Fixes the following security issues:
- CVE-2020-1720: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
https://www.postgresql.org/about/news/2011/
Update the license hash for a change in copyright years:
-Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group
+Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a memory corruption issue in OSC 49 handling. Notice that this is
only enabled if screen is built with --enable-rxvt_osc, which isn't the case
in Buildroot. From the release notes:
As last fix, fixes potential memory overwrite of quite big size (~768
bytes), and even though I'm not sure about potential exploitability of
that issue, I highly recommend everyone to upgrade as soon as possible.
This issue is present at least since v.4.2.0 (haven't checked earlier).
https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
Upstream changed the gnu.org URLs to use HTTPS, so adjust
0005-rename-sched_h.patch to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-7046: Truncated UTF-8 can be used to DoS submission-login and
lmtp processes
lib-smtp doesn't handle truncated command parameters properly, resulting
in infinite loop taking 100% CPU for the process. This happens for LMTP
(where it doesn't matter so much) and also for submission-login where
unauthenticated users can trigger it.
- CVE-2020-7957: Specially crafted mail can crash snippet generation
Snippet generation crashes if:
- message is large enough that message-parser returns multiple body
blocks
- The first block(s) don't contain the full snippet (e.g. full of
whitespace)
- input ends with '>'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libsigrok has not needed autoreconf since b428801934 (package/libsigrok:
bump version to 0.4.0), 4 years ago now.
As such, we no longer need the autoreconf options, nor the dependency on
the autoconf archive.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bartosz Golaszewski <brgl@bgdev.pl>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the kernel has CONFIG_SHMEM disabled, /dev is a ramfs (instead of a
tmpfs) and the name_to_handle_at system call is not supported. This
causes eudev's monitor application to exit on startup.
Upstream eudev has added this fix which is not yet part of a release.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the
data-container property of tooltip.
- Fix an XSS vulnerability (CVE-2019-8331) in our tooltip and popover
plugins by implementing a new HTML sanitizer
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2019-19307: An integer overflow in parse_mqtt in mongoose.c in
Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS
(infinite loop), or possibly cause an out-of-bounds write, by sending
a crafted MQTT protocol packet.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also install "fileop", another file system benchmarking tool
provided by the iozone package.
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also enabled support for Opus music playback using opusfile library
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:
/home/test/autobuild/run/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/8.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: ../../lib/libOgreMain.so.1.12.0: undefined reference to `__atomic_fetch_add_8'
This is often for example the case on sparc v8 32 bits.
Fixes:
- http://autobuild.buildroot.org/results/3a09e2d1d26b19243244eb7f9235c85488a788d2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the r300 driver was introduced in c5ae77c97 (package/mesa3d: add
support for gallium r300 driver), a last-minute fix was introduced by
Yann, to properly propagate the dependency of a selected symbol.
However, this ended up causing a spurious circular dependency that does
not really exists, but that Kconfig is not smart enough to detect is in
fact OK.
Fixing this is pretty non-obvious, but we have an easy way out: the
dependency is about libdrm's radeon driver requirement for a toolchain
that has the sync4 family of primitives, which is always a given for an
x86 toolchain. As the radeon r300 driver is x86-only, this dependency is
forcefully fulfilled.
So, we drop the propagated dependency, and replace it by a fat comment.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add missing qstrip wrapping to the new
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_TARGETS option.
Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Forcibly disable the JavaScriptCore JIT compilation support
for MIPSr6 processors, which are unsupported.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
exim builds some files during the 'make install' step, and these fail with
an error:
lookups/lf_quote.c:49:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int j = 0; j < vlength; j++)
^
Fix by passing the -std=c99 here, as it is already passed in the build
step.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building with the Sourcery CodeBench ARM 2014.05 the build fails with this
error:
>>> exim_dbmbuild utility built
.../buildroot/output/host/bin/arm-none-linux-gnueabi-gcc -DEXIM_DUMPDB exim_dbutil.c
exim_dbutil.c: In function 'main':
exim_dbutil.c:568:1: error: 'for' loop initial declarations are only allowed in C99 mode
for (uschar * key = dbfn_scan(dbm, TRUE, &cursor);
^
exim_dbutil.c:568:1: note: use option -std=c99 or -std=gnu99 to compile your code
exim_dbutil.c:630:2: error: 'for' loop initial declarations are only allowed in C99 mode
for (int i = 1; i <= wait->count; i++)
^
exim_dbutil.c:642:6: error: 'for' loop initial declarations are only allowed in C99 mode
for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
^
Fix by enforcing C99. This completes commit
2c692e81a8 ("package/exim: fix host build")
to also fix target builds.
Fixes: http://autobuild.buildroot.net/results/6b7e08090f5f0f2627cc3e89b349c2052b6e3116/
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Select BR2_PACKAGE_BLUEZ5_UTILS only if all its reverse dependencies
are selected
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Recent is*_l fix broke uclibc build because removed __isctype_l
definition was used in libc/misc/ctype/ctype.c. Restore it.
Fixes: 8723c5e7a6 ("package/uclibc: fix ctype.h is*_l definitions")
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
[yann.morin.1998@free.fr:
- add new patch, don't fix existing one
- add URL to upstream ML post
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
