- Fix CVE-2020-29599: ImageMagick before 6.9.11-40 and 7.x before
7.0.10-40 mishandles the -authenticate option, which allows setting a
password for password-protected PDF files. The user-controlled password
was not properly escaped/sanitized and it was therefore possible to
inject additional shell commands via coders/pdf.c.
- Update license hash (correct wording to match Apache 2 license:
45e5d2493c)
https://github.com/ImageMagick/ImageMagick/blob/7.0.10-51/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b898e80639)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2019-14318: Crypto++ 8.2.0 and earlier contains a timing side
channel in ECDSA signature generation. This allows a local or remote
attacker, able to measure the duration of hundreds to thousands of
signing operations, to compute the private key used. The issue occurs
because scalar multiplication in ecp.cpp (prime field curves, small
leakage) and algebra.cpp (binary field curves, large leakage) is not
constant time and leaks the bit length of the scalar among other
information. For details, see:
https://github.com/weidai11/cryptopp/issues/869
- Update license hash due to the addition of ARM SHA1 and SHA256 asm
implementation from Cryptogams
1a63112faf4c9ca6b723https://www.cryptopp.com/release830.html
[Peter: adjust CVE info, issue is fixes in 8.3.0]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e7c789d48f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The host-ncurses install step attempts to run ldconfig, causing a permission
failure:
cd /buildroot/output/host/lib && (ln -s -f libncurses.so.6.0 libncurses.so.6; ln -s -f libncurses.so.6 libncurses.so; )
test -z "" && /sbin/ldconfig
/sbin/ldconfig: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
make[3]: [/buildroot/output/host/lib/libncurses.so.6.0] Error 1 (ignored)
The error is non-fatal and ignored, but confusing.
The ncurses makefiles already avoid calling ldconfig when DESTDIR is set
(target case) but for host-ncurses DESTDIR is empty and the output/host path
is passed via --prefix.
Pass an empty ac_cv_path_LDCONFIG to the configure step, so than ldconfig is
not called.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 389f48fe90)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 'opkg.py' script installed by host-opkg-utils has as shebang:
#!/usr/bin/env python3
which may not be available on all host machines.
Add a potential dependency on host-python3 via BR2_PYTHON3_HOST_DEPENDENCY,
which will only add the host-python3 dependency if no python3 is already
available on the host.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7dcd20f9d5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_PER_PACKAGE_DIRECTORIES=y, $(TARGET_DIR) is evaluated as
$(BASE_DIR)/target, but $$(TARGET_DIR) is evaluated as
$(BASE_DIR)/per-package/$(PKG)_NAME/target.
Signed-off-by: Tian Yuanhao <tianyuanhao@aliyun.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8d595c0d92)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting with CMake 3.4 CMake supports setting a compiler launcher
like ccache. The feature is described in
https://cmake.org/cmake/help/latest/variable/CMAKE_LANG_COMPILER_LAUNCHER.html
This should be safe since everything is built for the host using make or ninja.
The use of *_ARG1 is discouraged by the cmake developers
https://cmake-developers.cmake.narkive.com/OTa9EKfj/cmake-c-compiler-arg-not-documented .
Without this patch I get the following error message with CMake 3.19.1 on Arch Linux.
Disabling BR2_CCACHE also resolves the issue.
/usr/bin/cmake [~]/buildroot/build/host-lzo-2.10/ -DCMAKE_INSTALL_SO_NO_EXE=0 -DCMAKE_FIND_ROOT_PATH="[...]" -DCMAKE_FIND_ROOT_PATH_MODE_PROGRAM="BOTH" -DCMAKE_FIND_ROOT_P
ATH_MODE_LIBRARY="BOTH" -DCMAKE_FIND_ROOT_PATH_MODE_INCLUDE="BOTH" -DCMAKE_INSTALL_PREFIX="[...]" -DCMAKE_C_FLAGS="-O2 -I[...]/include" -DCMAKE_CXX_FLAGS="-O2 -I[...]/include" -DCMAKE_EXE_LINKER_FLAGS="-L[...]/lib -Wl,-rpath,[...]/lib" -DCMAKE_SHARED_LINKER_FLAGS="-L[...]/l
ib -Wl,-rpath,[...]/lib" -DCMAKE_ASM_COMPILER="/usr/bin/as" -DCMAKE_C_COMPILER="[...]/bin/ccache" -DCMAKE_CXX_COMPILER="[...]/bin/ccache"
-DCMAKE_C_COMPILER_ARG1="/usr/bin/gcc" -DCMAKE_CXX_COMPILER_ARG1="/usr/bin/g++" -DCMAKE_COLOR_MAKEFILE=OFF -DBUILD_DOC=OFF -DBUILD_DOCS=OFF -DBUILD_EXAMPLE=OFF -DBUILD_EXAMPLES=OFF -DBUILD_TEST=OFF -DBUILD_TESTS=OFF -DBUILD_TESTING=O
FF -DENABLE_SHARED=ON -DENABLE_STATIC=OFF )
-- The C compiler identification is unknown
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - failed
-- Check for working C compiler: [...]/bin/ccache
-- Check for working C compiler: [...]/bin/ccache - broken
CMake Error at /usr/share/cmake-3.19/Modules/CMakeTestCCompiler.cmake:66 (message):
The C compiler
Signed-off-by: Bernd Amend <bernd.amend@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0e310b4fd0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
TF-A supports stack smashing protection (-fstack-protector-*).
However, that feature is currently silently disabled because
ENABLE_STACK_PROTECTOR is not set during build time.
As documented in the TF-A user guide, the flag ENABLE_STACK_PROTECTOR
is required to enable stack protection support. When enabled the symbols
for the stack protector (e.g. __stack_chk_guard) are built.
This needs to be done because TF-A does not link against an external
library that provides that symbols (e.g. libc).
So in case we see that BR2_SSP_* is enabled, let's enable the corresponding
ENABLE_STACK_PROTECTOR build flag for TF-A as documented in the TF-A user guide.
This patch also fixes a the following linker errors with older TF-A versions
if BR2_SSP_* is enabled (i.e. -fstack-protector-* is used as compiler flag)
and ENABLE_STACK_PROTECTOR is not set, which are caused by the missing
stack protector symbols:
[...]
params_setup.c:(.text.params_early_setup+0xc): undefined reference to `__stack_chk_guard'
aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x14): undefined reference to `__stack_chk_guard'
aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x104): undefined reference to `__stack_chk_guard'
aarch64-none-linux-gnu-ld: params_setup.c:(.text.params_early_setup+0x118): undefined reference to `__stack_chk_fail'
aarch64-none-linux-gnu-ld: ./build/px30/release/bl31/pmu.o: in function `rockchip_soc_sys_pwr_dm_suspend':
pmu.c:(.text.rockchip_soc_sys_pwr_dm_suspend+0xc): undefined reference to `__stack_chk_guard'
[...]
TF-A releases after Nov 2019, that include 7af195e29a4, will circumvent
these issue by explicitliy and silently disabling the stack protector
by appending '-fno-stack-protector' to the compiler flags in case
ENABLE_STACK_PROTECTOR is not set.
Tested on a Rockchip PX30 based system (TF-A v2.2 and upstream/master).
Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 7b3fcbcdaa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Patch '0001-fix-compile-time-atomic-detection.patch' claims to be Merged but
this is not true. The linked issue is closed with 'Needs information', and
the code itself is effectively not merged.
Clarify the 'Upstream-status' line to make this more clear.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 43021dfb77)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
* 4.6.2: A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner
by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner now
removes more sneaky "style" content.
* 4.6.1: A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry,
which allowed JavaScript to pass through. The cleaner now removes more
sneaky "style" content.
For more details, see the changes file:
https://github.com/lxml/lxml/blob/lxml-4.6.2/CHANGES.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ea41a5faab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The options --with-xslt-config and --with-xml2-config were
renamed to --xslt-config and --xml2-config", respectively.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fac3cfc110)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2020-27207: Zetetic SQLCipher 4.x before 4.4.1 has a
use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in
sqlite3.c. A remote denial of service attack can be performed. For
example, a SQL injection can be used to execute the crafted SQL command
sequence. After that, some unexpected RAM data is read.
https://www.zetetic.net/blog/2020/11/25/sqlcipher-442-release
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f38893f8dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The old git tree is unreachable now, switch to using the new one.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c7bd3805bd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 83f8813d41)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.9.1 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 68917a6fe5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d2b562b5ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8f6092dbb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit abdf3851e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 061157fc7b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the now unused BR2_PACKAGE_QT5BASE_OPENSSL symbol.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 366b3bb39f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And get rid of the 5.12.8 subdir now that the version selection is gone.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 17fafd712a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
