By default binutils on buildroot aligns sections to 4kb boundaries, but
there are several 16k only linux distros out there now that default to
16kb pages.
With this change the elf files will have their sections aligned to 16kb
boundaries which should ensure binaries produced with the toolchain work
on most aarch64 linuxes.
Fix the following static build failure raised since bump to version
1.1.4 in commit 7205df8a4f:
CMake Error at /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/bin/cmake_install.cmake:60 (file):
file RPATH_CHANGE could not write new RPATH:
$ORIGIN/../lib
to the file:
/home/autobuild/autobuild/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/bin/memcapable
No valid ELF RPATH or RUNPATH entry exists in the file;
Call Stack (most recent call first):
/home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/cmake_install.cmake:52 (include)
/home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/cmake_install.cmake:52 (include)
Fixes:
- http://autobuild.buildroot.org/results/778ff517d465896f54a3cd5316a66c54f66fd4cb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b47b2065b249b3f50f3164d8a8114b108f596559)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The defconfig fetches Linux and U-Boot from a git repo using the
unauthenticated git:// protocol, so add download hashes for them to ensure
we get the right sources by adding a global patch dir and running
utils/add-custom-hashes.
The defconfig uses the Linux sources for the kernel headers, so make
linux-headers/linux-headers.hash a symlink to linux/linux.hash so the same
hash file is used.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cdc9b8a3a75c4c39f23feb4e3b0e296786e0132c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc >= 12:
task.c: In function 't_start':
task.c:398:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
398 | return ret;
| ^~~
task.c:364:13: note: 'ret' was declared here
364 | int ret;
| ^~~
task.c: In function 't_resume':
task.c:444:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
444 | return ret;
| ^~~
task.c:428:13: note: 'ret' was declared here
428 | int ret;
| ^~~
Fixes:
- http://autobuild.buildroot.org/results/bc1b40de22e563b704ad7f20b6bf4d1f73a6ed8a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a3db1dd1b7b4fca95eefb1f42a25881f89d881f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following NLS build failure raised since the addition of the
package in commit 9f4f8c5f89:
/home/buildroot/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-musleabihf/12.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: ../../src/common/.libs/libcommon.a(libcommon_la-i18n.o): undefined reference to symbol 'libintl_bindtextdomain'
Fixes:
- http://autobuild.buildroot.org/results/8ab13cf474d732c95a1da65592d950b24b3d474b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f6a7050d7191b9a534d1d2789ceb72d69f25da83)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc 4.8 raised since bump to
version 1.1.4 in commit 7205df8a4f:
/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c: In function 'ascii_get_response_handler':
/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c:249:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int x = 0; x < keylen; ++x) {
^
Fixes:
- http://autobuild.buildroot.org/results/202aeec4dda822ac341d8882f84f968a303697c3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5eb79ff3b951fb756e17d8a06b5608b179ddbd60)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-43887: Libde265 v1.0.12 was discovered to contain multiple
buffer overflows via the num_tile_columns and num_tile_row parameters in
the function pic_parameter_set::dump.
Fix CVE-2023-47471: Buffer Overflow vulnerability in strukturag libde265
v1.10.12 allows a local attacker to cause a denial of service via the
slice_segment_header function in the slice.cc component.
https://github.com/strukturag/libde265/releases/tag/v1.0.14https://github.com/strukturag/libde265/releases/tag/v1.0.13
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4cf5d91d8bf1dc48af612e785bde869e47048ec3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since bump to version 1.1.4 in
commit 7205df8a4f:
/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/11.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: CMakeFiles/aslap.dir/ms_conn.c.o: undefined reference to symbol '__atomic_fetch_add_4@@LIBATOMIC_1.0'
Fixes:
- http://autobuild.buildroot.org/results/c8e4e1f9609d1339fe070afe440c63660892600e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a73cbe68b2548308ff7590c4720ebf56f275a6ee)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
PUTTY_GSSAPI is enabled by default resulting in the following build
failure since bump to version 0.78 in commit
5673ea3ce4:
/home/fabrice/buildroot/output/build/putty-0.79/unix/gss.c:133:10: fatal error: gssapi/gssapi.h: No such file or directory
133 | #include <gssapi/gssapi.h>
| ^~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/d6d06b5aa0df070c3880399e044fb3cd3a830aec
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 499b4d6d22a704adf65d1db0808952ad386ee1a0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
note: 5.36.2 was a broken release
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bc7b0e1002ed393c6ffb784aa245cbaa40569106)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-38703: PJSIP is a free and open source multimedia
communication library written in C with high level API in C, C++, Java,
C#, and Python languages. SRTP is a higher level media transport which
is stacked upon a lower level media transport such as UDP and ICE.
Currently a higher level transport is not synchronized with its lower
level transport that may introduce use-after-free issue. This
vulnerability affects applications that have SRTP capability
(`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other
than UDP. This vulnerability’s impact may range from unexpected
application termination to control flow hijack/memory corruption. The
patch is available as a commit in the master branch.
https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66https://github.com/pjsip/pjproject/releases/tag/2.14
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 38c4aa2826ce31bd77140a55b5dca78eb28e53a5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following static build failure raised since bump to version 0.78
in commit 5673ea3ce4:
In file included from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/putty.h:8,
from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/callback.c:8:
/home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/unix/platform.h:11:10: fatal error: dlfcn.h: No such file or directory
11 | #include <dlfcn.h> /* Dynamic library loading */
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/06f0b14bd0414f97b06070198e290fb3253348c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3d8e0a263f277ca113b78b1f283292c418528c11)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following wolfssl build failure raised at least since bump to
version 7.4.0 in commit 6b5907bf65:
/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c: In function 'ssl_last_error_string':
/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c:143:24: error: implicit declaration of function 'ERR_peek_error_line_data'; did you mean 'wolfSSL_ERR_get_error_line_data'? [-Werror=implicit-function-declaration]
143 | ssl_err_code = ERR_peek_error_line_data(&file, &line, &data, &flags);
| ^~~~~~~~~~~~~~~~~~~~~~~~
| wolfSSL_ERR_get_error_line_data
Fixes:
- http://autobuild.buildroot.org/results/9db9f1dcc6760de4b78771bb79f109c4efd06c36
- http://autobuild.buildroot.org/results/16422af9469de114e552124542508c3b18ea8f19
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: don't force wolfssl-all]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 67cb7d8d093f57339e622e1f1f5a40d5013194f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed backported patch:
- bc3f12bfac.patch
Updated ZFS test to pass this new version; drop the explicit /pool
mountpoint option to rely on the default location (which happens to be
/pool already).
Signed-off-by: José Luis Salvador Rufo <salvador.joseluis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- needed on master to further bump to a data-corruption fix
]
(cherry picked from commit d153e58d13f262f96c6c7c9a2bc0d31b76c8973d)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a44d1a1252572bcb7638e5b832c24841303f4800)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
--with-xtables is an unrecognized option since the addition of the
package in commit 490917387a:
a576f4d43e/configure.ac
configure: WARNING: unrecognized options: --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --enable-ipv6, --disable-nls, --with-xtables
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e81dc9df53c406d0f65f5cb5e0fd6c5b0de32fd3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update patch to fix the following musl build failure with m68k which is
only raised (for an unknown reason) since bump to version 2.7.1 in commit
3e48f8358e:
In file included from fp.c:6:
fp-gnum68k.c:21:10: fatal error: fpu_control.h: No such file or directory
21 | #include <fpu_control.h>
| ^~~~~~~~~~~~~~~
Add also upstream link to first patch iteration which was sent in
November 2022 but didn't get it any reply (like most of the other emails
sent to bug-gsl@gnu.org ...)
Fixes:
- http://autobuild.buildroot.org/results/e59636f6ac148807c1c67f09eef0e0a9f5d52303
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 02e80e06c54af2863b622f1ecaa076656f1c16cf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 2cfa86a54882(package/erlang: bump version to 26.0.2) added a
patch to restore building on uClibc.
However, that patch is not upstream, and has been rejected:
https://github.com/erlang/otp/pull/7500
Please open a PR to https://github.com/asmjit/asmjit instead and we
will get the fix next time we sync with upstream. We do not want
theirs and our implementation to diverge.
Furthermore, it happens to work on uClibc, because uClibc does not
expose sys/auxv.h, but it fails to work on glibc, because the define is
not propagated to "sub-trees", and thus is never defined where it is
checked for, even when sys/auxv.h is available. This causes build
failures such as:
asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectHWCaps(CpuInfo&, long unsigned int, const LinuxHWCapMapping*, size_t)’:
asmjit/core/cpuinfo.cpp:840:24: error: ‘getauxval’ was not declared in this scope
840 | unsigned long mask = getauxval(type);
| ^~~~~~~~~
asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectARMCpu(CpuInfo&)’:
asmjit/core/cpuinfo.cpp:972:21: error: ‘AT_HWCAP’ was not declared in this scope
972 | detectHWCaps(cpu, AT_HWCAP, hwCapMapping, ASMJIT_ARRAY_SIZE(hwCapMapping));
| ^~~~~~~~
asmjit/core/cpuinfo.cpp:973:21: error: ‘AT_HWCAP2’ was not declared in this scope
973 | detectHWCaps(cpu, AT_HWCAP2, hwCapMapping2, ASMJIT_ARRAY_SIZE(hwCapMapping2));
| ^~~~~~~~~
Yet, sys/auxv.h was detected at configure time:
checking for sys/auxv.h... yes
This defconfig is enough to reproduce the error:
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_ERLANG=y
Since upstream refused the patch, and there is no fix that was submitted
to the actual upstream (asmjit), drop the rejectred patch, and disable
for uClibc: the patch is incorrect, and we can't fix a build issue on
uClibc by introducing another on glibc.
Fixes:
http://autobuild.buildroot.org/results/fc1/fc19bad2263bdfacea594217d5ddfde0e27895b1/http://autobuild.buildroot.org/results/114/11416d81d5b27fc0627b335a971154c088d5754a/
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd@kuhls.net>
Cc: Maxim Kochetkov <fido_max@inbox.ru>
Changes v1 -> v2:
- update comment when unavailable
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fb72418160417e9e872f626c356f898bff49cf48)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 127986f3eda6cc8396f8f83269d525fe13dbde1a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-45322: libxml2 through 2.11.5 has a use-after-free that can
only occur after a certain memory allocation fails. This occurs in
xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think
these issues are critical enough to warrant a CVE ID ... because an
attacker typically can't control when memory allocations fail."
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.11.6/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e5af07dce9eb2333a863b09ac1c06eb35f3adb70)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-46852: In Memcached before 1.6.22, a buffer overflow exists
when processing multiget requests in proxy mode, if there are many
spaces after the "get" substring.
Fix CVE-2023-46853: In Memcached before 1.6.22, an off-by-one error
exists when processing proxy requests in proxy mode, if \n is used
instead of \r\n.
https://github.com/memcached/memcached/wiki/ReleaseNotes1622
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bc96e9da0d8010482dcc50c055567d4625498088)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following uclibc-ng build failure raised since bump to version
1.6.21 in commit 6ce55ab0ed3b7125cd11ecfe8c18aaf156b5f060 and
875371a75c:
/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: memcached-thread.o: in function `thread_setname':
thread.c:(.text+0xea2): undefined reference to `pthread_setname_np'
Fixes:
- http://autobuild.buildroot.org/results/e856d381f5ec7d2727f21c8bd46dacb456984416
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bfa3cd74d017ba47b91729f131daf5d5993c5265)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-47359: Videolan VLC prior to version 3.0.20 contains an
incorrect offset read that leads to a Heap-Based Buffer Overflow in
function GetPacket() and results in a memory corruption.
Fix CVE-2023-47360: Videolan VLC prior to version 3.0.20 contains an
Integer underflow that leads to an incorrect packet length.
https://code.videolan.org/videolan/vlc/-/blob/3.0.20/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d675873f4fe9b601719b08cdd8a901d73ec7f731)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
