The patch did contain the correct newlines, but they got stripped by
patchwork so now the patch no longer applies.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9f57959147)
No features are added or removed. This release contains
just a fix for CVE-2016-9963
- Fix CVE-2016-9963 - Info leak from DKIM. When signing DKIM, if
either LMTP or PRDR was used for delivery, the key could appear in
logs. Additionally, if the experimental feature "DSN_INFO" was used,
it could appear in DSN messages (and be sent offsite).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 62f0195119)
Fixes CVE-2016-9594 - Unitilized random
Libcurl's (new) internal function that returns a good 32bit random value was
implemented poorly and overwrote the pointer instead of writing the value
into the buffer the pointer pointed to.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 72b6bf8f57)
Fixes CVE-2016-7067.
Note that since version 5.20.0 monit optionally depends on zlib.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0bf7c74e15)
"\r\n" sequences were not properly filtered when handling redirections.
This allowed an attacker to perform CRLF attacks such as HTTP header
injection:
https://github.com/bottlepy/bottle/issues/913
Python-bottle now uses setuptools instead of distutils.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit aa64e33c51)
Fixes:
* Fix a NULL pointer dereference (#776026)
* Fix a memory leak (#776020)
* Avoid a buffer overrun in the qtif loader ($#775648)
* Fix a crash in the bmp loader (#775242)
* Fix crash opening pnm images with large dimensions (#775232)
* Prevent buffer overflow in the pixdata loader (#775693)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 75c3c94de9)
Commit 3e3fef39e7 added new and improved
patch handling, with BR2_TARGET_UBOOT_PATCH. This was in addition to
the existing BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR option, that only
handled directories.
Later, commit 21b25d28fc moved the old
BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR to legacy options. But on the way,
bad things happened:
* The original option was a string, while the one added to Config.in.legacy
is a bool. This results in a warning from defconfigs that actually define
the old BR2_TARGET_UBOOT_CUSTOM_PATCH_DIR (because a string is not a valid
value for a bool), but it does not result in the legacy option being
selected. Consequently, BR2_LEGACY is not selected either.
* The advice at the top of Config.in.legacy to add a hidden WRAP option
to select BR2_LEGACY was not heeded.
* The advice at the top of Config.in.legacy to use the old string
option as the default for the new string option was not heeded. In
this case, the variable was not just renamed, as the old option
supported directories only, while the new one supports files too.
But since the old option is a subset of the new option, it can still
be used to set a useful default.
So, this mod turns the legacy option back to a string, adds a hidden
bool WRAP option to set BR2_LEGACY when the string is non emoty, and
uses the legacy option to set the default for the new option.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f61583fc2e)
Fix out-of-bound access in create_url_list()
If there is an invalid URL in URLS->buf after a valid one, uri_parse is
called with out pointing after the allocated memory. As uri_parse writes
to *out before returning an error the loop in create_url_list must be
stopped early to prevent an out-of-bound access.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit c489cbad77)
If there's no registered handler for a POST request, the default behaviour
is to write it to the filesystem. Several million deployed devices appear
to have this behaviour, making it possible to (at least) store arbitrary
data on them. Add a configure option that enables this behaviour, and change
the default to just drop POSTs that aren't directly handled.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 9d1dab1b80)
Fixes:
CVE-2016-10009 - ssh-agent(1): Will now refuse to load PKCS#11 modules
from paths outside a trusted whitelist
CVE-2016-10010 - sshd(8): When privilege separation is disabled,
forwarded Unix-domain sockets would be created by sshd(8) with the
privileges of 'root'
CVE-2016-10011 - sshd(8): Avoid theoretical leak of host private key
material to privilege-separated child processes via realloc()
CVE-2016-10012 - sshd(8): The shared memory manager used by
pre-authentication compression support had a bounds checks that could be
elided by some optimising compilers
http://seclists.org/oss-sec/2016/q4/708
Drop upstream patch.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ae58da7111)
When systemd is selected, xorg-server must have config-udev-kms
enabled in order to build correctly, but it won't be the case if
BR2_PACKAGE_XPROTO_DRI2PROTO is not part of the build.
Add BR2_PACKAGE_XPROTO_DRI2PROTO as a dependency of xorg-xserver
only when systemd is part of the build.
Fixes bug #9486.
Signed-off-by: Fabien Parent <fparent@baylibre.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit cd4af31dd8)
The only security bug fixed concerns windows so it's not a security bump
for buildroot.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 326a9559dc)
Fixes an integer buffer overflow in the jpeg loader (details still
embargoed).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 660b3308cf)
The current VIM_REMOVE_DOCS hook removes all .txt files from
/usr/share/vim. Unfortunately, this also removes the rgb.txt file,
which is needed at runtime for vim, as reported in bug #9466.
This commit changes VIM_REMOVE_DOCS to remove only
/usr/share/vim/vim*/doc/. Size-wise, it's equivalent because:
- We are no longer removing a few README.txt in other directories,
taking more space.
- We are now removing the /usr/share/vim/vim*/doc/ folder entirely,
which contained a few files not named *.txt
So overall, the size of /usr/share/vim/ before and after this patch is
still 11MB.
Fixes bug #9466.
Reported-by: Mateusz Furdyna <sir.ferdek@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit f7a07f42f7)
Now that the madvise defines are disabled for noMMU targets,
architectures with MMU and noMMU support as ARM are failing to compile
in noMMU mode, since the defines are used internally in posix_madvise.c.
Disable compilation for posix_madvise() for noMMU.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When generating the environment image the target endianess should
be taken in account for CRC calculation purposes. For big endian
targets the -b flag should be passed to the mkenvimage tool.
Signed-off-by: Tiago Brusamarello <tiago.brusamarello@datacom.ind.br>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed CVEs:
- CVE-2016-9387
- CVE-2016-9388
- CVE-2016-9389
- CVE-2016-9390
- CVE-2016-9391
- CVE-2016-9392
- CVE-2016-9393
- CVE-2016-9394
- CVE-2016-9395
- CVE-2016-9396
- CVE-2016-9397
- CVE-2016-9398
- CVE-2016-9399
- CVE-2016-9557
- CVE-2016-9560
Changes to jasper.mk:
- Switched site method to GitHub. 1.900.31 is not released as a tarball
in the official website.
- Autoreconf necessary since there isn't any configure script. We need
to generate it.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Backport 2 patches from upstream (from 3.18-rc1) for gcc 5.x support and a
patch from Marco Franceschetti (https://github.com/vonfritz/kernel/) to fix
gcc 5.x compat issues in the bsp wifi drivers.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ntpq and ntpdc may depends on libedit and libcap.
$ arm-linux-readelf -d ./usr/bin/ntpdc | grep NEEDED
0x00000001 (NEEDED) Shared library: [libcap.so.2]
0x00000001 (NEEDED) Shared library: [libm.so.6]
0x00000001 (NEEDED) Shared library: [libedit.so.0]
0x00000001 (NEEDED) Shared library: [libncursesw.so.6]
0x00000001 (NEEDED) Shared library: [libssl.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libpthread.so.0]
0x00000001 (NEEDED) Shared library: [libc.so.6]
However, build order with these libraries is not defined.
In order to keep things simple, we enforce build order even if ntpq/ntpdc are
not selected.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
[Thomas: use --without-lineeditlibs.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
