From: Joshua Lock <joshua.lock@collabora.co.uk>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 00/70] Proposed changes for fido
Date: Mon, 11 May 2015 09:40:34 +0100 [thread overview]
Message-ID: <cover.1431326066.git.joshua.lock@collabora.co.uk> (raw)
Please consider the following changes for the fido stable branch.
Regards,
Joshua
The following changes since commit cd3da9c95f48899e134a5b7ed1754fd18985df4f:
curl: several security fixes (2015-04-27 15:25:19 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib joshuagl/fido-next
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/fido-next
Andre McCurdy (2):
libpcap.inc: remove obsolete libnl1 PACKAGECONFIG
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)
Aníbal Limón (2):
lzop: Fix build using x32 ABI
nss: Fix build in x32 ABI
Armin Kuster (1):
crypto: use bigint in x86-64 perl
Bruno Bottazzini (1):
systemd 219 -> system 219-stable
Bryan Evenson (1):
util-linux: Add lastb to alternatives
Carlos Rafael Giani (1):
u-boot.inc: make sure all counter variables are properly unset
Chen Qi (5):
shadow: fix `su' behaviour
uninative-tarball: delete the packagedata task
populate_sdk_base: avoid executing empty function
util-linux: split out util-linux-sulogin
shadow: add 'util-linux-sulogin' to RDEPENDS
Christopher Larson (1):
oe.sstatesig: align swspec handling with sstate.bbclass
Chunrong Guo (1):
groff: add runtime dependency on sed
Cristian Iorga (1):
oeqa/selftest/toaster: fix bad indent
Denys Dmytriyenko (1):
security_flags.inc: elfutils on ARM fails with PIE flags
Dmitry Eremin-Solenikov (2):
lsb: provide lsb-core-ARCH
bitbake.conf: add sed-native to ASSUME_PROVIDED
Gary Thomas (2):
libgpg-error: Fix native build on i686
gst-player: Fix typo
Jean-Benoit MARTIN (1):
package_manager: RpmPM: Fix scriptlet for rpm 4
Joe Slater (1):
nss: generate debug info
Joshua Lock (1):
systemd: remove unused patches
Jukka Rissanen (1):
connman: Create connman.service at proper moment
Jun Zhu (1):
meta/lib/oe/utils.py: Corrected the return value of both_contain()
Junling Zheng (3):
uclibc: fix undefinition of '_dl_strchr' in libdl.a
elfutils: fix an incorrect patch for 0.161
less: fix CVE-2014-9488
Ken Sharp (2):
udev-cache: Remove unnecessary tar read from stdin
udev-cache: improve error handling
Khem Raj (4):
bluez4: Fix encrypt symbol namespace collision
libusb-compat: Include sys/types.h in usb.h
libffi: Use proper compiler define for linux platform
ppp: Add extra include dirs
Koen Kooi (5):
gst-ffmpeg: fix internal-libav builds with inherit autotools-brokensep
gst-ffmpeg: remove bogus patch that leads to build failures
gst-ffmpeg: fix libav-9.patch
libgpg-error 1.18: simplify tupple handling and add armv8b support
strace: fix build for aarch64
Krishnanjanappa, Jagadeesh (2):
dpkg: add triplet entry to fix build error for armeb
ghostscript: add objarch.h for armeb
Li Zhou (5):
xorg-server: Security Advisory - xorg-server - CVE-2015-0255
libarchive: Security Advisory - libarchive - CVE-2015-2304
libxfont: Security Advisory - libxfont - CVE-2015-1802
libxfont: Security Advisory - libxfont - CVE-2015-1803
libxfont: Security Advisory - libxfont - CVE-2015-1804
Mariano Lopez (1):
kexec-tools: Add support for build with x32 ABI in x86_64
Mario Domenech Goulart (1):
useradd_base.bbclass: typo fixes (s/scucess/success/)
Martin Jansa (2):
pango: fix postinst
tzdata: fix postinst
Matt Madison (1):
shadow: split files needed for PAM use into separate package
Matthieu Crapet (1):
util-linux: add lastb.1 and nologin.8 to update-alternatives
Mike Looijmans (1):
alsa-utils: Remove double dependency on udev
Nathan Rossi (1):
python: Change python 2.7.9 to use libffi from the system
Paul Eggleton (4):
devtool: force use of bash when running build within extensible SDK
classes/populate_sdk_ext: disable network connectivity check
mkefidisk.sh: use script mode when running parted
mkefidisk.sh: fix hanging on non-writeable device
Reinette Chatre (1):
init-install-efi.sh: fix gummiboot entry installation
Richard Purdie (1):
autotools: Fix find races on source directory
Robert Yang (5):
pcmciautils: fix for parallel build
aspell: inherit binconfig-disabled
cracklib: add python support back
gnu-efi: fix parallel issue
kernel-devsrc: depends on virtual/kernel:do_install
Ross Burton (1):
systemd: bring back the patch to customise root's $HOME
Roy Li (1):
rsync: backport a patch to fix CVE-2014-9512
Wenzong Fan (1):
perl: module overload rdpends on overloading
tprrt (1):
image: zap_empty_root_password doesn't handle passwd file in shadow
case
meta/classes/autotools.bbclass | 8 +-
meta/classes/image.bbclass | 3 +-
meta/classes/populate_sdk_base.bbclass | 4 +-
meta/classes/populate_sdk_ext.bbclass | 3 +
meta/classes/useradd_base.bbclass | 14 +-
meta/conf/bitbake.conf | 1 +
meta/conf/distro/include/security_flags.inc | 1 +
meta/lib/oe/package_manager.py | 6 +-
meta/lib/oe/sstatesig.py | 8 +-
meta/lib/oe/utils.py | 2 +-
meta/lib/oeqa/selftest/_toaster.py | 2 +-
.../gnu-efi/lib-Makefile-fix-parallel-issue.patch | 38 ++++++
meta/recipes-bsp/gnu-efi/gnu-efi_3.0.1.bb | 1 +
.../Makefile-fix-for-parallel-build.patch | 10 +-
meta/recipes-bsp/u-boot/u-boot.inc | 5 +
.../bluez/bluez4-4.101/fix_encrypt_collision.patch | 110 +++++++++++++++
meta/recipes-connectivity/bluez/bluez4_4.101.bb | 1 +
meta/recipes-connectivity/connman/connman.inc | 6 +-
meta/recipes-connectivity/libpcap/libpcap.inc | 1 -
.../openssl/crypto_use_bigint_in_x86-64_perl.patch | 35 +++++
.../recipes-connectivity/openssl/openssl_1.0.2a.bb | 1 +
meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 6 +-
..._busybox_reject_module_names_with_slashes.patch | 41 ------
meta/recipes-core/busybox/busybox_1.23.1.bb | 1 -
.../initrdscripts/files/init-install-efi.sh | 6 +-
meta/recipes-core/meta/uninative-tarball.bb | 1 +
...iles-avoid-creating-duplicate-acl-entries.patch | 134 ------------------
...ietly-ignore-ACLs-on-unsupported-filesyst.patch | 86 ------------
...0-Make-root-s-home-directory-configurable.patch | 3 +-
...ix-Inappropriate-ioctl-for-device-on-ext4.patch | 37 -----
meta/recipes-core/systemd/systemd_219.bb | 9 +-
meta/recipes-core/uclibc/uclibc-git.inc | 2 +-
...ldso-limited-support-for-ORIGIN-in-rpath.patch} | 92 +++++++++----
meta/recipes-core/udev/udev/udev-cache | 10 +-
meta/recipes-core/util-linux/util-linux.inc | 18 ++-
.../dpkg/dpkg/add_armeb_triplet_entry.patch | 38 ++++++
meta/recipes-devtools/dpkg/dpkg_1.17.21.bb | 1 +
.../uclibc-support-for-elfutils-0.148.patch} | 0
.../uclibc-support-for-elfutils-0.161.patch | 106 +++++++++++++++
meta/recipes-devtools/elfutils/elfutils_0.148.bb | 2 +-
meta/recipes-devtools/elfutils/elfutils_0.161.bb | 2 +-
.../recipes-devtools/perl/perl-rdepends_5.20.0.inc | 1 +
meta/recipes-devtools/python/python_2.7.9.bb | 4 +-
...-an-inc-recursive-path-is-not-right-for-i.patch | 135 ++++++++++++++++++
meta/recipes-devtools/rsync/rsync_3.1.1.bb | 4 +-
.../0001-Add-linux-aarch64-arch_regs.h.patch | 25 ++++
meta/recipes-devtools/strace/strace_4.9.bb | 1 +
meta/recipes-extended/cracklib/cracklib_2.9.2.bb | 28 +++-
.../ghostscript/ghostscript/armeb/objarch.h | 40 ++++++
meta/recipes-extended/groff/groff_1.22.2.bb | 1 +
...ossible-buffer-overrun-with-invalid-UTF-8.patch | 49 +++++++
meta/recipes-extended/less/less_471.bb | 4 +-
...IVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch | 151 +++++++++++++++++++++
.../libarchive/libarchive_3.1.2.bb | 1 +
meta/recipes-extended/lsb/lsb_4.1.bb | 5 +
.../0001-su.c-fix-to-exec-command-correctly.patch | 25 ----
meta/recipes-extended/shadow/shadow.inc | 27 +++-
meta/recipes-extended/tzdata/tzdata.inc | 4 +-
...ps-Use-compiler-internal-define-for-linux.patch | 32 +++++
meta/recipes-gnome/libffi/libffi_3.2.1.bb | 4 +-
meta/recipes-graphics/pango/pango.inc | 10 +-
...acters-bailout-if-a-char-s-bitmap-cannot-.patch | 40 ++++++
...acters-ensure-metrics-fit-into-xCharInfo-.patch | 80 +++++++++++
...erties-property-count-needs-range-check-C.patch | 38 ++++++
meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb | 5 +
...Check-strings-length-against-request-size.patch | 145 ++++++++++++++++++++
...wap-XkbSetGeometry-data-in-the-input-buff.patch | 109 +++++++++++++++
.../xorg-xserver/xserver-xorg_1.16.3.bb | 2 +
.../kexec/kexec-tools/kexec-x32.patch | 113 +++++++++++++++
meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb | 3 +-
meta/recipes-kernel/linux/kernel-devsrc.bb | 2 +-
meta/recipes-multimedia/alsa/alsa-utils_1.0.28.bb | 2 +-
...check-width-more-completely-avoid-out-of-.patch | 30 ----
.../gstreamer/gst-ffmpeg-0.10.13/libav-9.patch | 2 +-
.../gstreamer/gst-ffmpeg_0.10.13.bb | 3 +-
.../gstreamer/gst-player/gst-player.desktop | 2 +-
meta/recipes-support/aspell/aspell_0.60.6.1.bb | 4 +-
.../libgpg-error/libgpg-error_1.18.bb | 10 +-
.../0001-usb.h-Include-sys-types.h.patch | 30 ++++
meta/recipes-support/libusb/libusb-compat_0.1.5.bb | 4 +-
.../lzop/lzop/x32_abi_miniacc_h.patch | 36 +++++
meta/recipes-support/lzop/lzop_1.03.bb | 3 +-
meta/recipes-support/nss/nss.inc | 17 ++-
scripts/contrib/mkefidisk.sh | 21 +--
scripts/lib/devtool/__init__.py | 5 +
85 files changed, 1634 insertions(+), 478 deletions(-)
create mode 100644 meta/recipes-bsp/gnu-efi/gnu-efi/lib-Makefile-fix-parallel-issue.patch
create mode 100644 meta/recipes-connectivity/bluez/bluez4-4.101/fix_encrypt_collision.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
delete mode 100644 meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-tmpfiles-avoid-creating-duplicate-acl-entries.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0002-tmpfiles-quietly-ignore-ACLs-on-unsupported-filesyst.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0013-journal-fix-Inappropriate-ioctl-for-device-on-ext4.patch
rename meta/recipes-core/uclibc/uclibc-git/{orign_path.patch => 0001-ldso-limited-support-for-ORIGIN-in-rpath.patch} (63%)
create mode 100644 meta/recipes-devtools/dpkg/dpkg/add_armeb_triplet_entry.patch
rename meta/recipes-devtools/elfutils/{elfutils/uclibc-support.patch => elfutils-0.148/uclibc-support-for-elfutils-0.148.patch} (100%)
create mode 100644 meta/recipes-devtools/elfutils/elfutils-0.161/uclibc-support-for-elfutils-0.161.patch
create mode 100644 meta/recipes-devtools/rsync/rsync-3.1.1/0001-Complain-if-an-inc-recursive-path-is-not-right-for-i.patch
create mode 100644 meta/recipes-devtools/strace/strace/0001-Add-linux-aarch64-arch_regs.h.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/armeb/objarch.h
create mode 100644 meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/0001-Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
delete mode 100644 meta/recipes-extended/shadow/files/0001-su.c-fix-to-exec-command-correctly.patch
create mode 100644 meta/recipes-gnome/libffi/libffi/0001-mips-Use-compiler-internal-define-for-linux.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadCharacters-bailout-if-a-char-s-bitmap-cannot-.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadCharacters-ensure-metrics-fit-into-xCharInfo-.patch
create mode 100644 meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadProperties-property-count-needs-range-check-C.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-Check-strings-length-against-request-size.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch
create mode 100644 meta/recipes-kernel/kexec/kexec-tools/kexec-x32.patch
delete mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-huffyuvdec-check-width-more-completely-avoid-out-of-.patch
create mode 100644 meta/recipes-support/libusb/libusb-compat/0001-usb.h-Include-sys-types.h.patch
create mode 100644 meta/recipes-support/lzop/lzop/x32_abi_miniacc_h.patch
--
2.1.0
next reply other threads:[~2015-05-11 8:40 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-11 8:40 Joshua Lock [this message]
2015-05-11 8:51 ` [PATCH 00/70] Proposed changes for fido Robert Yang
2015-05-11 15:07 ` Joshua Lock
2015-05-11 12:40 ` Bryan Evenson
2015-05-11 15:07 ` Joshua Lock
2015-05-11 15:46 ` Bryan Evenson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1431326066.git.joshua.lock@collabora.co.uk \
--to=joshua.lock@collabora.co.uk \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.