On 10/4/2018 11:55 PM, Sinan Kaya wrote:
* CVE-2018-10754
A NULL pointer dereference was found in the way the _nc_parse_entry
function parses terminfo data for compilation. An attacker able to provide
specially crafted terminfo data could use this flaw to crash the
application parsing it.
Affect
* CVE-2018-11233
Code to sanity-check pathnames on NTFS can result in reading
out-of-bounds memory.
Affects < 2.17.1
CVE: CVE-2018-11233
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1583888
Signed-off-by: Sinan Kaya
---
.../git/files/CVE-2018-11233.patch| 44 +++
* CVE-2018-10754
A NULL pointer dereference was found in the way the _nc_parse_entry
function parses terminfo data for compilation. An attacker able to provide
specially crafted terminfo data could use this flaw to crash the
application parsing it.
Affects < 6.1.20180414
CVE: CVE-2018-10754
Ref:
On 10/05/2018 03:54 AM, Alejandro Enedino Hernandez Samaniego wrote:
> Hey Anuj,
>
>
> On 10/03/2018 10:09 PM, Anuj Mittal wrote:
>> Move inclusion of common patches to .inc to simplify things a bit.
>>
>> Signed-off-by: Anuj Mittal
>> ---
>> meta/recipes-devtools/python/python-native_2.7.15.b
On 10/05/2018 03:54 AM, Alejandro Enedino Hernandez Samaniego wrote:
> Hey Anuj,
>
>
> On 10/03/2018 10:09 PM, Anuj Mittal wrote:
>> Move inclusion of common patches to .inc to simplify things a bit.
>>
>> Signed-off-by: Anuj Mittal
>> ---
>> meta/recipes-devtools/python/python-native_2.7.15.b
* CVE-2018-1060
Prevent low-grade poplib REDOS:
The regex to test a mail server's timestamp is susceptible to
catastrophic backtracking on long evil responses from the server.
Happily, the maximum length of malicious inputs is 2K thanks
to a limit introduced in the fix for CVE-2013-1752.
* CVE-20
* CVE-2018-14404
A null pointer dereference vulnerability exists in the
xpath.c:xmlXPathCompOpEval()
function of libxml2 when parsing invalid XPath expression. Applications
processing
untrusted XSL format inputs with the use of libxml2 library may be vulnerable to
denial of service attack due to
On Thu, Oct 4, 2018 at 8:24 AM Pascal Bach wrote:
>
> Builds include host /usr/include as the wrong wayland variable was used.
> The issue only surfaces if CMAKE_SYSROOT is properly set.
>
this seems fine
> Signed-off-by: Pascal Bach
> ---
> ...-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch
On Thu, Oct 4, 2018 at 3:03 PM Richard Purdie
wrote:
>
> On Thu, 2018-10-04 at 15:29 +0200, Angelo Dureghello wrote:
> > Signed-off-by: Angelo Dureghello
> > ---
> > meta/conf/machine/include/m68k/README| 9 +
> > meta/conf/machine/include/m68k/arch-m68k.inc | 8
> > 2 f
On Thu, 2018-10-04 at 15:29 +0200, Angelo Dureghello wrote:
> Signed-off-by: Angelo Dureghello
> ---
> meta/conf/machine/include/m68k/README| 9 +
> meta/conf/machine/include/m68k/arch-m68k.inc | 8
> 2 files changed, 17 insertions(+)
> create mode 100644 meta/conf/machi
Hey Anuj,
On 10/03/2018 10:09 PM, Anuj Mittal wrote:
Move inclusion of common patches to .inc to simplify things a bit.
Signed-off-by: Anuj Mittal
---
meta/recipes-devtools/python/python-native_2.7.15.bb | 3 ---
meta/recipes-devtools/python/python.inc | 3 +++
meta/recipes-d
On Thu, 2018-10-04 at 08:29 +0300, grygorii tertychnyi via
Openembedded-core wrote:
> Append '\n' to the non-empty formatted string before return. If you
> write it to the (manifest) file, it will ensure file ends with a
> newline.
>
> Many GNU utilities have problems processing the last line of a
The CMakeLists.txt of piglit uses pkgconfig internally.
This makes sure pkgconfig-native is available in any case.
Signed-off-by: Pascal Bach
---
meta/recipes-graphics/piglit/piglit_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/piglit/piglit_git
Builds include host /usr/include as the wrong wayland variable was used.
The issue only surfaces if CMAKE_SYSROOT is properly set.
Signed-off-by: Pascal Bach
---
...-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch | 32 ++
meta/recipes-graphics/piglit/piglit_git.bb |
Hi Burton,
On Thu, Oct 04, 2018 at 02:55:37PM +0100, Burton, Ross wrote:
> I'm curious: the data sheet for the processor you mention in 4/4 says
> that it ha 64K of RAM. Are there other processors in the range, or
> have you done incredible things?
>
64KB is the internal static ram (SRAM), that'
On Thu, Oct 4, 2018 at 3:55 PM Burton, Ross wrote:
>
> I'm curious: the data sheet for the processor you mention in 4/4 says
> that it ha 64K of RAM. Are there other processors in the range, or
> have you done incredible things?
>
> Ross
Heh,
64K is the internal sram..
There is a sdram controll
Current run-ptest script prints nothing, when stress tests fail.
Fix it in new implementation, discarding external dependency on sed.
Also leave in place all stress output, just add standard ptest result.
Fixes: 3f0106bf2e41 ("libusb: Add ptest")
Signed-off-by: Maksym Kokhan
Reviewed-by: Andrii B
I'm curious: the data sheet for the processor you mention in 4/4 says
that it ha 64K of RAM. Are there other processors in the range, or
have you done incredible things?
Ross
On Thu, 4 Oct 2018 at 14:30, Angelo Dureghello wrote:
>
>
> This patch serie adds initial support for m68k architecture.
Signed-off-by: Angelo Dureghello
---
meta/conf/machine/include/m68k/README| 9 +
meta/conf/machine/include/m68k/arch-m68k.inc | 8
2 files changed, 17 insertions(+)
create mode 100644 meta/conf/machine/include/m68k/README
create mode 100644 meta/conf/machine/include/m68
This patch adds tuning for the mcf5441x ColdFire family.
Signed-off-by: Angelo Dureghello
---
meta/conf/machine/include/tune-mcf5441x.inc | 13 +
1 file changed, 13 insertions(+)
create mode 100644 meta/conf/machine/include/tune-mcf5441x.inc
diff --git a/meta/conf/machine/include/t
Signed-off-by: Angelo Dureghello
---
meta/classes/kernel-arch.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/kernel-arch.bbclass b/meta/classes/kernel-arch.bbclass
index 2b52a63c64..07ec242e63 100644
--- a/meta/classes/kernel-arch.bbclass
+++ b/meta/classes/kernel-arch.b
Signed-off-by: Angelo Dureghello
---
meta/classes/siteinfo.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes/siteinfo.bbclass b/meta/classes/siteinfo.bbclass
index 24585d5842..411e70478e 100644
--- a/meta/classes/siteinfo.bbclass
+++ b/meta/classes/siteinfo.bbclass
@@ -33,6
This patch serie adds initial support for m68k architecture.
A Linux kernel build has been tested successfully using a local
meta layer, or kernel-yocto.
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.opene
OEDEM is basically full at this time.
https://www.openembedded.org/wiki/OEDEM_2018
We have had the room rearranged to seat 45 people and I am not sure how
we would handle anyone over this. If you know you can't make it, could
you please remove your name from the attendee list. We'd like to get a
On Thu, Oct 04, 2018 at 12:59:37PM +0200, Andrej Valek wrote:
> This init feature was introduced via
> http://lists.openembedded.org/pipermail/openembedded-core/2016-January/116109.html
> which is from 2016. Busybox has this runlevel applet available from 2005.
>
> I think, Raj was trying to make
This init feature was introduced via
http://lists.openembedded.org/pipermail/openembedded-core/2016-January/116109.html
which is from 2016. Busybox has this runlevel applet available from 2005.
I think, Raj was trying to make this system really tiny. So, I am not
sure, what would be the impact, if
I'm not against this change, but would it make sense to enable runlevel
applet in:
meta/recipes-core/busybox/busybox/init.cfg
and drop the runlevel shell script completely?
On Thu, Oct 4, 2018 at 12:42 PM Andrej Valek
wrote:
> When CONFIG_RUNLEVEL is enabled, it conflicts with installed OE's scr
BB_DONT_CACHE was not set for non-virtual recipes where PN != BPN, such
as quilt-native. Recipes that do not set BBCLASSEXTEND should always
have BB_DONT_CACHE set by externalsrc.
Signed-off-by: Ola x Nilsson
---
meta/classes/externalsrc.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 dele
When CONFIG_RUNLEVEL is enabled, it conflicts with installed OE's script.
Make grep quite for prevent to write information into logs.
Signed-off-by: Andrej Valek
---
meta/recipes-core/busybox/busybox.inc | 20 +++-
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/me
The patch associated with the CVE-2017-8872 report was never merged into
libxml2, but a slightly different patch for the same problem was. Cherry-pick
that as a backport, which also fixes the failing test suite.
Signed-off-by: Ross Burton
---
.../libxml/libxml2/fix-CVE-2017-8872.patch |
30 matches
Mail list logo
