1.0 ROLLING CUMULATIVE PATCH LAYER OVERVIEW This is a Rolling Cumulative Patch Layer for the base Wind River Linux LTS 19 release. This RCPL provides fixes for known problems. For information on updating your projects, see the Product Updates section of the Wind River Linux Getting Started guide. https://docs.windriver.com/bundle/Wind_River_Linux_Getting_Started_LTS_19/page/tfk1473951651031.html The update procedure involves updating your projectDir/wrlinux-x repository, and then re-running the setup.sh program with the original arguments. The procedure for upgrading your project is shown in the Updating Wind River Linux section of that guide: https://docs.windriver.com/bundle/Wind_River_Linux_Getting_Started_LTS_19/page/mmo1403548753903.html 2.0 RCPL Update Implementation The distribution is a set of git repositories that are used to generate project directories at setup time. An RCPL appends new fixes to these repositories. As a result, the git repositories can grow with each new RCPL. The product name branches include two specific branch names. The first is a continuous integration branch. The continuous integration branch tracks the latest RCPL version release by Wind River, and does not include an RCPL number. For example: * WRLINUX_10_19_BASE * WRLINUX_10_19_LTS These branches will always match the latest released RCPL. The second branch name is RCPL-specific, with a reference to a specific RCPL, such as: * WRLINUX_10_19_BASE_UPDATE0001 * WRLINUX_10_19_LTS_RCPL0002 To identify which branch you are on, run the following commands: $ cd projectDir/wrlinux-x $ git branch 3.0 Selecting a specific RCPL Follow the procedure as indicated in the Updating Wind River Linux section of the Wind River Linux Getting Started guide located at: https://docs.windriver.com/bundle/Wind_River_Linux_Getting_Started_LTS_19/page/mmo1403548753903.html In step 3, of the procedure you will use the branchName of the RCPL that you wish to use. For example: $ git checkout WRLINUX_10_19_LTS_RCPL0002 4.0 Change Log The following is a summary of the changes made in each RCPL version. The initial product distribution occurred with RCPL0001. Defect List: ======================= LTS 19 Update 4 =============================== none - srcrev.inc: wrlinux srcrev update 2020-02-06 LINCD-759 - image_types_ota.bbclass: Fix wic generated images using the A/B layout LINCD-922 - init-ostree,init.luks-ostree: Use blockdev for auto partition expansion LINCD-703 - boot.scr, u-boot-uenv: Fix network install to use $use_fdtdtb LIN1019-4002 - ppp: Security Advisory - ppp - CVE-2020-8597 LIN1019-3982 - virglrenderer: fix CVE-2020-8002 and CVE-2020-8003 LIN1019-3981 - virglrenderer: fix CVE-2020-8002 and CVE-2020-8003 LINCD-694 - init-ostree-install.sh, bootfs.sh: Allow install using local ostree_repo on alternate device LINCD-440 - wr-ostree: add COMPATIBLE_HOST for package u-boot-uenv LINCD-799 - image_types_ostree: correct dependency to wic-tools LINCD-824 - ostree install: Add proper support for NVME devices LINCD-659 - bootfs.sh: Add information for using bmap-tools-native package LINCD-689 - bootfs.sh: Fix ostree pull URL computation LINCD-817 - bootfs.sh, grub.cfg: Add auto install support option for x86 LINCD-817 - bootfs.sh,init-ostree-install.sh: Add support for a list of disks to try LINCD-671 - init-ostree-install.sh: installing from one device to another fails none - srcrev.inc: wrlinux srcrev update 2020-02-03 LIN1019-3964 - samba: fix CVE-2019-19344 CVE-2019-14902 CVE-2019-14907 LIN1019-3963 - samba: fix CVE-2019-19344 CVE-2019-14902 CVE-2019-14907 LIN1019-3962 - samba: fix CVE-2019-19344 CVE-2019-14902 CVE-2019-14907 LIN1019-3966 - libxml2: Security Advisory - libxml2 - CVE-2020-7595 none - srcrev.inc: wrlinux srcrev update 2020-01-22 none - srcrev.inc: wrlinux srcrev update 2020-01-20 LIN1019-3926 - kbd: avoid vlock conflict with busybox LIN1019-3926 - kbd: configure.ac: Fix logic of vlock configure switch [ LIN1019-3926 ] none - srcrev.inc: wrlinux srcrev update 2020-01-19 LIN1019-3935 - grub-efi-efi-secure-boot.inc: use task_prepend instead of prefuncs for do_sign LIN1019-3932 - container image: remove wic wic.bmap image types LIN1019-3931 - container image: remove wic wic.bmap image types none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-3911 - cri-o: Disable for all mips machines [ LIN1019-3911 ] none - wrlinux-version.inc: Move to update 4 LIN1019-3849 - wrlinux-kernel-dev: rename bbappend file with '%' wildcard LIN1019-3911 - cri-o: Disable for all mips machines [ LIN1019-3911 ] none - IP disclosures - 2020-01-15 - 10.19.45.03 LIN1019-3896 - dnsmasq: CVE-2019-14834 LIN1019-3917 - open-vm-tools: fix build error with usrmerge feature none - Revert "rpcbind: Changing --with-statedir from /var/run/rpcbind to [ LIN1019-3815 ] /run/rpcbind" LIN1019-3815 - rpcbind: Changing ListenStream from /var/run/rpcbind.sock [ LIN1019-3815 ] to /run/rpcbind.sock LIN1019-3868 - linux-yocto-rt: Remove AUTOREV for SRCREV_* in linux-yocto-rt [ LIN1019-3868 ] LIN1019-3909 - phpmyadmin: Security Advisory - phpmyadmin - CVE-2020-5504 LIN1019-3900 - nfs-utils: get the path of rpcgen via which command none - srcrev.inc: wrlinux srcrev update 2020-01-09 LIN1019-3824 - rpm-integrity: Use _append for PACKAGECONFIG LIN1019-3866 - efitools: do not do_sign if GRUB_SIGN_VERIFY not enabled LIN1019-3907 - README.k8s.genericx86-64: add step to build cube-k8s-node LIN1019-3877 - tigervnc: fix CVE-2019-15691 CVE-2019-15693 CVE-2019-15695 LIN1019-3875 - tigervnc: fix CVE-2019-15691 CVE-2019-15693 CVE-2019-15695 LIN1019-3873 - tigervnc: fix CVE-2019-15691 CVE-2019-15693 CVE-2019-15695 ======================= LTS 19 Update 3 =============================== LIN1019-3883 - sqlite3: CVE-2019-19959, 20218 LIN1019-3882 - sqlite3: CVE-2019-19959, 20218 none - Merge branch 'WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LIN1019-3888 - setup.sh: Restrict the working python file to be python2 [ LIN1019-3888 ] none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LINUXPG-280 - ntp: Fix the issue that ntp.sh fails to update ntp.conf on read-only-rootfs LINUXPG-280 - dhcp: Make dhclient-script can update /etc/resolv.conf on read only rootfs LINUXPG-280 - readonly-root: Added /etc/ntp into VOLATILE_BINDS LIN1019-3865 - openssl-no-weak-ciphers: fix wrong PACKAGECONFIG LIN1019-3811 - shadow: Security Advisory - shadow - CVE-2019-19882 none - srcrev.inc: wrlinux srcrev update 2020-01-06 LIN1019-3835 - python3: Fix the installation path of libpython3.7m.a for multilib LIN1019-3835 - python3: Do not hardcode "lib" for distutils LIN1019-3857 - sqlite3: CVE-2019-19923,24,25,26 LIN1019-3856 - sqlite3: CVE-2019-19923,24,25,26 LIN1019-3855 - sqlite3: CVE-2019-19923,24,25,26 LIN1019-3825 - sqlite3: CVE-2019-19923,24,25,26 none - Merge branch 'WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LIN1019-3837 - setup.sh: Restrict the python file link to python2 [V2] [ LIN1019-3837 ] LIN1019-3860 - samba: fix wrong shebang for python3 none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-3814 - dbus: Change path of system_bus_socket from /var/run/dbus/ to [ LIN1019-3814 ] /run/dbus/ none - Revert "04_wrl_buildtools.sh: Update buildtools to 10.19.45.3" LINUXEXEC-5666 - 04_wrl_buildtools.sh: Update buildtools to 10.19.45.3 none - Updated docs for RCPL 3 none - srcrev.inc: wrlinux srcrev update 2020-01-01 LINUXEXEC-5281 - wrlinux-overc: Adding documents for Xilinx ZC702, ZC706 and Raspberry Pi4 LINUXEXEC-5273 - sbin: adding board specific functions for Raspberry Pi4 LINUXEXEC-5273 - cube-installer: support zImage deployed on ARM board none - meta-signing-key/conf/layer.conf: Add download layers to LAYERRECOMMENDS LIN1019-3862 - libxml2: Security Advisory - libxml2 - CVE-2019-19956 LIN1019-3845 - virglrenderer: fix 4 CVEs LIN1019-3844 - virglrenderer: fix 4 CVEs LIN1019-3843 - virglrenderer: fix 4 CVEs LIN1019-3842 - virglrenderer: fix 4 CVEs LIN1019-3817 - sudo: Security Advisory - CVE-2019-19232 CVE-2019-19234 LIN1019-3816 - sudo: Security Advisory - CVE-2019-19232 CVE-2019-19234 none - srcrev.inc: wrlinux srcrev update 2019-12-25 LINUXEXEC-5381 - wrlinux-whitelist.conf: add open-vm-tools and dependencies [LINUXEXEC-5381] none - Merge branch 'WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LINUXEXEC-5381 - meta-oe-dl-3-0.xml: Add github.com.vmware.open-vm-tools.git for open-vm-tools_11.0.1.bb [LINUXEXEC-5381] LINUXEXEC-5381 - open-vm-tools: Enable tirpc explicitly, fix build with 64bit time_t [LINUXEXEC-5381] LINUXEXEC-5381 - open-vm-tools: Fix build by removing deprecated G_INLINE_FUNC [LINUXEXEC-5381] LINUXEXEC-5381 - open-vm-tools: Upgrade to 11.0.1 [LINUXEXEC-5381] LIN1019-3832 - php: fix 6 CVEs LIN1019-3831 - php: fix 6 CVEs LIN1019-3830 - php: fix 6 CVEs LIN1019-3829 - php: fix 6 CVEs LIN1019-3828 - php: fix 6 CVEs LIN1019-3827 - php: fix 6 CVEs LIN1019-3815 - rpcbind: Changing --with-statedir from /var/run/rpcbind to [ LIN1019-3815 ] /run/rpcbind LIN1019-3812 - sqlite3: CVE-2019-19880 none - srcrev.inc: wrlinux srcrev update 2019-12-19 LIN1019-3813 - ostree u-boot wic images: only partition 1 should be marked as active LIN1019-3808 - image_types_ota.bbclass: Fix OSTREE_COPY_IMAGE_BOOT_FILES LIN1019-3806 - bootfs.sh: Correctly deal with a local.conf that has no OSTREE_REMOTE_URL set LIN1019-3805 - bootfs.sh: Add capability for creating a ostree_repo with a single branch LIN1019-3802 - feature/encrypted-storage: Fix feature/ostree dependency LIN1019-3804 - init-ostree.sh: Fix rm_var_check for encrypted volumes LIN1019-3737 - sqlite3: sqlite3-CVE-2019-19603, 19645, 19646 LIN1019-3736 - sqlite3: sqlite3-CVE-2019-19603, 19645, 19646 LIN1019-3735 - sqlite3: sqlite3-CVE-2019-19603, 19645, 19646 LIN1019-3333 - wrlinux-ovp: supplement a kernel config to rt-tune none - srcrev.inc: wrlinux srcrev update 2019-12-16 none - Merge remote-tracking branch 'base/wr-10.19-20191106' into WRLINUX_10_19_LTS LINCD-467 - libsemanage: fix race issue in parallel build LINCD-467 - libselinux: fix race issue in parallel build LIN1019-3782 - rabbitmq-c: Security Advisory - rabbitmq-c - CVE-2019-18609 LINCD-467 - libsemanage: fix race issue in parallel build LINCD-467 - libselinux: fix race issue in parallel build LIN1019-3769 - sysstat: Security Advisory - sysstat - CVE-2019-19725 none - wrlinux-version.inc: Move to update 3 LINUXEXEC-5322 - add libmms-0.6.4.tar.gz LIN1019-2890 - fixup! image_types_ostree.bbclass: label file before ostree commit it none - srcrev.inc: wrlinux srcrev update 2019-12-13 LIN1019-3757 - user-key-store.bbclass: Depend on gnupg-native to always use provided gpg LINCD-553 - init-ostree-install.sh: Ignore kernel arguments without the "=" sign LIN1019-3771 - init-ostree-install.sh: Remove verbose debug information LIN1019-3759 - init-ostree.sh: partition expansion requires a partprobe before resize2fs LIN1019-2890 - image_types_ostree.bbclass: label file before ostree commit it LIN1019-2857 - libsoup: enable it only build ostree template LIN1019-3726 - openssl: Security Advisory - openssl - CVE-2019-1551 LIN1019-3744 - wrlinux-common.inc: Add rhel-7.7 to SANITY_TESTED_DISTROS LIN1019-3747 - samba: fixes of CVE-2019-14861 and CVE-2019-14870 LIN1019-3746 - samba: fixes of CVE-2019-14861 and CVE-2019-14870 LIN1019-3753 - freeradius: Security Advisory - freeradius - CVE-2019-13456 LIN1019-3745 - libxslt: Security Advisory - libxslt - CVE-2019-5815 LIN1019-3740 - installer-support/README: Remove machine intel-x86-32 support LIN1019-3706 - bash: Fix CVE-2019-18276 [ LIN1019-3706 ] ======================= LTS 19 Update 2 =============================== none - Disable OverC lockdown until scripts are fixed none - wrlinux-overc: PR lockdown files update 2019-12-10 none - wrlinux-overc: PR lockdown files update 2019-12-09 none - wrlinux-overc: PR lockdown files update 2019-12-08 none - wrlinux-overc: PR lockdown files update 2019-12-07 LINUXEXEC-5303 - initramfs-ostree-image: Conditionally enable IMA for ostree LINUXEXEC-5304 - initramfs-ostree: Remove gnu parted and replace with sgdisk/sfdisk LINUXEXEC-5304 - initramfs-ostree-image: Improve signing checks LINUXEXEC-5304 - init-ostree-install.sh, bootfs.sh: Add support for local install generation LINUXEXEC-5304 - boot.scr, bootfs.sh: Add proper -a and -L support for bootfs.sh for u-boot LINUXEXEC-5304 - bootfs.sh: Initial version of the bootfs.sh script LINUXEXEC-5304 - bootfs.sh: Add support for grub x86 bootstrap install LINUXEXEC-5290 - u-boot-uenv: Add support for device from ram LINUXEXEC-5290 - ostree_upgrade.sh and ostree-init: Add the ability to local reset /var and /etc LINUXEXEC-5290 - ostree: Adjust ostree initramfs to work util-linux oe-core split LINUXEXEC-5290 - ostree: Add feature OSTREE_ETC_MERGE_DIR=none LINUXEXEC-5290 - image_types_ota.bbclass: Conditionally copy the IMAGE_BOOT_FILES for boot partition LINUXEXEC-5290 - image_types_ostree.bbclass: By default skip the generation of rootfs.ostree.tar.bz2 files LINUXEXEC-5290 - boot.scr / boot: add handlers for dtb overlay files LINUXEXEC-5290 - boot.scr: Add fall back network install support to the boot.scr LINUXEXEC-5186 - libsoup: Fix to compile with meta-overc LINUXEXEC-5303 - grub signing integration: Add support for .sig files and grub signing LINUXEXEC-5303 - grub.cfg: Fix test arguments to work with secure signing LINUXEXEC-5290 - image_types_ostree.bbclass: conditionally build dev images LINUXEXEC-5186 - image_types_ostree.bbclass: ostree commit requires a lock LIN1019-2952 - image_types_ostree.bbclass: Fix gpg errors and bbwarn text when OSTREE_GPGID = "" LINUXEXEC-5303 - init-ostree-install.sh: Update network installer to support encrypted volumes LINUXEXEC-5303 - init-ostree.sh: Improve speed of booting with luks volumes LINUXEXEC-5303 - init.luks-ostree: Stop access to the sealed disk encryption key before switchroot LINUXEXEC-5303 - initrdscripts: Add support for QEMU swtpm LINUXEXEC-5303 - secure-core-image: Remove packagegroup-core-lsb LINUXEXEC-5303 - lvm2: Fix hanging dmcrypt volumes on boot LINUXEXEC-5303 - layer.conf gpg boot key sample: Add the gpg boot key sample files LINUXEXEC-5303 - secure boot: Make SELoader optional and copy sig files when GRUB_SIGN_VERIFY=1 LINUXEXEC-5303 - packagegroup-luks.inc: Add haveged LINUXEXEC-5303 - packagegroup-luks.inc: Add lvm2-udevrules LINUXEXEC-5303 - create-user-key-store.sh: Update for OSTree and ease of use LINUXEXEC-5303 - grub: Make SELoader optional and add gpg verify support LINUXEXEC-5303 - cryptfs-tpm2: Add support for QEMU swtpm tpm2 LINUXEXEC-5303 - sign_rpm_ext.bbclass, user-key-store.bbclass: Add boot loader signing LINUXEXEC-5303 - efitools: Uprev to fix LockDown.efi for UEFI built after 2018 LINUXEXEC-5303 - feature/encrypted-storage: Add ability to build haveged LINUXEXEC-5186 - feature/ostree: Move feature/ostree to the top level LINUXEXEC-5303 - feature/efi-secure-boot: Switch the secure boot to use grub certificate signing instead of SELoader LINUXEXEC-5303 - boot_keys: Add sample signing certificates for the boot loader LINUXEXEC-5303 - extra_hddimg_populate.bbclass: Add .sig support for grub boot signing none - wrlinux-overc: PR lockdown files update 2019-12-06 LIN1019-3617 - unfs3: fixed the issue that unfsd consumes 100% CPU none - wrlinux-overc: PR lockdown files update 2019-12-05 none - wrlinux-overc: PR lockdown files update 2019-12-04 none - wrlinux-overc: hash lockdown files update 2019-12-04 none - wrlinux-overc: PR lockdown files update 2019-12-04 none - wrlinux-overc: hash lockdown files update 2019-12-03 LIN1019-1880 - gdb: Fix CVE-2019-1010180 LIN1019-1882 - nasm: fix CVE-2019-14248 LIN1019-2642 - wpa-supplicant: fix CVE-2019-16275 none - RCPL 2 docs with new STIG guides & K8S content none - wrlinux-overc: PR lockdown files update 2019-12-03 none - wrlinux-overc: hash lockdown files update 2019-12-03 LIN1019-3607 - python3: -dev should depend on distutils none - wrlinux-overc: hash lockdown files update 2019-12-03 LINUXEXEC-2884 - wrlinux-overc: Adding document for xilinx-zynqmp LIN1019-3624 - syslog-ng: Fix multilib header conflict - syslog-ng-config.h LIN1019-3307 - wr-ostree: specify which var will be used in fstab none - srcrev.inc: wrlinux srcrev update 2019-12-02 none - wrlinux-overc: PR lockdown files update 2019-12-02 none - wrlinux-overc: hash lockdown files update 2019-12-02 none - Merge remote-tracking branch 'origin/WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LINUXEXEC-4916 - 04_wrl_buildtools.sh: Use buildtools-standalone-20191202 LINUXEXEC-2884 - cube-installer: deploy Image on ARM64 boards LIN1019-2711 - runqueue.py: not show warning for deferred multiconfig task LIN1019-3660 - sqlite3: the fixes of CVE-2019-19242, CVE-2019-19244 LIN1019-3602 - sqlite3: the fixes of CVE-2019-19242, CVE-2019-19244 LIN1019-3663 - ruby: the fixes of CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255 LIN1019-3657 - ruby: the fixes of CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255 LIN1019-3656 - ruby: the fixes of CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255 LIN1019-3655 - ruby: the fixes of CVE-2019-15845, CVE-2019-16201, CVE-2019-16254, CVE-2019-16255 LIN1019-3297 - samba: fixes of CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 LIN1019-3296 - samba: fixes of CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 LIN1019-3295 - samba: fixes of CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 none - wrlinux-overc: PR lockdown files update 2019-12-01 none - wrlinux-overc: PR lockdown files update 2019-11-30 none - wrlinux-overc: hash lockdown files update 2019-11-30 LIN1019-3578 - libarchive: Fix CVE-2019-19221 none - python3: ensure that all forms of python3-config are in python3-dev LIN1019-3586 - python3: alternative name is python3-config not python-config none - wrlinux-overc: PR lockdown files update 2019-11-29 LIN1019-3580 - layer.conf: add u-boot-uenv to NON_MULTILIB_RECIPES LIN1019-3632 - fixup! python3-sqlparse: move this recipe to meta-python LINUXEXEC-4903 - wrlinux-overc: Add doc for how to use OverC with Kubernetes none - wrlinux-overc: PR lockdown files update 2019-11-28 none - wrlinux-overc: hash lockdown files update 2019-11-28 none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LINUXEXEC-4912 - wrlinux-whitelist.conf: add python3-sqlparse LINUXEXEC-4912 - Django-2.2.7/sqlparse-0.3.0: add two pkgs to downloads LINUXEXEC-4912 - toaster: make toaster support django 2.2 LINUXEXEC-4912 - python3-sqlparse: move this recipe to meta-python LINUXEXEC-4912 - python-sqlparse/python3-sqlparse: move from meta-cloud-services LINUXEXEC-4912 - python3-django: upgrade 1.11.14 -> 2.2.7 none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-3565 - sign_rpm_ext.bbclass: check the length of GPG_PATH none - srcrev.inc: wrlinux srcrev update 2019-11-27 none - wrlinux-overc: PR lockdown files update 2019-11-27 none - wrlinux-overc: hash lockdown files update 2019-11-27 none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LINUXEXEC-4605 - downloads: add tarballs LINUXEXEC-4605 - python-jsonschemea: add missing dependency LINUXEXEC-4605 - python3-docker-compose: remove maximum version requirements LINUXEXEC-4605 - docker: add docker-compose to docker template none - srcrev.inc: wrlinux srcrev update 2019-11-26 none - wrlinux-overc: PR lockdown files update 2019-11-26 none - wrlinux-overc: hash lockdown files update 2019-11-26 LIN1019-2962 - functions.sh: Fix grub-install to work with grub 2.04 none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LINUXEXEC-5186 - vrf-init: Fix to build with usrmerge LINUXEXEC-5186 - pflask: Fix to work with usrmerge LINUXEXEC-5186 - cube-update: Remove #!/bin/false from config.default LIN1019-2953 - overc-utils: dom0 needs to depend on util-linux-script LINUXEXEC-5186 - screen-getty: Add support for usrmerge LINUXEXEC-5186 - rndmac: fix usrmerge problems LIN1019-3369 - cube-network hook: Fix pid detect for cube_vrf LIN1019-2952 - overc-utils: add missing RDEPENDS for util-linux-setsid none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-3261 - pseudo: Make realpath() remove trailing slashes LIN1019-3475 - ghostscript: CVE-2019-14869 none - wrlinux-overc: PR lockdown files update 2019-11-25 none - wrlinux-overc: hash lockdown files update 2019-11-25 none - Merge remote-tracking branch 'origin/WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LINUXEXEC-4913 - overc-installer: Use wr-10.19-20191106 branch and static rev LINUXEXEC-4913 - meta-overc.xml: Fix overc-installer none - wrlinux-overc: PR lockdown files update 2019-11-24 none - wrlinux-overc: PR lockdown files update 2019-11-23 none - wrlinux-overc: PR lockdown files update 2019-11-22 none - wrlinux-overc: hash lockdown files update 2019-11-22 LIN1019-2979 - libsemanage: fix race issue in parallel build LIN1019-2979 - libselinux: fix race issue in parallel build LIN1019-2078 - blueman: fix fail to enable bluetooth issue LIN1019-2202 - systemd: remove ${PN}-xorg-xinitrc none - Merge remote-tracking branch 'base/wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-2886 - bind: fix CVE-2019-6471 and CVE-2018-5743 LIN1019-2883 - Revert "bind: fix CVE-2019-6471" LINUXEXEC-4903 - wrlinux-overc: wrlinux-overc.conf: set kubernetes version LINUXEXEC-4903 - wrlinux-overc: wrlinux-overc.conf: add recipes that can skip lockdown LINUXEXEC-4903 - wrlinux-overc: kubernetes: work around multilib/whitelist issue LINUXEXEC-4903 - wrlinux-overc: add layers and whitelist items to build cube-k8s-node none - Merge remote-tracking branch 'origin/WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LINUXEXEC-4903 - xml: meta-virtualization-dl: add cri-o repo none - wrlinux-overc: PR lockdown files update 2019-11-21 none - wrlinux-overc: hash lockdown files update 2019-11-21 LIN1019-3264 - Revert "classes/image_types_ostree.bbclass: workaround GPG_PATH is too long" LIN1019-3264 - classes/image_types_ostree.bbclass: check the length of GPG_PATH none - srcrev.inc: wrlinux srcrev update 2019-11-20 none - wrlinux-overc: PR lockdown files update 2019-11-20 LIN1019-3314 - ovp: system-report: Catch exception when lspci is missing LIN1019-3404 - wr-ostree: remove the lib32- prefix of u-boot-uenv package none - wrlinux-overc: PR lockdown files update 2019-11-19 none - wrlinux-overc: PR lockdown files update 2019-11-18 LIN1019-3067 - feature/run-container: minor update of README none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-2706 - ltp: Add "udevadm trigger" before swap verification in mkswap01.sh none - Merge branch 'wr-10.19-20191106' into WRLINUX_10_19_LTS LIN1019-3259 - sign_rpm_ext.bbclass: fix check_rpm_public_key failed while host not install gpg none - Merge branch 'WRLINUX_10_19_BASE' into WRLINUX_10_19_LTS LINUXEXEC-4570 - wrlinux-x: xml: add intel-socfpga related repo information none - wrlinux-overc: PR lockdown files update 2019-11-17 none - wrlinux-overc: PR lockdown files update 2019-11-16 none - wrlinux-version.inc: Move to update 2 none - wrlinux-overc: PR lockdown files update 2019-11-15 none - wrlinux-overc: hash lockdown files update 2019-11-15 LIN1019-3450 - fribidi: Security Advisory - fribidi - CVE-2019-18397 none - wrlinux-overc: PR lockdown files update 2019-11-14 none - Updated docs for LTS 19 GA with defect fixes included none - wrlinux-overc: PR lockdown files update 2019-11-13