Commit 9ff035839eef68eb16e90ae70c3e70dc7f57ca5e ("librtlsdr: fix
static build") introduced this obvious typo, which was spotted by
check-package:
package/librtlsdr/librtlsdr.mk:18: possible typo: LIBRTLSDRCONF_OPTS -> *LIBRTLSDR*
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
>From the release notes:
================================================================================
Redis 3.2.12 Released Wed Jun 13 12:43:01 CEST 2018
================================================================================
Upgrade urgency CRITICAL:
* Multilple security issues fixed.
* Backport of an older AOF fsync=always fix. Check 4.x release notes.
* Backport of a *SCAN bug. Sometimes elements could be missing from the scan.
* Other minor things.
https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES
For more details about the lua related security issues, see the blog:
http://antirez.com/news/119
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a locally computed hash for the license file to track possible
updates.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-10360: The do_core_note function in readelf.c in
libmagic.a in file 5.33 allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted ELF
file.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit bd03966d4e ("toolchain: GCC
bug 85862"), a dependency on BR2_TOOLCHAIN_HAS_GCC_BUG_85862 was added
to the qt5webengine package, but it should have been a dependency on
!BR2_TOOLCHAIN_HAS_GCC_BUG_85862. This commit fixes that.
Signed-off-by: David Barbion <david.barbion@ext.leroymerlin.fr>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2018-12015 - In Perl through 5.26.2, the Archive::Tar module
allows remote attackers to bypass a directory-traversal protection
mechanism, and overwrite arbitrary files, via an archive file containing a
symlink and a regular file with the same name.
Patch from
ae65651eab
with path rewritten to match perl tarball.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patch applied upstream, added all upstream and license hashes.
Removed _AUTORECONF, configure and configure.ac in the tarball match,
also removed _INSTALL_TARGET_CMDS, the upstream install target works
just fine nowadays.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There're known issues with building glibc for ARC with vanilla
Binutils 2.30. Adding a couple of not yet upstreamed patches that
solve it.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
[Thomas: remove numbering in patch titles, renumber patch file names.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Added license hashes, added optional dependency to libseccomp provided
by upstream in this version bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As noted in the sourceforge page, the project is not using sourceforge
anymore. Use the gitweb summary page instead.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There is a call to swapoff in the shutdown sequence, so call "swapon -a"
on startup. As stated in the swapon man page,
All devices marked as "swap" in /etc/fstab are made available, except
for those with the "noauto" option. Devices that are already being
used as swap are silently skipped.
So even if the system has some init script to start/stop swap (e.g. from
a rootfs ovelay) calling swapon/swapoff would be harmless.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There is a call to swapoff in the shutdown sequence, so call "swapon -a"
on startup. As stated in the swapon man page,
All devices marked as "swap" in /etc/fstab are made available, except
for those with the "noauto" option. Devices that are already being
used as swap are silently skipped.
So even if the system has some init script to start/stop swap (e.g. from
a rootfs ovelay) calling swapon/swapoff would be harmless.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default sysvinit inittab does two separate mkdir calls to create
/dev/pts and /dev/shm. Reduce this to call mkdir only once for both
directories.
This removes id "si3" but keeps ids "si4".."si9" intact rather than
renumbering them. This would just increase the turmoil without any
practical effect.
Based on commit e9db8122fb, by Florian La Roche <F.LaRoche@pilz.de>.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to modem manager 1.8.0 which does not require udev.
Added option to build without udev but if udev exists in
the build, it build with libgudev.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
triggerhappy uses pkg-config to detect the systemd library. Make sure it
uses the target pkg-config, not the host one.
Fixes build failure when the host has systemd pkg-config files:
.../host/bin/arm-linux-gcc -static th-cmd.o cmdsocket.o -lsystemd -o th-cmd
.../host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: cannot find -lsystemd
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-12020: Unsanitized file names might cause injection of
terminal control characters into the status output of gnupg.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Add a dependency to host-cargo
- Add a patch to set RUST_TARGET
- Add a dependency to BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS
- Forward this dependency to efl svg, enlightment, gst-plugins-bad and
gst1-plugins-bad
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: propagate the new dependency to the gst-plugins-bad and
gst1-plugins-bad Config.in comments.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit drops the option BR2_PACKAGE_HAS_HOST_RUSTC, which is no
longer used following commit bd425f716f
("host-cargo: select host-rustc").
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot documentation specifies that cargo-based package should only
depends on BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS and selects
BR2_PACKAGE_HOST_CARGO but this fails with the following error:
warning: (BR2_PACKAGE_LIBRSVG) selects BR2_PACKAGE_HOST_CARGO which has
unmet direct dependencies (BR2_PACKAGE_HAS_HOST_RUSTC)
Indeed, host-cargo depends on
BR2_PACKAGE_HAS_HOST_RUSTC which is selected only when host-rustc is
selected.
So instead of having to select both cargo and rustc in each cargo-based
package, replace BR2_PACKAGE_HAS_HOST_RUSTC dependency by
BR2_PACKAGE_HOST_RUSTC_ARCH_SUPPORTS and select
BR2_PACKAGE_HOST_RUSTC
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The original ftp with source code is not reachable any more and this
commit changes the location of the package to corresponding GitHub
project.
Signed-off-by: Mikhail Karpenko <karpenko@fastmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
