And modified condition to install complementary packages.
Signed-off-by: Lucian Musat
mailto:george.l.mu...@intel.com>>
---
meta/lib/oeqa/runtime/_ptest.py | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/meta/lib/oeqa/runtime/_ptest.py b/meta/lib/oeqa/runtime/
Removed Poky-1.4, Poky-1.5, Ubuntu-13.10, Fedora-19,
CentOs-6.4,Suse-LINUX-12.2. Replaced the list of Debian-7.x with wildcard.
Signed-off-by: Lucian Musat
mailto:george.l.mu...@intel.com>>
---
meta-yocto/conf/distro/poky.conf | 14 +-
1 file changed, 1 insertion(+), 13 deletions
Wenzong,
I wanted to just patch 1.8.9 for dizzy since 1.8.10 included more than
just security fixes. Looks like my subject should have included
[dizzy] even though the cover letter did. I will have to be more
careful next time.
thanks,
Armin
On 11/18/2014 05:29 PM, wenzong fan wrote:
Th
From: Roy Li
Issue: LIN7-1755
Issue: LIN7-1739
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8541
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension
differences, and not bits-per-pixel differences, when determining whether an
image size has changed, which allows re
From: Roy Li
Backport patch to fix the segfault when do multiple.
Signed-off-by: Roy Li
Signed-off-by: Mark Hatle
---
.../nss/files/Using-correct-macro-for-x86.patch| 42 ++
meta/recipes-support/nss/nss.inc | 1 +
2 files changed, 43 insertions(+)
c
The companion debug filesystem contains only the package database and the
complementary *-dbg packages for the main filesystem component. This is
useful in a production environment to produce a companion filesystem capable
of remote system debugging, without requiring corresponding debug symbols o
From: Robert Yang
[ Sent for Yocto Project compliance, unlikely to be generally applicable ]
There are no MS_* macros are added after glibc 2.7.0, but it is 2.5 on
CentOS 5.10, so workaround atm, I think that we can try to use the
macros from libmount.h as a fix.
Signed-off-by: Robert Yang
Sig
From: Robert Yang
Disable it since ICE on mips with wr toolchain only:
translate.c:7838:1: internal compiler error: Segmentation fault
Signed-off-by: Robert Yang
Signed-off-by: Mark Hatle
---
meta/recipes-devtools/qemu/qemu_2.1.0.bb | 1 +
meta/recipes-devtools/qemu/qemu_git.bb | 1 +
2 f
From: Yue Tao
WARNING: QA Issue: lib64-libpam: Files/directories were installed but
not shipped
/usr/sbin/pam_console_apply
Because the package name is changed to mlprefix-pam-plugin-console. The file
must be appended to that item.
Signed-off-by: Yue Tao
Signed-off-by: Mark Hatle
---
meta/
From: Yue Tao
[ Sent for Yocto Project compliance, not believed to be generally applicable ]
do_rootfs() runs depmod on the final rootfs, so the depmod files are
in the rootfs image. But the kernel module .tgz doesn't have the files.
If you un-tar the new version of the kernel module .tgz on t
As https://subversion.apache.org/security/CVE-2014-3522-advisory.txt
mentioned:
We recommend all users to upgrade to Subversion 1.8.10. Users of
Subversion 1.7.x or 1.8.x who are unable to upgrade may apply the
included patch. We also recommend that all users upgrade to Serf 1.3.7
or n
There's subversion 1.8.10 in master branch that has included the CVE fixes.
Would you like to backport 1.8.10 from master? Or just patch 1.8.9 to
fix this CVE?
Thanks
Wenzong
On 11/19/2014 12:18 AM, Armin Kuster wrote:
From: Yue Tao
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1
Peter Seebach writes:
>
> On Tue, 11 Nov 2014 10:55:24 +
> Richard Purdie wrote:
>
> > > Whilst I haven't 100% confirmed it,
> > >
https://autobuilder.yoctoproject.org/main/builders/poky-tiny/builds/102/steps/...
> > > looks like it may well be as a result of this change (which was include
From: Chong Lu
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus
making them apply broader than cookies are allowed. This can allow arbitrary
sites to set cookies that then would get sent to a different and unrelated site
or domain.
(From OE-Core rev: ddbaade8afbc976758
(From OE-Core rev: 3ab9dfb703835fee21fd73c4e5cbad1c34c6a163)
Signed-off-by: Armin Kuster
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-extended/tzdata/tzdata_2014j.bb | 6 ++
1 file changed, 6 insertions(+)
create mode 100644 meta/r
From: Chong Lu
By not detecting and rejecting domain names for partial literal IP addresses
properly when parsing received HTTP cookies, libcurl can be fooled to both
sending cookies to wrong sites and into allowing arbitrary sites to set cookies
for others.
(From OE-Core rev: 985ef933208da1dd1f
From: Chong Lu
the patch comes from:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1568
https://bugzilla.mozilla.org/show_bug.cgi?id=1064636
nss ng log:
=
changeset: 11252:ad411fb64046
user:Kai Engert
date:Tue Sep 23 19:28:34 2014 +0200
summary: Fix bug 10646
(From OE-Core rev: 2f8940e8b2a0537f131a6d5410e85bba07a8c116)
Signed-off-by: Armin Kuster
Signed-off-by: Ross Burton
Signed-off-by: Richard Purdie
Signed-off-by: Armin Kuster
---
meta/recipes-extended/tzcode/tzcode-native_2014j.bb | 10 ++
1 file changed, 10 insertions(+)
create mode
From: Yue Tao
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before
1.8.10 uses an MD5 hash of the URL and authentication realm to store
cached credentials, which makes it easier for remote servers to obtain
the credentials via a crafted authentication realm.
http://web.nvd.nist.g
Please consider the these changes for Dizzy next.
The following changes since commit 6dcaf44d8c28c466ff271d5f5585a84632bf8769:
subversion: Security Advisory - subversion - CVE-2014-3522 (2014-11-11
09:04:57 -0800)
are available in the git repository at:
git://git.yoctoproject.org/poky-co
From: Jackie Huang
* Add a patch to use CROSSPYTHONPATH as PYTHONPATH for
PYTHON_FOR_BUILD, otherwise CROSSPYTHONPATH is never used,
and it use the path in target builds to find libraries.
* Add a patch to avoid finding host headers and libs
* Fix a typo: s/python-native3/python3-native/
S
21 matches
Mail list logo
