From: Yue Tao
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before
0.10 allows remote attackers to have an unspecified impact via vectors
related to an uninitialized block index, which triggers an out-of-bound
write.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-39
From: Yue Tao
The prepare_sdp_description function in ffserver.c in FFmpeg before
1.0.2 allows remote attackers to cause a denial of service (crash) via
vectors related to the rtp format.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6617
Signed-off-by: Yue Tao
Signed-off-by: Roy Li
From: Yue Tao
Array index error in the qdm2_decode_super_block function in
libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have
an unspecified impact via crafted QDM2 data, which triggers an
out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-08
From: Yue Tao
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg
before 1.0.2, when running with certain -probesize values, allows remote
attackers to cause a denial of service (crash) via a crafted MP3 file,
possibly related to frame size or lack of sufficient frames to estimate
From: Yue Tao
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg
before 2.1 allow remote attackers to cause a denial of service
(out-of-bounds array access) or possibly have unspecified other impact
via crafted data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7010
From: Yue Tao
The smacker_decode_header_tree function in libavcodec/smacker.c in
FFmpeg before 0.10 allows remote attackers to have an unspecified impact
via crafted Smacker data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3944
file://0001-huffyuvdec-check-width-more-c
From: Yue Tao
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg
before 0.10 allows remote attackers to have an unspecified impact via
crafted Supplemental enhancement information (SEI) data, which triggers
an infinite loop.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-201
From: Yue Tao
Integer overflow in the alac_decode_close function in libavcodec/alac.c
in FFmpeg before 1.1 allows remote attackers to have an unspecified
impact via a large number of samples per frame in Apple Lossless Audio
Codec (ALAC) data, which triggers an out-of-bounds array access.
http:/
From: Yue Tao
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1
allows remote attackers to have an unspecified impact via a crafted
width in huffyuv data with the predictor set to median and the
colorspace set to YUV422P, which triggers an out-of-bounds array access.
http://w
From: Yue Tao
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before
2.1 does not properly maintain a pointer to pixel data, which allows
remote attackers to cause a denial of service (out-of-bounds array
access) or possibly have unspecified other impact via crafted Apple RPZA
data
From: Yue Tao
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before
2.1 does not properly handle certain memory-allocation errors, which
allows remote attackers to cause a denial of service (out-of-bounds
array access) or possibly have unspecified other impact via crafted
data.
h
From: Yue Tao
Double free vulnerability in the vp3_update_thread_context function in
libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have
an unspecified impact via crafted vp3 data.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3934
Signed-off-by: Yue Tao
Signed-of
From: Yue Tao
The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in
FFmpeg before 1.1.3 allows remote attackers to have an unspecified
impact via a crafted PNG image, related to an out-of-bounds array
access.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0875
Signed-off-
From: Yue Tao
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute
arbitrary code via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4351
Signed-off-by: Yue Tao
Signed-off-by: Ro
From: Roy Li
The following changes since commit 6bc3696d8451a23d743daf03ee98c4ba54ce4551:
wget: Remove unneeded DEPENDS line (2014-07-21 19:10:30 +0100)
are available in the git repository at:
git://git.pokylinux.org/poky-contrib roy/ffmpeg-7-21
http://git.pokylinux.org/cgit.cgi/poky-con
From: Yue Tao
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg
before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a
frame is fully initialized, which allows remote attackers to trigger a
NULL pointer dereference via crafted picture data.
http://web.nvd.nist.
From: Yue Tao
The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before
1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an
unspecified impact via a large number of channels in an AAC file, which
triggers an out-of-bounds array access.
http://web.nvd.nist.gov/view/vuln/det
When use default install directory, we can't get the environment setup
script path. The reason is that opkg-cl list incorrect files paths.
This patch sets env_script variable to make us get correct environment
setup script path.
[YOCTO #6443]
Signed-off-by: Chong Lu
---
.../installer/adt-instal
The following changes since commit 5bcda42a946ae8b14aee8864d18745be0a997aaa:
bitbake: fetch2: Add module for ClearCase (ccrc://) (2014-07-21 19:24:29
+0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ChenQi/systemd-udev-hwdb
http://cgit.o
When building out a systemd based image, the udev-hwdb postinstall
script always fails at rootfs time. This is because that the 'udevadm'
command used in udev-hwdb postinstall script is now in the udev
package and udev recommends udev-hwdb.
Instead of letting udev recommends udev-hwdb, we let syst
In systems where bash is not installed and /bin/sh is provided by
busybox. Commands like `su -l -c '/home/root/test' xuser' would fail
complaining the the 'su' applet could not be found.
This patch references the old version of shadow to keep the behaviour
the way it was in old version so that we
The following changes since commit 6bc3696d8451a23d743daf03ee98c4ba54ce4551:
wget: Remove unneeded DEPENDS line (2014-07-21 19:10:30 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ChenQi/shadow-su
http://cgit.openembedded.org/cgit.cgi/o
Add basic signal handling to unmount and remove any temporary files.
Correct a quoting issue with the die() function caught testing signal
handling.
Fix a minor typo in "formatting" output.
Signed-off-by: Darren Hart
---
scripts/contrib/mkefidisk.sh | 6 --
1 file changed, 4 insertions(+), 2
Please ignore this one (2/2), it rearranges output in a way that might
lead to someone pulling the USB key before the sync completes. I will
resend 2/2 of separately.
Apologies :/
On 7/21/14, 15:45, "Darren Hart" wrote:
>Add basic signal handling to unmount and remove any temporary files.
>
>Si
On Tue, 22 Jul 2014 00:32:40 +0200
Martin Jansa wrote:
> I know there is 1.6.1 version in pseudo_git.bb but 1.6.0 is still default
> version and target version fails to build with:
Huh. The 1.6.1 version should now be merged, and that fixes this. (This is
basically why there's a 1.6.1.)
-s
--
On 7/21/14, 5:32 PM, Martin Jansa wrote:
On Wed, Jul 16, 2014 at 09:25:25AM +, g...@git.openembedded.org wrote:
Module: openembedded-core.git
Branch: master
Commit: b8f5d6b493ec759a97b92cf9b4c07ad8a8114de6
URL:
http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=b8f5d6b493ec7
Add basic signal handling to unmount and remove any temporary files.
Signed-off-by: Darren Hart
---
scripts/contrib/mkefidisk.sh | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/scripts/contrib/mkefidisk.sh b/scripts/contrib/mkefidisk.sh
index 44ab8d5..7d48b53 100
The current script intends to redirect stderr to stdout, but instead
redirects to a file named 1. No doubt a regex replace error.
Replace all instances of 2>1 with 2>&1.
Signed-off-by: Darren Hart
---
scripts/contrib/mkefidisk.sh | 38 +++---
1 file changed, 19 i
On Wed, Jul 16, 2014 at 09:25:25AM +, g...@git.openembedded.org wrote:
> Module: openembedded-core.git
> Branch: master
> Commit: b8f5d6b493ec759a97b92cf9b4c07ad8a8114de6
> URL:
> http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=b8f5d6b493ec759a97b92cf9b4c07ad8a8114de6
>
> A
On Tue, Jul 15, 2014 at 11:38:41AM -0400, Denys Dmytriyenko wrote:
> On Tue, Jul 15, 2014 at 08:30:04AM -0700, Saul Wold wrote:
> > On 07/14/2014 07:41 PM, Denys Dmytriyenko wrote:
> > >On Thu, Jun 26, 2014 at 01:43:53PM -0400, Denys Dmytriyenko wrote:
> > >>On Wed, Jun 25, 2014 at 11:41:05PM +0100
* new KERNEL_MODULE_AUTOLOAD syntax doesn't support modules where basename and
module name don't match (usually - and _), e.g.:
module_autoload_bq27x00_battery = "bq27x00-battery"
* sometimes it's useful to load modules in particular order and
module_autoload allowed to just list multiple m
Add handling of --fsoptions in parition definition. Default value of
mount option is 'defaults', all user defined options are appended.
Signed-off-by: Maciej Borzecki
Signed-off-by: Maciek Borzecki
---
scripts/lib/mic/imager/direct.py | 9 -
1 file changed, 8 insertions(+), 1 deletion(-
Contents of /etc/fstab were restored too early, thus overwriting the
autogenerated ones.
Signed-off-by: Maciej Borzecki
Signed-off-by: Maciek Borzecki
---
scripts/lib/mic/imager/direct.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/scripts/lib/mic/imager/direct.py b/s
On Mon, 2014-07-21 at 13:01 +0200, Maciej Borzecki wrote:
> Not including the label image but having multiple partitions of the same
> type, the image file of one partition would overwrite the other.
>
Right, the empty-partition case somehow missed the label - good catch.
Acked-by: Tom Zanussi
Changelog since 2014-07-13 until 2014-07-20. Projects included in this report:
bitbake: git://git.openembedded.org/bitbake
openembedded-core: git://git.openembedded.org/openembedded-core
meta-openembedded: git://git.openembedded.org/meta-openembedded
meta-angstrom: git://github.com/Angstrom-distr
On Mon, Jul 21, 2014 at 6:00 PM, Jacob Kroon wrote:
> Hi Ross,
>
>
> On Mon, Jul 21, 2014 at 2:49 PM, Burton, Ross
> wrote:
>
>> On 21 July 2014 13:39, Jacob Kroon wrote:
>> > gdk-pixbuf-native uses png and jpeg loaders. When updating the
>> > loader-cache, these needs to be already populated i
Richard Purdie writes:
> On Mon, 2014-07-21 at 11:53 -0500, Ben Shelton wrote:
>> From: Richard Tollerton
>>
>> This is for symmetry with udev which also RPROVIDES hotplug.
>>
>> Signed-off-by: Richard Tollerton
>> Signed-off-by: Ben Shelton
>> ---
>> meta/recipes-core/busybox/busybox.inc |
On Mon, 2014-07-21 at 04:59 -0600, Gary Thomas wrote:
> On 2014-07-21 02:27, Richard Purdie wrote:
> > On Thu, 2014-07-17 at 15:53 +0800, Chen Qi wrote:
> >> The following changes since commit
> >> 846bc50fde11bbb36c8eb5b2e3ae6bb644c037f3:
> >>
> >>ltp: use "foreign" automake strictness (2014-
On Mon, 2014-07-21 at 11:53 -0500, Ben Shelton wrote:
> From: Richard Tollerton
>
> This is for symmetry with udev which also RPROVIDES hotplug.
>
> Signed-off-by: Richard Tollerton
> Signed-off-by: Ben Shelton
> ---
> meta/recipes-core/busybox/busybox.inc | 1 +
> 1 file changed, 1 insertion
During boot, there is a brief window during which /dev/initctl is
missing, which breaks initscripts that would need to access it. This
occurs because /etc/init.d/mountall.sh (rcS.d/S02...) attempts to ensure
/dev/initctl is present, but /etc/init.d/mdev (rcS.d/S06...) mounts over
/dev and clobbers
From: Richard Tollerton
This is for symmetry with udev which also RPROVIDES hotplug.
Signed-off-by: Richard Tollerton
Signed-off-by: Ben Shelton
---
meta/recipes-core/busybox/busybox.inc | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/busybox/busybox.inc
b/meta/recipes-
From: Gratian Crisan
Otherwise, users cannot use named semaphores or shared memory.
Signed-off-by: Richard Tollerton
Signed-off-by: Ben Shelton
---
meta/recipes-core/busybox/files/mdev | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/busybox/files/mdev
b/meta/recipes-cor
From: Bill Pittman
/dev/mdev.seq exists to synchronize concurrently running instances of
mdev and to ensure that they execute in the proper order. Without this
synchronization, it is possible to have inconsistent mount points, to
leak device nodes, or to have a node erroneously removed in rapid
On 7/21/14, 8:32, "Richard Purdie"
wrote:
>On Mon, 2014-07-21 at 08:21 -0700, Darren Hart wrote:
>> On 7/18/14, 16:01, "Darren Hart" wrote:
>>
>> >Fixes [YOCTO 6550]
>> >
>> >Images installing both trace-cmd and kernelshark would fail with:
>> >
>> >error: file /usr/bin/trace-cmd conflicts betw
My previous patch adding gummiboot support was missing the line to
remove the initrd line from the boot config. This was an oversight in
copying over the grub setup to gummiboot. Add the necessary logic to
remove it.
Signed-off-by: Darren Hart
---
scripts/contrib/mkefidisk.sh | 1 +
1 file chang
Hi Ross,
On Mon, Jul 21, 2014 at 2:49 PM, Burton, Ross wrote:
> On 21 July 2014 13:39, Jacob Kroon wrote:
> > gdk-pixbuf-native uses png and jpeg loaders. When updating the
> > loader-cache, these needs to be already populated in the sysroot.
> >
> > Although png was present, the jpeg dependenc
The following changes since commit 4d2ac6f6df2b3ef98699dd4f7afadb2d994222bb:
rootfs: Remove the extraneous install directory (2014-07-19 00:18:21 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib roxana/YB6502
http://git.yoctoproject.org/cgit.cgi/poky-c
Added base variables and package backend specific variables to
rootfs[vardeps] in order for rootfs to rebuild when changes are made.
Set some variables as [func] to inform bitbake that they are shell
scripts, so that it invokes its shell dependency parsing. Without
marking them as functions, chang
From: Richard Tollerton
bootlogd does not write to /var/log/boot if it does not exist,
so if using the volatiles facility (presumed to mount /var/log under a
tmpfs), ensure that /var/log/boot gets created.
Signed-off-by: Richard Tollerton
Signed-off-by: Ben Shelton
---
meta/recipes-core/sysvi
From: Richard Tollerton
The messages echoed when starting and stopping bootlogd are currently
printed regardless of the setting of VERBOSE. Adjust the initscript so
they're only printed when VERBOSE is enabled.
Signed-off-by: Richard Tollerton
Signed-off-by: Ben Shelton
---
meta/recipes-core
From: Richard Tollerton
bootlogd's default log rotation code on stop requires `savelog`, which
is in debianutils, which may not be installed. If it's not installed,
don't try to perform the log rotation.
That is: in the affected code block, `savelog` is what is responsible
for creating "boot.0"
On Mon, Jul 21, 2014 at 5:49 AM, Burton, Ross wrote:
> If we can't change the sysroot creation order so that the order is
> zlib, libpng, libjpeg, and then gdk-pixbuf then I think this needs to
> be pulled out to a function that can do neater logic, such as iterate
> through PACKAGECONFIG and add
On Mon, 2014-07-21 at 08:21 -0700, Darren Hart wrote:
> On 7/18/14, 16:01, "Darren Hart" wrote:
>
> >Fixes [YOCTO 6550]
> >
> >Images installing both trace-cmd and kernelshark would fail with:
> >
> >error: file /usr/bin/trace-cmd conflicts between attempted installs of
> >kernelshark-1.2+git0+70
On 7/18/14, 16:01, "Darren Hart" wrote:
>Fixes [YOCTO 6550]
>
>Images installing both trace-cmd and kernelshark would fail with:
>
>error: file /usr/bin/trace-cmd conflicts between attempted installs of
>kernelshark-1.2+git0+7055ffd37b-r3.core2_32 and
>trace-cmd-1.2+git0+7055ffd37b-r3.core2_32
>
Hi,
Getting error while compiling dhcp.
Please find the log as attachment.
Please help.
Regards,
Himanshu
From: "Himanshu Pandey"pandey_himansh...@rediffmail.com
Sent: Mon, 21 Jul 2014 18:31:02 +0530
To: "Robert Yang "liezhi.y...@windriver.com
Subject: Regarding dhcp
Hi,
I am g
This error was seen when building ConnMan. Fixed by not
building ConnMan pptp plugin with module versioning info.
ERROR: QA Issue: non -dev/-dbg/-nativesdk package contains symlink .so:
connman-plugin-vpn-pptp path
'/work/core2-32-oe-linux/connman/1.24+gitAUTOINC+42779cd63c-r20/packages-split/co
GNU Wget cannot be upgrated to a newer that 1.12 version on supported
Centos distro. GNU Wget 1.12 and earlier uses a server-provided filename
instead of the original URL to determine the destination filename of a
download.
This means the files downloaded when fetching cannot be properly used:
$ wg
On 21 July 2014 13:39, Jacob Kroon wrote:
> gdk-pixbuf-native uses png and jpeg loaders. When updating the
> loader-cache, these needs to be already populated in the sysroot.
>
> Although png was present, the jpeg dependency was missing, so add it.
But those dependencies are dependent on a PACKAG
gdk-pixbuf-native uses png and jpeg loaders. When updating the
loader-cache, these needs to be already populated in the sysroot.
Although png was present, the jpeg dependency was missing, so add it.
Fixes:
DEBUG: Executing shell function pixbufcache_sstate_postinst
g_module_open() failed for
> -Original Message-
> From: Burton, Ross [mailto:ross.bur...@intel.com]
> Sent: Monday, July 21, 2014 12:57
> To: Tudor Florea
> Cc: OE-core
> Subject: Re: [OE-core] [PATCH 1/1] buildtools-tarball: Add wget to buildtools-
> tarball
>
> On 20 July 2014 21:00, Tudor Florea wrote:
> > DE
Not including the label image but having multiple partitions of the same
type, the image file of one partition would overwrite the other.
Signed-off-by: Maciej Borzecki
Signed-off-by: Maciek Borzecki
---
scripts/lib/mic/kickstart/custom_commands/partition.py | 6 +++---
1 file changed, 3 insert
Hi Ross,
On ma, 2014-07-21 at 11:55 +0100, Burton, Ross wrote:
> On 21 July 2014 11:03, Jukka Rissanen wrote:
> > Fixing this error by skipping dev-so QA check for
> > connman-plugin-vpn-pptp package.
>
> As discussed on IM but repeating for the list, plugins should always
> be real .so files an
Acked-by: Ross Burton
On 20 July 2014 21:13, Drew Moseley wrote:
> The so files installed by libomxil are not versioned and should
> be installed without version-based symlinks so that omxregister-bellagio
> can properly find and register them.
>
> Signed-off-by: Drew Moseley
> ---
> .../libom
On 2014-07-21 02:27, Richard Purdie wrote:
On Thu, 2014-07-17 at 15:53 +0800, Chen Qi wrote:
The following changes since commit 846bc50fde11bbb36c8eb5b2e3ae6bb644c037f3:
ltp: use "foreign" automake strictness (2014-07-16 10:27:16 +0100)
are available in the git repository at:
git://git.
On 21 July 2014 11:03, Jukka Rissanen wrote:
> Fixing this error by skipping dev-so QA check for
> connman-plugin-vpn-pptp package.
As discussed on IM but repeating for the list, plugins should always
be real .so files and not symlinks to versioned files.
If a plugin is on disk as symlinks and v
On Mon, Jul 21, 2014 at 4:03 AM, Chong Lu wrote:
> Currently, perf can't split to perf-archive, perf-tests, perf-python and
> perf-perl. All files are included in perf package.
> Change the files paths to make split successfully and add perf package
> RDEPEND on the other four to keep it consiste
Fixing this error by skipping dev-so QA check for
connman-plugin-vpn-pptp package.
ERROR: QA Issue: non -dev/-dbg/-nativesdk package contains symlink .so:
connman-plugin-vpn-pptp path
'/work/core2-32-oe-linux/connman/1.24+gitAUTOINC+42779cd63c-r20.0/packages-split/connman-plugin-vpn-pptp/usr/lib
On 20 July 2014 21:00, Tudor Florea wrote:
> DEPENDS = "gnutls zlib libpcre"
> +DEPENDS_class-nativesdk = "nativesdk-gnutls nativesdk-zlib nativesdk-libpcre"
Why do you need to set DEPENDS_class-nativesdk?
Ross
--
___
Openembedded-core mailing list
O
On Mon, 2014-07-21 at 12:15 +0300, Roxana Ciobanu wrote:
> Added base variables and package backend specific variables to
> rootfs[vardeps] in order for rootfs to rebuild when changes are made.
>
> Set some variables as [func] to inform bitbake that they are shell
> scripts, so that it invokes its
The following changes since commit 4d2ac6f6df2b3ef98699dd4f7afadb2d994222bb:
rootfs: Remove the extraneous install directory (2014-07-19 00:18:21 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib roxana/YB6502
http://git.yoctoproject.org/cgit.cgi/poky-c
Added base variables and package backend specific variables to
rootfs[vardeps] in order for rootfs to rebuild when changes are made.
Set some variables as [func] to inform bitbake that they are shell
scripts, so that it invokes its shell dependency parsing. Without
marking them as functions, chang
Otherwise builds are not deterministic.
Signed-off-by: Richard Purdie
diff --git a/meta/recipes-extended/shadow/shadow.inc
b/meta/recipes-extended/shadow/shadow.inc
index 40f58f0..66541f4 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
@@ -75,6
On Thu, 2014-07-17 at 15:53 +0800, Chen Qi wrote:
> The following changes since commit 846bc50fde11bbb36c8eb5b2e3ae6bb644c037f3:
>
> ltp: use "foreign" automake strictness (2014-07-16 10:27:16 +0100)
>
> are available in the git repository at:
>
> git://git.openembedded.org/openembedded-core
73 matches
Mail list logo
