame much too early on new connections, leading to invalid protocol state and a client failing the request. See PR65731. The module now initializes the HTTP/2 protocol correctly and allows the client to submit one request before the shutdown via a GOAWAY frame is being announced. 2. A regression in v1.15.24 was fixed that could lead to httpd child processes not being terminated on a graceful reload or when reaching MaxConnectionsPerChild. When unprocessed h2 requests were queued at the time, these could stall. See <https://github.com/icing/mod_h2/issues/212>. *) mod_ssl: Add build support for OpenSSL v3. *) mod_proxy_connect: Honor the smallest of the backend or client timeout while tunneling. *) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP half-close forwarding when tunneling protocols. *) core: Be safe with ap_lingering_close() called with a socket NULL-ed by a third-party module. PR 65627. *) mod_md: Fix memory leak in case of failures to load the private key. PR 65620 *) mod_md: adding v2.4.8 with the following changes - Added support for ACME External Account Binding (EAB). Use the new directive `MDExternalAccountBinding` to provide the server with the value for key identifier and hmac as provided by your CA. While working on some servers, EAB handling is not uniform across CAs. First tests with a Sectigo Certificate Manager in demo mode are successful. But ZeroSSL, for example, seems to regard EAB values as a one-time-use-only thing, which makes them fail if you create a seconde account or retry the creation of the first account with the same EAB. - The directive 'MDCertificateAuthority' now checks if its parameter is a http/https url or one of a set of known names. Those are 'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test' for now and they are not case-sensitive. The default of LetsEncrypt is unchanged. - `MDContactEmail` can now be specified inside a `<MDomain dnsname>` section. - Treating 401 HTTP status codes for orders like 403, since some ACME servers seem to prefer that for accessing oders from other accounts. - When retrieving certificate chains, try to read the repsonse even if the HTTP Content-Type is unrecognized. - Fixed a bug that reset the error counter of a certificate renewal and prevented the increasing delays in further attempts. - Fixed the renewal process giving up every time on an already existing order with some invalid domains. Now, if such are seen in a previous order, a new order is created for a clean start over again. See <https://github.com/icing/mod_md/issues/268 > - Fixed a mixup in md-status handler when static certificate files and renewal was configured at the same time. *) mod_md: values for External Account Binding (EAB) can now also be configured to be read from a separate JSON file. This allows to keep server configuration permissions world readable without exposing secrets. *) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO. PR 65616. Signed-off-by:Wang Mingyu <wangmy@fujitsu.com> Signed-off-by:
Khem Raj <raj.khem@gmail.com> (cherry picked from commit ea76fc64 ) Signed-off-by:
Armin Kuster <akuster808@gmail.com>
-
- 31 Dec, 2021 2 commits
-
-
Yi Zhao authored
Changelog: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-3.3.20.HISTORY Signed-off-by:
Yi Zhao <yi.zhao@windriver.com> Signed-off-by:
-
Yi Zhao authored
Backport a patch to fix build against glibc 2.34 (e.g. on Fedora 35) Fixes: | In file included from attr_clnt.c:88: | /usr/include/unistd.h:363:13: error: conflicting types for ‘closefrom’; have ‘void(int)’ | 363 | extern void closefrom (int __lowfd) __THROW; | | ^~~~~~~~~ | In file included from attr_clnt.c:87: | ./sys_defs.h:1506:12: note: previous declaration of ‘closefrom’ with type ‘int(int)’ | 1506 | extern int closefrom(int); | | ^~~~~~~~~ Signed-off-by:
-
- 27 Dec, 2021 5 commits
-
-
Sakib Sajal authored
Backport patch to fix CVE-2021-43527. Signed-off-by:
Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by:
-
Peter Kjellerstedt authored
The master branch has been renamed to main in the github repo. Change-Id: I19e9ea3998cf22508425d87fceb64ae68fbff166 Signed-off-by:
Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by:
-
Changqing Li authored
Signed-off-by:
Changqing Li <changqing.li@windriver.com> Signed-off-by:
-
Mingli Yu authored
The original fix for team_basic_test.py only change the interpreter to python3, but still some error as below: # ./run-ptest File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 35 print "Usage: team_basic_test.py [OPTION...]" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ SyntaxError: Missing parentheses in call to 'print'. Did you mean print(...)? # ./run-ptest RUN #1 # "ip link add testteamx type team" # "teamnl testteamx getoption mode" # "ip link del testteamx" # "modprobe -r team_mode_loadbalance team_mode_roundrobin team_mode_activebackup team_mode_broadcast team" Traceback (most recent call last): File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 206, in <module> main() File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 203, in main btest.run() File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 180, in run self._run_one_loop(i + 1) File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 173, in _run_one_loop self._run_one_mode(mode_name) File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 101, in _run_one_mode cmd_exec("teamnl %s getoption mode" % team_name, "*NOMODE*") File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 80, in cmd_exec raise CmdExecUnexpectedOutputException(output, expected_output) __main__.CmdExecUnexpectedOutputException: Command execution output unexpected: "b'*NOMODE*'" != "*NOMODE*" So rework team_basic_test.py to fix the above issue. Signed-off-by:Mingli Yu <mingli.yu@windriver.com> Signed-off-by:
-
Changqing Li authored
Commit [1] changed the pidfile dir to /var/run/syslog-ng. This also changed the location where the control socket is searched for, causing the following error with systemd: root@qemux86-64:~# syslog-ng-ctl config Error connecting control socket, socket='/var/run/syslog-ng/syslog-ng.ctl', error='No such file or directory' Update the systemd service file to point to the new location. [1] 00d1d63e ("syslog-ng: provide correct PID directory location to restart/stop syslog-ng daemon") (master rev: b57d824f ) Signed-off-by:
lmorales <luisalejandro.moralespena@windriver.com> Signed-off-by:
Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by:
-
- 05 Dec, 2021 1 commit
-
-
Jeremy Puhlman authored
master branch has been removed upstream Signed-off-by:
Jeremy A. Puhlman <jpuhlman@mvista.com> [tweeked to apply to previous branch define] Signed-off-by:
-
- 18 Nov, 2021 3 commits
-
-
Khem Raj authored
Signed-off-by:
-
Martin Jansa authored
* with PTEST_ENABLED it enables with-tests PACKAGECONFIG which instead of using system googletest gmock, tries to fetch googletest from github and fails because branch was recently renamed from master to main | -- Found PkgConfig: /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/bin/pkg-config (found version "0.29.2") | -- Checking for module 'libsystemd>=236' | -- Found libsystemd, version 249 | -- Building with tests | Fetching googletest... | [1/9] Creating directories for 'googletest-populate' | [1/9] Performing download step (git clone) for 'googletest-populate' | Cloning into 'googletest-src'... | fatal: invalid reference: master | CMake Error at googletest-subbuild/googletest-populate-prefix/tmp/googletest-populate-gitclone.cmake:40 (message): | Failed to checkout tag: 'master' | | | FAILED: googletest-populate-prefix/src/googletest-populate-stamp/googletest-populate-download | cd /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/build/_deps && /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/bin/cmake -P /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/build/_deps/googletest-subbuild/googletest-populate-prefix/tmp/googletest-populate-gitclone.cmake && /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/bin/cmake -E touch /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/build/_deps/googletest-subbuild/googletest-populate-prefix/src/googletest-populate-stamp/googletest-populate-download | ninja: build stopped: subcommand failed. | | CMake Error at /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/share/cmake-3.19/Modules/FetchContent.cmake:989 (message): | Build step for googletest failed: 1 | Call Stack (most recent call first): | /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/share/cmake-3.19/Modules/FetchContent.cmake:1118:EVAL:2 (__FetchContent_directPopulate) | /OE/tmp-glibc/work/qemux86-oe-linux/sdbus-c++/0.8.3-r0/recipe-sysroot-native/usr/share/cmake-3.19/Modules/FetchContent.cmake:1118 (cmake_language) | tests/CMakeLists.txt:17 (FetchContent_Populate) | | | -- Configuring incomplete, errors occurred! * unfortunately this backported patch fixes the fetching failure, because it uses release-${GOOGLETEST_VERSION} tag instead of now non-existent master branch, but is not enough to prevent fetching from github during do_configure: -- Building with tests -- Could NOT find GTest (missing: GTest_DIR) -- Checking for module 'gmock>=1.10.0' -- No package 'gmock' found Fetching googletest... we also need to add googletest dependency to with-tests PACKAGECONFIG was fixed in meta-oe/master with the upgrade to 1.0.0: https://github.com/openembedded/meta-openembedded/commit/b26b66e5da92718b4e99a57fbfaaef9e751c3cfe#diff-48a847e7323703994fd2ce0fcb731ff860fa955a77cdfe39d71a9cc84a042c06L15 then it's ok and not fetching: -- Building with tests -- Looking for pthread.h -- Looking for pthread.h - found Signed-off-by:Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by:
-
Changqing Li authored
Signed-off-by:
-
- 16 Nov, 2021 1 commit
-
-
Otto Esko authored
- can-utils and dstat recipes were using the colon override syntax introduced in honister - revert back to underline override notation Signed-off-by:
Otto Esko <otto.esko@gmail.com> Signed-off-by:
-
- 13 Nov, 2021 1 commit
-
-
Armin Kuster authored
This patch updates SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls as generated by the conversion script in OE-Core. Signed-off-by:
-
- 07 Nov, 2021 1 commit
-
-
Zoltán Böszörményi authored
Without the branch setting, this error occurs: ERROR: c-ares-native-1.16.0+gitrAUTOINC+74a1426ba6-r0 do_fetch: Fetcher failure: Unable to find revision 74a1426ba60e2cd7977e53a22ef839c87415066e in branch master even from upstream ERROR: c-ares-native-1.16.0+gitrAUTOINC+74a1426ba6-r0 do_fetch: Fetcher failure for URL: 'git://github.com/c-ares/c-ares.git '. Unable to fetch URL from any source. Signed-off-by:
Zoltán Böszörményi <zboszor@gmail.com> Signed-off-by:
-
- 02 Nov, 2021 3 commits
-
-
Khem Raj authored
Since it uses multiple fetch URIs make it explicit to define SRCREV_FORMAT Signed-off-by:
-
Khem Raj authored
Since it uses multiple fetch URIs make it explicit to define SRCREV_FORMAT Signed-off-by:
-
Changqing Li authored
refer https://redis.io/ , this upgrade container sereval CVE fixes. Signed-off-by:
-
- 30 Oct, 2021 1 commit
-
-
Richard Purdie authored
Fixes in OE-Core added some pkgconfig dependencies back and this flagged that the .pc file was in ${PN}, not ${PN}-dev. Fix that. Signed-off-by:Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by:
-
- 29 Oct, 2021 2 commits
-
-
Changqing Li authored
Fixes CVEs: CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32675 CVE-2021-32687 CVE-2021-32762 CVE-2021-41099 Signed-off-by:
-
Armin Kuster authored
Source: Apache.org MR: 113457, 113453 Type: Security Fix Disposition: Backport from apache.org 2.4.51 ChangeID: 9d7b58f49487baff99bf8f101e53217425a2b81f Description: Bug fix only update. LTS version https://httpd.apache.org/security/vulnerabilities_24.html Fixes CVEs: CVE-2021-42013 CVE-2021-41524 CVE-2021-41773 Signed-off-by:
Armin Kuster <akuster@mvista.com> Signed-off-by:
-
- 23 Oct, 2021 2 commits
-
-
Changqing Li authored
This upgrade fix CVE-2021-3677 refer: https://www.postgresql.org/support/security/CVE-2021-3677/ Signed-off-by:
-
Mingli Yu authored
Drop 2 seccomp patches as seccomp sandbox policy tweaks in new version [1]. [1] https://security.appspot.com/vsftpd/Changelog.txt Signed-off-by:
-
- 19 Oct, 2021 2 commits
-
-
Chen Qi authored
This upgrade revolves a bunch of CVEs. See more details in: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp . These CVEs cannot be reolved one by one. Upgrading the package is the only reasonable way. Signed-off-by:
Chen Qi <Qi.Chen@windriver.com> [CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263] Signed-off-by:
-
Trevor Gamblin authored
"import pyinotify" throws an error for these modules if they are not included. Signed-off-by:
Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by:
-
- 08 Oct, 2021 4 commits
-
-
Trevor Gamblin authored
Backport an upstream fix since an uprev would include potentially-breaking functionality changes. Signed-off-by:
-
Sakib Sajal authored
Changes: i) removed patches contained in newer version ii) LIC_FILES_CHKSUM changed because of the following commits: 6013c7bc Just make it easier for the doc 82d26095 merge duplicate COPYING files Signed-off-by:
-
Trevor Gamblin authored
Backport a patch from version 0.4.2 upstream since the uprev would add functionality changes. Signed-off-by:
-
Peter Kjellerstedt authored
Inheriting setuptools3 incorrectly adds the dependency on python3-core to libiio instead of to libiio-python3 where it belongs. Signed-off-by:
-
- 26 Sep, 2021 4 commits
-
-
wangmy authored
Changes with Apache 2.4.49 *) SECURITY: CVE-2021-40438 (cve.mitre.org) mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic] *) SECURITY: CVE-2021-39275 (cve.mitre.org) core: ap_escape_quotes buffer overflow *) SECURITY: CVE-2021-36160 (cve.mitre.org) mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic] *) SECURITY: CVE-2021-34798 (cve.mitre.org) core: null pointer dereference on malformed request *) SECURITY: CVE-2021-33193 (cve.mitre.org) mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing] *) core/mod_proxy/mod_ssl: Adding `outgoing` flag to conn_rec, indicating a connection is initiated by the server to somewhere, in contrast to incoming connections from clients. Adding 'ap_ssl_bind_outgoing()` function that marks a connection as outgoing and is used by mod_proxy instead of the previous optional function `ssl_engine_set`. This enables other SSL module to secure proxy connections. The optional functions `ssl_engine_set`, `ssl_engine_disable` and `ssl_proxy_enable` are now provided by the core to have backward compatibility with non-httpd modules that might use them. mod_ssl itself no longer registers these functions, but keeps them in its header for backward compatibility. The core provided optional function wrap any registered function like it was done for `ssl_is_ssl`. [Stefan Eissing] *) mod_ssl: Support logging private key material for use with wireshark via log file given by SSLKEYLOGFILE environment variable. Requires OpenSSL 1.1.1. PR 63391. [Joe Orton] *) mod_proxy: Do not canonicalize the proxied URL when both "nocanon" and "ProxyPassInterpolateEnv On" are configured. PR 65549. [Joel Self <joelself gmail.com>] *) mpm_event: Fix children processes possibly not stopped on graceful restart. PR 63169. [Joel Self <joelself gmail.com>] *) mod_proxy: Fix a potential infinite loop when tunneling Upgrade(d) protocols from mod_proxy_http, and a timeout triggering falsely when using mod_proxy_wstunnel, mod_proxy_connect or mod_proxy_http with upgrade= setting. PRs 65521 and 65519. [Yann Ylavic] *) mod_unique_id: Reduce the time window where duplicates may be generated PR 65159 [Christophe Jaillet] *) mpm_prefork: Block signals for child_init hooks to prevent potential threads created from there to catch MPM's signals. [Ruediger Pluem, Yann Ylavic] *) Revert "mod_unique_id: Fix potential duplicated ID generation under heavy load. PR 65159" added in 2.4.47. This causes issue on Windows. [Christophe Jaillet] *) mod_proxy_uwsgi: Fix PATH_INFO setting for generic worker. [Yann Ylavic] *) mod_md: Certificate/keys pairs are verified as matching before a renewal is accepted as successful or a staged renewal is replacing the existing certificates. This avoid potential mess ups in the md store file system to render the active certificates non-working. [@mkauf] *) mod_proxy: Faster unix socket path parsing in the "proxy:" URL. [Yann Ylavic] *) mod_ssl: tighten the handling of ALPN for outgoing (proxy) connections. If ALPN protocols are provided and sent to the remote server, the received protocol selected is inspected and checked for a match. Without match, the peer handshake fails. An exception is the proposal of "http/1.1" where it is accepted if the remote server did not answer ALPN with a selected protocol. This accomodates for hosts that do not observe/support ALPN and speak http/1.x be default. *) mod_proxy: Fix possible reuse/merging of Proxy(Pass)Match worker instances with others when their URLs contain a '$' substitution. PR 65419 + 65429. [Yann Ylavic] *) mod_dav: Add method_precondition hook. WebDAV extensions define conditions that must exist before a WebDAV method can be executed. This hook allows a WebDAV extension to verify these preconditions. [Graham Leggett] *) Add hooks deliver_report and gather_reports to mod_dav.h. Allows other modules apart from versioning implementations to handle the REPORT method. [Graham Leggett] *) Add dav_get_provider(), dav_open_lockdb(), dav_close_lockdb() and dav_get_resource() to mod_dav.h. [Graham Leggett] *) core: fix ap_escape_quotes substitution logic. [Eric Covener] *) Easy patches: synch 2.4.x and trunk - mod_auth_basic: Use ap_cstr_casecmp instead of strcasecmp. - mod_ldap: log and abort locking errors. - mod_ldap: style fix for r1831165 - mod_ldap: build break fix for r1831165 - mod_deflate: Avoid hard-coded "%ld" format strings in mod_deflate's logging statements - mod_deflate: Use apr_uint64_t instead of uint64_t (follow up to r1849590) - mod_forensic: Follow up to r1856490: missing one mod_log_forensic test_char_table case. - mod_rewrite: Save a few cycles. - mod_request: Fix a comment (missing '_' in 'keep_body') and some style issues - core: remove extra whitespace in HTTP_NOT_IMPLEMENTED [Christophe Jaillet] *) core/mpm: add hook 'child_stopping` that gets called when the MPM is stopping a child process. The additional `graceful` parameter allows registered hooks to free resources early during a graceful shutdown. [Yann Ylavic, Stefan Eissing] *) mod_proxy: Fix icomplete initialization of BalancerMember(s) from the balancer-manager, which can lead to a crash. [Yann Ylavic] *) mpm_event: Fix graceful stop/restart of children processes if connections are in lingering close for too long. [Yann Ylavic] *) mod_md: fixed a potential null pointer dereference if ACME/OCSP server returned 2xx responses without content type. Reported by chuangwen. [chuangwen, Stefan Eissing] *) mod_md: - Domain names in `<MDomain ...>` can now appear in quoted form. - Fixed a failure in ACME challenge selection that aborted further searches when the tls-alpn-01 method did not seem to be suitable. - Changed the tls-alpn-01 setup to only become unsuitable when none of the dns names showed support for a configured 'Protocols ... acme-tls/1'. This allows use of tls-alpn-01 for dns names that are not mapped to a VirtualHost. [Stefan Eissing] *) Add CPING to health check logic. [Jean-Frederic Clere] *) core: Split ap_create_request() from ap_read_request(). [Graham Leggett] *) core, h2: common ap_parse_request_line() and ap_check_request_header() code. [Yann Ylavic] *) core: Add StrictHostCheck to allow unconfigured hostnames to be rejected. [Eric Covener] *) htcacheclean: Improve help messages. [Christophe Jaillet] Signed-off-by: -
zangrc authored
parser: Fix VSLENGTH parsing with trailing garbage eval: Do not cache value of eflag in evaltree Signed-off-by:
Zang Ruochen <zangrc.fnst@fujitsu.com> Signed-off-by:
-
zangrc authored
Refresh the following patch: donnot-extract-gdb-during-do-compile.patch remove-unrecognized-gcc-option-m32-for-mips.patch 0001-printk-add-support-for-lockless-ringbuffer.patch 0002-printk-use-committed-finalized-state-values.patch Removed since these are included in 7.3.0. Signed-off-by:
-
Alexander Kanavin authored
This replicates the fix from canutils.bb, for the same issue. See the link in the comment for details. Signed-off-by:
Alexander Kanavin <alex@linutronix.de> Signed-off-by:
-
- 20 Sep, 2021 1 commit
-
-
Marek Vasut authored
The tool depends on the six module, add it, otherwise the following traceback happens when running it on the target: Traceback (most recent call last): File "/usr/bin/dstat", line 32, in <module> import six ModuleNotFoundError: No module named 'six' Signed-off-by:Marek Vasut <marex@denx.de> Cc: Khem Raj <raj.khem@gmail.com> Cc: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by:
-
- 15 Sep, 2021 1 commit
-
-
Mingli Yu authored
Fixes for the following security vulnerabilities: CVE-2021-2372 CVE-2021-2389 Signed-off-by:
-
- 14 Sep, 2021 1 commit
-
-
Changqing Li authored
Refer: https://c-ares.org/adv_20210810.html https://github.com/c-ares/c-ares/commit/362f91d807d293791008cdb7616d40f7784ece83 https://github.com/c-ares/c-ares/commit/44c009b8e62ea1929de68e3f438181bea469ec14 Signed-off-by:
-
- 09 Sep, 2021 1 commit
-
-
Khem Raj authored
This function has been added upstream as well, therefore the patch is no longer needed Signed-off-by:
-
- 07 Sep, 2021 3 commits
-
-
Joe Slater authored
Backport from version 6.2.5. Signed-off-by:
Joe Slater <joe.slater@windriver.com> Signed-off-by:
-
Kristian Klausen authored
Without the udevrules cryptsetup luksOpen will be hanging with "Udev cookie 0xd4de0f6 (semid 5) waiting for zero". Signed-off-by:
-
Peter Kjellerstedt authored
Otherwise cryptsetup-native depends on the target kernel and thus the target compiler, as can be seen by: $ bitbake -g cryptsetup-native $ grep 'cryptsetup.*linux-yocto' task-depends.dot "cryptsetup-native.do_build" -> "linux-yocto.do_deploy" "cryptsetup-native.do_build" -> "linux-yocto.do_package_write_rpm" "cryptsetup-native.do_populate_sysroot" -> "linux-yocto.do_populate_sysroot" $ grep 'linux-yocto.*gcc-cross' task-depends.dot "linux-yocto.do_kernel_configme" -> "gcc-cross-x86_64.do_populate_sysroot" "linux-yocto.do_prepare_recipe_sysroot" -> "gcc-cross-x86_64.do_populate_sysroot" This also moves the runtime dependencies to near the end of the recipe, which is more customary. Signed-off-by:
-
