[PATCH 0/3] recipe upgrades

[PATCH 0/3] recipe upgrades

[nitin.a.kamble]

From: Nitin A Kamble <nitin.a.kamble@intel.com>

And update distro tracking data


The following changes since commit d4132fa12885fc050313a5c9aa6903e4fa92c94f:

  ui/depexp: If we're parsing zero files we need to ensure the cache progress bar gets hidden (2011-07-05 23:45:10 +0100)

are available in the git repository at:
  git://git.pokylinux.org/poky-contrib nitin/upgrades
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/upgrades

Nitin A Kamble (3):
  binutils: upgrade from 2.21 to 2.21.1
  gmp: upgrade from 5.0.1 to 5.0.2
  distro tracking: update devel.toolchain recipes's fields

 .../conf/distro/include/distro_tracking_fields.inc |   33 +-
 ...n_2.21.bb => binutils-cross-canadian_2.21.1.bb} |    0
 ...tils-cross_2.21.bb => binutils-cross_2.21.1.bb} |    0
 ...rosssdk_2.21.bb => binutils-crosssdk_2.21.1.bb} |    0
 .../110-arm-eabi-conf.patch                        |    0
 .../binutils-2.19.1-ld-sysroot.patch               |    0
 .../binutils-poison.patch                          |    0
 .../binutils-pr12366.patch                         |    0
 .../binutils-uclibc-100-uclibc-conf.patch          |    0
 ...binutils-uclibc-300-001_ld_makefile_patch.patch |    0
 ...binutils-uclibc-300-006_better_file_error.patch |    0
 ...ils-uclibc-300-012_check_ldrunpath_length.patch |    0
 .../binutils-uclibc-gas-needs-libm.patch           |    0
 .../binutils-x86_64_i386_biarch.patch              |    0
 .../libiberty_path_fix.patch                       |    0
 .../libtool-2.4-update.patch                       | 1725 ++++++++++----------
 .../libtool-rpath-fix.patch                        |    0
 .../{binutils_2.21.bb => binutils_2.21.1.bb}       |    7 +-
 .../gmp/{gmp_5.0.1.bb => gmp_5.0.2.bb}             |    4 +-
 19 files changed, 892 insertions(+), 877 deletions(-)
 rename meta/recipes-devtools/binutils/{binutils-cross-canadian_2.21.bb => binutils-cross-canadian_2.21.1.bb} (100%)
 rename meta/recipes-devtools/binutils/{binutils-cross_2.21.bb => binutils-cross_2.21.1.bb} (100%)
 rename meta/recipes-devtools/binutils/{binutils-crosssdk_2.21.bb => binutils-crosssdk_2.21.1.bb} (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/110-arm-eabi-conf.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-2.19.1-ld-sysroot.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-poison.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-pr12366.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-uclibc-100-uclibc-conf.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-uclibc-300-001_ld_makefile_patch.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-uclibc-300-006_better_file_error.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-uclibc-300-012_check_ldrunpath_length.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-uclibc-gas-needs-libm.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/binutils-x86_64_i386_biarch.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/libiberty_path_fix.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/libtool-2.4-update.patch (94%)
 rename meta/recipes-devtools/binutils/{binutils-2.21 => binutils}/libtool-rpath-fix.patch (100%)
 rename meta/recipes-devtools/binutils/{binutils_2.21.bb => binutils_2.21.1.bb} (87%)
 rename meta/recipes-support/gmp/{gmp_5.0.1.bb => gmp_5.0.2.bb} (67%)

-- 
1.7.4.4

[PATCH 0/3] Recipe upgrades

[Paul Eggleton]

The following changes since commit 8081dcb03f54efd551d1c8fe8a0484f8270053e0:

  pigz: bump to 2.3.1 (2013-10-26 16:08:30 +0100)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib paule/upgrades
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=paule/upgrades

Paul Eggleton (3):
  ethtool: upgrade to 3.11
  openssh: upgrade to 6.3p1
  cmake: upgrade to 2.8.12

 .../openssh/openssh-6.2p2/mac.patch                | 76 ----------------------
 .../openssh/{openssh-6.2p2 => openssh-6.3p1}/init  |  0
 .../{openssh-6.2p2 => openssh-6.3p1}/nostrip.patch |  0
 .../openssh-CVE-2011-4327.patch                    |  0
 .../{openssh-6.2p2 => openssh-6.3p1}/ssh_config    |  0
 .../openssh/{openssh-6.2p2 => openssh-6.3p1}/sshd  |  0
 .../{openssh-6.2p2 => openssh-6.3p1}/sshd.socket   |  0
 .../{openssh-6.2p2 => openssh-6.3p1}/sshd@.service |  0
 .../{openssh-6.2p2 => openssh-6.3p1}/sshd_config   |  0
 .../sshdgenkeys.service                            |  0
 .../volatiles.99_sshd                              |  0
 .../openssh/{openssh_6.2p2.bb => openssh_6.3p1.bb} |  6 +-
 ...e-native_2.8.11.2.bb => cmake-native_2.8.12.bb} |  4 +-
 .../cmake/{cmake_2.8.11.2.bb => cmake_2.8.12.bb}   |  7 +-
 .../{ethtool-3.10 => ethtool-3.11}/run-ptest       |  0
 .../ethtool/{ethtool_3.10.bb => ethtool_3.11.bb}   |  4 +-
 16 files changed, 8 insertions(+), 89 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssh/openssh-6.2p2/mac.patch
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/init (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/nostrip.patch (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/openssh-CVE-2011-4327.patch (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/ssh_config (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/sshd (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/sshd.socket (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/sshd@.service (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/sshd_config (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/sshdgenkeys.service (100%)
 rename meta/recipes-connectivity/openssh/{openssh-6.2p2 => openssh-6.3p1}/volatiles.99_sshd (100%)
 rename meta/recipes-connectivity/openssh/{openssh_6.2p2.bb => openssh_6.3p1.bb} (96%)
 rename meta/recipes-devtools/cmake/{cmake-native_2.8.11.2.bb => cmake-native_2.8.12.bb} (58%)
 rename meta/recipes-devtools/cmake/{cmake_2.8.11.2.bb => cmake_2.8.12.bb} (78%)
 rename meta/recipes-extended/ethtool/{ethtool-3.10 => ethtool-3.11}/run-ptest (100%)
 rename meta/recipes-extended/ethtool/{ethtool_3.10.bb => ethtool_3.11.bb} (87%)

-- 
1.8.1.2

[PATCH 0/3] Recipe upgrades

[Paul Eggleton]

The following changes since commit 24f19fedb40d0af84beb8e9a6595ea06f09d4615:

  gstreamer1.0-omx: use mulitple SCMs to fetch submodules (2014-12-31 08:22:53 +0000)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib paule/upgrades
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=paule/upgrades

Paul Eggleton (3):
  libevdev: upgrade to 1.3
  openssh: upgrade to 6.7p1
  dropbear: upgrade to 2014.66

 .../openssh/openssh/nostrip.patch                  |  20 ----
 .../openssh/openssh/openssh-CVE-2011-4327.patch    |  29 ------
 .../openssh/openssh/openssh-CVE-2014-2653.patch    | 114 ---------------------
 .../openssh/{openssh_6.6p1.bb => openssh_6.7p1.bb} |  14 +--
 meta/recipes-core/dropbear/dropbear.inc            |   2 +-
 .../0001-urandom-xauth-changes-to-options.h.patch  |   2 +-
 meta/recipes-core/dropbear/dropbear_2014.63.bb     |   4 -
 meta/recipes-core/dropbear/dropbear_2014.66.bb     |   4 +
 .../{libevdev_1.2.2.bb => libevdev_1.3.bb}         |   4 +-
 9 files changed, 13 insertions(+), 180 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/nostrip.patch
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch
 rename meta/recipes-connectivity/openssh/{openssh_6.6p1.bb => openssh_6.7p1.bb} (93%)
 delete mode 100644 meta/recipes-core/dropbear/dropbear_2014.63.bb
 create mode 100644 meta/recipes-core/dropbear/dropbear_2014.66.bb
 rename meta/recipes-support/libevdev/{libevdev_1.2.2.bb => libevdev_1.3.bb} (74%)

-- 
1.9.3

[PATCH 1/3] libevdev: upgrade to 1.3

[Paul Eggleton]

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
 meta/recipes-support/libevdev/{libevdev_1.2.2.bb => libevdev_1.3.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-support/libevdev/{libevdev_1.2.2.bb => libevdev_1.3.bb} (74%)

diff --git a/meta/recipes-support/libevdev/libevdev_1.2.2.bb b/meta/recipes-support/libevdev/libevdev_1.3.bb
similarity index 74%
rename from meta/recipes-support/libevdev/libevdev_1.2.2.bb
rename to meta/recipes-support/libevdev/libevdev_1.3.bb
index db4ffc6..7206b30 100644
--- a/meta/recipes-support/libevdev/libevdev_1.2.2.bb
+++ b/meta/recipes-support/libevdev/libevdev_1.3.bb
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=75aae0d38feea6fda97ca381cb9132eb \
                     file://libevdev/libevdev.h;endline=21;md5=7ff4f0b5113252c2f1a828e0bbad98d1"
 
 SRC_URI = "http://www.freedesktop.org/software/libevdev/${BP}.tar.xz"
-SRC_URI[md5sum] = "7c1ee9c2069489b2a25dfde6f8e2ff6a"
-SRC_URI[sha256sum] = "860e9a1d5594393ff1f711cdeaf048efe354992019068408abbcfa4914ad6709"
+SRC_URI[md5sum] = "ab67de8f949e84ae2abb48af09eda423"
+SRC_URI[sha256sum] = "265411ce79a592b3074e9d07fb97d462745d0c7ef178254a6f720245ed253446"
 
 inherit autotools pkgconfig
-- 
1.9.3

[PATCH 2/3] openssh: upgrade to 6.7p1

[Paul Eggleton]

* Drop two CVE patches already handled upstream.
* Drop nostrip.patch which no longer applies and use the existing
  --disable-strip configure option instead.
* OpenSSH 6.7+ no longer supports tcp wrappers. We could apply the
  Debian patch to add support back in, but it seems best to follow
  upstream here unless we have a good reason to do otherwise.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
 .../openssh/openssh/nostrip.patch                  |  20 ----
 .../openssh/openssh/openssh-CVE-2011-4327.patch    |  29 ------
 .../openssh/openssh/openssh-CVE-2014-2653.patch    | 114 ---------------------
 .../openssh/{openssh_6.6p1.bb => openssh_6.7p1.bb} |  14 +--
 4 files changed, 5 insertions(+), 172 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/nostrip.patch
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch
 delete mode 100644 meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch
 rename meta/recipes-connectivity/openssh/{openssh_6.6p1.bb => openssh_6.7p1.bb} (93%)

diff --git a/meta/recipes-connectivity/openssh/openssh/nostrip.patch b/meta/recipes-connectivity/openssh/openssh/nostrip.patch
deleted file mode 100644
index 33111f5..0000000
--- a/meta/recipes-connectivity/openssh/openssh/nostrip.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Disable stripping binaries during make install.
-
-Upstream-Status: Inappropriate [configuration]
-
-Build system specific.
-
-Signed-off-by: Scott Garman <scott.a.garman@intel.com>
-
-diff -ur openssh-5.6p1.orig/Makefile.in openssh-5.6p1/Makefile.in
---- openssh-5.6p1.orig/Makefile.in	2010-05-11 23:51:39.000000000 -0700
-+++ openssh-5.6p1/Makefile.in	2010-08-30 16:49:54.000000000 -0700
-@@ -29,7 +29,7 @@
- RAND_HELPER=$(libexecdir)/ssh-rand-helper
- PRIVSEP_PATH=@PRIVSEP_PATH@
- SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
--STRIP_OPT=@STRIP_OPT@
-+STRIP_OPT=
- 
- PATHS= -DSSHDIR=\"$(sysconfdir)\" \
- 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch
deleted file mode 100644
index 30c11cf..0000000
--- a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-openssh-CVE-2011-4327
-
-A security flaw was found in the way ssh-keysign,
-a ssh helper program for host based authentication,
-attempted to retrieve enough entropy information on configurations that
-lacked a built-in entropy pool in OpenSSL (a ssh-rand-helper program would
-be executed to retrieve the entropy from the system environment).
-A local attacker could use this flaw to obtain unauthorized access to host keys
-via ptrace(2) process trace attached to the 'ssh-rand-helper' program.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4327
-http://www.openssh.com/txt/portable-keysign-rand-helper.adv
-
-Upstream-Status: Pending
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
---- a/ssh-keysign.c
-+++ b/ssh-keysign.c
-@@ -170,6 +170,10 @@
- 	key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
- 	key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
- 	key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
-+	if (fcntl(key_fd[0], F_SETFD, FD_CLOEXEC) != 0 ||
-+	    fcntl(key_fd[1], F_SETFD, FD_CLOEXEC) != 0 ||
-+	    fcntl(key_fd[2], F_SETFD, FD_CLOEXEC) != 0)
-+		fatal("fcntl failed");
- 
- 	original_real_uid = getuid();	/* XXX readconf.c needs this */
- 	if ((pw = getpwuid(original_real_uid)) == NULL)
diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch
deleted file mode 100644
index 674d186..0000000
--- a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-Upstream-Status: Backport
-
-This CVE could be removed if openssh is upgrade to 6.6 or higher.
-Below are some details.
-
-Attempt SSHFP lookup even if server presents a certificate
-
-Reference:
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513
-
-If an ssh server presents a certificate to the client, then the client
-does not check the DNS for SSHFP records. This means that a malicious
-server can essentially disable DNS-host-key-checking, which means the
-client will fall back to asking the user (who will just say "yes" to
-the fingerprint, sadly).
-
-This patch means that the ssh client will, if necessary, extract the
-server key from the proffered certificate, and attempt to verify it
-against the DNS. The patch was written by Mark Wooding
-<mdw@distorted.org.uk>. I modified it to add one debug2 call, reviewed
-it, and tested it.
-
-Signed-off-by: Matthew Vernon <matthew@debian.org>
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
---- a/sshconnect.c
-+++ b/sshconnect.c
-@@ -1210,36 +1210,63 @@ fail:
- 	return -1;
- }
- 
-+static int
-+check_host_key_sshfp(char *host, struct sockaddr *hostaddr, Key *host_key)
-+{
-+	int rc = -1;
-+	int flags = 0;
-+	Key *raw_key = NULL;
-+
-+	if (!options.verify_host_key_dns)
-+		goto done;
-+
-+	/* XXX certs are not yet supported for DNS; try looking the raw key
-+	 * up in the DNS anyway.
-+	 */
-+	if (key_is_cert(host_key)) {
-+		debug2("Extracting key from cert for SSHFP lookup");
-+		raw_key = key_from_private(host_key);
-+		if (key_drop_cert(raw_key))
-+			fatal("Couldn't drop certificate");
-+		host_key = raw_key;
-+	}
-+
-+	if (verify_host_key_dns(host, hostaddr, host_key, &flags))
-+		goto done;
-+
-+	if (flags & DNS_VERIFY_FOUND) {
-+
-+		if (options.verify_host_key_dns == 1 &&
-+				flags & DNS_VERIFY_MATCH &&
-+				flags & DNS_VERIFY_SECURE) {
-+			rc = 0;
-+		} else if (flags & DNS_VERIFY_MATCH) {
-+			matching_host_key_dns = 1;
-+		} else {
-+			warn_changed_key(host_key);
-+			error("Update the SSHFP RR in DNS with the new "
-+					"host key to get rid of this message.");
-+		}
-+	}
-+
-+done:
-+	if (raw_key)
-+		key_free(raw_key);
-+	return rc;
-+}
-+
- /* returns 0 if key verifies or -1 if key does NOT verify */
- int
- verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
- {
--	int flags = 0;
- 	char *fp;
- 
- 	fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- 	debug("Server host key: %s %s", key_type(host_key), fp);
- 	free(fp);
- 
--	/* XXX certs are not yet supported for DNS */
--	if (!key_is_cert(host_key) && options.verify_host_key_dns &&
--	    verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
--		if (flags & DNS_VERIFY_FOUND) {
--
--			if (options.verify_host_key_dns == 1 &&
--			    flags & DNS_VERIFY_MATCH &&
--			    flags & DNS_VERIFY_SECURE)
--				return 0;
--
--			if (flags & DNS_VERIFY_MATCH) {
--				matching_host_key_dns = 1;
--			} else {
--				warn_changed_key(host_key);
--				error("Update the SSHFP RR in DNS with the new "
--				    "host key to get rid of this message.");
--			}
--		}
--	}
-+	if (check_host_key_sshfp(host, hostaddr, host_key) == 0)
-+		return 0;
- 
- 	return check_host_key(host, hostaddr, options.port, host_key, RDRW,
- 	    options.user_hostfiles, options.num_user_hostfiles,
--- 
-1.7.9.5
-
diff --git a/meta/recipes-connectivity/openssh/openssh_6.6p1.bb b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
similarity index 93%
rename from meta/recipes-connectivity/openssh/openssh_6.6p1.bb
rename to meta/recipes-connectivity/openssh/openssh_6.7p1.bb
index abc302b..19093fc 100644
--- a/meta/recipes-connectivity/openssh/openssh_6.6p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb
@@ -11,11 +11,9 @@ DEPENDS = "zlib openssl"
 DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 
 SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \
-           file://nostrip.patch \
            file://sshd_config \
            file://ssh_config \
            file://init \
-           file://openssh-CVE-2011-4327.patch \
            ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
            file://sshd.socket \
            file://sshd@.service \
@@ -23,13 +21,12 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
            file://volatiles.99_sshd \
            file://add-test-support-for-busybox.patch \
            file://run-ptest \
-           file://openssh-CVE-2014-2653.patch \
            file://auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch"
 
 PAM_SRC_URI = "file://sshd"
 
-SRC_URI[md5sum] = "3e9800e6bca1fbac0eea4d41baa7f239"
-SRC_URI[sha256sum] = "48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb"
+SRC_URI[md5sum] = "3246aa79317b1d23cae783a3bf8275d6"
+SRC_URI[sha256sum] = "b2f8394eae858dabbdef7dac10b99aec00c95462753e80342e530bbb6f725507"
 
 inherit useradd update-rc.d update-alternatives systemd
 
@@ -42,9 +39,6 @@ INITSCRIPT_PARAMS_${PN}-sshd = "defaults 9"
 SYSTEMD_PACKAGES = "${PN}-sshd"
 SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket"
 
-PACKAGECONFIG ??= "tcp-wrappers"
-PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,,tcp-wrappers"
-
 inherit autotools-brokensep ptest
 
 # LFS support:
@@ -56,7 +50,9 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
                 --without-zlib-version-check \
                 --with-privsep-path=/var/run/sshd \
                 --sysconfdir=${sysconfdir}/ssh \
-                --with-xauth=/usr/bin/xauth"
+                --with-xauth=/usr/bin/xauth \
+                --disable-strip \
+                "
 
 # Since we do not depend on libbsd, we do not want configure to use it
 # just because it finds libutil.h.  But, specifying --disable-libutil
-- 
1.9.3

[PATCH 3/3] dropbear: upgrade to 2014.66

[Paul Eggleton]

* Upgrade to upstream 2014.66; incorporates several minor bugfix
  releases.
* LIC_FILES_CHKSUM changed because the copyright year changed; there was
  no change to the license text itself.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
 meta/recipes-core/dropbear/dropbear.inc                               | 2 +-
 .../dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch   | 2 +-
 meta/recipes-core/dropbear/dropbear_2014.63.bb                        | 4 ----
 meta/recipes-core/dropbear/dropbear_2014.66.bb                        | 4 ++++
 4 files changed, 6 insertions(+), 6 deletions(-)
 delete mode 100644 meta/recipes-core/dropbear/dropbear_2014.63.bb
 create mode 100644 meta/recipes-core/dropbear/dropbear_2014.66.bb

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 947a491..e187d04 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -5,7 +5,7 @@ SECTION = "console/network"
 # some files are from other projects and have others license terms:
 #   public domain, OpenSSH 3.5p1, OpenSSH3.6.1p2, PuTTY
 LICENSE = "MIT & BSD-3-Clause & BSD-2-Clause & PD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=4d290ce0ac102c828dfc9ce836784688"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e3a1b9604afd1648b28b0c6f1709e9f4"
 
 DEPENDS = "zlib"
 RPROVIDES_${PN} = "ssh sshd" 
diff --git a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
index 71a4666..dc9d578 100644
--- a/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
+++ b/meta/recipes-core/dropbear/dropbear/0001-urandom-xauth-changes-to-options.h.patch
@@ -13,7 +13,7 @@ index 7d06322..71a21c2 100644
  /* The command to invoke for xauth when using X11 forwarding.
   * "-q" for quiet */
  #ifndef XAUTH_COMMAND
--#define XAUTH_COMMAND "/usr/bin/X11/xauth -q"
+-#define XAUTH_COMMAND "/usr/bin/xauth -q"
 +#define XAUTH_COMMAND "xauth -q"
  #endif
  
diff --git a/meta/recipes-core/dropbear/dropbear_2014.63.bb b/meta/recipes-core/dropbear/dropbear_2014.63.bb
deleted file mode 100644
index bb7e617..0000000
--- a/meta/recipes-core/dropbear/dropbear_2014.63.bb
+++ /dev/null
@@ -1,4 +0,0 @@
-require dropbear.inc
-
-SRC_URI[md5sum] = "7066bb9a2da708f3ed06314fdc9c47fd"
-SRC_URI[sha256sum] = "595992de432ba586a0e7e191bbb1ad587727678bb3e345b018c395b8c55b57ae"
diff --git a/meta/recipes-core/dropbear/dropbear_2014.66.bb b/meta/recipes-core/dropbear/dropbear_2014.66.bb
new file mode 100644
index 0000000..8931eb7
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear_2014.66.bb
@@ -0,0 +1,4 @@
+require dropbear.inc
+
+SRC_URI[md5sum] = "c21a01111aa5015db038c6efdb85717d"
+SRC_URI[sha256sum] = "ab3fe2670a517cc0bbe398ff5d15e9ca12cd14f2fc18930a8111ae2baa64ab76"
-- 
1.9.3

Re: [PATCH 1/3] libevdev: upgrade to 1.3

[Paul Eggleton]

On Monday 05 January 2015 11:27:43 Paul Eggleton wrote:
> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>

So it turns out that the upstream website doesn't list the latest version, 
which is 1.3.2 (I've emailed the maintainer). I'd suggest ignoring this patch, 
I'll send another which upgrades to that version instead.

Cheers,
Paul

-- 

Paul Eggleton
Intel Open Source Technology Centre